From: Jeremy Harris Date: Fri, 13 Oct 2017 16:05:59 +0000 (+0100) Subject: Testsuite: add cipher-suite seen on OpenBSD X-Git-Tag: exim-4_90_RC1~38 X-Git-Url: https://git.exim.org/exim.git/commitdiff_plain/131c0f8aad2e08201a3977401f15dfd2b5127b69 Testsuite: add cipher-suite seen on OpenBSD --- diff --git a/test/confs/2102 b/test/confs/2102 index 8b2083959..58ff6fbaa 100644 --- a/test/confs/2102 +++ b/test/confs/2102 @@ -40,7 +40,9 @@ check_recipient: DHE_RSA_AES_256_CBC_SHA1 : \ DHE_RSA_3DES_EDE_CBC_SHA : \ ECDHE-RSA-AES256-GCM-SHA384 : \ - ECDHE-RSA-AES128-GCM-SHA256 + ECDHE-RSA-AES128-GCM-SHA256 : \ + ECDHE-RSA-CHACHA20-POLY1305 + logwrite = cipher: $tls_in_cipher warn logwrite = ${if def:tls_in_ourcert \ {Our cert SN: <${certextract{subject}{$tls_in_ourcert}}>} \ {We did not present a cert}} diff --git a/test/confs/2119 b/test/confs/2119 index 26ae4c1bc..d55232d05 100644 --- a/test/confs/2119 +++ b/test/confs/2119 @@ -39,7 +39,8 @@ check_recipient: DHE_RSA_AES_256_CBC_SHA1:\ DHE_RSA_3DES_EDE_CBC_SHA:\ ECDHE-RSA-AES256-GCM-SHA384:\ - ECDHE-RSA-AES128-GCM-SHA256 + ECDHE-RSA-AES128-GCM-SHA256:\ + ECDHE-RSA-CHACHA20-POLY1305 accept diff --git a/test/confs/2132 b/test/confs/2132 index 7fb561bdc..7e491b8a6 100644 --- a/test/confs/2132 +++ b/test/confs/2132 @@ -39,7 +39,8 @@ check_recipient: DHE_RSA_AES_256_CBC_SHA1 : \ DHE_RSA_3DES_EDE_CBC_SHA : \ ECDHE-RSA-AES256-GCM-SHA384 : \ - ECDHE-RSA-AES128-GCM-SHA256 + ECDHE-RSA-AES128-GCM-SHA256 : \ + ECDHE-RSA-CHACHA20-POLY1305 warn logwrite = ${if def:tls_in_ourcert \ {Our cert SN: <${certextract{subject}{$tls_in_ourcert}}>} \ {We did not present a cert}} diff --git a/test/runtest b/test/runtest index 0a514ad65..57526db19 100755 --- a/test/runtest +++ b/test/runtest @@ -906,7 +906,7 @@ RESET_AFTER_EXTRA_LINE_READ: s/CONNECT_CR_FINISHED/ssl3_read_bytes/i; s/^\d+:error:\d+(?:E\d+)?(:SSL routines:ssl3_read_bytes:[^:]+:).*(:SSL alert number \d\d)$/pppp:error:dddddddd$1\[...\]$2/; - s/^(TLS error on connection .*):func\(4095:\)(No such file or directory)$/$1:fopen:/; + s/^(TLS error on connection .*):func\(4095\):(No such file or directory)$/$1:fopen:$2/; # gnutls version variances next if /^Error in the pull function./; diff --git a/test/scripts/2100-OpenSSL/2102 b/test/scripts/2100-OpenSSL/2102 index cbb9ce393..bdf5496f6 100644 --- a/test/scripts/2100-OpenSSL/2102 +++ b/test/scripts/2100-OpenSSL/2102 @@ -47,6 +47,7 @@ This is a test encrypted message. quit ??? 221 **** +# nonloop addr conn rejected lacking cert client-ssl HOSTIPV4 PORT_D ??? 220 ehlo rhu.barb @@ -57,7 +58,10 @@ ehlo rhu.barb ??? 250- ??? 250 starttls -??? 220 +??? 220 TLS go ahead ++++ 1 +help +??? 554 **** client-ssl HOSTIPV4 PORT_D DIR/aux-fixed/exim-ca/example.com/server2.example.com/server2.example.com.pem DIR/aux-fixed/exim-ca/example.com/server2.example.com/server2.example.com.unlocked.key ??? 220 diff --git a/test/scripts/2100-OpenSSL/2132 b/test/scripts/2100-OpenSSL/2132 index 620a63f57..4a12fb0bb 100644 --- a/test/scripts/2100-OpenSSL/2132 +++ b/test/scripts/2100-OpenSSL/2132 @@ -58,6 +58,9 @@ ehlo rhu.barb ??? 250 starttls ??? 220 ++++ 1 +help +??? 554 **** client-ssl HOSTIPV4 PORT_D DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.pem DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key ??? 220 diff --git a/test/stdout/2102 b/test/stdout/2102 index 0d96d1279..2df808595 100644 --- a/test/stdout/2102 +++ b/test/stdout/2102 @@ -93,11 +93,15 @@ Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected ??? 250 <<< 250 HELP >>> starttls -??? 220 +??? 220 TLS go ahead <<< 220 TLS go ahead Attempting to start TLS pppp:error:dddddddd:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:[...]:SSL alert number 40 Failed to start TLS ++++ 1 +>>> help +??? 554 +<<< 554 Security failure End of script Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected Certificate file = TESTSUITE/aux-fixed/exim-ca/example.com/server2.example.com/server2.example.com.pem