From 28660ab6ff99d24fdabe3ce0d9feb3478de1015b Mon Sep 17 00:00:00 2001 From: "Heiko Schlittermann (HS12-RIPE)" Date: Wed, 23 Nov 2016 13:42:43 +0100 Subject: [PATCH] Testsuite: Debian8 GnuTLS does not support OCSP. Add flavour files. 5651 is still unstable. --- test/log/5650.debian8 | 23 ++++++++ test/log/5651.debian8 | 53 ++++++++++++++++++ test/log/5730.debian8 | 69 +++++++++++++++++++++++ test/stderr/5650.debian8 | 2 + test/stdout/5650.debian8 | 117 +++++++++++++++++++++++++++++++++++++++ 5 files changed, 264 insertions(+) create mode 100644 test/log/5650.debian8 create mode 100644 test/log/5651.debian8 create mode 100644 test/log/5730.debian8 create mode 100644 test/stderr/5650.debian8 create mode 100644 test/stdout/5650.debian8 diff --git a/test/log/5650.debian8 b/test/log/5650.debian8 new file mode 100644 index 000000000..a18d23283 --- /dev/null +++ b/test/log/5650.debian8 @@ -0,0 +1,23 @@ +1999-03-02 09:44:33 1: Server sends good staple on request +1999-03-02 09:44:33 2: Server does not staple an outdated response +1999-03-02 09:44:33 3: Server does not staple a response for a revoked cert +1999-03-02 09:44:33 4: Connection functions when server is prepared to staple but client does not request it + +******** SERVER ******** +1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 +1999-03-02 09:44:33 acl_conn: ocsp in status: 0 (notreq) +1999-03-02 09:44:33 OCSP unusable with this GnuTLS library version +1999-03-02 09:44:33 acl_mail: ocsp in status: 0 (notreq) +1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 +1999-03-02 09:44:33 acl_conn: ocsp in status: 0 (notreq) +1999-03-02 09:44:33 OCSP unusable with this GnuTLS library version +1999-03-02 09:44:33 TLS error on connection from [ip4.ip4.ip4.ip4] (recv): The TLS connection was non-properly terminated. +1999-03-02 09:44:33 TLS error on connection from [ip4.ip4.ip4.ip4] (send): The specified session has been invalidated for some reason. +1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 +1999-03-02 09:44:33 acl_conn: ocsp in status: 0 (notreq) +1999-03-02 09:44:33 OCSP unusable with this GnuTLS library version +1999-03-02 09:44:33 TLS error on connection from [ip4.ip4.ip4.ip4] (recv): The TLS connection was non-properly terminated. +1999-03-02 09:44:33 TLS error on connection from [ip4.ip4.ip4.ip4] (send): The specified session has been invalidated for some reason. +1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 +1999-03-02 09:44:33 acl_conn: ocsp in status: 0 (notreq) +1999-03-02 09:44:33 OCSP unusable with this GnuTLS library version diff --git a/test/log/5651.debian8 b/test/log/5651.debian8 new file mode 100644 index 000000000..5d5137467 --- /dev/null +++ b/test/log/5651.debian8 @@ -0,0 +1,53 @@ +1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@server1.example.com U=CALLER P=local S=sss +1999-03-02 09:44:33 10HmaX-0005vi-00 OCSP unusable with this GnuTLS library version +1999-03-02 09:44:33 10HmaX-0005vi-00 => norequire@test.ex R=client T=send_to_server2 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=yes DN="CN=server1.example.com" C="250 OK id=10HmaY-0005vi-00" +1999-03-02 09:44:33 10HmaX-0005vi-00 Completed +1999-03-02 09:44:33 10HmaZ-0005vi-00 <= CALLER@server1.example.com U=CALLER P=local S=sss +1999-03-02 09:44:33 10HmaZ-0005vi-00 OCSP unusable with this GnuTLS library version +1999-03-02 09:44:33 10HmaZ-0005vi-00 => nostaple@test.ex R=client T=send_to_server1 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbA-0005vi-00" +1999-03-02 09:44:33 10HmaZ-0005vi-00 Completed +1999-03-02 09:44:33 10HmbB-0005vi-00 <= CALLER@server1.example.com U=CALLER P=local S=sss +1999-03-02 09:44:33 10HmbB-0005vi-00 OCSP unusable with this GnuTLS library version +1999-03-02 09:44:33 10HmbB-0005vi-00 H=127.0.0.1 [127.0.0.1] TLS error on connection (certificate status check failed) +1999-03-02 09:44:33 10HmbB-0005vi-00 == CALLER@test.ex R=client T=send_to_server3 defer (-37) H=127.0.0.1 [127.0.0.1]: failure while setting up TLS session +1999-03-02 09:44:33 10HmbC-0005vi-00 <= CALLER@server1.example.com U=CALLER P=local S=sss +1999-03-02 09:44:33 10HmbC-0005vi-00 OCSP unusable with this GnuTLS library version +1999-03-02 09:44:33 10HmbC-0005vi-00 H=127.0.0.1 [127.0.0.1] TLS error on connection (certificate status check failed) +1999-03-02 09:44:33 10HmbC-0005vi-00 == CALLER@test.ex R=client T=send_to_server3 defer (-37) H=127.0.0.1 [127.0.0.1]: failure while setting up TLS session +1999-03-02 09:44:33 10HmbD-0005vi-00 <= CALLER@server1.example.com U=CALLER P=local S=sss +1999-03-02 09:44:33 10HmbD-0005vi-00 OCSP unusable with this GnuTLS library version +1999-03-02 09:44:33 10HmbD-0005vi-00 H=127.0.0.1 [127.0.0.1] TLS error on connection (certificate status check failed) +1999-03-02 09:44:33 10HmbD-0005vi-00 == CALLER@test.ex R=client T=send_to_server3 defer (-37) H=127.0.0.1 [127.0.0.1]: failure while setting up TLS session +1999-03-02 09:44:33 10HmbE-0005vi-00 <= CALLER@server1.example.com U=CALLER P=local S=sss +1999-03-02 09:44:33 10HmbE-0005vi-00 OCSP unusable with this GnuTLS library version +1999-03-02 09:44:33 10HmbE-0005vi-00 H=127.0.0.1 [127.0.0.1] TLS error on connection (certificate status check failed) +1999-03-02 09:44:33 10HmbE-0005vi-00 == CALLER@test.ex R=client T=send_to_server3 defer (-37) H=127.0.0.1 [127.0.0.1]: failure while setting up TLS session + +******** SERVER ******** +1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 +1999-03-02 09:44:33 OCSP unusable with this GnuTLS library version +1999-03-02 09:44:33 10HmaY-0005vi-00 client claims: OCSP status 1 (notresp) +1999-03-02 09:44:33 10HmaY-0005vi-00 <= CALLER@server1.example.com H=the.local.host.name (server1.example.com) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no S=sss id=E10HmaX-0005vi-00@server1.example.com +1999-03-02 09:44:33 10HmaY-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmaY-0005vi-00 Completed +1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 +1999-03-02 09:44:33 OCSP unusable with this GnuTLS library version +1999-03-02 09:44:33 10HmbA-0005vi-00 client claims: OCSP status 0 (notreq) +1999-03-02 09:44:33 10HmbA-0005vi-00 <= CALLER@server1.example.com H=the.local.host.name (server1.example.com) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no S=sss id=E10HmaZ-0005vi-00@server1.example.com +1999-03-02 09:44:33 10HmbA-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbA-0005vi-00 Completed +1999-03-02 09:44:33 OCSP unusable with this GnuTLS library version +1999-03-02 09:44:33 TLS error on connection from [127.0.0.1] (recv): The TLS connection was non-properly terminated. +1999-03-02 09:44:33 TLS error on connection from [127.0.0.1] (send): The specified session has been invalidated for some reason. +1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 +1999-03-02 09:44:33 OCSP unusable with this GnuTLS library version +1999-03-02 09:44:33 TLS error on connection from [127.0.0.1] (recv): The TLS connection was non-properly terminated. +1999-03-02 09:44:33 TLS error on connection from [127.0.0.1] (send): The specified session has been invalidated for some reason. +1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 +1999-03-02 09:44:33 OCSP unusable with this GnuTLS library version +1999-03-02 09:44:33 TLS error on connection from [127.0.0.1] (recv): The TLS connection was non-properly terminated. +1999-03-02 09:44:33 TLS error on connection from [127.0.0.1] (send): The specified session has been invalidated for some reason. +1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 +1999-03-02 09:44:33 OCSP unusable with this GnuTLS library version +1999-03-02 09:44:33 TLS error on connection from [127.0.0.1] (recv): The TLS connection was non-properly terminated. +1999-03-02 09:44:33 TLS error on connection from [127.0.0.1] (send): The specified session has been invalidated for some reason. diff --git a/test/log/5730.debian8 b/test/log/5730.debian8 new file mode 100644 index 000000000..f5fbad797 --- /dev/null +++ b/test/log/5730.debian8 @@ -0,0 +1,69 @@ +1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@server1.example.com U=CALLER P=local S=sss +1999-03-02 09:44:33 10HmaX-0005vi-00 OCSP unusable with this GnuTLS library version +1999-03-02 09:44:33 10HmaX-0005vi-00 => norequire@test.ex R=client T=send_to_server2 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=yes DN="CN=server1.example.com" C="250 OK id=10HmaY-0005vi-00" +1999-03-02 09:44:33 10HmaX-0005vi-00 client ocsp status: 1 (notresp) +1999-03-02 09:44:33 10HmaX-0005vi-00 Completed +1999-03-02 09:44:33 10HmaZ-0005vi-00 <= CALLER@server1.example.com U=CALLER P=local S=sss +1999-03-02 09:44:33 10HmaZ-0005vi-00 OCSP unusable with this GnuTLS library version +1999-03-02 09:44:33 10HmaZ-0005vi-00 => norequire@test.ex R=client T=send_to_server2 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbA-0005vi-00" +1999-03-02 09:44:33 10HmaZ-0005vi-00 client ocsp status: 1 (notresp) +1999-03-02 09:44:33 10HmaZ-0005vi-00 Completed +1999-03-02 09:44:33 10HmbB-0005vi-00 <= CALLER@server1.example.com U=CALLER P=local S=sss +1999-03-02 09:44:33 10HmbB-0005vi-00 OCSP unusable with this GnuTLS library version +1999-03-02 09:44:33 10HmbB-0005vi-00 => nostaple@test.ex R=client T=send_to_server1 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbC-0005vi-00" +1999-03-02 09:44:33 10HmbB-0005vi-00 client ocsp status: 0 (notreq) +1999-03-02 09:44:33 10HmbB-0005vi-00 Completed +1999-03-02 09:44:33 10HmbD-0005vi-00 <= CALLER@server1.example.com U=CALLER P=local S=sss +1999-03-02 09:44:33 10HmbD-0005vi-00 OCSP unusable with this GnuTLS library version +1999-03-02 09:44:33 10HmbD-0005vi-00 H=127.0.0.1 [127.0.0.1] TLS error on connection (certificate status check failed) +1999-03-02 09:44:33 10HmbD-0005vi-00 client ocsp status: 3 (failed) +1999-03-02 09:44:33 10HmbD-0005vi-00 == good@test.ex R=client T=send_to_server3 defer (-37) H=127.0.0.1 [127.0.0.1]: failure while setting up TLS session +1999-03-02 09:44:33 10HmbE-0005vi-00 <= CALLER@server1.example.com U=CALLER P=local S=sss +1999-03-02 09:44:33 10HmbE-0005vi-00 OCSP unusable with this GnuTLS library version +1999-03-02 09:44:33 10HmbE-0005vi-00 H=127.0.0.1 [127.0.0.1] TLS error on connection (certificate status check failed) +1999-03-02 09:44:33 10HmbE-0005vi-00 client ocsp status: 3 (failed) +1999-03-02 09:44:33 10HmbE-0005vi-00 == failrequire@test.ex R=client T=send_to_server3 defer (-37) H=127.0.0.1 [127.0.0.1]: failure while setting up TLS session +1999-03-02 09:44:33 10HmbF-0005vi-00 <= CALLER@server1.example.com U=CALLER P=local S=sss +1999-03-02 09:44:33 10HmbF-0005vi-00 OCSP unusable with this GnuTLS library version +1999-03-02 09:44:33 10HmbF-0005vi-00 H=127.0.0.1 [127.0.0.1] TLS error on connection (certificate status check failed) +1999-03-02 09:44:33 10HmbF-0005vi-00 client ocsp status: 3 (failed) +1999-03-02 09:44:33 10HmbF-0005vi-00 == failrevoked@test.ex R=client T=send_to_server3 defer (-37) H=127.0.0.1 [127.0.0.1]: failure while setting up TLS session +1999-03-02 09:44:33 10HmbG-0005vi-00 <= CALLER@server1.example.com U=CALLER P=local S=sss +1999-03-02 09:44:33 10HmbG-0005vi-00 OCSP unusable with this GnuTLS library version +1999-03-02 09:44:33 10HmbG-0005vi-00 H=127.0.0.1 [127.0.0.1] TLS error on connection (certificate status check failed) +1999-03-02 09:44:33 10HmbG-0005vi-00 client ocsp status: 3 (failed) +1999-03-02 09:44:33 10HmbG-0005vi-00 == failexpired@test.ex R=client T=send_to_server3 defer (-37) H=127.0.0.1 [127.0.0.1]: failure while setting up TLS session + +******** SERVER ******** +1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 +1999-03-02 09:44:33 OCSP unusable with this GnuTLS library version +1999-03-02 09:44:33 10HmaY-0005vi-00 client claims: OCSP status 1 (notresp) +1999-03-02 09:44:33 10HmaY-0005vi-00 <= CALLER@server1.example.com H=the.local.host.name (server1.example.com) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no S=sss id=E10HmaX-0005vi-00@server1.example.com +1999-03-02 09:44:33 10HmaY-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmaY-0005vi-00 Completed +1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 +1999-03-02 09:44:33 OCSP unusable with this GnuTLS library version +1999-03-02 09:44:33 10HmbA-0005vi-00 client claims: OCSP status 1 (notresp) +1999-03-02 09:44:33 10HmbA-0005vi-00 <= CALLER@server1.example.com H=the.local.host.name (server1.example.com) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no S=sss id=E10HmaZ-0005vi-00@server1.example.com +1999-03-02 09:44:33 10HmbA-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbA-0005vi-00 Completed +1999-03-02 09:44:33 OCSP unusable with this GnuTLS library version +1999-03-02 09:44:33 10HmbC-0005vi-00 client claims: OCSP status 0 (notreq) +1999-03-02 09:44:33 10HmbC-0005vi-00 <= CALLER@server1.example.com H=the.local.host.name (server1.example.com) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no S=sss id=E10HmbB-0005vi-00@server1.example.com +1999-03-02 09:44:33 10HmbC-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbC-0005vi-00 Completed +1999-03-02 09:44:33 OCSP unusable with this GnuTLS library version +1999-03-02 09:44:33 TLS error on connection from [127.0.0.1] (recv): The TLS connection was non-properly terminated. +1999-03-02 09:44:33 TLS error on connection from [127.0.0.1] (send): The specified session has been invalidated for some reason. +1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 +1999-03-02 09:44:33 OCSP unusable with this GnuTLS library version +1999-03-02 09:44:33 TLS error on connection from [127.0.0.1] (recv): The TLS connection was non-properly terminated. +1999-03-02 09:44:33 TLS error on connection from [127.0.0.1] (send): The specified session has been invalidated for some reason. +1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 +1999-03-02 09:44:33 OCSP unusable with this GnuTLS library version +1999-03-02 09:44:33 TLS error on connection from [127.0.0.1] (recv): The TLS connection was non-properly terminated. +1999-03-02 09:44:33 TLS error on connection from [127.0.0.1] (send): The specified session has been invalidated for some reason. +1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 +1999-03-02 09:44:33 OCSP unusable with this GnuTLS library version +1999-03-02 09:44:33 TLS error on connection from [127.0.0.1] (recv): The TLS connection was non-properly terminated. +1999-03-02 09:44:33 TLS error on connection from [127.0.0.1] (send): The specified session has been invalidated for some reason. diff --git a/test/stderr/5650.debian8 b/test/stderr/5650.debian8 new file mode 100644 index 000000000..fca719784 --- /dev/null +++ b/test/stderr/5650.debian8 @@ -0,0 +1,2 @@ +ocsp decode: The requested data were not available.ocsp decode: The requested data were not available. +******** SERVER ******** diff --git a/test/stdout/5650.debian8 b/test/stdout/5650.debian8 new file mode 100644 index 000000000..ca0911297 --- /dev/null +++ b/test/stdout/5650.debian8 @@ -0,0 +1,117 @@ +Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected +Certificate file = aux-fixed/cert2 +Key file = aux-fixed/cert2 +??? 220 +<<< 220 server1.example.com ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 +>>> ehlo rhu.barb +??? 250- +<<< 250-server1.example.com Hello rhu.barb [ip4.ip4.ip4.ip4] +??? 250- +<<< 250-SIZE 52428800 +??? 250- +<<< 250-8BITMIME +??? 250- +<<< 250-PIPELINING +??? 250- +<<< 250-STARTTLS +??? 250 +<<< 250 HELP +>>> starttls +??? 220 +<<< 220 TLS go ahead +Attempting to start TLS +Failed to verify certificate status +>>> mail from: +??? 250 +<<< 250 OK +>>> rcpt to: +??? 250 +<<< 250 Accepted +>>> quit +??? 221 +<<< 221 server1.example.com closing connection +End of script +Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected +Certificate file = aux-fixed/cert2 +Key file = aux-fixed/cert2 +??? 220 +<<< 220 server1.example.com ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 +>>> ehlo rhu.barb +??? 250- +<<< 250-server1.example.com Hello rhu.barb [ip4.ip4.ip4.ip4] +??? 250- +<<< 250-SIZE 52428800 +??? 250- +<<< 250-8BITMIME +??? 250- +<<< 250-PIPELINING +??? 250- +<<< 250-STARTTLS +??? 250 +<<< 250 HELP +>>> starttls +??? 220 +<<< 220 TLS go ahead +Attempting to start TLS +Bad certificate +End of script +Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected +Certificate file = aux-fixed/cert2 +Key file = aux-fixed/cert2 +??? 220 +<<< 220 server1.example.com ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 +>>> ehlo rhu.barb +??? 250- +<<< 250-server1.example.com Hello rhu.barb [ip4.ip4.ip4.ip4] +??? 250- +<<< 250-SIZE 52428800 +??? 250- +<<< 250-8BITMIME +??? 250- +<<< 250-PIPELINING +??? 250- +<<< 250-STARTTLS +??? 250 +<<< 250 HELP +>>> starttls +??? 220 +<<< 220 TLS go ahead +Attempting to start TLS +Failed to verify certificate status +End of script +Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected +Certificate file = aux-fixed/cert2 +Key file = aux-fixed/cert2 +??? 220 +<<< 220 server1.example.com ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 +>>> ehlo rhu.barb +??? 250- +<<< 250-server1.example.com Hello rhu.barb [ip4.ip4.ip4.ip4] +??? 250- +<<< 250-SIZE 52428800 +??? 250- +<<< 250-8BITMIME +??? 250- +<<< 250-PIPELINING +??? 250- +<<< 250-STARTTLS +??? 250 +<<< 250 HELP +>>> starttls +??? 220 +<<< 220 TLS go ahead +Attempting to start TLS +Succeeded in starting TLS +>>> ehlo rhu.barb.tls +??? 250- +<<< 250-server1.example.com Hello rhu.barb.tls [ip4.ip4.ip4.ip4] +??? 250- +<<< 250-SIZE 52428800 +??? 250- +<<< 250-8BITMIME +??? 250- +<<< 250-PIPELINING +??? 250 +<<< 250 HELP +>>> quit +End of script -- 2.30.2