From d1e5e96dd46f68ee04eb27995c026d5f9ae226f6 Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Fri, 26 Apr 2019 11:16:47 +0100 Subject: [PATCH] Testsuite: GnuTLS version variances (cherry picked from commit e20c4072da517616060d7a6e899b42f65ded4fb0) (cherry picked from commit 4a7269057fc3bfcb5b19376725431610407e67bc) --- test/confs/5652 | 2 +- test/log/2007.FOO | 9 --------- test/runtest | 13 +++++++------ 3 files changed, 8 insertions(+), 16 deletions(-) delete mode 100644 test/log/2007.FOO diff --git a/test/confs/5652 b/test/confs/5652 index 28d3a95bb..5b29f5b68 100644 --- a/test/confs/5652 +++ b/test/confs/5652 @@ -29,7 +29,7 @@ tls_ocsp_file = DRSA/server1.example.com/server1.example.com.ocsp.good.resp \ : DECDSA/server1.example_ec.com/server1.example_ec.com.ocsp.good.resp -tls_require_ciphers = NORMAL:!VERS-TLS1.3 +tls_require_ciphers = NORMAL:!VERS-ALL:+VERS-TLS1.2:+VERS-TLS1.0 # ------ ACL ------ diff --git a/test/log/2007.FOO b/test/log/2007.FOO deleted file mode 100644 index 483b70315..000000000 --- a/test/log/2007.FOO +++ /dev/null @@ -1,9 +0,0 @@ -1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss -1999-03-02 09:44:33 Start queue run: pid=pppp -qf -1999-03-02 09:44:33 10HmaX-0005vi-00 => userx@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no DN="C=UK,O=The Exim Maintainers,OU=Test Suite,CN=Phil Pennock" C="250 OK id=10HmaY-0005vi-00" -1999-03-02 09:44:33 10HmaX-0005vi-00 Completed -1999-03-02 09:44:33 End queue run: pid=pppp -qf - -******** SERVER ******** -1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 -1999-03-02 09:44:33 10HmaY-0005vi-00 <= CALLER@myhost.test.ex H=localhost (myhost.test.ex) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaX-0005vi-00@myhost.test.ex diff --git a/test/runtest b/test/runtest index ed930e4e3..62b242903 100755 --- a/test/runtest +++ b/test/runtest @@ -606,6 +606,7 @@ RESET_AFTER_EXTRA_LINE_READ: # TLS1.2:ECDHE_SECP256R1__RSA_SHA256__AES_256_GCM:256 # TLS1.2:ECDHE_SECP256R1__RSA_SHA256__AES_128_CBC__SHA256:128 # TLS1.2:ECDHE_SECP256R1__ECDSA_SHA512__AES_256_GCM:256 + # TLS1.2:ECDHE_RSA_SECP256R1__AES_256_GCM:256 (! 3.5.18 !) # TLS1.2:RSA__CAMELLIA_256_GCM:256 (leave the cipher name) # # X=TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256 @@ -618,12 +619,12 @@ RESET_AFTER_EXTRA_LINE_READ: # DHE-RSA-AES256-SHA # picking latter as canonical simply because regex easier that way. s/\bDHE_RSA_AES_128_CBC_SHA1:128/RSA-AES256-SHA1:256/g; - s/TLS1.[0123]: # TLS version - ((EC)?DHE(_((?PSK)_)?(SECP256R1|X25519))?__?)? # key-exchange - ((?RSA|ECDSA)((_PSS_RSAE)?_SHA(512|256))?__?)? # authentication - AES_(256|128)_(CBC|GCM) # cipher - (__?SHA(1|256|384))?: # PRF - (256|128) # cipher strength + s/TLS1.[0123]: # TLS version + ((EC)?DHE(_((?PSK)_)?((?RSA|ECDSA)_)?(SECP256R1|X25519))?__?)? # key-exchange + ((?RSA|ECDSA)((_PSS_RSAE)?_SHA(512|256))?__?)? # authentication + AES_(256|128)_(CBC|GCM) # cipher + (__?SHA(1|256|384))?: # PRF + (256|128) # cipher strength /"TLS1.x:ke-" . (defined($+{psk}) ? $+{psk} : "") . (defined($+{auth}) ? $+{auth} : "") -- 2.30.2