X-Git-Url: https://git.exim.org/users/heiko/exim.git/blobdiff_plain/cfc5483092684ed5775a8e0d9b3071ee2c37780c..f59aaaaa6e9a836732363378bc0c8ffa6df5a853:/test/README diff --git a/test/README b/test/README index 43d641375..485ce290d 100644 --- a/test/README +++ b/test/README @@ -1,12 +1,10 @@ -$Cambridge: exim/test/README,v 1.5 2006/10/31 11:37:47 ph10 Exp $ - EXPORTABLE EXIM TEST SUITE -------------------------- This document last updated for: -Test Suite Version: 4.64 -Date: 31 October 2006 +Test Suite Version: 4.87 +Date: 30 January 2016 BACKGROUND @@ -65,18 +63,29 @@ In order to run this test suite, the following requirements must be met: Defaults timestamp_timeout=480 in /etc/sudoers, a password lasts for 8 hours (a working day). It is - probably not a good idea to run the tests as the Exim user, as this is - recognized as special by Exim. - -(3) The login under which you run the tests must be in the exim group so that - it has access to logs, spool files, etc. The login should not be one of the - names "userx", "usery", "userz", or a few other simple ones such as "abcd" - and "xyz" and single letters that are used in the tests. The test suite - expects the login to have a gecos name; I think it will now run if the - gecos field is empty but there may be anomalies. + not permitted to run the tests as the Exim user because the test suite + tracks the two users independently. Using the same user would result + in false positives on some tests. + + Further, some tests invoke sudo in an environment where there might not be + a TTY, so tickets should be global, not per-TTY. Taking this all together + and assuming a user of "exim-build", you might have this in sudoers: + + Defaults:exim-build timestamp_timeout=480,!tty_tickets + +(3) The login under which you run the tests must have the exim group as a + secondary so that it has access to logs, spool files, etc. However, it + should have a different primary group (eg. "users" vs. "eximgroup"). The + login should not be one of the names "userx", "usery", "userz", or a few + other simple ones such as "abcd" and "xyz" and single letters that are used + in the tests. The test suite expects the login to have a gecos name; I think + it will now run if the gecos field is empty but there may be anomalies. + The login must not contain a dash or an equal sign. (Otherwise some tests + about local_from_{suffix,prefix} will fail.) (4) The directory into which you unpack the test suite must be accessible by - the Exim user, so that code running as exim can access the files therein. A + the Exim user, so that code running as exim can access the files therein. + This includes search-access on all path elements leading to it. A world-readable directory is fine. However, there may be problems if the path name of the directory is excessively long. This is because it sometimes appears in log lines or debug output, and if it is truncated, it @@ -85,9 +94,10 @@ In order to run this test suite, the following requirements must be met: (5) Exim must be built with its user and group specified at build time, and with certain minimum facilities, namely: - Routers: accept, dnslookup, manualroute, redirect - Transports: appendfile, autoreply, pipe, smtp - Lookups: lsearch + Routers: accept, dnslookup, manualroute, redirect + Transports: appendfile, autoreply, pipe, smtp + Lookups: lsearch + Authenticators: plaintext Most Exim binaries will have these included. @@ -105,7 +115,23 @@ In order to run this test suite, the following requirements must be met: is also an IPv6 address, additional tests are run when the Exim binary contains IPv6 support. There are checks in the scripts for a running IPv4 interface; when one is not found, some tests are skipped (with a warning - message). + message). The local net may not be in 10.0/8 as that is used by the suite. + +(9) Exim must be built with TRUSTED_CONFIG_LIST support, so that the test + configs can be placed into it. A suitable file location is .../exim/test/trusted_configs + with content .../exim/test/test-config [fill out the ... to make full + paths]. This file should be owner/group matching CONFIGURE_OWNER/GROUP, + or root/root, and it has to be accessible for the login, under which + you run the tests. The config files in .../exim/test/confs/ should be + owner/group the same. DISABLE_D_OPTION must not be used. If ALT_CONFIG_PREFIX is used, it + must contain the directory of the test-suite. WHITELIST_D_MACROS should contain: + + DIR:EXIM_PATH:AA:ACL:ACLRCPT:ACL_MAIL:ACL_PREDATA:ACL_RCPT:AFFIX:ALLOW:ARG1:ARG2:AUTHF:AUTHS:AUTH_ID_DOMAIN:BAD:BANNER:BB:BR:BRB:CERT:COM:COMMAND_USER:CONNECTCOND:CONTROL:CREQCIP:CREQMAC:CRL:CSS:D6:DATA:DCF:DDF:DEFAULTDWC:DELAY:DETAILS:DRATELIMIT:DYNAMIC_OPTION:ELI:ERROR_DETAILS:ERT:FAKE:FALLBACK:FILTER:FILTER_PREPEND_HOME:FORBID:FORBID_SMTP_CODE:FUSER:HAI:HAP:HARDLIMIT:HEADER_LINE_MAXSIZE:HEADER_MAXSIZE:HELO_MSG:HL:HOSTS:HOSTS_AVOID_TLS:HOSTS_MAX_TRY:HVH:IFACE:IGNORE_QUOTA:INC:INSERT:IP1:IP2:LAST:LDAPSERVERS:LENCHECK:LIMIT:LIST:LOG_SELECTOR:MAXNM:MESSAGE_LOGS:MSIZE:NOTDAEMON:ONCE:ONLY:OPT:OPTION:ORDER:PAH:PEX:PORT:PTBC:QDG:QOLL:QUOTA:QUOTA_FILECOUNT:QWM:RCPT_MSG:REMEMBER:REQUIRE:RETRY:RETRY1:RETRY2:RETURN:RETURN_ERROR_DETAILS:REWRITE:ROUTE_DATA:RRATELIMIT:SELECTOR:SELF:SERVER:SERVERS:SREQCIP:SREQMAC:SRV:STRICT:SUB:SUBMISSION_OPTIONS:TIMEOUTDEFER:TIMES:TRUSTED:TRYCLEAR:UL:USE_SENDER:UTF8:VALUE:WMF + +(10) Exim must *not* be built with USE_READLINE, as the test-suite's automation + assumes the simpler I/O model. + Exim must *not* be built with HEADERS_CHARSET set to UTF-8. + OPTIONAL EXTRAS @@ -125,12 +151,15 @@ RUNNING THE TEST SUITE (2) cd into the exim-testsuite-x.xx directory. -(3) Run "./configure" and then "make". This builds a few auxiliary programs - that are written in C. +(3) Run "autoconf" then "./configure" and then "make". This builds a few + auxiliary programs that are written in C. -(4) Run "./runtest" (a Perl script) as described below. +(4) echo $PWD/test-config >> your_TRUSTED_CONFIG_LIST_filename + Typically that is .../exim/test/trusted_configs -(5) If you want to see what tests are available, run "./listtests". +(5) Run "./runtest" (a Perl script) as described below. + +(6) If you want to see what tests are available, run "./listtests". BREAKING OUT OF THE TEST SCRIPT @@ -186,10 +215,12 @@ THE RUNTEST SCRIPT ------------------ If you do not supply any arguments to ./runtest, it searches for an Exim -source tree at the same level as the test suite directory. It then looks for an -Exim binary in a "build" directory of that source tree. If there are several -Exim source trees, it chooses the latest version of Exim. Consider the -following example: +source tree at the same level as the test suite directory. A source tree +is a source tree, if it contains a build-* directory. + +It then looks for an Exim binary in a "build" directory of that source +tree. If there are several Exim source trees, it chooses the latest +version of Exim. Consider the following example: $ ls -F /source/exim exim-4.60/ exim-4.62/ exim-testsuite-x.xx/ @@ -216,6 +247,11 @@ is as follows: There are some options for the ./runtest script itself: + -CONTINUE This will allow the script to move past some failing tests. It will + write a simple failure line with the test number in a temporary + logfile test/failed-summary.log. Unexpected exit codes will still + stall the test execution and require interaction. + -DEBUG This option is for debugging the test script. It causes some tracing information to be output. @@ -228,6 +264,17 @@ There are some options for the ./runtest script itself: (If it turns out that most people prefer to use diff, I'll change the default.) + -FLAVOR + -FLAVOUR + This allows "overrides" for the test results. It's intended + use is to deal with distro specific differences in the test + output. The default flavour is "foo". If during the test + run differences between the current and the expected output + are found and no flavour file exists already, you may update + the "common" expected output or you may create a flavour + file. If a flavour file already exists, any updates will go + into that flavour file! + -KEEP Normally, after a successful run, the test output files are deleted. This option prevents this. It is useful when running a single test, in order to look at the actual output before it is @@ -342,7 +389,7 @@ default, the output is from the "cf" program, and might look like this: 1 difference found. "test-stdout-munged" contains 16 lines; "stdout/1300" contains 18 lines. - Continue, Update & retry, Quit? [Q] + Continue, Retry, Update & retry, Quit? [Q] This example was generated by running the test with a version of Exim that had a bug in the exim_dbmbuild utility (the bug was fixed at release @@ -351,7 +398,7 @@ used. In this case, the standard output differed from what was expected. The reply to the prompt must either be empty, in which case it takes the default that is given in brackets (in this case Q), or a single letter, in -upper or lower case (in this case, one of C, U, or Q). If you type anything +upper or lower case (in this case, one of C, R, U, or Q). If you type anything else, the prompt is repeated. "Continue" carries on as if the files had matched; that is, it ignores the @@ -361,6 +408,8 @@ moving on to the next test. "Update & retry" copies the new file to the saved file, and reruns the test after doing any further comparisons that may be necessary. +"Retry" does the same apart from the file copy. + Other circumstances give rise to other prompts. If a test generates output for which there is no saved data, the prompt (after a message stating which file is unexpectely not empty) is: @@ -398,6 +447,40 @@ OTHER ISSUES . Test 0142 tests open file descriptors; on some hosts the output may vary. +. Some tests may fail, for example 0022, because it says it uses cached data + when the expected output thinks it should not be in cache. Item #5 in the + Requirements section has: + "Exim must be built with its user and group specified at build time" + This means that you cannot use the "ref:username" in your Local/Makefile + when building the exim binary, in any of the following fields: + EXIM_USER EXIM_GROUP CONFIGURE_OWNER CONFIGURE_GROUP + +. If the runtest script warns that the hostname is not a Fully Qualified + Domain Name (FQDN), expect that some tests will fail, for example 0036, + with an extra log line saying the hostname doesn't resolve. You must use a + FQDN for the hostname for proper test functionality. + +. If you change your hostname to a FQDN, you must delete the test/dnszones + subdirectory. When you next run the runtest script, it will rebuild the + content to use the new hostname. + +. If your hostname has an uppercase characters in it, expect that some tests + will fail, for example, 0036, because some log lines will have the hostname + in all lowercase. The regex which extracts the hostname from the log lines + will not match the lowercased version. + +. Some tests may fail, for example 0015, with a cryptic error message: + Server return code 99 + Due to security concerns, some specific files MUST have the group write bit + off. For the purposes of the test suite, some test/aux-fixed/* files MUST + have the group write bit off, so it's easier to just remove the group write + bit for all of them. If your umask is set to 002, the group write bit will + be on by default and you'll see this problem, so make sure your umask is + 022 and re-checkout the test/ subdirectory. + +. Some tests will fail if the username and group name are different. It does + not have to be the primary group, a secondary group is sufficient. + OTHER SCRIPTS AND PROGRAMS -------------------------- @@ -436,7 +519,11 @@ bin/iefbr14 A program that does nothing, and returns 0. It's just like bin/loaded Some dynamically loaded functions for testing dlfunc support. -bin/server A script-driven SMTP server simulation. +bin/mtpscript A script-driven SMTP/LMTP server simulation, on std{in,out}. + +bin/server A script-driven SMTP server simulation, over a socket. + +bin/showids Output the current uid, gid, euid, egid. The runtest script also makes use of a number of ordinary commands such as "cp", "kill", "more", and "rm", via the system() call. In some cases these are @@ -464,6 +551,7 @@ here: PORT_D is replaced by a port number for normal daemon use PORT_N is replaced by a port number that should never respond PORT_S is replaced by a port number for normal bin/server use + PORT_DYNAMIC is replaced by a port number allocated dynamically TESTNUM is replaced by the current test number V4NET is replaced by an IPv4 network number for testing V6NET is replaced by an IPv6 network number for testing @@ -474,6 +562,10 @@ testing purposes, and for testing Exim with -bh. The only requirement is that they are networks that can never be used for an IP address of a real host. I've chosen two multicast networks for the moment. +PORT_DYNAMIC is allocated by hunting for a free port (starting at port +1024) a listener can bind to. This is done by runtest, for simulating +inetd operations. + If the host has no IPv6 address, "" is substituted but that does not matter because no IPv6 tests will be run. A similar substitution is made if there is no IPv4 address, and again, tests that actually require a @@ -610,7 +702,7 @@ only when DBM support is available in Exim, and typically follows the use of a "write" command (see below) that creates the input file. - dumpdb + dump This command runs the exim_dumpdb utility on the testing spool directory, using the database name given, for example: "dumpdb retry". @@ -633,6 +725,12 @@ The file remains locked with the following command (normally exim) is obeyed. This command runs the exinext utility with the given argument data. + exigrep + +This command runs the exigrep utility with the given data (the search pattern) +on the current mainlog file. + + gnutls This command is present at the start of all but one of the tests that use @@ -655,6 +753,12 @@ This command causes the script to sleep for m milliseconds. Nothing is output to the screen. + munge + +This command requests custom munging of the test outputs. The munge names +used are coded in the runtest script (look for 'name of munge'). + + need_ipv4 This command must be at the head of a script. If no IPv4 interface has been @@ -743,6 +847,12 @@ terminated by four asterisks. Even if no data is required for the particular usage, the asterisks must be given. + background + +This command takes one script line and runs it in the background, +in parallel with following commands. For external daemons, eg. redis-server. + + catwrite [nxm[=start-of-line-text]]* This command operates like the "write" command, which is described below, @@ -755,9 +865,12 @@ as well as to the named file. This command runs the auxiliary "client" program that simulates an SMTP client. It is controlled by a script read from its standard input, details of which are -given below. The only option is -t, which must be followed by a number, to -specify the command timeout in seconds. The program connects to the given IP -address and port, using the specified interface, if one is given. +given below. There are two options. One is -t, which must be followed directly +by a number, to specify the command timeout in seconds (e.g. -t5). The default +timeout is 5 seconds. The other option is -tls-on-connect, which causes the +client to try to start up a TLS session as soon as it has connected, without +using the STARTTLS command. The client program connects to the given IP address +and port, using the specified interface, if one is given. client-ssl [] [] \ @@ -765,9 +878,11 @@ address and port, using the specified interface, if one is given. When OpenSSL is available on the host, an alternative version of the client program is compiled, one that supports TLS using OpenSSL. The additional -arguments specify a certificate and key file when required. There is one -additional option, -tls-on-connect, that causes the client to initiate TLS -negotiation immediately on connection. +arguments specify a certificate and key file when required for the connection. +There are two additional options: -tls-on-connect, that causes the client to +initiate TLS negociation immediately on connection; -ocsp that causes the TLS +negotiation to include a certificate-status request. The latter takes a +filename argument, the CA info for verifying the stapled response. client-gnutls [] [] \ @@ -798,6 +913,11 @@ example: Finally, "exim" can be preceded by "sudo", to run Exim as root. If more than one of these prefixes is present, they must be in the above order. +If the options include "-DSERVER" but not "-DNOTDAEMON", the script waits for +Exim to start but then continues without waiting for it to terminate. Typically +this will be for a daemon-mode "-bd" operation. The daemon should be later +terminated using "killdaemon". + exim_exim [] [] @@ -813,13 +933,17 @@ input, details of which are given below. A number of options are implemented: -d causes the server to output debugging information - -t sets a timeout in seconds (default 5) for when the server is - awaiting an incoming connection + -t sets a timeout (default 5) for when the server is + awaiting an incoming connection. If negative, the + absolute value is used and a timeout results in a + nonfailure exit code -noipv4 causes the server not to set up an IPv4 socket -noipv6 causes the server not to set up an IPv6 socket + -i sets an initial pause, to delay before creating the listen sockets + By default, in an IPv6 environment, both kinds of socket are set up. However, the test script knows which interfaces actually exist on the host, and it adds -noipv4 or -noipv6 to the server command as required. An error occurs if both @@ -902,7 +1026,7 @@ Lines in client scripts are of two kinds: Here is a simple example: client 127.0.0.1 PORT_D - ??? 250 + ??? 220 EHLO xxx ??? 250- ??? 250 @@ -935,7 +1059,10 @@ are of the following kinds: (d) If the line starts with ">*eof", nothing is sent and the connection is closed. - The data that is sent starts after the initial '>' sequence. + The data that is sent starts after the initial '>' sequence. Within + each line the sequence '\x' followed by two hex digits can be used + to specify an arbitrary byte value. The sequence '\\' specifies a + single backslash. (2) A line that starts with "*sleep" specifies a number of seconds to wait before proceeding. @@ -949,9 +1076,12 @@ are of the following kinds: (5) Otherwise, the line defines the start of an input line that the client is expected to send. To allow for lines that start with digits, the line may start with '<', which is not taken as part of the input data. If the - input does not match, the server bombs out with an error message. + lines starts with '<<' then only the characters are expected; no return- + linefeed terminator. If the input does not match, the server bombs out + with an error message. Backslash-escape sequences may be used in the + line content as for output lines. -Here is a simple server example: +Here is a simple example of server use in a test script: server PORT_S 220 Greetings @@ -974,6 +1104,11 @@ After a "server" command in a test script, the server runs in parallel until an messages to port PORT_S on the local host. When it has finished, the test script waits for the "server" process to finish. +The "mtpscript" program is like "server", except that it uses stdin/stdout for +its input and output instead of a script. However, it is not called from test +scripts; instead it is used as the command for pipe transports in some +configurations, to simulate non-socket LMTP servers. + AUXILIARY DATA FILES -------------------- @@ -1027,8 +1162,15 @@ directory by applying the standard substitutions. The test suite also builds dynamic zone files for the name of the current host and its IP address(es). The idea is that there should not be any need to rely on an external DNS. -The domain names that are handled directly by Exim, without being passed to -fakens, are: +The fakens program handles some names programmatically rather than using the +fake zone files. These are: + + manyhome.test.ex This name is used for testing hosts with ridiculously large + numbers of IP addresses; 2048 IP addresses are generated + and returned. Doing it this way saves having to make the + interface to fakens handle more records that can fit in the + data block. The addresses that are generated are in the + 10.250.0.0/16 network. test.again.dns This always provokes a TRY_AGAIN response, for testing the handling of temporary DNS error. If the full domain name @@ -1037,23 +1179,12 @@ fakens, are: test.fail.dns This always provokes a NO_RECOVERY response, for testing DNS server failures. -This special handling could now be done in the fakens program, but while the -old test suite is still being used it has to be done in Exim itself, so for the -moment it remains there. - The use of gethostbyname() and its IPv6 friends is also subverted when Exim is running in the test harness. The test code handles a few special names directly; for all the others it uses DNS lookups, which are then handled as just described. Thus, the use of /etc/hosts is completely bypassed. The names that are specially handled are: - manyhome.test.ex This name is used for testing hosts with ridiculously large - numbers of IP addresses; 2048 IP addresses are generated - and returned. Doing it this way saves having to make the - interface to fakens handle more records that can fit in the - data block. The addresses that are generated are in the - 10.250.0.0/16 network. - localhost Always returns 127.0.0.1 or ::1, for IPv4 and IPv6 lookups, respectively.