From 90e0b2485d19eea5e93b5adad2fbcce5fc48a237 Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Tue, 19 Jan 2021 22:12:16 +0000 Subject: [PATCH 1/1] Testsuite: case for TLS client tls-on-connect --- test/confs/1160 | 88 ++++++++++++++++++++++++++++++++ test/log/1160 | 25 +++++++++ test/mail/1160.CALLER | 34 ++++++++++++ test/mail/1160.abcd | 17 ++++++ test/mail/1160.xyz | 16 ++++++ test/scripts/1100-Basic-TLS/1160 | 20 ++++++++ test/stderr/1160 | 76 +++++++++++++++++++++++++++ 7 files changed, 276 insertions(+) create mode 100644 test/confs/1160 create mode 100644 test/log/1160 create mode 100644 test/mail/1160.CALLER create mode 100644 test/mail/1160.abcd create mode 100644 test/mail/1160.xyz create mode 100644 test/scripts/1100-Basic-TLS/1160 create mode 100644 test/stderr/1160 diff --git a/test/confs/1160 b/test/confs/1160 new file mode 100644 index 000000000..c4898310e --- /dev/null +++ b/test/confs/1160 @@ -0,0 +1,88 @@ +# Exim test configuration 2160 + +SERVER = + +.include DIR/aux-var/tls_conf_prefix + +primary_hostname = myhost.test.ex + +# ----- Main settings ----- + +domainlist local_domains = test.ex : *.test.ex + +acl_smtp_rcpt = check_recipient +queue_only +queue_run_in_order +remote_max_parallel = 1 + +tls_advertise_hosts = * +tls_on_connect_ports = PORT_D + +tls_certificate = DIR/aux-fixed/cert1 + +# ------ ACL ------ + +begin acl + +check_recipient: + accept domains = +local_domains + deny message = relay not permitted + + +# ----- Routers ----- + +begin routers + +client: + driver = accept + condition = ${if eq {SERVER}{server}{no}{yes}} + retry_use_local_part + transport = send_to_server${if eq{$local_part}{abcd}{2}{1}} + +server: + driver = accept + retry_use_local_part + transport = local_delivery + + +# ----- Transports ----- + +begin transports + +local_delivery: + driver = appendfile + file = DIR/test-mail/${bless:$local_part} + headers_add = TLS: cipher=$tls_cipher peerdn=$tls_peerdn + user = CALLER + +send_to_server1: + driver = smtp + allow_localhost + hosts = 127.0.0.1 + port = PORT_D + hosts_try_fastopen = : + protocol = smtps + tls_verify_certificates = DIR/aux-fixed/cert1 + tls_verify_cert_hostnames = : + helo_data = helo.data.changed + +send_to_server2: + driver = smtp + allow_localhost + hosts = HOSTIPV4 + port = PORT_D + hosts_try_fastopen = : + protocol = smtps + tls_verify_certificates = DIR/aux-fixed/cert1 + tls_verify_cert_hostnames = : + + +# ----- Retry ----- + + +begin retry + +* * F,5d,10s + + +# End diff --git a/test/log/1160 b/test/log/1160 new file mode 100644 index 000000000..f1c0aa8ab --- /dev/null +++ b/test/log/1160 @@ -0,0 +1,25 @@ +1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss +1999-03-02 09:44:33 10HmaY-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss +1999-03-02 09:44:33 Start queue run: pid=pppp -qf +1999-03-02 09:44:33 10HmaX-0005vi-00 => CALLER@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmaZ-0005vi-00" +1999-03-02 09:44:33 10HmaX-0005vi-00 Completed +1999-03-02 09:44:33 10HmaY-0005vi-00 => CALLER@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmbA-0005vi-00" +1999-03-02 09:44:33 10HmaY-0005vi-00 -> xyz@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmbA-0005vi-00" +1999-03-02 09:44:33 10HmaY-0005vi-00 => abcd@test.ex R=client T=send_to_server2 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmbB-0005vi-00" +1999-03-02 09:44:33 10HmaY-0005vi-00 Completed +1999-03-02 09:44:33 End queue run: pid=pppp -qf + +******** SERVER ******** +1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTPS on port PORT_D +1999-03-02 09:44:33 10HmaZ-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaX-0005vi-00@myhost.test.ex +1999-03-02 09:44:33 10HmbA-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaY-0005vi-00@myhost.test.ex +1999-03-02 09:44:33 10HmbB-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaY-0005vi-00@myhost.test.ex +1999-03-02 09:44:33 Start queue run: pid=pppp -qf +1999-03-02 09:44:33 10HmaZ-0005vi-00 => CALLER R=server T=local_delivery +1999-03-02 09:44:33 10HmaZ-0005vi-00 Completed +1999-03-02 09:44:33 10HmbA-0005vi-00 => CALLER R=server T=local_delivery +1999-03-02 09:44:33 10HmbA-0005vi-00 => xyz R=server T=local_delivery +1999-03-02 09:44:33 10HmbA-0005vi-00 Completed +1999-03-02 09:44:33 10HmbB-0005vi-00 => abcd R=server T=local_delivery +1999-03-02 09:44:33 10HmbB-0005vi-00 Completed +1999-03-02 09:44:33 End queue run: pid=pppp -qf diff --git a/test/mail/1160.CALLER b/test/mail/1160.CALLER new file mode 100644 index 000000000..f7669bdbc --- /dev/null +++ b/test/mail/1160.CALLER @@ -0,0 +1,34 @@ +From CALLER@myhost.test.ex Tue Mar 02 09:44:33 1999 +Received: from [127.0.0.1] (helo=helo.data.changed) + by myhost.test.ex with esmtps (TLS1.x:ke-RSA-AES256-SHAnnn:xxx) + (Exim x.yz) + (envelope-from ) + id 10HmaZ-0005vi-00 + for CALLER@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 +Received: from CALLER by myhost.test.ex with local (Exim x.yz) + (envelope-from ) + id 10HmaX-0005vi-00 + for CALLER@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 +Message-Id: +From: CALLER_NAME +Date: Tue, 2 Mar 1999 09:44:33 +0000 +TLS: cipher=TLS1.x:ke-RSA-AES256-SHAnnn:xxx peerdn= + +Test message. Contains FF: ÿ + +From CALLER@myhost.test.ex Tue Mar 02 09:44:33 1999 +Received: from [127.0.0.1] (helo=helo.data.changed) + by myhost.test.ex with esmtps (TLS1.x:ke-RSA-AES256-SHAnnn:xxx) + (Exim x.yz) + (envelope-from ) + id 10HmbA-0005vi-00; Tue, 2 Mar 1999 09:44:33 +0000 +Received: from CALLER by myhost.test.ex with local (Exim x.yz) + (envelope-from ) + id 10HmaY-0005vi-00; Tue, 2 Mar 1999 09:44:33 +0000 +Message-Id: +From: CALLER_NAME +Date: Tue, 2 Mar 1999 09:44:33 +0000 +TLS: cipher=TLS1.x:ke-RSA-AES256-SHAnnn:xxx peerdn= + +Test message to two different hosts + diff --git a/test/mail/1160.abcd b/test/mail/1160.abcd new file mode 100644 index 000000000..8a6aae2cc --- /dev/null +++ b/test/mail/1160.abcd @@ -0,0 +1,17 @@ +From CALLER@myhost.test.ex Tue Mar 02 09:44:33 1999 +Received: from the.local.host.name ([ip4.ip4.ip4.ip4] helo=myhost.test.ex) + by myhost.test.ex with esmtps (TLS1.x:ke-RSA-AES256-SHAnnn:xxx) + (Exim x.yz) + (envelope-from ) + id 10HmbB-0005vi-00 + for abcd@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 +Received: from CALLER by myhost.test.ex with local (Exim x.yz) + (envelope-from ) + id 10HmaY-0005vi-00; Tue, 2 Mar 1999 09:44:33 +0000 +Message-Id: +From: CALLER_NAME +Date: Tue, 2 Mar 1999 09:44:33 +0000 +TLS: cipher=TLS1.x:ke-RSA-AES256-SHAnnn:xxx peerdn= + +Test message to two different hosts + diff --git a/test/mail/1160.xyz b/test/mail/1160.xyz new file mode 100644 index 000000000..e304d943c --- /dev/null +++ b/test/mail/1160.xyz @@ -0,0 +1,16 @@ +From CALLER@myhost.test.ex Tue Mar 02 09:44:33 1999 +Received: from [127.0.0.1] (helo=helo.data.changed) + by myhost.test.ex with esmtps (TLS1.x:ke-RSA-AES256-SHAnnn:xxx) + (Exim x.yz) + (envelope-from ) + id 10HmbA-0005vi-00; Tue, 2 Mar 1999 09:44:33 +0000 +Received: from CALLER by myhost.test.ex with local (Exim x.yz) + (envelope-from ) + id 10HmaY-0005vi-00; Tue, 2 Mar 1999 09:44:33 +0000 +Message-Id: +From: CALLER_NAME +Date: Tue, 2 Mar 1999 09:44:33 +0000 +TLS: cipher=TLS1.x:ke-RSA-AES256-SHAnnn:xxx peerdn= + +Test message to two different hosts + diff --git a/test/scripts/1100-Basic-TLS/1160 b/test/scripts/1100-Basic-TLS/1160 new file mode 100644 index 000000000..ce7298e47 --- /dev/null +++ b/test/scripts/1100-Basic-TLS/1160 @@ -0,0 +1,20 @@ +# TLS client: tls-on-connect +# +# For packet-capture, use "runtest -keep" and add (at least) tls debug on the daemon line. +# For GnuTLS, additionally run the daemon under sudo. +# Tell wireshark to use DIR/spool/sslkeys for Master Secret log, and decode TCP/1225 as TLS, TLS/1225 as SMTP +# +# sudo exim -DSERVER=server -d+tls -bd -oX PORT_D +exim -DSERVER=server -bd -oX PORT_D +**** +exim CALLER@test.ex +Test message. Contains FF: ÿ +**** +exim CALLER@test.ex abcd@test.ex xyz@test.ex +Test message to two different hosts +**** +exim -v -qf +**** +killdaemon +exim -DSERVER=server -DNOTDAEMON -qf +**** diff --git a/test/stderr/1160 b/test/stderr/1160 new file mode 100644 index 000000000..3b0b5c0a3 --- /dev/null +++ b/test/stderr/1160 @@ -0,0 +1,76 @@ +LOG: queue_run MAIN + Start queue run: pid=pppp -qf +delivering 10HmaX-0005vi-00 (queue run pid ppppp) +Connecting to 127.0.0.1 [127.0.0.1]:1225 ... connected + SMTP<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 + SMTP>> EHLO helo.data.changed + SMTP<< 250-myhost.test.ex Hello helo.data.changed [127.0.0.1] + 250-SIZE 52428800 + 250-8BITMIME + 250-PIPELINING + 250 HELP + SMTP>> MAIL FROM: SIZE=ssss + SMTP>> RCPT TO: + SMTP>> DATA + SMTP<< 250 OK + SMTP<< 250 Accepted + SMTP<< 354 Enter message, ending with "." on a line by itself + SMTP>> writing message and terminating "." + SMTP<< 250 OK id=10HmaZ-0005vi-00 + SMTP>> QUIT + SMTP(close)>> +LOG: MAIN + => CALLER@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmaZ-0005vi-00" +LOG: MAIN + Completed +delivering 10HmaY-0005vi-00 (queue run pid ppppp) +Connecting to 127.0.0.1 [127.0.0.1]:1225 ... connected + SMTP<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 + SMTP>> EHLO helo.data.changed + SMTP<< 250-myhost.test.ex Hello helo.data.changed [127.0.0.1] + 250-SIZE 52428800 + 250-8BITMIME + 250-PIPELINING + 250 HELP + SMTP>> MAIL FROM: SIZE=ssss + SMTP>> RCPT TO: + SMTP>> RCPT TO: + SMTP>> DATA + SMTP<< 250 OK + SMTP<< 250 Accepted + SMTP<< 250 Accepted + SMTP<< 354 Enter message, ending with "." on a line by itself + SMTP>> writing message and terminating "." + SMTP<< 250 OK id=10HmbA-0005vi-00 + SMTP>> QUIT + SMTP(close)>> +LOG: MAIN + => CALLER@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmbA-0005vi-00" +LOG: MAIN + -> xyz@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmbA-0005vi-00" +Connecting to ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4]:1225 ... connected + SMTP<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 + SMTP>> EHLO myhost.test.ex + SMTP<< 250-myhost.test.ex Hello the.local.host.name [ip4.ip4.ip4.ip4] + 250-SIZE 52428800 + 250-8BITMIME + 250-PIPELINING + 250 HELP + SMTP>> MAIL FROM: SIZE=ssss + SMTP>> RCPT TO: + SMTP>> DATA + SMTP<< 250 OK + SMTP<< 250 Accepted + SMTP<< 354 Enter message, ending with "." on a line by itself + SMTP>> writing message and terminating "." + SMTP<< 250 OK id=10HmbB-0005vi-00 + SMTP>> QUIT + SMTP(close)>> +LOG: MAIN + => abcd@test.ex R=client T=send_to_server2 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmbB-0005vi-00" +LOG: MAIN + Completed +LOG: queue_run MAIN + End queue run: pid=pppp -qf + +******** SERVER ******** -- 2.30.2