X-Git-Url: https://git.exim.org/users/jgh/exim.git/blobdiff_plain/3b90b1d1cde55d00590193db15fd6c7dd87f34c8..cc49c6977b5736353b07e174b0fbb01086097f80:/test/runtest diff --git a/test/runtest b/test/runtest index e8a3e8e85..be35e157f 100755 --- a/test/runtest +++ b/test/runtest @@ -64,7 +64,7 @@ my $force_continue = 0; my $force_update = 0; my $log_failed_filename = 'failed-summary.log'; my $log_summary_filename = 'run-summary.log'; -my $more = 'less -XF'; +my @more = qw'less -XF'; my $optargs = ''; my $save_output = 0; my $server_opts = ''; @@ -552,15 +552,19 @@ RESET_AFTER_EXTRA_LINE_READ: # the older (comment) style, keeping only the Auth element # (discarding kex, cipher, mac). For TLS 1.3 there is no kex # element (and no _WITH); insert a spurious "RSA". + # Also in $tls_X_cipher_std reporting. - s/^\s+by .+ with .+ \K tls TLS_.*?([^_]+)_WITH.+$/(TLS1.x:ke-$1-AES256-SHAnnn:xxx)/; - s/^\s+by .+ with .+ \K tls TLS_.+$/(TLS1.x:ke-RSA-AES256-SHAnnn:xxx)/; + s/^\s+by \S+ with .+ \K \(TLS1(?:\.[0-3])?\) tls TLS_.*?([^_]+)_WITH.+$/(TLS1.x:ke-$1-AES256-SHAnnn:xxx)/; + s/^\s+by \S+ with .+ \K \(TLS1(?:\.[0-3])?\) tls TLS_.+$/(TLS1.x:ke-RSA-AES256-SHAnnn:xxx)/; + + s/ cipher_ TLS_.*?([^_]+)_WITH.+$/ cipher_ TLS1.x:ke_$1_WITH_ci_mac/; + s/ cipher_ TLS_.*$/ cipher_ TLS1.x:ke_RSA_WITH_ci_mac/; # Test machines might have various different TLS library versions supporting # different protocols; can't rely upon TLS 1.2's AES256-GCM-SHA384, so we # treat the standard algorithms the same. # - # TLSversion : KeyExchange? - Authentication/Signature - C_iph_er - MAC : ??? + # TLSversion : KeyExchange? - Authentication/Signature - C_iph_er - MAC : bits # # So far, have seen: # TLSv1:AES128-GCM-SHA256:128 @@ -578,7 +582,7 @@ RESET_AFTER_EXTRA_LINE_READ: # # Retain the authentication algorith field as we want to test that. - s/( (?: (?:\b|\s) [\(=] ) | \s )TLSv1(\.[123])?:/$1TLS1.x:/xg; + s/( (?: (?:\b|\s) [\(=] ) | \s )TLS1(\.[123])?:/$1TLS1.x:/xg; s/(?PSK)_)?((?RSA|ECDSA)_)? (SECP(256|521)R1|X25519))?__?)? # key-exchange ((?RSA|ECDSA)((_PSS_RSAE)?_SHA(512|256))?__?)? # authentication + (?WITH_)? # stdname-with AES_(256|128)_(CBC|GCM) # cipher (__?AEAD)? # pseudo-MAC (__?SHA(1|256|384))? # PRF @@ -644,10 +649,15 @@ RESET_AFTER_EXTRA_LINE_READ: /"TLS1.x:ke-" . (defined($+{psk}) ? $+{psk} : "") . (defined($+{auth}) ? $+{auth} : "") + . (defined($+{with}) ? $+{with} : "") . "-AES256-SHAnnn:xxx"/gex; s/TLS1.2:RSA__CAMELLIA_256_GCM(_SHA384)?:256/TLS1.2:RSA_CAMELLIA_256_GCM-SHAnnn:256/g; s/\b(ECDHE-(RSA|ECDSA)-AES256-SHA|DHE-RSA-AES256-SHA256)\b/ke-$2-AES256-SHAnnn/g; + # Separate reporting of TLS version + s/ver: TLS1(\.[0-3])?$/ver: TLS1.x/; + s/ \(TLS1(\.[0-3])?\) / (TLS1.x) /; + # GnuTLS library error message changes s/(No certificate was found|Certificate is required)/The peer did not send any certificate/g; #(dodgy test?) s/\(certificate verification failed\): invalid/\(gnutls_handshake\): The peer did not send any certificate./g; @@ -790,6 +800,12 @@ RESET_AFTER_EXTRA_LINE_READ: # Also, the length of space at the end of the host line is dependent # on the length of the longest line, so strip it also on otherwise # un-rewritten lines like localhost + # + # host 127.0.0.1 [127.0.0.1] + # host 10.0.0.1 [10.0.0.1]- + # + # host 127.0.0.1 [127.0.0.1]-- + # host 169.16.16.16 [169.16.16.10] s/^\s+host\s(\S+)\s+(\S+)/ host $1 $2/; s/^\s+(host\s\S+\s\S+)\s+(port=.*)/ host $1 $2/; @@ -801,7 +817,7 @@ RESET_AFTER_EXTRA_LINE_READ: s/(^|\W)\K\Q$parm_ipv6_stripped\E/ip6:ip6:ip6:ip6:ip6:ip6:ip6:ip6/g; s/\b\Q$parm_ipv4r\E\b/ip4-reverse/g; s/(^|\W)\K\Q$parm_ipv6r\E/ip6-reverse/g; - s/^(\s+host\s\S+\s+\[\S+\]) +$/$1 /; + s/^\s+host\s\S+\s+\[\S+\]\K +$//; # strip, not collapse the trailing whitespace # ======== Test network IP addresses ======== @@ -1540,7 +1556,7 @@ if (! -e $sf_current) print "\n"; print "------------ $f -----------\n" if (defined $rf && -s $rf && defined $rsf && -s $rsf); - system("$more '$f'"); + system @more => $f; } } @@ -1664,7 +1680,7 @@ if (-e $sf_current) # Handle comparison failure print "** Comparison of $mf with $sf_current failed"; - system("$more test-cf"); + system @more => 'test-cf'; print "\n"; for (;;) @@ -1758,9 +1774,6 @@ $munges = s! DN="[^,"]*\K,!/!; ', 'rejectlog' => 's/ X=TLS\S+ / X=TLS_proto_and_cipher /', - 'mail' => 's/^\s+by .+ with .+ \K tls TLS_.+$/(TLS_proto_and_cipher)/; - s/ \(TLS[^)]*\)/ (TLS_proto_and_cipher)/; - ', }, 'debug_pid' => @@ -2173,9 +2186,14 @@ if (/^dump\s+(\S+)/) # version, which matches the munging that is done later # Why? We must ensure sure, that 127.0.0.1 always sorts first # map-sort-map: Schwartz's transformation + # test 0099 my @temp = map { $_->[1] } sort { $a->[0] cmp $b->[0] } - map { [ (split)[0] =~ s/\Q$parm_ipv4/ip4.ip4.ip4.ip4/gr, $_ ] } + #map { [ (split)[0] =~ s/\Q$parm_ipv4/ip4.ip4.ip4.ip4/gr, $_ ] } # this is too modern for 5.10.1 + map { + (my $k = (split)[0]) =~ s/\Q$parm_ipv4/ip4.ip4.ip4.ip4/g; + [ $k, $_ ] + } do { local $/ = "\n "; <$in> }; foreach $item (@temp) { @@ -2781,7 +2799,7 @@ umask 022; # Check for the "less" command # ################################################## -$more = 'more' if system('which less >/dev/null 2>&1') != 0; +@more = 'more' if system('which less >/dev/null 2>&1') != 0; @@ -2806,7 +2824,7 @@ Getopt::Long::Configure qw(no_getopt_compat); GetOptions( 'debug' => sub { $debug = 1; $cr = "\n" }, 'diff' => sub { $cf = 'diff -u' }, - 'continue' => sub { $force_continue = 1; $more = 'cat' }, + 'continue' => sub { $force_continue = 1; @more = 'cat' }, 'update' => \$force_update, 'ipv4!' => \$have_ipv4, 'ipv6!' => \$have_ipv6, @@ -4301,11 +4319,11 @@ foreach $test (@test_list) last if /^[rc]$/i; if (/^e$/i) { - system("$more test-stderr"); + system @more => 'test-stderr'; } elsif (/^o$/i) { - system("$more test-stdout"); + system @more => 'test-stdout'; } }