X-Git-Url: https://git.exim.org/users/jgh/exim.git/blobdiff_plain/67ea939cf0873497e9b8aaa8e21163621cc869df..fe12ec888ef7b81ee0f5874ca6201ba11b0e9b19:/test/runtest?ds=sidebyside diff --git a/test/runtest b/test/runtest index 71f002cf5..729f88a66 100755 --- a/test/runtest +++ b/test/runtest @@ -524,7 +524,7 @@ RESET_AFTER_EXTRA_LINE_READ: my($next) = $3 - $2; $_ = " first failed=dddd last try=dddd next try=+$next $4\n"; } - s/^(\s*)now=\d+ first_failed=\d+ next_try=\d+ expired=(\d)/$1now=tttt first_failed=tttt next_try=tttt expired=$2/; + s/^(\s*)now=\d+ first_failed=\d+ next_try=\d+ expired=(\w)/$1now=tttt first_failed=tttt next_try=tttt expired=$2/; s/^(\s*)received_time=\d+ diff=\d+ timeout=(\d+)/$1received_time=tttt diff=tttt timeout=$2/; # Time to retry may vary @@ -544,6 +544,15 @@ RESET_AFTER_EXTRA_LINE_READ: s/(could not connect to .*: Connection) reset by peer$/$1 refused/; # ======== TLS certificate algorithms ======== + # + # In Received: headers, convert RFC 8314 style ciphersuite to + # the older (comment) style, keeping only the Auth element + # (discarding kex, cipher, mac). For TLS 1.3 there is no kex + # element (and no _WITH); insert a spurious "RSA". + + s/^\s+by .+ with .+ \K tls TLS_.*?([^_]+)_WITH.+$/(TLS1.x:ke-\1-AES256-SHAnnn:xxx)/; + s/^\s+by .+ with .+ \K tls TLS_.+$/(TLS1.x:ke-RSA-AES256-SHAnnn:xxx)/; + # Test machines might have various different TLS library versions supporting # different protocols; can't rely upon TLS 1.2's AES256-GCM-SHA384, so we # treat the standard algorithms the same. @@ -566,9 +575,9 @@ RESET_AFTER_EXTRA_LINE_READ: # # Retain the authentication algorith field as we want to test that. - s/( (?: (?:\b|\s) [\(=] ) | \s )TLSv1\.[123]:/$1TLSv1:/xg; - s/((EC)?DHE-)?(RSA|ECDSA)-AES(128|256)-(GCM-SHA(256|384)|SHA)(?!:)/ke-$3-AES256-SHA/g; - s/((EC)?DHE-)?(RSA|ECDSA)-AES(128|256)-(GCM-SHA(256|384)|SHA):(128|256)/ke-$3-AES256-SHA:xxx/g; + s/( (?: (?:\b|\s) [\(=] ) | \s )TLSv1(\.[123])?:/$1TLS1.x:/xg; + s/(? 's/ X=TLS\S+ / X=TLS_proto_and_cipher /', - 'mail' => 's/ \(TLS[^)]*\)/ (TLS_proto_and_cipher)/', + 'mail' => 's/^\s+by .+ with .+ \K tls TLS_.+$/(TLS_proto_and_cipher)/; + s/ \(TLS[^)]*\)/ (TLS_proto_and_cipher)/; + ', }, 'debug_pid' => @@ -2199,7 +2212,7 @@ elsif (/^millisleep\s+(.*)$/) # The "munge" command selects one of a hardwired set of test-result modifications -# to be made before result compares are run agains the golden set. This lets +# to be made before result compares are run against the golden set. This lets # us account for test-system dependent things which only affect a few, but known, # test-cases. # Currently only the last munge takes effect.