summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeremy Harris <jgh146exb@wizmail.org>2014-08-08 20:45:24 +0100
committerJeremy Harris <jgh146exb@wizmail.org>2014-08-08 20:45:24 +0100
commit12ee8cf9db5b6c81b0e492c64f305d7ba1cf4dc2 (patch)
tree2dd9dbfa5a7e86c1bb7161955bd1cbbb84ef4712
parent868f567254760f9414689debe3639bc190dcc97e (diff)
Testsuite basics.
Not actually excercising DANE yet, this will take additions in the fakedns and probably changes in certificates.
-rw-r--r--src/src/tls-openssl.c3
-rw-r--r--test/confs/580074
-rw-r--r--test/confs/585072
-rw-r--r--test/log/585013
-rw-r--r--test/scripts/2100-OpenSSL/21002
-rw-r--r--test/scripts/5800-DANE-GnuTLS/580014
-rw-r--r--test/scripts/5800-DANE-GnuTLS/REQUIRES3
-rw-r--r--test/scripts/5850-DANE-OpenSSL/585012
-rw-r--r--test/scripts/5850-DANE-OpenSSL/REQUIRES3
9 files changed, 194 insertions, 2 deletions
diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c
index 8a4e5a7ae..201636db0 100644
--- a/src/src/tls-openssl.c
+++ b/src/src/tls-openssl.c
@@ -1829,7 +1829,8 @@ rc = SSL_connect(client_ssl);
alarm(0);
#ifdef EXPERIMENTAL_DANE
-DANESSL_cleanup(client_ssl); /*XXX earliest possible callpoint. Too early? */
+if (dane)
+ DANESSL_cleanup(client_ssl); /*XXX earliest possible callpoint. Too early? */
#endif
if (rc <= 0)
diff --git a/test/confs/5800 b/test/confs/5800
new file mode 100644
index 000000000..f1bd09d1c
--- /dev/null
+++ b/test/confs/5800
@@ -0,0 +1,74 @@
+# Exim test configuration 5800
+# DANE
+
+SERVER=
+
+exim_path = EXIM_PATH
+host_lookup_order = bydns
+primary_hostname = myhost.test.ex
+rfc1413_query_timeout = 0s
+spool_directory = DIR/spool
+log_file_path = DIR/spool/log/SERVER%slog
+gecos_pattern = ""
+gecos_name = CALLER_NAME
+
+# ----- Main settings -----
+
+acl_smtp_rcpt = accept
+
+log_selector = +tls_peerdn
+
+queue_only
+queue_run_in_order
+
+tls_advertise_hosts = *
+# needed to force generation
+tls_dhparam = historic
+
+# Set certificate only if server
+
+tls_certificate = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail}
+tls_privatekey = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail}
+
+#tls_verify_hosts = *
+#tls_verify_certificates = ${if eq {SERVER}{server}{DIR/aux-fixed/cert2}fail}
+
+
+# ----- Routers -----
+
+begin routers
+
+client:
+ driver = accept
+ condition = ${if eq {SERVER}{server}{no}{yes}}
+ retry_use_local_part
+ transport = send_to_server
+
+server:
+ driver = redirect
+ data = :blackhole:
+
+
+# ----- Transports -----
+
+begin transports
+
+send_to_server:
+ driver = smtp
+ allow_localhost
+ hosts = 127.0.0.1
+ port = PORT_D
+# tls_certificate = DIR/aux-fixed/cert2
+# tls_privatekey = DIR/aux-fixed/cert2
+# tls_verify_certificates = DIR/aux-fixed/cert2
+
+
+# ----- Retry -----
+
+
+begin retry
+
+* * F,5d,10s
+
+
+# End
diff --git a/test/confs/5850 b/test/confs/5850
new file mode 100644
index 000000000..ac967fcb8
--- /dev/null
+++ b/test/confs/5850
@@ -0,0 +1,72 @@
+# Exim test configuration 5850
+# DANE
+
+SERVER=
+
+exim_path = EXIM_PATH
+host_lookup_order = bydns
+primary_hostname = myhost.test.ex
+rfc1413_query_timeout = 0s
+spool_directory = DIR/spool
+log_file_path = DIR/spool/log/SERVER%slog
+gecos_pattern = ""
+gecos_name = CALLER_NAME
+
+# ----- Main settings -----
+
+acl_smtp_rcpt = accept
+
+log_selector = +tls_peerdn
+
+queue_only
+queue_run_in_order
+
+tls_advertise_hosts = *
+
+# Set certificate only if server
+
+tls_certificate = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail}
+tls_privatekey = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail}
+
+#tls_verify_hosts = *
+#tls_verify_certificates = ${if eq {SERVER}{server}{DIR/aux-fixed/cert2}fail}
+
+
+# ----- Routers -----
+
+begin routers
+
+client:
+ driver = accept
+ condition = ${if eq {SERVER}{server}{no}{yes}}
+ retry_use_local_part
+ transport = send_to_server
+
+server:
+ driver = redirect
+ data = :blackhole:
+
+
+# ----- Transports -----
+
+begin transports
+
+send_to_server:
+ driver = smtp
+ allow_localhost
+ hosts = 127.0.0.1
+ port = PORT_D
+# tls_certificate = DIR/aux-fixed/cert2
+# tls_privatekey = DIR/aux-fixed/cert2
+# tls_verify_certificates = DIR/aux-fixed/cert2
+
+
+# ----- Retry -----
+
+
+begin retry
+
+* * F,5d,10s
+
+
+# End
diff --git a/test/log/5850 b/test/log/5850
new file mode 100644
index 000000000..2913e7c4a
--- /dev/null
+++ b/test/log/5850
@@ -0,0 +1,13 @@
+1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss
+1999-03-02 09:44:33 Start queue run: pid=pppp -qf
+1999-03-02 09:44:33 10HmaX-0005vi-00 => CALLER@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1] X=TLSv1:AES256-SHA:256 DN="/C=UK/O=The Exim Maintainers/OU=Test Suite/CN=Phil Pennock" C="250 OK id=10HmaY-0005vi-00"
+1999-03-02 09:44:33 10HmaX-0005vi-00 Completed
+1999-03-02 09:44:33 End queue run: pid=pppp -qf
+
+******** SERVER ********
+1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225
+1999-03-02 09:44:33 10HmaY-0005vi-00 <= CALLER@myhost.test.ex H=localhost (myhost.test.ex) [127.0.0.1] P=esmtps X=TLSv1:AES256-SHA:256 S=sss id=E10HmaX-0005vi-00@myhost.test.ex
+1999-03-02 09:44:33 Start queue run: pid=pppp -qf
+1999-03-02 09:44:33 10HmaY-0005vi-00 => :blackhole: <CALLER@test.ex> R=server
+1999-03-02 09:44:33 10HmaY-0005vi-00 Completed
+1999-03-02 09:44:33 End queue run: pid=pppp -qf
diff --git a/test/scripts/2100-OpenSSL/2100 b/test/scripts/2100-OpenSSL/2100
index 61c2fd6fb..c2b0f8981 100644
--- a/test/scripts/2100-OpenSSL/2100
+++ b/test/scripts/2100-OpenSSL/2100
@@ -4,7 +4,7 @@ exim -DSERVER=server -bd -oX PORT_D
exim CALLER@test.ex
Testing
****
-exim -d+all -qf
+exim -qf
****
killdaemon
no_msglog_check
diff --git a/test/scripts/5800-DANE-GnuTLS/5800 b/test/scripts/5800-DANE-GnuTLS/5800
new file mode 100644
index 000000000..07ad7406d
--- /dev/null
+++ b/test/scripts/5800-DANE-GnuTLS/5800
@@ -0,0 +1,14 @@
+# DANE client: general
+#
+gnutls
+#
+exim -DSERVER=server -bd -oX PORT_D
+****
+exim CALLER@test.ex
+Testing
+****
+exim -qf
+****
+killdaemon
+exim -DSERVER=server -DNOTDAEMON -qf
+****
diff --git a/test/scripts/5800-DANE-GnuTLS/REQUIRES b/test/scripts/5800-DANE-GnuTLS/REQUIRES
new file mode 100644
index 000000000..4234c92f8
--- /dev/null
+++ b/test/scripts/5800-DANE-GnuTLS/REQUIRES
@@ -0,0 +1,3 @@
+support Experimental_DANE
+support GnuTLS
+running IPv4
diff --git a/test/scripts/5850-DANE-OpenSSL/5850 b/test/scripts/5850-DANE-OpenSSL/5850
new file mode 100644
index 000000000..419930e11
--- /dev/null
+++ b/test/scripts/5850-DANE-OpenSSL/5850
@@ -0,0 +1,12 @@
+# DANE client: general
+#
+exim -DSERVER=server -bd -oX PORT_D
+****
+exim CALLER@test.ex
+Testing
+****
+exim -qf
+****
+killdaemon
+exim -DSERVER=server -DNOTDAEMON -qf
+****
diff --git a/test/scripts/5850-DANE-OpenSSL/REQUIRES b/test/scripts/5850-DANE-OpenSSL/REQUIRES
new file mode 100644
index 000000000..59cb7dc91
--- /dev/null
+++ b/test/scripts/5850-DANE-OpenSSL/REQUIRES
@@ -0,0 +1,3 @@
+support Experimental_DANE
+support OpenSSL
+running IPv4