diff options
| author | Jeremy Harris <jgh146exb@wizmail.org> | 2018-09-18 18:02:48 +0100 |
|---|---|---|
| committer | Jeremy Harris <jgh146exb@wizmail.org> | 2018-09-18 23:13:09 +0100 |
| commit | 8008accd32d189afed4107a54466130dc1c331e2 (patch) | |
| tree | fd2124e9302d30baecf350eb8c694e9620b5c6b9 /test/scripts | |
| parent | 5fd28bb83f80141b9f7671ed9ae3e1a4263134e3 (diff) | |
Testsuite: track newer GnuTLS behaviour
We have lost one log line, for a ciphers-negotiation failure on an early
host in a list from routing. We still get something indicative if the
last one fails, so I'm going to let this pass.
Test 2025 will fail on earlier GnuTLS library versions as a result.
NONE no longer works as documented, in priority string for GnuTLS.
Diffstat (limited to 'test/scripts')
| -rw-r--r-- | test/scripts/2000-GnuTLS/2024 | 9 | ||||
| -rw-r--r-- | test/scripts/2000-GnuTLS/2025 | 1 | ||||
| -rw-r--r-- | test/scripts/5820-DANE-GnuTLS/5821 | 4 |
3 files changed, 12 insertions, 2 deletions
diff --git a/test/scripts/2000-GnuTLS/2024 b/test/scripts/2000-GnuTLS/2024 index 7e16b7b05..a2ad20446 100644 --- a/test/scripts/2000-GnuTLS/2024 +++ b/test/scripts/2000-GnuTLS/2024 @@ -2,6 +2,13 @@ gnutls exim -DSERVER=server -bd -oX PORT_D **** +# +# +# This one has a cert, but the server isn't expecting it. +# Earlier versions of GnuTLS would send it despite the server giving a list of acceptable ones, and the +# server would fail its verification. Now the client correctly doesn't send it; the mainlog reflects +# this, the custom munge patches output with old GnuTLS (I hope; not actually tested). +munge gnutls_bad_clientcert client-gnutls HOSTIPV4 PORT_D aux-fixed/cert2 aux-fixed/cert2 ??? 220 ehlo rhu.barb @@ -15,6 +22,8 @@ starttls ??? 220 **** killdaemon +# +# Here the server really doesn't have a cert exim -DSERVER=server -DCERT=/non/exist -bd -oX PORT_D **** client-gnutls HOSTIPV4 PORT_D aux-fixed/cert2 aux-fixed/cert2 diff --git a/test/scripts/2000-GnuTLS/2025 b/test/scripts/2000-GnuTLS/2025 index 38ffccf84..892651e68 100644 --- a/test/scripts/2000-GnuTLS/2025 +++ b/test/scripts/2000-GnuTLS/2025 @@ -7,5 +7,6 @@ Testing **** exim -qf **** +millisleep 500 killdaemon no_msglog_check diff --git a/test/scripts/5820-DANE-GnuTLS/5821 b/test/scripts/5820-DANE-GnuTLS/5821 index f4ea30564..7f83a401b 100644 --- a/test/scripts/5820-DANE-GnuTLS/5821 +++ b/test/scripts/5820-DANE-GnuTLS/5821 @@ -16,12 +16,12 @@ Testing # ### Dane cipher specified, dane unused # Since dane unused, should get the same cipher as the baseline -exim -odf -DOPT=NONE:+VERS-TLS-ALL:+MAC-ALL:+RSA:+CAMELLIA-256-GCM:+SIGN-ALL:+COMP-NULL CALLER@localhost.test.ex +exim -odf -DOPT=NORMAL:-CIPHER-ALL:+CAMELLIA-256-GCM CALLER@localhost.test.ex Testing **** ### Dane cipher specified, dane used # Should get the cipher specified here -exim -odf -DOPT=NONE:+VERS-TLS-ALL:+MAC-ALL:+RSA:+CAMELLIA-256-GCM:+SIGN-ALL:+COMP-NULL CALLER@dane256ee.test.ex +exim -odf -DOPT=NORMAL:-CIPHER-ALL:+CAMELLIA-256-GCM CALLER@dane256ee.test.ex Testing **** # |