TLS: event for daemon accept fail

8 files changed, 178 insertions, 0 deletions

diff --git a/test/confs/5711 b/test/confs/5711
new file mode 100644
index 000000000..d66935645
--- /dev/null
+++ b/test/confs/5711
@@ -0,0 +1,34 @@
+# Exim test configuration 5711
+
+.include DIR/aux-var/tls_conf_prefix
+
+primary_hostname = myhost.test.ex
+
+# ----- Main settings -----
+
+acl_smtp_connect = accept logwrite = ACL conn
+acl_smtp_quit =    accept logwrite = ACL quit
+acl_smtp_notquit = accept logwrite = ACL notquit
+
+tls_advertise_hosts = *
+tls_certificate = DIR/aux-fixed/cert1
+
+host_reject_connection = ${acl {hrc}}
+event_action = ${acl {tls_fail}}
+
+# ------ ACL ------
+
+begin acl
+
+hrc:
+  accept	logwrite = eval host_reject_connection
+		# no mesage= hence host_reject_connection should be empty
+
+tls_fail:
+  warn		logwrite =  EV $event_name
+  accept	condition = ${if eq {tls:fail:connect}{$event_name}}
+		logwrite =  EVDATA: $event_data
+  accept
+
+
+# End
diff --git a/test/confs/5721 b/test/confs/5721
new file mode 100644
index 000000000..d156b1bf5
--- /dev/null
+++ b/test/confs/5721
@@ -0,0 +1,34 @@
+# Exim test configuration 5721
+
+.include DIR/aux-var/tls_conf_prefix
+
+primary_hostname = myhost.test.ex
+
+# ----- Main settings -----
+
+acl_smtp_connect = accept logwrite = ACL conn
+acl_smtp_quit =    accept logwrite = ACL quit
+acl_smtp_notquit = accept logwrite = ACL notquit
+
+tls_advertise_hosts = *
+tls_certificate = DIR/aux-fixed/cert1
+
+host_reject_connection = ${acl {hrc}}
+event_action = ${acl {tls_fail}}
+
+# ------ ACL ------
+
+begin acl
+
+hrc:
+  accept	logwrite = eval host_reject_connection
+		# no mesage= hence host_reject_connection should be empty
+
+tls_fail:
+  warn		logwrite =  EV $event_name
+  accept	condition = ${if eq {tls:fail:connect}{$event_name}}
+		logwrite =  EVDATA: $event_data
+  accept
+
+
+# End
diff --git a/test/log/5711 b/test/log/5711
new file mode 100644
index 000000000..0616b56b2
--- /dev/null
+++ b/test/log/5711
@@ -0,0 +1,14 @@
+
+******** SERVER ********
+1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTPS on port PORT_D
+1999-03-02 09:44:33 eval host_reject_connection
+1999-03-02 09:44:33 ACL conn
+1999-03-02 09:44:33 ACL quit
+1999-03-02 09:44:33 eval host_reject_connection
+1999-03-02 09:44:33 ACL conn
+1999-03-02 09:44:33 TLS error on connection from [127.0.0.1] (recv): The TLS connection was non-properly terminated.
+1999-03-02 09:44:33 ACL notquit
+1999-03-02 09:44:33 eval host_reject_connection
+1999-03-02 09:44:33 EV tls:fail:connect
+1999-03-02 09:44:33 EVDATA: (gnutls_handshake): The TLS connection was non-properly terminated.
+1999-03-02 09:44:33 TLS error on connection from [127.0.0.1] (tls lib accept fn): TCP connection closed by peer
diff --git a/test/log/5721 b/test/log/5721
new file mode 100644
index 000000000..bf826cef4
--- /dev/null
+++ b/test/log/5721
@@ -0,0 +1,13 @@
+
+******** SERVER ********
+1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTPS on port PORT_D
+1999-03-02 09:44:33 eval host_reject_connection
+1999-03-02 09:44:33 ACL conn
+1999-03-02 09:44:33 ACL quit
+1999-03-02 09:44:33 eval host_reject_connection
+1999-03-02 09:44:33 ACL conn
+1999-03-02 09:44:33 ACL notquit
+1999-03-02 09:44:33 eval host_reject_connection
+1999-03-02 09:44:33 EV tls:fail:connect
+1999-03-02 09:44:33 EVDATA: SSL_accept: TCP connection closed by peer
+1999-03-02 09:44:33 TLS error on connection from [127.0.0.1] (tls lib accept fn): TCP connection closed by peer
diff --git a/test/scripts/5710-GnuTLS-events/5711 b/test/scripts/5710-GnuTLS-events/5711
new file mode 100644
index 000000000..7c276229d
--- /dev/null
+++ b/test/scripts/5710-GnuTLS-events/5711
@@ -0,0 +1,24 @@
+# smtp-on-connect drop-before-tls-accept
+#
+exim -DSERVER=server -tls-on-connect -bd -oX PORT_D
+****
+#
+# Normal, full connect and quit
+client-anytls -tls-on-connect 127.0.0.1 PORT_D
+??? 220
+quit
+??? 221
+****
+#
+# full connect but no quit
+client-anytls -tls-on-connect 127.0.0.1 PORT_D
+??? 220
+****
+#
+# client disconnects before server TLS accept completes
+client 127.0.0.1 PORT_D
++++ 1
+****
+#
+sleep 1
+killdaemon
diff --git a/test/scripts/5720-OpenSSL-events/5721 b/test/scripts/5720-OpenSSL-events/5721
new file mode 100644
index 000000000..0f72c17d2
--- /dev/null
+++ b/test/scripts/5720-OpenSSL-events/5721
@@ -0,0 +1,23 @@
+# smtp-on-connect drop-before-tls-accept
+#
+exim -DSERVER=server -tls-on-connect -bd -oX PORT_D
+****
+#
+# Normal, full connect and quit
+client-anytls -tls-on-connect 127.0.0.1 PORT_D
+??? 220
+quit
+??? 221
+****
+#
+# full connect but no quit
+client-anytls -tls-on-connect 127.0.0.1 PORT_D
+??? 220
+****
+#
+# client disconnects before server TLS accept completes
+client 127.0.0.1 PORT_D
++++ 1
+****
+#
+killdaemon
diff --git a/test/stdout/5711 b/test/stdout/5711
new file mode 100644
index 000000000..d3bf62e95
--- /dev/null
+++ b/test/stdout/5711
@@ -0,0 +1,18 @@
+Connecting to 127.0.0.1 port 1225 ... connected
+Attempting to start TLS
+Succeeded in starting TLS
+??? 220
+<<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
+>>> quit
+??? 221
+<<< 221 myhost.test.ex closing connection
+End of script
+Connecting to 127.0.0.1 port 1225 ... connected
+Attempting to start TLS
+Succeeded in starting TLS
+??? 220
+<<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
+End of script
+Connecting to 127.0.0.1 port 1225 ... connected
++++ 1
+End of script
diff --git a/test/stdout/5721 b/test/stdout/5721
new file mode 100644
index 000000000..d3bf62e95
--- /dev/null
+++ b/test/stdout/5721
@@ -0,0 +1,18 @@
+Connecting to 127.0.0.1 port 1225 ... connected
+Attempting to start TLS
+Succeeded in starting TLS
+??? 220
+<<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
+>>> quit
+??? 221
+<<< 221 myhost.test.ex closing connection
+End of script
+Connecting to 127.0.0.1 port 1225 ... connected
+Attempting to start TLS
+Succeeded in starting TLS
+??? 220
+<<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
+End of script
+Connecting to 127.0.0.1 port 1225 ... connected
++++ 1
+End of script