summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--test/confs/21005
-rw-r--r--test/lib/Exim/Runtest.pm2
-rwxr-xr-xtest/runtest11
3 files changed, 9 insertions, 9 deletions
diff --git a/test/confs/2100 b/test/confs/2100
index 63a2f255a..6425f3a0f 100644
--- a/test/confs/2100
+++ b/test/confs/2100
@@ -20,14 +20,9 @@ queue_run_in_order
tls_advertise_hosts = *
-# Set certificate only if server
-
-#tls_certificate = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail}
tls_certificate = DIR/aux-fixed/cert1
-#tls_privatekey = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail}
tls_verify_hosts = *
-#tls_verify_certificates = ${if eq {SERVER}{server}{DIR/aux-fixed/cert2}fail}
tls_verify_certificates = DIR/aux-fixed/cert2
diff --git a/test/lib/Exim/Runtest.pm b/test/lib/Exim/Runtest.pm
index 7ba079051..6c2262f55 100644
--- a/test/lib/Exim/Runtest.pm
+++ b/test/lib/Exim/Runtest.pm
@@ -120,7 +120,7 @@ sub flavour {
}
if (open(my $f, '-|', 'openssl version')) {
- <$f> =~ /1.1.1/ && return "openssl_1_1_1";
+ <$f> =~ /(1\.1\.1|3\.\d+\.\d+)/ && return "openssl_1_1_1";
}
if (open(my $f, '<', "$etc/os-release")) {
diff --git a/test/runtest b/test/runtest
index 4a304a8aa..e77a4afae 100755
--- a/test/runtest
+++ b/test/runtest
@@ -432,6 +432,8 @@ RESET_AFTER_EXTRA_LINE_READ:
# There are differences in error messages between OpenSSL versions
s/SSL_CTX_set_cipher_list/SSL_connect/;
+ s/error=\Kauthority and subject key identifier mismatch/self signed certificate/;
+ s/error=\Kself-signed certificate/self signed certificate/;
# One error test in expansions mentions base 62 or 36
s/is not a base (36|62) number/is not a base 36\/62 number/;
@@ -906,9 +908,10 @@ RESET_AFTER_EXTRA_LINE_READ:
# numbers, or handle specific bad conditions in different ways, leading to
# different wording in the error messages, so we cannot compare them.
-#XXX This loses any trailing "deliving unencypted to" which is unfortunate
+#XXX This loses any trailing "delivering unencypted to" which is unfortunate
# but I can't work out how to deal with that.
s/(TLS session: \(SSL_\w+\): error:)(.*)(?!: delivering)/$1 <<detail omitted>>/;
+ s/TLS error on connection from .*\K\(SSL_accept\): error:.*:unexpected eof while reading$/(tls lib accept fn): TCP connection closed by peer/;
s/(TLS error on connection from .* \(SSL_\w+\): error:)(.*)/$1 <<detail omitted>>/;
next if /SSL verify error: depth=0 error=certificate not trusted/;
@@ -1008,8 +1011,10 @@ RESET_AFTER_EXTRA_LINE_READ:
next if /SSL verify error: depth=0 error=certificate not trusted/;
s/SSL3_READ_BYTES/ssl3_read_bytes/i;
s/CONNECT_CR_FINISHED/ssl3_read_bytes/i;
- s/^\d+:error:\d+(?:E\d+)?(:SSL routines:ssl3_read_bytes:[^:]+:).*(:SSL alert number \d\d)$/pppp:error:dddddddd$1\[...\]$2/;
- s/^error:[^:]*:(SSL routines:ssl3_read_bytes:(tls|ssl)v\d+ alert)/error:dddddddd:$1/;
+ s/^[[:xdigit:]]+:error:[[:xdigit:]]+(?:E[[:xdigit:]]+)?(:SSL routines:ssl3_read_bytes:[^:]+:).*(:SSL alert number \d\d)$/pppp:error:dddddddd$1\[...\]$2/;
+ s/^error:\K[^:]*:(SSL routines:ssl3_read_bytes:(tls|ssl)v\d+ alert)/dddddddd:$1/;
+ s/^error:\K[[:xdigit:]]+:SSL routines::(tlsv13 alert certificate required)$/dddddddd:SSL routines:ssl3_read_bytes:$1/;
+ s/^error:\K[[:xdigit:]]+:SSL routines::((tlsv1|sslv3) alert (unknown ca|certificate revoked))$/dddddddd:SSL routines:ssl3_read_bytes:$1/;
# gnutls version variances
next if /^Error in the pull function./;