diff options
Diffstat (limited to 'test/scripts/2100-OpenSSL')
31 files changed, 752 insertions, 0 deletions
diff --git a/test/scripts/2100-OpenSSL/2100 b/test/scripts/2100-OpenSSL/2100 new file mode 100644 index 000000000..c2b0f8981 --- /dev/null +++ b/test/scripts/2100-OpenSSL/2100 @@ -0,0 +1,10 @@ +# TLS client: TLS setup fails - retry in clear +exim -DSERVER=server -bd -oX PORT_D +**** +exim CALLER@test.ex +Testing +**** +exim -qf +**** +killdaemon +no_msglog_check diff --git a/test/scripts/2100-OpenSSL/2101 b/test/scripts/2100-OpenSSL/2101 new file mode 100644 index 000000000..824503e92 --- /dev/null +++ b/test/scripts/2100-OpenSSL/2101 @@ -0,0 +1,12 @@ +# TLS client: TLS setup fails - don't retry in clear +exim -DSERVER=server -bd -oX PORT_D +**** +exim CALLER@test.ex +Testing +**** +exim -DOPTION=hosts_require_tls=127.0.0.1 -qf +**** +exim -DOPTION=tls_tempfail_tryclear=false -qf +**** +killdaemon +no_msglog_check diff --git a/test/scripts/2100-OpenSSL/2102 b/test/scripts/2100-OpenSSL/2102 new file mode 100644 index 000000000..50fa905c3 --- /dev/null +++ b/test/scripts/2100-OpenSSL/2102 @@ -0,0 +1,65 @@ +# TLS server: general +exim -DSERVER=server -bd -oX PORT_D +**** +client-ssl 127.0.0.1 PORT_D +??? 220 +ehlo rhu.barb +??? 250- +??? 250- +??? 250- +??? 250- +??? 250 +starttls +??? 220 +mail from:<CALLER@test.ex> +??? 250 +rcpt to:<CALLER@test.ex> +??? 250 +DATA +??? 3 +This is a test encrypted message. +. +??? 250 +quit +??? 221 +**** +client-ssl HOSTIPV4 PORT_D +??? 220 +ehlo rhu.barb +??? 250- +??? 250- +??? 250- +??? 250- +??? 250 +starttls +??? 220 +**** +client-ssl HOSTIPV4 PORT_D DIR/aux-fixed/cert2 DIR/aux-fixed/cert2 +??? 220 +ehlo rhu.barb +??? 250- +??? 250- +??? 250- +??? 250- +??? 250 +starttls +??? 220 +mail from:<CALLER@test.ex> +??? 250 +rcpt to:<CALLER@test.ex> +??? 250 +DATA +??? 3 +This is a test encrypted message from a verified host. +. +??? 250 +quit +??? 221 +**** +killdaemon +exim -qf +**** +exim -bh 10.0.0.1 +starttls +quit +**** diff --git a/test/scripts/2100-OpenSSL/2103 b/test/scripts/2100-OpenSSL/2103 new file mode 100644 index 000000000..c108d027e --- /dev/null +++ b/test/scripts/2100-OpenSSL/2103 @@ -0,0 +1,47 @@ +# TLS server: unavailable cipher +exim -DSERVER=server -bd -oX PORT_D +**** +client-ssl HOSTIPV4 PORT_D +??? 220 +ehlo rhu.barb +??? 250- +??? 250- +??? 250- +??? 250- +??? 250 +starttls +??? 220 +mail from:<userx@test.ex> +??? 250 +rcpt to:<userx@test.ex> +??? 550 +quit +??? 221 +**** +client-ssl 127.0.0.1 PORT_D +??? 220 +ehlo rhu.barb +??? 250- +??? 250- +??? 250- +??? 250- +??? 250 +starttls +??? 220 +helo rhu.barb +??? 250 +mail from:<userx@test.ex> +??? 250 +rcpt to:<userx@test.ex> +??? 250 +DATA +??? 3 +This is a test encrypted message. +. +??? 250 +quit +??? 221 +**** +killdaemon +exim -qf +**** diff --git a/test/scripts/2100-OpenSSL/2104 b/test/scripts/2100-OpenSSL/2104 new file mode 100644 index 000000000..ddf4546fe --- /dev/null +++ b/test/scripts/2100-OpenSSL/2104 @@ -0,0 +1,41 @@ +# TLS server: TLS required +exim -DSERVER=server -bd -oX PORT_D +**** +client-ssl 127.0.0.1 PORT_D +??? 220 +ehlo rhu.barb +??? 250- +??? 250- +??? 250- +??? 250- +??? 250 +mail from:<userx@test.ex> +??? 250 +rcpt to:<userx@test.ex> +??? 550 +quit +??? 221 +**** +client-ssl HOSTIPV4 PORT_D +??? 220 +ehlo rhu.barb +??? 250- +??? 250- +??? 250- +??? 250- +??? 250 +mail from:<userx@test.ex> +??? 250 +rcpt to:<userx@test.ex> +??? 250 +DATA +??? 3 +This is a test unencrypted message. +. +??? 250 +quit +??? 221 +**** +killdaemon +exim -qf +**** diff --git a/test/scripts/2100-OpenSSL/2105 b/test/scripts/2100-OpenSSL/2105 new file mode 100644 index 000000000..96321f108 --- /dev/null +++ b/test/scripts/2100-OpenSSL/2105 @@ -0,0 +1,27 @@ +# TLS server: accept for relay if encrypted +exim -DSERVER=server -bd -oX PORT_D +**** +client-ssl 127.0.0.1 PORT_D +??? 220 +mail from:<userx@test.ex> +??? 250 +rcpt to:<userx@remote.test.ex> +??? 550 +ehlo rhu.barb +??? 250- +??? 250- +??? 250- +??? 250- +??? 250 +starttls +??? 220 +mail from:<userx@test.ex> +??? 250 +rcpt to:<userx@remote.test.ex> +??? 250 +quit +??? 221 +**** +killdaemon +exim -qf +**** diff --git a/test/scripts/2100-OpenSSL/2106 b/test/scripts/2100-OpenSSL/2106 new file mode 100644 index 000000000..518c4be36 --- /dev/null +++ b/test/scripts/2100-OpenSSL/2106 @@ -0,0 +1,16 @@ +# TLS server: timeout in TLS session +exim -DSERVER=server -bd -oX PORT_D +**** +client-ssl 127.0.0.1 PORT_D +??? 220 +ehlo rhu.barb +??? 250- +??? 250- +??? 250- +??? 250- +??? 250 +starttls +??? 220 ++++ 3 +**** +killdaemon diff --git a/test/scripts/2100-OpenSSL/2107 b/test/scripts/2100-OpenSSL/2107 new file mode 100644 index 000000000..9317a5e86 --- /dev/null +++ b/test/scripts/2100-OpenSSL/2107 @@ -0,0 +1,10 @@ +# TLS client: log_smtp_confirmation +exim -DSERVER=server -bd -oX PORT_D +**** +exim userx@test.ex +Test message +**** +exim -qf +**** +killdaemon +no_msglog_check diff --git a/test/scripts/2100-OpenSSL/2108 b/test/scripts/2100-OpenSSL/2108 new file mode 100644 index 000000000..43ca6cff0 --- /dev/null +++ b/test/scripts/2100-OpenSSL/2108 @@ -0,0 +1,14 @@ +# TLS client: general +exim -DSERVER=server -bd -oX PORT_D +**** +exim CALLER@test.ex +Test message. Contains FF: ÿ +**** +exim CALLER@test.ex abcd@test.ex xyz@test.ex +Test message to two different hosts +**** +exim -v -qf +**** +killdaemon +exim -DSERVER=server -DNOTDAEMON -qf +**** diff --git a/test/scripts/2100-OpenSSL/2109 b/test/scripts/2100-OpenSSL/2109 new file mode 100644 index 000000000..85cb1300c --- /dev/null +++ b/test/scripts/2100-OpenSSL/2109 @@ -0,0 +1,10 @@ +# TLS client: hosts_avoid_tls +exim -DSERVER=server -bd -oX PORT_D +**** +exim userx@test.ex +Test message +**** +exim -qf +**** +killdaemon +no_msglog_check diff --git a/test/scripts/2100-OpenSSL/2110 b/test/scripts/2100-OpenSSL/2110 new file mode 100644 index 000000000..fe197fabd --- /dev/null +++ b/test/scripts/2100-OpenSSL/2110 @@ -0,0 +1,10 @@ +# TLS client: hosts_require_tls +exim -DSERVER=server -bd -oX PORT_D +**** +exim userx@test.ex +Test message +**** +exim -qf +**** +killdaemon +no_msglog_check diff --git a/test/scripts/2100-OpenSSL/2111 b/test/scripts/2100-OpenSSL/2111 new file mode 100644 index 000000000..516aa8292 --- /dev/null +++ b/test/scripts/2100-OpenSSL/2111 @@ -0,0 +1,10 @@ +# TLS client: require_ciphers +exim -DSERVER=server -bd -oX PORT_D +**** +exim userx@test.ex +Testing +**** +exim -qf +**** +killdaemon +no_msglog_check diff --git a/test/scripts/2100-OpenSSL/2112 b/test/scripts/2100-OpenSSL/2112 new file mode 100644 index 000000000..4793929bc --- /dev/null +++ b/test/scripts/2100-OpenSSL/2112 @@ -0,0 +1,10 @@ +# TLS client: verify certificate from server - fails +exim -DSERVER=server -bd -oX PORT_D +**** +exim userx@test.ex +Testing +**** +exim -qf +**** +killdaemon +no_msglog_check diff --git a/test/scripts/2100-OpenSSL/2113 b/test/scripts/2100-OpenSSL/2113 new file mode 100644 index 000000000..292b4086a --- /dev/null +++ b/test/scripts/2100-OpenSSL/2113 @@ -0,0 +1,14 @@ +# TLS client: multiple messages over one connection +exim -DSERVER=server -bd -oX PORT_D +**** +exim userx@test.ex +Test message 1 +**** +exim userx@test.ex +Test message 2 +**** +exim -qqf +**** +killdaemon +exim -DSERVER=server -DNOTDAEMON -qf +**** diff --git a/test/scripts/2100-OpenSSL/2114 b/test/scripts/2100-OpenSSL/2114 new file mode 100644 index 000000000..f671da4a4 --- /dev/null +++ b/test/scripts/2100-OpenSSL/2114 @@ -0,0 +1,137 @@ +# TLS server: mandatory, optional, and revoked certificates +exim -DSERVER=server -bd -oX PORT_D +**** +# No certificate, certificate required +client-ssl HOSTIPV4 PORT_D +??? 220 +ehlo rhu.barb +??? 250- +??? 250- +??? 250- +??? 250- +??? 250 +starttls +??? 220 +**** +# No certificate, certificate optional at TLS time, required by ACL +client-ssl 127.0.0.1 PORT_D +??? 220 +ehlo rhu.barb +??? 250- +??? 250- +??? 250- +??? 250- +??? 250 +starttls +??? 220 +helo rhu.barb +??? 250 +mail from:<userx@test.ex> +??? 250 +rcpt to:<userx@test.ex> +??? 550 +quit +??? 221 +**** +# Good certificate, certificate required +client-ssl HOSTIPV4 PORT_D aux-fixed/cert2 aux-fixed/cert2 +??? 220 +ehlo rhu.barb +??? 250- +??? 250- +??? 250- +??? 250- +??? 250 +starttls +??? 220 +mail from:<userx@test.ex> +??? 250 +rcpt to:<userx@test.ex> +??? 250 +quit +??? 221 +**** +# Good certificate, certificate optional at TLS time, checked by ACL +client-ssl 127.0.0.1 PORT_D aux-fixed/cert2 aux-fixed/cert2 +??? 220 +ehlo rhu.barb +??? 250- +??? 250- +??? 250- +??? 250- +??? 250 +starttls +??? 220 +mail from:<userx@test.ex> +??? 250 +rcpt to:<userx@test.ex> +??? 250 +quit +??? 221 +**** +# Bad certificate, certificate required +client-ssl HOSTIPV4 PORT_D aux-fixed/cert1 aux-fixed/cert1 +??? 220 +ehlo rhu.barb +??? 250- +??? 250- +??? 250- +??? 250- +??? 250 +starttls +??? 220 +**** +# Bad certificate, certificate optional at TLS time, reject at ACL time +client-ssl 127.0.0.1 PORT_D aux-fixed/cert1 aux-fixed/cert1 +??? 220 +ehlo rhu.barb +??? 250- +??? 250- +??? 250- +??? 250- +??? 250 +starttls +??? 220 +mail from:<userx@test.ex> +??? 250 +rcpt to:<userx@test.ex> +??? 550- +??? 550 +quit +??? 221 +**** +killdaemon +exim -DCRL=DIR/aux-fixed/crl.pem -DSERVER=server -bd -oX PORT_D +**** +# Good but revoked certificate, certificate required +client-ssl HOSTIPV4 PORT_D aux-fixed/cert2 aux-fixed/cert2 +??? 220 +ehlo rhu.barb +??? 250- +??? 250- +??? 250- +??? 250- +??? 250 +starttls +??? 220 +**** +# Revoked certificate, certificate optional at TLS time, reject at ACL time +client-ssl 127.0.0.1 PORT_D aux-fixed/cert1 aux-fixed/cert1 +??? 220 +ehlo rhu.barb +??? 250- +??? 250- +??? 250- +??? 250- +??? 250 +starttls +??? 220 +mail from:<userx@test.ex> +??? 250 +rcpt to:<userx@test.ex> +??? 550- +??? 550 +quit +??? 221 +**** +killdaemon diff --git a/test/scripts/2100-OpenSSL/2115 b/test/scripts/2100-OpenSSL/2115 new file mode 100644 index 000000000..b77fd9227 --- /dev/null +++ b/test/scripts/2100-OpenSSL/2115 @@ -0,0 +1,17 @@ +# TLS server: timeout after accepting STARTTLS +exim -DSERVER=server -bd -oX PORT_D +**** +client-ssl 127.0.0.1 PORT_D +??? 220 +ehlo rhu.barb +??? 250- +??? 250- +??? 250- +??? 250- +??? 250 +starttls_wait +??? 220 ++++ 2 +??? 421 +**** +killdaemon diff --git a/test/scripts/2100-OpenSSL/2116 b/test/scripts/2100-OpenSSL/2116 new file mode 100644 index 000000000..a11125bfb --- /dev/null +++ b/test/scripts/2100-OpenSSL/2116 @@ -0,0 +1,15 @@ +# TLS client: timeout while setting up TLS +server PORT_S +220 ESMTP +EHLO +250-OK +250-STARTTLS +250 HELP +STARTTLS +220 Go ahead +*sleep 2 +**** +exim -odi userx@domain1 +Test message +**** +no_msglog_check diff --git a/test/scripts/2100-OpenSSL/2117 b/test/scripts/2100-OpenSSL/2117 new file mode 100644 index 000000000..2d7bffff1 --- /dev/null +++ b/test/scripts/2100-OpenSSL/2117 @@ -0,0 +1,14 @@ +# TLS client: hosts_nopass_tls +exim -DSERVER=server -bd -oX PORT_D +**** +exim userx@test.ex +Test message 1 +**** +exim userx@test.ex +Test message 2 +**** +exim -qqf +**** +killdaemon +exim -DSERVER=server -DNOTDAEMON -qf +**** diff --git a/test/scripts/2100-OpenSSL/2118 b/test/scripts/2100-OpenSSL/2118 new file mode 100644 index 000000000..c612f085c --- /dev/null +++ b/test/scripts/2100-OpenSSL/2118 @@ -0,0 +1,42 @@ +# TLS: ACL encryption test +exim -DSERVER=server -bd -oX PORT_D +**** +client-ssl 127.0.0.1 PORT_D +??? 220 +ehlo rhu.barb +??? 250- +??? 250- +??? 250- +??? 250- +??? 250 +starttls +??? 220 +mail from:<userx@test.ex> +??? 250 +rcpt to:<userx@test.ex> +??? 250 +DATA +??? 3 +This is a test encrypted message. +. +??? 250 +quit +??? 221 +**** +client-ssl 127.0.0.1 PORT_D +??? 220 +ehlo rhu.barb +??? 250- +??? 250- +??? 250- +??? 250- +??? 250 +mail from:<userx@test.ex> +??? 250 +rcpt to:<userx@test.ex> +??? 550 +quit +??? 221 +**** +killdaemon +no_msglog_check diff --git a/test/scripts/2100-OpenSSL/2119 b/test/scripts/2100-OpenSSL/2119 new file mode 100644 index 000000000..d0fa719ca --- /dev/null +++ b/test/scripts/2100-OpenSSL/2119 @@ -0,0 +1,39 @@ +# TLS server: -tls-on-connect +exim -DSERVER=server -tls-on-connect -bd -oX PORT_D +**** +client-ssl -tls-on-connect 127.0.0.1 PORT_D +??? 220 +ehlo rhu.barb +??? 250- +??? 250- +??? 250- +??? 250 +mail from:<userx@test.ex> +??? 250 +rcpt to:<userx@test.ex> +??? 250 +DATA +??? 3 +This is a test encrypted message. +. +??? 250 +quit +??? 221 +**** +client-ssl -tls-on-connect HOSTIPV4 PORT_D aux-fixed/cert2 aux-fixed/cert2 +??? 220 +mail from:<userx@test.ex> +??? 250 +rcpt to:<userx@test.ex> +??? 250 +DATA +??? 3 +This is a test encrypted message from a verified host. +. +??? 250 +quit +??? 221 +**** +killdaemon +exim -qf +**** diff --git a/test/scripts/2100-OpenSSL/2120 b/test/scripts/2100-OpenSSL/2120 new file mode 100644 index 000000000..7e0aa1e0e --- /dev/null +++ b/test/scripts/2100-OpenSSL/2120 @@ -0,0 +1,10 @@ +# TLS server: no certificate defined, client sends in clear +exim -DSERVER=server -bd -oX PORT_D +**** +exim userx +Test +**** +exim -qf +**** +killdaemon +no_msglog_check diff --git a/test/scripts/2100-OpenSSL/2121 b/test/scripts/2100-OpenSSL/2121 new file mode 100644 index 000000000..49ee4c14e --- /dev/null +++ b/test/scripts/2100-OpenSSL/2121 @@ -0,0 +1,52 @@ +# TLS client: 4xx response to STARTTLS +server PORT_S +220 ESMTP +EHLO +250-OK +250-HELP +250-STARTTLS +250 PIPELINING +STARTTLS +450 temp problem +QUIT +250 OK +**** +exim -DTRYCLEAR=tls_tempfail_tryclear=false -odi x@y +**** +server PORT_S +220 ESMTP +EHLO +250-OK +250-HELP +250-STARTTLS +250 PIPELINING +STARTTLS +450 temp problem +MAIL FROM: +250 OK +RCPT TO: +250 OK +DATA +354 Go ahead +. +250 OK +QUIT +250 OK +**** +exim -qf +**** +server PORT_S +220 ESMTP +EHLO +250-OK +250-HELP +250-STARTTLS +250 PIPELINING +STARTTLS +450 temp problem +QUIT +250 OK +**** +exim -DREQUIRE=hosts_require_tls=* -odi x@y +**** +no_msglog_check diff --git a/test/scripts/2100-OpenSSL/2122 b/test/scripts/2100-OpenSSL/2122 new file mode 100644 index 000000000..f1b1d355f --- /dev/null +++ b/test/scripts/2100-OpenSSL/2122 @@ -0,0 +1,20 @@ +# TLS server: help command in encrypted session +exim -DSERVER=server -bd -oX PORT_D +**** +client-ssl HOSTIPV4 PORT_D +??? 220 +ehlo rhu.barb +??? 250- +??? 250- +??? 250- +??? 250- +??? 250 +starttls +??? 220 +help +??? 214- +??? 214 +quit +??? 221 +**** +killdaemon diff --git a/test/scripts/2100-OpenSSL/2123 b/test/scripts/2100-OpenSSL/2123 new file mode 100644 index 000000000..927c266c6 --- /dev/null +++ b/test/scripts/2100-OpenSSL/2123 @@ -0,0 +1,6 @@ +# TLS: ACL for STARTTLS +exim -bs -oMa 10.9.8.10 +ehlo a.b.c +starttls +quit +**** diff --git a/test/scripts/2100-OpenSSL/2124 b/test/scripts/2100-OpenSSL/2124 new file mode 100644 index 000000000..420f6ccdf --- /dev/null +++ b/test/scripts/2100-OpenSSL/2124 @@ -0,0 +1,29 @@ +# TLS server: empty/non-existent certificate file +exim -DSERVER=server -bd -oX PORT_D +**** +client-ssl HOSTIPV4 PORT_D aux-fixed/cert2 aux-fixed/cert2 +??? 220 +ehlo rhu.barb +??? 250- +??? 250- +??? 250- +??? 250- +??? 250 +starttls +??? 220 +**** +killdaemon +exim -DSERVER=server -DCERT=/non/exist -bd -oX PORT_D +**** +client-ssl HOSTIPV4 PORT_D aux-fixed/cert2 aux-fixed/cert2 +??? 220 +ehlo rhu.barb +??? 250- +??? 250- +??? 250- +??? 250- +??? 250 +starttls +??? 454 +**** +killdaemon diff --git a/test/scripts/2100-OpenSSL/2125 b/test/scripts/2100-OpenSSL/2125 new file mode 100644 index 000000000..1899c4564 --- /dev/null +++ b/test/scripts/2100-OpenSSL/2125 @@ -0,0 +1,10 @@ +# TLS server: tls_require_ciphers +exim -DSERVER=server -bd -oX PORT_D +**** +exim userx@test.ex +Testing +**** +exim -qf +**** +killdaemon +no_msglog_check diff --git a/test/scripts/2100-OpenSSL/2126 b/test/scripts/2100-OpenSSL/2126 new file mode 100644 index 000000000..40e42f443 --- /dev/null +++ b/test/scripts/2100-OpenSSL/2126 @@ -0,0 +1,8 @@ +# TLS: logging parameters for 2 different recipients +exim -DSERVER=server -bd -oX PORT_D +**** +exim -odi userx usery +**** +# Wait to allow delivery to finish before killing the daemon +sleep 1 +killdaemon diff --git a/test/scripts/2100-OpenSSL/2127 b/test/scripts/2100-OpenSSL/2127 new file mode 100644 index 000000000..f2054ff5a --- /dev/null +++ b/test/scripts/2100-OpenSSL/2127 @@ -0,0 +1,14 @@ +# TLS server & client: no certificate in client +exim -DSERVER=server -bd -oX PORT_D +**** +exim userx@test.ex +Test message +**** +exim usery@test.ex +Test message +**** +exim -qf +**** +killdaemon +exim -DSERVER=server -DNOTDAEMON -qf +**** diff --git a/test/scripts/2100-OpenSSL/2128 b/test/scripts/2100-OpenSSL/2128 new file mode 100644 index 000000000..a2e74bfaa --- /dev/null +++ b/test/scripts/2100-OpenSSL/2128 @@ -0,0 +1,30 @@ +# tls_on_connect_ports +need_ipv4 +# +exim -DSERVER=server -bd -oX PORT_D:PORT_D2:PORT_D3 +**** +client-ssl 127.0.0.1 PORT_D +??? 220 +ehlo rhu.barb +??? 250- +??? 250- +??? 250- +??? 250- +??? 250 +starttls +??? 220 +quit +??? 221 +**** +client-ssl -tls-on-connect 127.0.0.1 PORT_D2 +??? 220 +ehlo rhu.barb +??? 250- +??? 250- +??? 250- +??? 250 +quit +??? 221 +**** +killdaemon +no_msglog_check diff --git a/test/scripts/2100-OpenSSL/2149 b/test/scripts/2100-OpenSSL/2149 new file mode 100644 index 000000000..bba059158 --- /dev/null +++ b/test/scripts/2100-OpenSSL/2149 @@ -0,0 +1,11 @@ +# TLS: DH ciphers for OpenSSL +exim -DSERVER=server -bd -oX PORT_D +**** +exim userx@test.ex +Test message +**** +exim -qf +**** +killdaemon +exim -DSERVER=server -DNOTDAEMON -qf +**** diff --git a/test/scripts/2100-OpenSSL/REQUIRES b/test/scripts/2100-OpenSSL/REQUIRES new file mode 100644 index 000000000..9e2124e10 --- /dev/null +++ b/test/scripts/2100-OpenSSL/REQUIRES @@ -0,0 +1,2 @@ +support OpenSSL +running IPv4 |