summaryrefslogtreecommitdiff
path: root/test
AgeCommit message (Collapse)Author
2012-06-04Fix post-rebase merge issues.Jeremy Harris
2012-06-04Split out OpenSSL and GnuTLS versions of tests.Jeremy Harris
2012-06-04Change use of $tls_cipher in client context to $tls_out_cipher.Jeremy Harris
2012-06-04Fix bug verifying certs on dual-tls.Jeremy Harris
2012-06-04Support transport hosts_avoid_tls for cutthrough.Jeremy Harris
2012-06-04Add testcase for callout fallback from ESMTP to SMTP.Jeremy Harris
2012-06-04Fix testsuite cases affected by 8bitmime-as-default.Jeremy Harris
2012-06-04Fix tls variables order, and testsuite case 5401 (cutthrough) for changes ↵Jeremy Harris
that went in with dual-tls.
2012-06-04Deal explicitly with attempt to callout via null transport; fixes crash.Jeremy Harris
2012-06-04Fixup testsuite cases affected by dual-tls - mainly EHLO on callouts.Jeremy Harris
2012-06-04Testsuite cases for basic cutthrough_delivery.Jeremy Harris
Also fixed bug where a predata acl was required for cutthrough.
2012-06-04Test for proper parsing of optional MAIL FROM args.Todd Lyons
2012-06-04Test system - parse ipv6 addresses with no :: in them.Todd Lyons
2012-05-27Test: update for new tls_dhparam (suite used on Scientific Linux 6 test host).Jeremy Harris
2012-05-27Test: update for new tls_dhparamPhil Pennock
2012-05-25Ignore vim swap files and test/* temporary files/dirsTodd Lyons
2012-05-23Manually control locale, setting to "C" in runtest script.Todd Lyons
Fixes the output of 'ls' command to a standard format (test 345).
2012-05-21Testsuite: more robust fix for SHELL vs /bin/sh, take two.Jeremy Harris
2012-05-21Revert "Testsuite: more robust fix for SHELL vs /bin/sh"Jeremy Harris
This reverts commit 8dedb69a41c30fd82ab6e084fe567f7ee7aaa562. Kills testcase 0137.
2012-05-21Testsuite: more robust fix for SHELL vs /bin/shJeremy Harris
2012-05-21features.h; tls_validate_require_cipher: log flag & testsexim-4_80_RC3Phil Pennock
Pull in <features.h> on Linux. Switch readconf log from D_all (bug) to D_tls (though D_any would have worked). Modified runtest to handle clamped DH bits and tls_validate_require_cipher added debug logging.
2012-05-20Merge branch 'master_testsuite_faq'Todd Lyons
2012-05-20FAQ of running test suiteTodd Lyons
2012-05-20Testsuite: more guidance in READMEJeremy Harris
2012-05-19Cipher munging continues.Phil Pennock
I omitted log/2025 pending further investigation.
2012-05-20Testsuite: munge recorded TLS version &c in output to permit awkward ↵Jeremy Harris
test-host installations.
2012-05-18Test suite fixes, mostly for new certs.Phil Pennock
New cert1 and cert2 but I'd only updated the GnuTLS tests. This fixes OpenSSL ones too. The SHELL vs /bin/sh one also fixed, finally realised that the test output just hadn't been updated to match the munging.
2012-05-17Make test-suite client cmd -t<timeout> actually workPhil Pennock
2012-05-17CRL addition returns count of CRLs addedPhil Pennock
A couple more cert1/2 strings updated, plus some disambiguating rhubarb.
2012-05-17fix tls_cipher memory lifetime.Phil Pennock
Some tests had not been updated for the new cert because they were missing an X= log-line. Updated those tests now.
2012-05-17More GnuTLS cleanups/fixes.Phil Pennock
Decided "unknown (reason)" in tls_peerdn was wrong, stripped that, added replacement guard. Moved cipherbuf construction to where it makes more sense, where peerdn is extracted, so that setting the exim vars gets back closer to just some pointer switching. Fix missing failure check after handshake in client. Fix tls.c tls_ungetc() and friends by pointing watermark vars at state content. Regenerated test-suite D-H params so we don't have too small values, which was causing connection rejections. Test-suite output where new test cert info is logged (there will be a couple more, when I fix a lingering problem with tls_peerdn being unset in client log-lines). Give test-suite client command some --help.
2012-05-174.78 -> 4.80Phil Pennock
2012-05-17Handle absent tls_require_ciphers correctly.Phil Pennock
Fix test-suite certs to not use MD5. Document that we do not support MD5 certs any longer. Make test-suite generate probably-correct gnutls-params filename for us.
2012-05-17Handle TLSv1.2 in test suite.Phil Pennock
Normalise TLSv1.2 to TLSv1. Normalise AES256-GCM-SHA384 to AES256-SHA. Make some test configs accept AES256-GCM-SHA384 in "encrypted =" ACLs. Have test suite print final test id during abort, make it easier to track down.
2012-05-16Overhaul of GnuTLS code.Phil Pennock
GnuTLS code re-done, using cut&paste for preservation where appropriate. Stop using deprecated APIs. Stop hard-coding lists of ciphers. Use gnutls_priority_init() instead. Turns tls_require_ciphers into a string in the GnuTLS case, not just OpenSSL case. Deprecate three gnutls_require_* options; now ignored but not errors. (No warnings yet). Added TLS SNI support. Made the channel binding integration theoretically actually work. I had it guarded by an #ifdef but the value used was an enum instead. Oops. Fixed. New code much more amenable to future work permitting TLS in callouts. DH param sizes now chosen by GnuTLS maintainers, we use "normal"; that's suddenly a lot more bits, so the saved filename was changed too. (GNUTLS_SEC_PARAM_NORMAL). DH param setup only done for servers now, since clients don't need/use it. GnuTLS a lot more robust to library negotiation using stuff we don't support, error-ing out quickly for other authentication systems (PGP, etc). Renamed pseudo_random_number() to vaguely_random_number() which makes the nature clearer. GnuTLS now provides a vaguely_random_number() implementation, to match OpenSSL. Pull in <inttypes.h> to make the recent arithmetic changes compile on MacOS. Nuke test 2011 which related to the gnutls_require_* options now non-functional.
2012-05-15Testsuite: fix problem with parsing retry records spanning midnight.Jeremy Harris
2012-05-13Merge branch '64bitint'Jeremy Harris
2012-05-13typo fixPhil Pennock
2012-05-13Make integer values 64bit (bug 1171).Jeremy Harris
2012-05-13Testsuite: ensure socket from wait-mode daemon test is not held open.Jeremy Harris
2012-05-13Fixed headers_only on smtp transports.Phil Pennock
Was not sending trailing dot. Added test case to catch this. fixes bug 1246.
2012-05-11Testing for -bw modePhil Pennock
2012-05-10Testsuite: updates for 8bitmime-as-default (Dovecot; untested).Jeremy Harris
2012-05-10Testsuite: updates for 8bitmime-as-default (GnuTLS).Jeremy Harris
Also add Retry command to more runtest testcase-fail possibilities.
2012-05-07Testsuite: updates for 8bitmime-as-default.Jeremy Harris
2012-05-07Default accept_8bitmime to true.Phil Pennock
Some discussion at http://bugs.exim.org/show_bug.cgi?id=817 Refer readers to Dan Bernstein's analysis of the issues. Consensus seen from maintainers is that DJB is right on this point.
2012-05-06Testsuite: teach the fakedns zonefile generator about the ipv6 double-colon ↵Jeremy Harris
rule. Fixes case 1003 for me (having a trailing ::).
2012-05-05Fix bug 1225: Accept new testsuite case output.Jeremy Harris
Having looked further at the ratelimit code, the new output looks reasonable. The obscure values of "19" derive from testing "per-byte", being the size of the test message.
2012-05-01Update testsuite output files for GnuTLS version update and fixes.Jeremy Harris
2012-05-01Code refactoring in acl.c (bug 1184)Jeremy Harris
Move to a table-driven approach for the parsing of "verify =".