From 3f0f8e6c10e1beb36d335c02692466c8911e4942 Mon Sep 17 00:00:00 2001
From: Jeremy Harris <jgh146exb@wizmail.org>
Date: Sun, 2 Aug 2020 23:56:58 +0100
Subject: Testsuite: separate cases for TLS resumption with/out OCSP

---
 test/scripts/5891-Resume-GnuTLS-OCSP/5890     | 69 +++++++++++++++++++++++++++
 test/scripts/5891-Resume-GnuTLS-OCSP/REQUIRES |  4 ++
 2 files changed, 73 insertions(+)
 create mode 100644 test/scripts/5891-Resume-GnuTLS-OCSP/5890
 create mode 100644 test/scripts/5891-Resume-GnuTLS-OCSP/REQUIRES

(limited to 'test/scripts/5891-Resume-GnuTLS-OCSP')

diff --git a/test/scripts/5891-Resume-GnuTLS-OCSP/5890 b/test/scripts/5891-Resume-GnuTLS-OCSP/5890
new file mode 100644
index 000000000..449b0eb3d
--- /dev/null
+++ b/test/scripts/5891-Resume-GnuTLS-OCSP/5890
@@ -0,0 +1,69 @@
+# TLS session resumption with OCSP
+gnutls
+#
+# For keying info:
+# (requires SSLKEYLOGFILE added to /etc/sudoers)
+# SSLKEYLOGFILE=/home/jgh/git/exim/test/foo sudo exim -DSERVER=server -bd -oX PORT_D
+#
+### TLS1.2
+exim -DSERVER=server -DOPTION=NORMAL:!VERS-TLS1.3 -bd -oX PORT_D
+****
+exim -DVALUE=resume -odf getticket@test.ex
+Test message. Contains FF: ÿ
+****
+exim -DVALUE=resume -odf resume@test.ex abcd@test.ex xyz@test.ex
+Test message to two different hosts, one does not support resume
+****
+# allow time for ticket to hit renewal time
+sleep 3
+exim -DVALUE=resume -odf renewal@test.ex
+Test message.
+****
+exim -DVALUE=resume -odf postrenewal@test.ex
+Test message.
+****
+sleep 3
+exim -DVALUE=resume -odf timeout@test.ex
+Test message.
+****
+exim -odf notreq@test.ex
+Test message, not requesting resumption.
+****
+sudo rm -f DIR/spool/db/tls
+exim -odf -DVALUE=resume noverify_getticket@test.ex
+Dest on this means the server cert will not verify (but try_verify will permit it)
+****
+exim -odf -DVALUE=resume noverify_resume@test.ex
+Dest on this means the server cert will not verify (but try_verify will permit it)
+****
+killdaemon
+sleep 1
+sudo rm -f DIR/spool/db/tls
+#
+#
+### TLS1.3
+exim -DSERVER=server -DOPTION=NORMAL -bd -oX PORT_D
+****
+exim -DVALUE=resume -odf getticket@test.ex
+Test message. Contains FF: ÿ
+****
+exim -DVALUE=resume -odf resume@test.ex abcd@test.ex xyz@test.ex
+Test message to two different hosts, one does not support resume
+****
+# allow time for ticket to hit renewal time
+sleep 3
+exim -DVALUE=resume -odf renewal@test.ex
+Test message.
+****
+exim -DVALUE=resume -odf postrenewal@test.ex
+Test message.
+****
+sleep 3
+exim -DVALUE=resume -odf timeout@test.ex
+Test message.
+****
+exim -odf notreq@test.ex
+Test message, not requesting resumption.
+****
+killdaemon
+no_msglog_check
diff --git a/test/scripts/5891-Resume-GnuTLS-OCSP/REQUIRES b/test/scripts/5891-Resume-GnuTLS-OCSP/REQUIRES
new file mode 100644
index 000000000..ea7e8959e
--- /dev/null
+++ b/test/scripts/5891-Resume-GnuTLS-OCSP/REQUIRES
@@ -0,0 +1,4 @@
+support GnuTLS
+running IPv4
+support TLS_resume
+support OCSP
-- 
cgit v1.2.3