From 7befa435e5664f43d90bf5a2703fcf4f2a26139e Mon Sep 17 00:00:00 2001 From: Philip Hazel Date: Mon, 16 Oct 2006 13:43:21 +0000 Subject: Update Dovecot authenticator to (a) lock out tabs (b) add extra parameters "secured" and "valid-client-cert" when relevant. --- test/confs/9350 | 7 ++++ test/log/9350 | 2 ++ test/rejectlog/9350 | 2 ++ test/scripts/9350-Dovecot/9350 | 48 +++++++++++++++++++++++++ test/stdout/9350 | 82 ++++++++++++++++++++++++++++++++++++++++++ 5 files changed, 141 insertions(+) (limited to 'test') diff --git a/test/confs/9350 b/test/confs/9350 index fd75156f5..4ba8e6d68 100644 --- a/test/confs/9350 +++ b/test/confs/9350 @@ -15,6 +15,13 @@ gecos_name = CALLER_NAME acl_smtp_rcpt = check_recipient +tls_advertise_hosts = * +tls_certificate = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail} +tls_privatekey = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail} + +tls_verify_hosts = HOSTIPV4 +tls_verify_certificates = ${if eq {SERVER}{server}{DIR/aux-fixed/cert2}fail} + # ----- ACL ----- diff --git a/test/log/9350 b/test/log/9350 index 8d693548e..1fe64551f 100644 --- a/test/log/9350 +++ b/test/log/9350 @@ -2,3 +2,5 @@ ******** SERVER ******** 1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225 1999-03-02 09:44:33 dovecot authenticator failed for (xxxx) [127.0.0.1]: 535 Incorrect authentication data (set_id=userx) +1999-03-02 09:44:33 dovecot authenticator failed for (xxxx) [127.0.0.1]: 535 Incorrect authentication data (set_id=userx) +1999-03-02 09:44:33 dovecot authenticator failed for (xxxx) [ip4.ip4.ip4.ip4]: 535 Incorrect authentication data (set_id=userx) diff --git a/test/rejectlog/9350 b/test/rejectlog/9350 index 1af78c03d..a3f2a0ab8 100644 --- a/test/rejectlog/9350 +++ b/test/rejectlog/9350 @@ -1,3 +1,5 @@ ******** SERVER ******** 1999-03-02 09:44:33 dovecot authenticator failed for (xxxx) [127.0.0.1]: 535 Incorrect authentication data (set_id=userx) +1999-03-02 09:44:33 dovecot authenticator failed for (xxxx) [127.0.0.1]: 535 Incorrect authentication data (set_id=userx) +1999-03-02 09:44:33 dovecot authenticator failed for (xxxx) [ip4.ip4.ip4.ip4]: 535 Incorrect authentication data (set_id=userx) diff --git a/test/scripts/9350-Dovecot/9350 b/test/scripts/9350-Dovecot/9350 index 55b6c1e42..3325f246c 100644 --- a/test/scripts/9350-Dovecot/9350 +++ b/test/scripts/9350-Dovecot/9350 @@ -1,6 +1,7 @@ # Dovecot authentication (server only) exim -DSERVER=server -bd -oX PORT_D **** +# Try without TLS client -t3 127.0.0.1 PORT_D ??? 220 EHLO xxxx @@ -8,6 +9,53 @@ EHLO xxxx ??? 250- ??? 250- ??? 250- +??? 250- +??? 250 +AUTH PLAIN AHVzZXJ4AHNlY3JldA== +??? 535 +quit +??? 221 +**** +# TLS, but no client certificate +client-gnutls -t3 127.0.0.1 PORT_D +??? 220 +EHLO xxxx +??? 250- +??? 250- +??? 250- +??? 250- +??? 250- +??? 250 +STARTTLS +??? 220 +EHLO xxxx +??? 250- +??? 250- +??? 250- +??? 250- +??? 250 +AUTH PLAIN AHVzZXJ4AHNlY3JldA== +??? 535 +quit +??? 221 +**** +# TLS with client certificate +client-gnutls -t3 HOSTIPV4 PORT_D DIR/aux-fixed/cert2 DIR/aux-fixed/cert2 +??? 220 +EHLO xxxx +??? 250- +??? 250- +??? 250- +??? 250- +??? 250- +??? 250 +STARTTLS +??? 220 +EHLO xxxx +??? 250- +??? 250- +??? 250- +??? 250- ??? 250 AUTH PLAIN AHVzZXJ4AHNlY3JldA== ??? 535 diff --git a/test/stdout/9350 b/test/stdout/9350 index 87f70de47..3a42a6729 100644 --- a/test/stdout/9350 +++ b/test/stdout/9350 @@ -10,6 +10,88 @@ Connecting to 127.0.0.1 port 1225 ... connected <<< 250-PIPELINING ??? 250- <<< 250-AUTH PLAIN +??? 250- +<<< 250-STARTTLS +??? 250 +<<< 250 HELP +>>> AUTH PLAIN AHVzZXJ4AHNlY3JldA== +??? 535 +<<< 535 Incorrect authentication data +>>> quit +??? 221 +<<< 221 myhost.test.ex closing connection +End of script +Connecting to 127.0.0.1 port 1225 ... connected +??? 220 +<<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 +>>> EHLO xxxx +??? 250- +<<< 250-myhost.test.ex Hello xxxx [127.0.0.1] +??? 250- +<<< 250-SIZE 52428800 +??? 250- +<<< 250-PIPELINING +??? 250- +<<< 250-AUTH PLAIN +??? 250- +<<< 250-STARTTLS +??? 250 +<<< 250 HELP +>>> STARTTLS +??? 220 +<<< 220 TLS go ahead +Attempting to start TLS +Succeeded in starting TLS +>>> EHLO xxxx +??? 250- +<<< 250-myhost.test.ex Hello xxxx [127.0.0.1] +??? 250- +<<< 250-SIZE 52428800 +??? 250- +<<< 250-PIPELINING +??? 250- +<<< 250-AUTH PLAIN +??? 250 +<<< 250 HELP +>>> AUTH PLAIN AHVzZXJ4AHNlY3JldA== +??? 535 +<<< 535 Incorrect authentication data +>>> quit +??? 221 +<<< 221 myhost.test.ex closing connection +End of script +Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected +Certificate file = TESTSUITE/aux-fixed/cert2 +Key file = TESTSUITE/aux-fixed/cert2 +??? 220 +<<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 +>>> EHLO xxxx +??? 250- +<<< 250-myhost.test.ex Hello xxxx [ip4.ip4.ip4.ip4] +??? 250- +<<< 250-SIZE 52428800 +??? 250- +<<< 250-PIPELINING +??? 250- +<<< 250-AUTH PLAIN +??? 250- +<<< 250-STARTTLS +??? 250 +<<< 250 HELP +>>> STARTTLS +??? 220 +<<< 220 TLS go ahead +Attempting to start TLS +Succeeded in starting TLS +>>> EHLO xxxx +??? 250- +<<< 250-myhost.test.ex Hello xxxx [ip4.ip4.ip4.ip4] +??? 250- +<<< 250-SIZE 52428800 +??? 250- +<<< 250-PIPELINING +??? 250- +<<< 250-AUTH PLAIN ??? 250 <<< 250 HELP >>> AUTH PLAIN AHVzZXJ4AHNlY3JldA== -- cgit v1.2.3