X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=test%2Fruntest;h=f5e4063a8e19d8252539a0360db8f7f0aae2c9ae;hb=69d0c29b3b45e8f3ea698f75ccc7b5dd9e0099f6;hp=d15bc67267ee3dd991e71ab561e101b5c163728e;hpb=57eb2f64630884ec5b65c22ff0349aec1d3032ce;p=exim.git

diff --git a/test/runtest b/test/runtest
index d15bc6726..f5e4063a8 100755
--- a/test/runtest
+++ b/test/runtest
@@ -492,10 +492,10 @@ RESET_AFTER_EXTRA_LINE_READ:
   # time used was fixed when I first started running automatic Exim tests.
 
   # Date/time in header lines and SMTP responses
-  s/[A-Z][a-z]{2},\s\d\d?\s[A-Z][a-z]{2}\s\d\d\d\d\s\d\d\:\d\d:\d\d\s[-+]\d{4}
+  s/[A-Z][a-z]{2},\s\d\d?\s[A-Z][a-z]{2}\s\d{4}\s\d\d\:\d\d:\d\d\s[-+]\d{4}
     /Tue, 2 Mar 1999 09:44:33 +0000/gx;
   # and in a French locale
-  s/\S{4},\s\d\d?\s[^,]+\s\d\d\d\d\s\d\d\:\d\d:\d\d\s[-+]\d{4}
+  s/\S{4},\s\d\d?\s[^,]+\s\d{4}\s\d\d\:\d\d:\d\d\s[-+]\d{4}
     /dim., 10 f\xE9vr 2019 20:05:49 +0000/gx;
 
   # Date/time in logs and in one instance of a filter test
@@ -615,28 +615,36 @@ RESET_AFTER_EXTRA_LINE_READ:
   #   TLS1.2:ECDHE_SECP256R1__RSA_SHA256__AES_256_GCM:256
   #   TLS1.2:ECDHE_SECP256R1__RSA_SHA256__AES_128_CBC__SHA256:128
   #   TLS1.2:ECDHE_SECP256R1__ECDSA_SHA512__AES_256_GCM:256
-  #   TLS1.2:RSA__CAMELLIA_256_GCM:256	(leave the cipher name)
+  #   TLS1.2:ECDHE_SECP256R1__AES_256_GCM:256		(3.6.7 resumption)
+  #   TLS1.2:ECDHE_RSA_SECP256R1__AES_256_GCM:256	(! 3.5.18 !)
+  #   TLS1.2:RSA__CAMELLIA_256_GCM:256			(leave the cipher name)
+  #   TLS1.2-PKIX:RSA__AES_128_GCM__AEAD:128		(the -PKIX seems to be a 3.1.20 thing)
+  #   TLS1.2-PKIX:ECDHE_RSA_SECP521R1__AES_256_GCM__AEAD:256
   #
   #   X=TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256
   #   X=TLS1.2:RSA_AES_256_CBC_SHA1:256
   #   X=TLS1.1:RSA_AES_256_CBC_SHA1:256
+  #   X=TLS1.0:RSA_AES_256_CBC_SHA1:256
   #   X=TLS1.0:DHE_RSA_AES_256_CBC_SHA1:256
+  #   X=TLS1.0-PKIX:RSA__AES_256_CBC__SHA1:256
   # and as stand-alone cipher:
   #   ECDHE-RSA-AES256-SHA
   #   DHE-RSA-AES256-SHA256
   #   DHE-RSA-AES256-SHA
   # picking latter as canonical simply because regex easier that way.
   s/\bDHE_RSA_AES_128_CBC_SHA1:128/RSA-AES256-SHA1:256/g;
-  s/TLS1.[0123]:						# TLS version
-	((EC)?DHE(_((?<psk>PSK)_)?(SECP256R1|X25519))?__?)?	# key-exchange
-	((?<auth>RSA|ECDSA)((_PSS_RSAE)?_SHA(512|256))?__?)?	# authentication
-	AES_(256|128)_(CBC|GCM)					# cipher
-	(__?SHA(1|256|384))?:					# PRF
-	(256|128)						# cipher strength
+  s/TLS1.[0123](-PKIX)?:						# TLS version
+    ((EC)?DHE(_((?<psk>PSK)_)?((?<auth>RSA|ECDSA)_)?
+				(SECP(256|521)R1|X25519))?__?)?		# key-exchange
+    ((?<auth>RSA|ECDSA)((_PSS_RSAE)?_SHA(512|256))?__?)?		# authentication
+    AES_(256|128)_(CBC|GCM)						# cipher
+    (__?AEAD)?								# pseudo-MAC
+    (__?SHA(1|256|384))?						# PRF
+    :(256|128)								# cipher strength
     /"TLS1.x:ke-"
 	. (defined($+{psk}) ? $+{psk} : "")
 	. (defined($+{auth}) ? $+{auth} : "")
-	. "-AES256-SHAnnn:xxx"/genx;
+	. "-AES256-SHAnnn:xxx"/gex;
   s/TLS1.2:RSA__CAMELLIA_256_GCM(_SHA384)?:256/TLS1.2:RSA_CAMELLIA_256_GCM-SHAnnn:256/g;
   s/\b(ECDHE-(RSA|ECDSA)-AES256-SHA|DHE-RSA-AES256-SHA256)\b/ke-$2-AES256-SHAnnn/g;
 
@@ -764,7 +772,7 @@ RESET_AFTER_EXTRA_LINE_READ:
     }
 
   # Port in host address in spool file output from -Mvh
-  s/^-host_address (.*)\.\d+/-host_address $1.9999/;
+  s/^(--?host_address) (.*)\.\d+/$1 $2.9999/;
 
   if ($dynamic_socket and $dynamic_socket->opened and my $port = $dynamic_socket->sockport) {
     s/^Connecting to 127\.0\.0\.1 port \K$port/<dynamic port>/;
@@ -993,6 +1001,10 @@ RESET_AFTER_EXTRA_LINE_READ:
 
     # ARC is not always supported by the build
     next if /^arc_sign =/;
+
+    # TLS resumption is not always supported by the build
+    next if /^tls_resumption_hosts =/;
+    next if /^-tls_resumption/;
     }
 
   # ======== stderr ========
@@ -1142,6 +1154,9 @@ RESET_AFTER_EXTRA_LINE_READ:
     # remote port numbers vary
     s/(Connection request from 127.0.0.1 port) \d{1,5}/$1 sssss/;
 
+    # Platform-dependent error strings
+    s/Operation timed out/Connection timed out/;
+
     # Skip hosts_require_dane checks when the options
     # are unset, because dane ain't always there.
     next if /in\shosts_require_dane\?\sno\s\(option\sunset\)/x;
@@ -1152,6 +1167,9 @@ RESET_AFTER_EXTRA_LINE_READ:
     # SUPPORT_PROXY
     next if /host in hosts_proxy\?/;
 
+    # PIPE_CONNECT
+    next if / in (pipelining_connect_advertise_hosts|hosts_pipe_connect)?\? no /;
+
     # Experimental_International
     next if / in smtputf8_advertise_hosts\? no \(option unset\)/;
 
@@ -1161,9 +1179,6 @@ RESET_AFTER_EXTRA_LINE_READ:
     # TCP Fast Open
     next if /^(ppppp )?setsockopt FASTOPEN: Network Error/;
 
-    # Experimental_PIPE_CONNECT
-    next if / in (pipelining_connect_advertise_hosts|hosts_pipe_connect)?\? no /;
-
     # Environment cleaning
     next if /\w+ in keep_environment\? (yes|no)/;
 
@@ -1196,16 +1211,44 @@ RESET_AFTER_EXTRA_LINE_READ:
     next if /^PDKIM \[[^[]+\] (Header hash|b) computed:/;
 
     # Not all platforms support TCP Fast Open, and the compile omits the check
-    if (s/\S+ in hosts_try_fastopen\? no \(option unset\)\n$//)
+    if (s/\S+ in hosts_try_fastopen\? (no \(option unset\)|yes \(matched "\*"\))\n$//)
       {
       $_ .= <IN>;
       s/ \.\.\. >>> / ... /;
+      if (s/ non-TFO mode connection attempt to 224.0.0.0, 0 data\b$//) { $_ .= <IN>; }
       s/Address family not supported by protocol family/Network Error/;
       s/Network is unreachable/Network Error/;
       }
     next if /^(ppppp )?setsockopt FASTOPEN: Protocol not available$/;
     s/^(Connecting to .* \.\.\. sending) \d+ (nonTFO early-data)$/$1 dd $2/;
 
+    if (/^([0-9: ]*						# possible timestamp
+	Connecting\ to\ [^ ]+\ [^ ]+(\ from\ [^ ]+)?)\ \.\.\.
+	\ .*TFO\ mode\ 
+	(sendto,\ no\ data:\ EINPROGRESS			# Linux
+	|connection\ attempt\ to\ [^,]+,\ 0\ data)		# MacOS & no-support
+	$/x)
+      {
+      $_ = $1 . " ... " . <IN>;
+      s/^(.* \.\.\.) [0-9: ]*connected$/$1  connected/;
+
+      if (/^Connecting to .* \.\.\.  connected$/)
+	{
+	$_ .= <IN>;
+	if (/^(Connecting to .* \.\.\.  )connected\n\s+SMTP(\(close\)>>|\(Connection refused\)<<)$/)
+	  {
+	  $_ = $1 . "failed: Connection refused\n" . <IN>;
+	  s/^(Connecting .*)\n\s+SMTP\(close\)>>$/$1/;
+	  }
+	elsif (/^(Connecting to .* \.\.\.  connected\n)read response data: size=/)
+	  { $_ = $1; }
+
+	# Date/time in SMTP banner
+	s/[A-Z][a-z]{2},\s\d\d?\s[A-Z][a-z]{2}\s\d{4}\s\d\d\:\d\d:\d\d\s[-+]\d{4}
+	  /Tue, 2 Mar 1999 09:44:33 +0000/gx;
+	}
+      }
+
     # Specific pointer values reported for DB operations change from run to run
     s/^(\s*returned from EXIM_DBOPEN: )(0x)?[0-9a-f]+/${1}0xAAAAAAAA/;
     s/^(\s*EXIM_DBCLOSE.)(0x)?[0-9a-f]+/${1}0xAAAAAAAA/;
@@ -1218,6 +1261,12 @@ RESET_AFTER_EXTRA_LINE_READ:
     # Not all builds include DMARC
     next if /^DMARC: no (dmarc_tld_file|sender_host_address)$/ ;
 
+    # TLS resumption is not always supported by the build
+    next if /in tls_resumption_hosts\?/;
+
+    # Platform differences in errno strings
+    s/  SMTP\(Operation timed out\)<</  SMTP(Connection timed out)<</;
+
     # When Exim is checking the size of directories for maildir, it uses
     # the check_dir_size() function to scan directories. Of course, the order
     # of the files that are obtained using readdir() varies from system to
@@ -1293,6 +1342,8 @@ RESET_AFTER_EXTRA_LINE_READ:
       else
 	{ $_ = $prev; }
       }
+    # translate gnutls error into the openssl one
+    s/ARC: AMS signing: privkey PEM-block import: \KThe requested data were not available.$/error:0906D06C:PEM routines:PEM_read_bio:no start line/;
 
     # DKIM timestamps
     if ( /(DKIM: d=.*) t=([0-9]*) x=([0-9]*) / )
@@ -4178,6 +4229,10 @@ foreach $test (@test_list)
           print "==================>\n";
           system("tail -20 test-stderr");
           print "===================\n";
+          print "stderr-server tail:\n";
+          print "==================>\n";
+          system("tail -20 test-stderr-server");
+          print "===================\n";
           print "... continue forced\n";
           }