X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=test%2Fruntest;h=3931b06d4018bfdcc9db9ae75320a593eb275983;hb=7c60296900bdff369ffd2bf54eecfe6097b997a4;hp=49789319bb64bfa887d69d84ebc6a2ca4da7099d;hpb=0288c50a848a19822b9d693681c53d5db1fc8ae6;p=user%2Fhenk%2Fcode%2Fexim.git diff --git a/test/runtest b/test/runtest index 49789319b..3931b06d4 100755 --- a/test/runtest +++ b/test/runtest @@ -385,11 +385,21 @@ $spid = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"; LINE: while() { RESET_AFTER_EXTRA_LINE_READ: + if ($munge_skip) + { + # Munging is a no-op. + # Useful when testing exim_msgdate so that + # we compare unmunged dates and message-ids. + print MUNGED; + next; + } + # Custom munges if ($extra) { next if $extra =~ m%^/% && eval $extra; eval $extra if $extra =~ m/^s/; + eval substr($extra, 1) if $extra =~ m/^R/; } # Check for "*** truncated ***" @@ -918,6 +928,11 @@ RESET_AFTER_EXTRA_LINE_READ: # OpenSSL 3.0.0 s/TLS error \(D-H param setting .* error:\K.*dh key too small/xxxxxxxx:SSL routines::dh key too small/; + # OpenSSL 1.1.1 + s/error:\K0B080074:x509 certificate routines:X509_check_private_key(?=:key values mismatch$)/05800074:x509 certificate routines:/; + s/error:\K02001002:system library:fopen(?=:No such file or directory$)/80000002:system library:/; + s/error:\K0909006C:PEM routines:get_name(?=:no start line$)/0480006C:PEM routines:/; + # ======== Maildir things ======== # timestamp output in maildir processing s/(timestamp=|\(timestamp_only\): )\d+/$1ddddddd/g; @@ -1043,6 +1058,7 @@ RESET_AFTER_EXTRA_LINE_READ: # TLS resumption is not always supported by the build next if /^tls_resumption_hosts =/; next if /^-tls_resumption/; + next if /^host_name_extract = /; # gsasl library version may not support some methods s/250-AUTH ANONYMOUS PLAIN SCRAM-SHA-1\K SCRAM-SHA-256//; @@ -1077,7 +1093,7 @@ RESET_AFTER_EXTRA_LINE_READ: /x; # Lines with a leading pid. Only handle >= 4-digit PIDs to avoid converting SMTP respose codes - s/^(\s*\d{4,})\s(?!(?:previous message|in\s|bytes remain in|SMTP accept process running))/new_value($1, "p%s", \$next_pid) . ' '/e; + s/^\s*(\d{4,})\s(?!(?:previous message|in\s|bytes remain in|SMTP accept process running))/new_value($1, "p%s", \$next_pid) . ' '/e; # Debugging lines for Exim terminations and process-generation next if /(?:postfork: | fork(?:ing|ed) for )/; @@ -1126,10 +1142,10 @@ RESET_AFTER_EXTRA_LINE_READ: # TLS preload # only OpenSSL speaks of these - next if /^TLS: (preloading (DH params|ECDH curve|CA bundle) for server|generating selfsigned server cert)/; - next if /^Diffie-Hellman initialized from default/; - next if /^ECDH OpenSSL (< )?[\d.+]+: temp key parameter settings:/; - next if /^ECDH: .*'prime256v1'/; + next if /^TLS: (preloading (DH params \S+|ECDH curve \S+|CA bundle) for server|generating selfsigned server cert)/; + next if /^ Diffie-Hellman initialized from default/; + next if /^ ECDH OpenSSL (< )?[\d.+]+: temp key parameter settings:/; + next if /^ ECDH: .*'prime256v1'/; next if /^tls_verify_certificates: system$/; next if /^tls_set_watch: .*\/cert.pem/; next if /^Generating 2048 bit RSA key/; @@ -1164,6 +1180,9 @@ RESET_AFTER_EXTRA_LINE_READ: next if /^TLS: not preloading (CA bundle|cipher list) for server$/; next if /^TLS: not preloading server certs$/; + # some plaatforms are missing the standard CA bundle file + next if /^tls_set_watch\(\) fail on '\/usr\/lib\/ssl\/cert.pem': No such file or directory$/; + # drop lookups next if /^$time_pid?(?: Lookups\ \(built-in\): | Loading\ lookup\ modules\ from @@ -1248,6 +1267,7 @@ RESET_AFTER_EXTRA_LINE_READ: # Skip tls_advertise_hosts and hosts_require_tls checks when the options # are unset, because tls ain't always there. + next if /^((>>>)?\s*host)? in tls_advertise_hosts\?$/; next if /in\s(?:tls_advertise_hosts\?|hosts_require_tls\?) \sno\s\((option\sunset|end\sof\slist)\)/x; @@ -1333,6 +1353,9 @@ RESET_AFTER_EXTRA_LINE_READ: # Different builds will have different lookup types included s/^\s*search_type \K\d+ \((\w+)\) quoting -1 \(none\)$/NN ($1) quoting -1 (none)/; + # and different numbers of lookup types result in different type-code letters, + # so convert them all to "0" + s%(?>>)?\s*host in pipelining_connect_advertise_hosts\?$/ ) + { + $_ = ; + while ( /^(>>>)?\s*list element:/ ) { $_ = ; } + goto RESET_AFTER_EXTRA_LINE_READ; + } + next if / in (?:pipelining_connect_advertise_hosts|hosts_pipe_connect)?\? no /; # Experimental_International next if / in smtputf8_advertise_hosts\? no \(option unset\)/; @@ -1350,11 +1379,22 @@ RESET_AFTER_EXTRA_LINE_READ: next if / in tls_advertise_requiretls?\? no \(end of list\)/; # Experimental_LIMITS + if ( /^((>>>)?\s*host)? in limits_advertise_hosts\?$/ ) + { + $_ = ; + while ( /^(>>>)?\s*list element: !\*$/ ) { $_ = ; } + goto RESET_AFTER_EXTRA_LINE_READ; + } next if / in limits_advertise_hosts?\? no \(matched "!\*"\)/; # TCP Fast Open next if /^(ppppp )?setsockopt FASTOPEN: Network Error/; + # DISABLE_TLS_RESUME + # TLS resumption is not always supported by the build + next if /in tls_resumption_hosts\?/; + next if /RE '.outlook.com/; + # Environment cleaning next if /\w+ in keep_environment\? (yes|no)/; @@ -1446,9 +1486,6 @@ RESET_AFTER_EXTRA_LINE_READ: # Not all builds include DMARC next if /^DMARC: no (dmarc_tld_file|sender_host_address)$/ ; - # TLS resumption is not always supported by the build - next if /in tls_resumption_hosts\?/; - # Platform differences in errno strings s/ SMTP\(Operation timed out\)</; + # When Exim is checking the size of directories for maildir, it uses # the check_dir_size() function to scan directories. Of course, the order # of the files that are obtained using readdir() varies from system to @@ -1537,6 +1577,9 @@ RESET_AFTER_EXTRA_LINE_READ: s/signer: [^ ]* bits:\K 256/ 253/; s/public key too short:\K 256 bits/ 253 bits/; + # with GnuTLS we cannot log single bad ALPN. So ignore the with-OpenSSL log line. + # next if /TLS ALPN (http) rejected$/; + # port numbers s/(?:\[[^\]]*\]:|port )\K$parm_port_d/PORT_D/; s/(?:\[[^\]]*\]:|port )\K$parm_port_d2/PORT_D2/; @@ -1556,7 +1599,7 @@ RESET_AFTER_EXTRA_LINE_READ: s/session: \K\((SSL_connect|gnutls_handshake)\): timed out/(tls lib connect fn): timed out/; s/TLS error on connection from .*\K\((SSL_accept|gnutls_handshake)\): timed out/(tls lib accept fn): timed out/; s/TLS error on connection from .*\K(SSL_accept: TCP connection closed by peer|\(gnutls_handshake\): The TLS connection was non-properly terminated.)/(tls lib accept fn): TCP connection closed by peer/; - s/TLS session: \K\(gnutls_handshake\): No supported application protocol could be negotiated/(SSL_connect): error: <>/; + s/TLS session: \K\(gnutls_handshake\): rxd alert: No supported application protocol could be negotiated/(SSL_connect): error: <>/; s/\(gnutls_handshake\): No common application protocol could be negotiated./(SSL_accept): error: <>/; } @@ -1884,7 +1927,8 @@ return 2; # Usable files are: # paniclog, rejectlog, mainlog, stdout, stderr, msglog, mail # Search strings starting with 's' do substitutions; -# with '/' do line-skips. +# with '/' do line-skips, +# with 'R' run given code. # Triggered by a scriptfile line "munge " ################################################## $munges = @@ -1931,7 +1975,13 @@ $munges = }, 'optional_dsn_info' => - { 'mail' => '/^(X-(Remote-MTA-(smtp-greeting|helo-response)|Exim-Diagnostic|(body|message)-linecount):|Remote-MTA: X-ip;)/' + { 'mail' => 'Rif (/^(X-(Remote-MTA-(smtp-greeting|helo-response)|Exim-Diagnostic|(body|message)-linecount):|Remote-MTA: X-ip;)/) { + while (1) { + $_ = ; + next if /^ /; + goto RESET_AFTER_EXTRA_LINE_READ; + } + }' }, 'optional_config' => @@ -2950,6 +3000,245 @@ return $yield; # Ran command and waited +############################################################################### +############################################################################### + +################################################## +# Check for SpamAssassin and ClamAV # +################################################## + +# These are crude tests. If they aren't good enough, we'll have to improve +# them, for example by actually passing a message through spamc or clamscan. + +sub check_running_spamassassin +{ +my $sock = new FileHandle; + +if (system("spamc -h 2>/dev/null >/dev/null") == 0) + { + print "The spamc command works:\n"; + + # This test for an active SpamAssassin is courtesy of John Jetmore. + # The tests are hard coded to localhost:783, so no point in making + # this test flexible like the clamav test until the test scripts are + # changed. spamd doesn't have the nice PING/PONG protocol that + # clamd does, but it does respond to errors in an informative manner, + # so use that. + + my($sint,$sport) = ('127.0.0.1',783); + eval + { + my $sin = sockaddr_in($sport, inet_aton($sint)) + or die "** Failed packing $sint:$sport\n"; + socket($sock, PF_INET, SOCK_STREAM, getprotobyname('tcp')) + or die "** Unable to open socket $sint:$sport\n"; + + local $SIG{ALRM} = + sub { die "** Timeout while connecting to socket $sint:$sport\n"; }; + alarm(5); + connect($sock, $sin) + or die "** Unable to connect to socket $sint:$sport\n"; + alarm(0); + + select((select($sock), $| = 1)[0]); + print $sock "bad command\r\n"; + + $SIG{ALRM} = + sub { die "** Timeout while reading from socket $sint:$sport\n"; }; + alarm(10); + my $res = <$sock>; + alarm(0); + + $res =~ m|^SPAMD/| + or die "** Did not get SPAMD from socket $sint:$sport. " + ."It said: $res\n"; + }; + alarm(0); + if($@) + { + print " $@"; + print " Assume SpamAssassin (spamd) is not running\n"; + } + else + { + $parm_running{SpamAssassin} = ' '; + print " SpamAssassin (spamd) seems to be running\n"; + } + } +else + { + print "The spamc command failed: assume SpamAssassin (spamd) is not running\n"; + } +} + +sub check_running_clamav +{ +my $sock; + +# For ClamAV, we need to find the clamd socket for use in the Exim +# configuration. Search for the clamd configuration file. + +if (system("clamscan -h 2>/dev/null >/dev/null") == 0) + { + my($f, $clamconf, $test_prefix); + + print "The clamscan command works"; + + $test_prefix = $ENV{EXIM_TEST_PREFIX}; + $test_prefix = '' if !defined $test_prefix; + + foreach $f ("$test_prefix/etc/clamd.conf", + "$test_prefix/usr/local/etc/clamd.conf", + "$test_prefix/etc/clamav/clamd.conf", '') + { + if (-e $f) + { + $clamconf = $f; + last; + } + } + + # Read the ClamAV configuration file and find the socket interface. + + if ($clamconf ne '') + { + my $socket_domain; + open(IN, "$clamconf") || die "\n** Unable to open $clamconf: $!\n"; + while () + { + if (/^LocalSocket\s+(.*)/) + { + $parm_clamsocket = $1; + $socket_domain = AF_UNIX; + last; + } + if (/^TCPSocket\s+(\d+)/) + { + if (defined $parm_clamsocket) + { + $parm_clamsocket .= " $1"; + $socket_domain = AF_INET; + last; + } + else + { + $parm_clamsocket = " $1"; + } + } + elsif (/^TCPAddr\s+(\S+)/) + { + if (defined $parm_clamsocket) + { + $parm_clamsocket = $1 . $parm_clamsocket; + $socket_domain = AF_INET; + last; + } + else + { + $parm_clamsocket = $1; + } + } + } + close(IN); + + if (defined $socket_domain) + { + print ":\n The clamd socket is $parm_clamsocket\n"; + # This test for an active ClamAV is courtesy of Daniel Tiefnig. + eval + { + my $socket; + if ($socket_domain == AF_UNIX) + { + $socket = sockaddr_un($parm_clamsocket) or die "** Failed packing '$parm_clamsocket'\n"; + } + elsif ($socket_domain == AF_INET) + { + my ($ca_host, $ca_port) = split(/\s+/,$parm_clamsocket); + my $ca_hostent = gethostbyname($ca_host) or die "** Failed to get raw address for host '$ca_host'\n"; + $socket = sockaddr_in($ca_port, $ca_hostent) or die "** Failed packing '$parm_clamsocket'\n"; + } + else + { + die "** Unknown socket domain '$socket_domain' (should not happen)\n"; + } + socket($sock, $socket_domain, SOCK_STREAM, 0) or die "** Unable to open socket '$parm_clamsocket'\n"; + local $SIG{ALRM} = sub { die "** Timeout while connecting to socket '$parm_clamsocket'\n"; }; + alarm(5); + connect($sock, $socket) or die "** Unable to connect to socket '$parm_clamsocket'\n"; + alarm(0); + + my $ofh = select $sock; $| = 1; select $ofh; + print $sock "PING\n"; + + $SIG{ALRM} = sub { die "** Timeout while reading from socket '$parm_clamsocket'\n"; }; + alarm(10); + my $res = <$sock>; + alarm(0); + + $res =~ /PONG/ or die "** Did not get PONG from socket '$parm_clamsocket'. It said: $res\n"; + }; + alarm(0); + + if($@) + { + print " $@"; + print " Assume ClamAV is not running\n"; + } + else + { + $parm_running{ClamAV} = ' '; + print " ClamAV seems to be running\n"; + } + } + else + { + print ", but the socket for clamd could not be determined\n"; + print "Assume ClamAV is not running\n"; + } + } + + else + { + print ", but I can't find a configuration for clamd\n"; + print "Assume ClamAV is not running\n"; + } + } +} + + +sub check_running_redis +{ +if (defined $parm_lookups{redis}) + { + if (system("redis-server -v 2>/dev/null >/dev/null") == 0) + { + print "The redis-server command works\n"; + $parm_running{redis} = ' '; + } + else + { + print "The redis-server command failed: assume Redis not installed\n"; + } + } +} + +sub check_running_dovecot +{ +system('dovecot --version >/dev/null'); +if ($? == 0) + { + print "Dovecot appears to be available\n"; + $parm_running{dovecot} = ' '; + } +else + { + print "Dovecot not found\n"; + } +} + + + ############################################################################### ############################################################################### @@ -3302,220 +3591,15 @@ print "-" x 78, "\n"; unlink("$parm_cwd/test-config"); -################################################## -# Check for SpamAssassin and ClamAV # -################################################## -# These are crude tests. If they aren't good enough, we'll have to improve -# them, for example by actually passing a message through spamc or clamscan. if (defined $parm_support{Content_Scanning}) { - my $sock = new FileHandle; - - if (system("spamc -h 2>/dev/null >/dev/null") == 0) - { - print "The spamc command works:\n"; - - # This test for an active SpamAssassin is courtesy of John Jetmore. - # The tests are hard coded to localhost:783, so no point in making - # this test flexible like the clamav test until the test scripts are - # changed. spamd doesn't have the nice PING/PONG protocol that - # clamd does, but it does respond to errors in an informative manner, - # so use that. - - my($sint,$sport) = ('127.0.0.1',783); - eval - { - my $sin = sockaddr_in($sport, inet_aton($sint)) - or die "** Failed packing $sint:$sport\n"; - socket($sock, PF_INET, SOCK_STREAM, getprotobyname('tcp')) - or die "** Unable to open socket $sint:$sport\n"; - - local $SIG{ALRM} = - sub { die "** Timeout while connecting to socket $sint:$sport\n"; }; - alarm(5); - connect($sock, $sin) - or die "** Unable to connect to socket $sint:$sport\n"; - alarm(0); - - select((select($sock), $| = 1)[0]); - print $sock "bad command\r\n"; - - $SIG{ALRM} = - sub { die "** Timeout while reading from socket $sint:$sport\n"; }; - alarm(10); - my $res = <$sock>; - alarm(0); - - $res =~ m|^SPAMD/| - or die "** Did not get SPAMD from socket $sint:$sport. " - ."It said: $res\n"; - }; - alarm(0); - if($@) - { - print " $@"; - print " Assume SpamAssassin (spamd) is not running\n"; - } - else - { - $parm_running{SpamAssassin} = ' '; - print " SpamAssassin (spamd) seems to be running\n"; - } - } - else - { - print "The spamc command failed: assume SpamAssassin (spamd) is not running\n"; - } - - # For ClamAV, we need to find the clamd socket for use in the Exim - # configuration. Search for the clamd configuration file. - - if (system("clamscan -h 2>/dev/null >/dev/null") == 0) - { - my($f, $clamconf, $test_prefix); - - print "The clamscan command works"; - - $test_prefix = $ENV{EXIM_TEST_PREFIX}; - $test_prefix = '' if !defined $test_prefix; - - foreach $f ("$test_prefix/etc/clamd.conf", - "$test_prefix/usr/local/etc/clamd.conf", - "$test_prefix/etc/clamav/clamd.conf", '') - { - if (-e $f) - { - $clamconf = $f; - last; - } - } - - # Read the ClamAV configuration file and find the socket interface. - - if ($clamconf ne '') - { - my $socket_domain; - open(IN, "$clamconf") || die "\n** Unable to open $clamconf: $!\n"; - while () - { - if (/^LocalSocket\s+(.*)/) - { - $parm_clamsocket = $1; - $socket_domain = AF_UNIX; - last; - } - if (/^TCPSocket\s+(\d+)/) - { - if (defined $parm_clamsocket) - { - $parm_clamsocket .= " $1"; - $socket_domain = AF_INET; - last; - } - else - { - $parm_clamsocket = " $1"; - } - } - elsif (/^TCPAddr\s+(\S+)/) - { - if (defined $parm_clamsocket) - { - $parm_clamsocket = $1 . $parm_clamsocket; - $socket_domain = AF_INET; - last; - } - else - { - $parm_clamsocket = $1; - } - } - } - close(IN); - - if (defined $socket_domain) - { - print ":\n The clamd socket is $parm_clamsocket\n"; - # This test for an active ClamAV is courtesy of Daniel Tiefnig. - eval - { - my $socket; - if ($socket_domain == AF_UNIX) - { - $socket = sockaddr_un($parm_clamsocket) or die "** Failed packing '$parm_clamsocket'\n"; - } - elsif ($socket_domain == AF_INET) - { - my ($ca_host, $ca_port) = split(/\s+/,$parm_clamsocket); - my $ca_hostent = gethostbyname($ca_host) or die "** Failed to get raw address for host '$ca_host'\n"; - $socket = sockaddr_in($ca_port, $ca_hostent) or die "** Failed packing '$parm_clamsocket'\n"; - } - else - { - die "** Unknown socket domain '$socket_domain' (should not happen)\n"; - } - socket($sock, $socket_domain, SOCK_STREAM, 0) or die "** Unable to open socket '$parm_clamsocket'\n"; - local $SIG{ALRM} = sub { die "** Timeout while connecting to socket '$parm_clamsocket'\n"; }; - alarm(5); - connect($sock, $socket) or die "** Unable to connect to socket '$parm_clamsocket'\n"; - alarm(0); - - my $ofh = select $sock; $| = 1; select $ofh; - print $sock "PING\n"; - - $SIG{ALRM} = sub { die "** Timeout while reading from socket '$parm_clamsocket'\n"; }; - alarm(10); - my $res = <$sock>; - alarm(0); - - $res =~ /PONG/ or die "** Did not get PONG from socket '$parm_clamsocket'. It said: $res\n"; - }; - alarm(0); - - if($@) - { - print " $@"; - print " Assume ClamAV is not running\n"; - } - else - { - $parm_running{ClamAV} = ' '; - print " ClamAV seems to be running\n"; - } - } - else - { - print ", but the socket for clamd could not be determined\n"; - print "Assume ClamAV is not running\n"; - } - } - - else - { - print ", but I can't find a configuration for clamd\n"; - print "Assume ClamAV is not running\n"; - } - } - } - - -################################################## -# Check for redis # -################################################## -if (defined $parm_lookups{redis}) - { - if (system("redis-server -v 2>/dev/null >/dev/null") == 0) - { - print "The redis-server command works\n"; - $parm_running{redis} = ' '; - } - else - { - print "The redis-server command failed: assume Redis not installed\n"; - } + check_running_spamassassin(); + check_running_clamav(); } +check_running_redis(); +check_running_dovecot(); ################################################## # Test for the basic requirements # @@ -3827,7 +3911,7 @@ if (defined $parm_lookups{dbm} && not cp("$parm_exim_dir/exim_dbmbuild", "eximdi $dbm_build_deleted = 1; } -foreach my $tool (qw(exim_dumpdb exim_lock exinext exigrep eximstats exiqgrep)) { +foreach my $tool (qw(exim_dumpdb exim_lock exinext exigrep eximstats exiqgrep exim_msgdate)) { cp("$parm_exim_dir/$tool" => "eximdir/$tool") or tests_exit(-1, "Failed to make a copy of $tool: $!"); } @@ -4290,6 +4374,7 @@ foreach $test (@test_list) $next_port = 1111; $message_skip = 0; $msglog_skip = 0; + $munge_skip = 0; $stderr_skip = 0; $stdout_skip = 0; $rmfiltertest = 0; @@ -4309,6 +4394,7 @@ foreach $test (@test_list) { if (/^no_message_check/) { $message_skip = 1; next; } if (/^no_msglog_check/) { $msglog_skip = 1; next; } + if (/^no_munge/) { $munge_skip = 1; next; } if (/^no_stderr_check/) { $stderr_skip = 1; next; } if (/^no_stdout_check/) { $stdout_skip = 1; next; } if (/^rmfiltertest/) { $rmfiltertest = 1; next; } @@ -4343,6 +4429,7 @@ foreach $test (@test_list) # set above, but doesn't hurt to leave them here. if (/^no_message_check/) { $message_skip = 1; next; } if (/^no_msglog_check/) { $msglog_skip = 1; next; } + if (/^no_munge/) { $munge_skip = 1; next; } if (/^no_stderr_check/) { $stderr_skip = 1; next; } if (/^no_stdout_check/) { $stdout_skip = 1; next; } if (/^rmfiltertest/) { $rmfiltertest = 1; next; }