[exim-cvs] Testsuite: GnuTLS version variances

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Exim Git Commits Mailing List
Dátum:  
Címzett: exim-cvs
Tárgy: [exim-cvs] Testsuite: GnuTLS version variances
Gitweb: https://git.exim.org/exim.git/commitdiff/e20c4072da517616060d7a6e899b42f65ded4fb0
Commit:     e20c4072da517616060d7a6e899b42f65ded4fb0
Parent:     7172970e1dd8f3d85e7daa3e64331e4a5b8f8c3b
Author:     Jeremy Harris <jgh146exb@???>
AuthorDate: Fri Apr 26 11:16:47 2019 +0100
Committer:  Jeremy Harris <jgh146exb@???>
CommitDate: Fri Apr 26 11:17:36 2019 +0100


    Testsuite: GnuTLS version variances
---
 test/confs/5652   |  2 +-
 test/log/2007.FOO |  9 ---------
 test/runtest      | 13 +++++++------
 3 files changed, 8 insertions(+), 16 deletions(-)


diff --git a/test/confs/5652 b/test/confs/5652
index 28d3a95..5b29f5b 100644
--- a/test/confs/5652
+++ b/test/confs/5652
@@ -29,7 +29,7 @@ tls_ocsp_file =   DRSA/server1.example.com/server1.example.com.ocsp.good.resp \
           : DECDSA/server1.example_ec.com/server1.example_ec.com.ocsp.good.resp



-tls_require_ciphers = NORMAL:!VERS-TLS1.3
+tls_require_ciphers = NORMAL:!VERS-ALL:+VERS-TLS1.2:+VERS-TLS1.0

# ------ ACL ------

diff --git a/test/log/2007.FOO b/test/log/2007.FOO
deleted file mode 100644
index 483b703..0000000
--- a/test/log/2007.FOO
+++ /dev/null
@@ -1,9 +0,0 @@
-1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@??? U=CALLER P=local S=sss
-1999-03-02 09:44:33 Start queue run: pid=pppp -qf
-1999-03-02 09:44:33 10HmaX-0005vi-00 => userx@??? R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no DN="C=UK,O=The Exim Maintainers,OU=Test Suite,CN=Phil Pennock" C="250 OK id=10HmaY-0005vi-00"
-1999-03-02 09:44:33 10HmaX-0005vi-00 Completed
-1999-03-02 09:44:33 End queue run: pid=pppp -qf
-
-******** SERVER ********
-1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225
-1999-03-02 09:44:33 10HmaY-0005vi-00 <= CALLER@??? H=localhost (myhost.test.ex) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaX-0005vi-00@???
diff --git a/test/runtest b/test/runtest
index b6d419b..f79cc94 100755
--- a/test/runtest
+++ b/test/runtest
@@ -615,6 +615,7 @@ RESET_AFTER_EXTRA_LINE_READ:
   #   TLS1.2:ECDHE_SECP256R1__RSA_SHA256__AES_256_GCM:256
   #   TLS1.2:ECDHE_SECP256R1__RSA_SHA256__AES_128_CBC__SHA256:128
   #   TLS1.2:ECDHE_SECP256R1__ECDSA_SHA512__AES_256_GCM:256
+  #   TLS1.2:ECDHE_RSA_SECP256R1__AES_256_GCM:256 (! 3.5.18 !)
   #   TLS1.2:RSA__CAMELLIA_256_GCM:256    (leave the cipher name)
   #
   #   X=TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256
@@ -627,12 +628,12 @@ RESET_AFTER_EXTRA_LINE_READ:
   #   DHE-RSA-AES256-SHA
   # picking latter as canonical simply because regex easier that way.
   s/\bDHE_RSA_AES_128_CBC_SHA1:128/RSA-AES256-SHA1:256/g;
-  s/TLS1.[0123]:                        # TLS version
-    ((EC)?DHE(_((?<psk>PSK)_)?(SECP256R1|X25519))?__?)?    # key-exchange
-    ((?<auth>RSA|ECDSA)((_PSS_RSAE)?_SHA(512|256))?__?)?    # authentication
-    AES_(256|128)_(CBC|GCM)                    # cipher
-    (__?SHA(1|256|384))?:                    # PRF
-    (256|128)                        # cipher strength
+  s/TLS1.[0123]:                                # TLS version
+    ((EC)?DHE(_((?<psk>PSK)_)?((?<auth>RSA|ECDSA)_)?(SECP256R1|X25519))?__?)?    # key-exchange
+    ((?<auth>RSA|ECDSA)((_PSS_RSAE)?_SHA(512|256))?__?)?            # authentication
+    AES_(256|128)_(CBC|GCM)                            # cipher
+    (__?SHA(1|256|384))?:                            # PRF
+    (256|128)                                    # cipher strength
     /"TLS1.x:ke-"
     . (defined($+{psk}) ? $+{psk} : "")
     . (defined($+{auth}) ? $+{auth} : "")