[exim-cvs] Testsuite: case for TLS client tls-on-connect

Commit:     90e0b2485d19eea5e93b5adad2fbcce5fc48a237
Parent:     64cc4714abd0d616327bfacdfc1b0fb45bff096e
Author:     Jeremy Harris <jgh146exb@???>
AuthorDate: Tue Jan 19 22:12:16 2021 +0000
Committer:  Jeremy Harris <jgh146exb@???>
CommitDate: Tue Jan 19 23:42:48 2021 +0000

    Testsuite: case for TLS client tls-on-connect
---
 test/confs/1160                  | 88 ++++++++++++++++++++++++++++++++++++++++
 test/log/1160                    | 25 ++++++++++++
 test/mail/1160.CALLER            | 34 ++++++++++++++++
 test/mail/1160.abcd              | 17 ++++++++
 test/mail/1160.xyz               | 16 ++++++++
 test/scripts/1100-Basic-TLS/1160 | 20 +++++++++
 test/stderr/1160                 | 76 ++++++++++++++++++++++++++++++++++
 7 files changed, 276 insertions(+)

diff --git a/test/confs/1160 b/test/confs/1160
new file mode 100644
index 0000000..c489831
--- /dev/null
+++ b/test/confs/1160
@@ -0,0 +1,88 @@
+# Exim test configuration 2160
+
+SERVER =
+
+.include DIR/aux-var/tls_conf_prefix
+
+primary_hostname = myhost.test.ex
+
+# ----- Main settings -----
+
+domainlist local_domains = test.ex : *.test.ex
+
+acl_smtp_rcpt = check_recipient
+queue_only
+queue_run_in_order
+remote_max_parallel = 1
+
+tls_advertise_hosts = *
+tls_on_connect_ports = PORT_D
+
+tls_certificate = DIR/aux-fixed/cert1
+
+# ------ ACL ------
+
+begin acl
+
+check_recipient:
+  accept  domains = +local_domains
+  deny    message = relay not permitted
+
+
+# ----- Routers -----
+
+begin routers
+
+client:
+  driver = accept
+  condition = ${if eq {SERVER}{server}{no}{yes}}
+  retry_use_local_part
+  transport = send_to_server${if eq{$local_part}{abcd}{2}{1}}
+
+server:
+  driver = accept
+  retry_use_local_part
+  transport = local_delivery
+
+
+# ----- Transports -----
+
+begin transports
+
+local_delivery:
+  driver = appendfile
+  file = DIR/test-mail/${bless:$local_part}
+  headers_add = TLS: cipher=$tls_cipher peerdn=$tls_peerdn
+  user = CALLER
+
+send_to_server1:
+  driver = smtp
+  allow_localhost
+  hosts = 127.0.0.1
+  port = PORT_D
+  hosts_try_fastopen = :
+  protocol = smtps
+  tls_verify_certificates =    DIR/aux-fixed/cert1
+  tls_verify_cert_hostnames =    :
+  helo_data = helo.data.changed
+
+send_to_server2:
+  driver = smtp
+  allow_localhost
+  hosts = HOSTIPV4
+  port = PORT_D
+  hosts_try_fastopen = :
+  protocol = smtps
+  tls_verify_certificates =    DIR/aux-fixed/cert1
+  tls_verify_cert_hostnames =    :
+
+
+# ----- Retry -----
+
+
+begin retry
+
+* * F,5d,10s
+
+
+# End
diff --git a/test/log/1160 b/test/log/1160
new file mode 100644
index 0000000..f1c0aa8
--- /dev/null
+++ b/test/log/1160
@@ -0,0 +1,25 @@
+1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@??? U=CALLER P=local S=sss
+1999-03-02 09:44:33 10HmaY-0005vi-00 <= CALLER@??? U=CALLER P=local S=sss
+1999-03-02 09:44:33 Start queue run: pid=pppp -qf
+1999-03-02 09:44:33 10HmaX-0005vi-00 => CALLER@??? R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmaZ-0005vi-00"
+1999-03-02 09:44:33 10HmaX-0005vi-00 Completed
+1999-03-02 09:44:33 10HmaY-0005vi-00 => CALLER@??? R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmbA-0005vi-00"
+1999-03-02 09:44:33 10HmaY-0005vi-00 -> xyz@??? R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmbA-0005vi-00"
+1999-03-02 09:44:33 10HmaY-0005vi-00 => abcd@??? R=client T=send_to_server2 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmbB-0005vi-00"
+1999-03-02 09:44:33 10HmaY-0005vi-00 Completed
+1999-03-02 09:44:33 End queue run: pid=pppp -qf
+
+******** SERVER ********
+1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTPS on port PORT_D
+1999-03-02 09:44:33 10HmaZ-0005vi-00 <= CALLER@??? H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaX-0005vi-00@???
+1999-03-02 09:44:33 10HmbA-0005vi-00 <= CALLER@??? H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaY-0005vi-00@???
+1999-03-02 09:44:33 10HmbB-0005vi-00 <= CALLER@??? H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaY-0005vi-00@???
+1999-03-02 09:44:33 Start queue run: pid=pppp -qf
+1999-03-02 09:44:33 10HmaZ-0005vi-00 => CALLER <CALLER@???> R=server T=local_delivery
+1999-03-02 09:44:33 10HmaZ-0005vi-00 Completed
+1999-03-02 09:44:33 10HmbA-0005vi-00 => CALLER <CALLER@???> R=server T=local_delivery
+1999-03-02 09:44:33 10HmbA-0005vi-00 => xyz <xyz@???> R=server T=local_delivery
+1999-03-02 09:44:33 10HmbA-0005vi-00 Completed
+1999-03-02 09:44:33 10HmbB-0005vi-00 => abcd <abcd@???> R=server T=local_delivery
+1999-03-02 09:44:33 10HmbB-0005vi-00 Completed
+1999-03-02 09:44:33 End queue run: pid=pppp -qf
diff --git a/test/mail/1160.CALLER b/test/mail/1160.CALLER
new file mode 100644
index 0000000..f7669bd
--- /dev/null
+++ b/test/mail/1160.CALLER
@@ -0,0 +1,34 @@
+From CALLER@??? Tue Mar 02 09:44:33 1999
+Received: from [127.0.0.1] (helo=helo.data.changed)
+    by myhost.test.ex with esmtps (TLS1.x:ke-RSA-AES256-SHAnnn:xxx)
+    (Exim x.yz)
+    (envelope-from <CALLER@???>)
+    id 10HmaZ-0005vi-00
+    for CALLER@???; Tue, 2 Mar 1999 09:44:33 +0000
+Received: from CALLER by myhost.test.ex with local (Exim x.yz)
+    (envelope-from <CALLER@???>)
+    id 10HmaX-0005vi-00
+    for CALLER@???; Tue, 2 Mar 1999 09:44:33 +0000
+Message-Id: <E10HmaX-0005vi-00@???>
+From: CALLER_NAME <CALLER@???>
+Date: Tue, 2 Mar 1999 09:44:33 +0000
+TLS: cipher=TLS1.x:ke-RSA-AES256-SHAnnn:xxx peerdn=
+
+Test message. Contains FF: ?
+
+From CALLER@??? Tue Mar 02 09:44:33 1999
+Received: from [127.0.0.1] (helo=helo.data.changed)
+    by myhost.test.ex with esmtps (TLS1.x:ke-RSA-AES256-SHAnnn:xxx)
+    (Exim x.yz)
+    (envelope-from <CALLER@???>)
+    id 10HmbA-0005vi-00; Tue, 2 Mar 1999 09:44:33 +0000
+Received: from CALLER by myhost.test.ex with local (Exim x.yz)
+    (envelope-from <CALLER@???>)
+    id 10HmaY-0005vi-00; Tue, 2 Mar 1999 09:44:33 +0000
+Message-Id: <E10HmaY-0005vi-00@???>
+From: CALLER_NAME <CALLER@???>
+Date: Tue, 2 Mar 1999 09:44:33 +0000
+TLS: cipher=TLS1.x:ke-RSA-AES256-SHAnnn:xxx peerdn=
+
+Test message to two different hosts
+
diff --git a/test/mail/1160.abcd b/test/mail/1160.abcd
new file mode 100644
index 0000000..8a6aae2
--- /dev/null
+++ b/test/mail/1160.abcd
@@ -0,0 +1,17 @@
+From CALLER@??? Tue Mar 02 09:44:33 1999
+Received: from the.local.host.name ([ip4.ip4.ip4.ip4] helo=myhost.test.ex)
+    by myhost.test.ex with esmtps (TLS1.x:ke-RSA-AES256-SHAnnn:xxx)
+    (Exim x.yz)
+    (envelope-from <CALLER@???>)
+    id 10HmbB-0005vi-00
+    for abcd@???; Tue, 2 Mar 1999 09:44:33 +0000
+Received: from CALLER by myhost.test.ex with local (Exim x.yz)
+    (envelope-from <CALLER@???>)
+    id 10HmaY-0005vi-00; Tue, 2 Mar 1999 09:44:33 +0000
+Message-Id: <E10HmaY-0005vi-00@???>
+From: CALLER_NAME <CALLER@???>
+Date: Tue, 2 Mar 1999 09:44:33 +0000
+TLS: cipher=TLS1.x:ke-RSA-AES256-SHAnnn:xxx peerdn=
+
+Test message to two different hosts
+
diff --git a/test/mail/1160.xyz b/test/mail/1160.xyz
new file mode 100644
index 0000000..e304d94
--- /dev/null
+++ b/test/mail/1160.xyz
@@ -0,0 +1,16 @@
+From CALLER@??? Tue Mar 02 09:44:33 1999
+Received: from [127.0.0.1] (helo=helo.data.changed)
+    by myhost.test.ex with esmtps (TLS1.x:ke-RSA-AES256-SHAnnn:xxx)
+    (Exim x.yz)
+    (envelope-from <CALLER@???>)
+    id 10HmbA-0005vi-00; Tue, 2 Mar 1999 09:44:33 +0000
+Received: from CALLER by myhost.test.ex with local (Exim x.yz)
+    (envelope-from <CALLER@???>)
+    id 10HmaY-0005vi-00; Tue, 2 Mar 1999 09:44:33 +0000
+Message-Id: <E10HmaY-0005vi-00@???>
+From: CALLER_NAME <CALLER@???>
+Date: Tue, 2 Mar 1999 09:44:33 +0000
+TLS: cipher=TLS1.x:ke-RSA-AES256-SHAnnn:xxx peerdn=
+
+Test message to two different hosts
+
diff --git a/test/scripts/1100-Basic-TLS/1160 b/test/scripts/1100-Basic-TLS/1160
new file mode 100644
index 0000000..ce7298e
--- /dev/null
+++ b/test/scripts/1100-Basic-TLS/1160
@@ -0,0 +1,20 @@
+# TLS client: tls-on-connect
+#
+# For packet-capture, use "runtest -keep" and add (at least) tls debug on the daemon line.
+# For GnuTLS, additionally run the daemon under sudo.
+# Tell wireshark to use DIR/spool/sslkeys for Master Secret log, and decode TCP/1225 as TLS, TLS/1225 as SMTP
+#
+# sudo exim -DSERVER=server -d+tls -bd -oX PORT_D
+exim -DSERVER=server -bd -oX PORT_D
+****
+exim CALLER@???
+Test message. Contains FF: ?
+****
+exim CALLER@??? abcd@??? xyz@???
+Test message to two different hosts
+****
+exim -v -qf
+****
+killdaemon
+exim -DSERVER=server -DNOTDAEMON -qf
+****
diff --git a/test/stderr/1160 b/test/stderr/1160
new file mode 100644
index 0000000..3b0b5c0
--- /dev/null
+++ b/test/stderr/1160
@@ -0,0 +1,76 @@
+LOG: queue_run MAIN
+  Start queue run: pid=pppp -qf
+delivering 10HmaX-0005vi-00 (queue run pid ppppp)
+Connecting to 127.0.0.1 [127.0.0.1]:1225 ...  connected
+  SMTP<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
+  SMTP>> EHLO helo.data.changed
+  SMTP<< 250-myhost.test.ex Hello helo.data.changed [127.0.0.1]
+         250-SIZE 52428800
+         250-8BITMIME
+         250-PIPELINING
+         250 HELP
+  SMTP>> MAIL FROM:<CALLER@???> SIZE=ssss
+  SMTP>> RCPT TO:<CALLER@???>
+  SMTP>> DATA
+  SMTP<< 250 OK
+  SMTP<< 250 Accepted
+  SMTP<< 354 Enter message, ending with "." on a line by itself
+  SMTP>> writing message and terminating "."
+  SMTP<< 250 OK id=10HmaZ-0005vi-00
+  SMTP>> QUIT
+  SMTP(close)>>
+LOG: MAIN
+  => CALLER@??? R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmaZ-0005vi-00"
+LOG: MAIN
+  Completed
+delivering 10HmaY-0005vi-00 (queue run pid ppppp)
+Connecting to 127.0.0.1 [127.0.0.1]:1225 ...  connected
+  SMTP<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
+  SMTP>> EHLO helo.data.changed
+  SMTP<< 250-myhost.test.ex Hello helo.data.changed [127.0.0.1]
+         250-SIZE 52428800
+         250-8BITMIME
+         250-PIPELINING
+         250 HELP
+  SMTP>> MAIL FROM:<CALLER@???> SIZE=ssss
+  SMTP>> RCPT TO:<CALLER@???>
+  SMTP>> RCPT TO:<xyz@???>
+  SMTP>> DATA
+  SMTP<< 250 OK
+  SMTP<< 250 Accepted
+  SMTP<< 250 Accepted
+  SMTP<< 354 Enter message, ending with "." on a line by itself
+  SMTP>> writing message and terminating "."
+  SMTP<< 250 OK id=10HmbA-0005vi-00
+  SMTP>> QUIT
+  SMTP(close)>>
+LOG: MAIN
+  => CALLER@??? R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmbA-0005vi-00"
+LOG: MAIN
+  -> xyz@??? R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmbA-0005vi-00"
+Connecting to ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4]:1225 ...  connected
+  SMTP<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
+  SMTP>> EHLO myhost.test.ex
+  SMTP<< 250-myhost.test.ex Hello the.local.host.name [ip4.ip4.ip4.ip4]
+         250-SIZE 52428800
+         250-8BITMIME
+         250-PIPELINING
+         250 HELP
+  SMTP>> MAIL FROM:<CALLER@???> SIZE=ssss
+  SMTP>> RCPT TO:<abcd@???>
+  SMTP>> DATA
+  SMTP<< 250 OK
+  SMTP<< 250 Accepted
+  SMTP<< 354 Enter message, ending with "." on a line by itself
+  SMTP>> writing message and terminating "."
+  SMTP<< 250 OK id=10HmbB-0005vi-00
+  SMTP>> QUIT
+  SMTP(close)>>
+LOG: MAIN
+  => abcd@??? R=client T=send_to_server2 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmbB-0005vi-00"
+LOG: MAIN
+  Completed
+LOG: queue_run MAIN
+  End queue run: pid=pppp -qf
+
+******** SERVER ********