[exim-cvs] Testsuite: clarify OCSP tests

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Exim Git Commits Mailing List
Datum:  
To: exim-cvs
Betreff: [exim-cvs] Testsuite: clarify OCSP tests
Gitweb: https://git.exim.org/exim.git/commitdiff/31a684ad2798eec2761a61c9d6e6000fc0b75efd
Commit:     31a684ad2798eec2761a61c9d6e6000fc0b75efd
Parent:     4613203eae8d2dae9b877f724c52825850c105b7
Author:     Jeremy Harris <jgh146exb@???>
AuthorDate: Sun Oct 23 09:58:41 2022 +0100
Committer:  Jeremy Harris <jgh146exb@???>
CommitDate: Mon Oct 31 17:11:42 2022 +0000


    Testsuite: clarify OCSP tests
---
 test/confs/5611                     |  2 +-
 test/log/5601                       | 20 ++++++++++----------
 test/log/5611                       | 28 ++++++++++++++--------------
 test/scripts/5600-OCSP-OpenSSL/5601 |  8 ++++----
 test/scripts/5600-OCSP-OpenSSL/5611 |  8 ++++----
 5 files changed, 33 insertions(+), 33 deletions(-)


diff --git a/test/confs/5611 b/test/confs/5611
index 657c726aa..320b3c454 100644
--- a/test/confs/5611
+++ b/test/confs/5611
@@ -25,7 +25,7 @@ domainlist local_domains = test.ex : *.test.ex
acl_smtp_rcpt = check_recipient
acl_smtp_data = check_data

-log_selector = +tls_peerdn
+log_selector = +tls_peerdn +received_recipients
remote_max_parallel = 1

tls_advertise_hosts = *
diff --git a/test/log/5601 b/test/log/5601
index 066c1744e..6bdac8712 100644
--- a/test/log/5601
+++ b/test/log/5601
@@ -4,18 +4,18 @@
1999-03-02 09:44:33 10HmaZ-0005vi-00 <= CALLER@??? U=CALLER P=local S=sss for nostaple@???
1999-03-02 09:44:33 10HmaZ-0005vi-00 => nostaple@??? R=client T=send_to_server1 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbA-0005vi-00"
1999-03-02 09:44:33 10HmaZ-0005vi-00 Completed
-1999-03-02 09:44:33 10HmbB-0005vi-00 <= CALLER@??? U=CALLER P=local S=sss for CALLER@???
-1999-03-02 09:44:33 10HmbB-0005vi-00 => CALLER@??? R=client T=send_to_server3 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbC-0005vi-00"
+1999-03-02 09:44:33 10HmbB-0005vi-00 <= CALLER@??? U=CALLER P=local S=sss for goodstaple@???
+1999-03-02 09:44:33 10HmbB-0005vi-00 => goodstaple@??? R=client T=send_to_server3 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbC-0005vi-00"
1999-03-02 09:44:33 10HmbB-0005vi-00 Completed
-1999-03-02 09:44:33 10HmbD-0005vi-00 <= CALLER@??? U=CALLER P=local S=sss for CALLER@???
+1999-03-02 09:44:33 10HmbD-0005vi-00 <= CALLER@??? U=CALLER P=local S=sss for nostaple_required@???
1999-03-02 09:44:33 10HmbD-0005vi-00 Required TLS certificate status not received
-1999-03-02 09:44:33 10HmbD-0005vi-00 == CALLER@??? R=client T=send_to_server3 defer (-37) H=127.0.0.1 [127.0.0.1]: TLS session: (SSL_connect): error: <<detail omitted>>
-1999-03-02 09:44:33 10HmbE-0005vi-00 <= CALLER@??? U=CALLER P=local S=sss for CALLER@???
+1999-03-02 09:44:33 10HmbD-0005vi-00 == nostaple_required@??? R=client T=send_to_server3 defer (-37) H=127.0.0.1 [127.0.0.1]: TLS session: (SSL_connect): error: <<detail omitted>>
+1999-03-02 09:44:33 10HmbE-0005vi-00 <= CALLER@??? U=CALLER P=local S=sss for revoked@???
1999-03-02 09:44:33 10HmbE-0005vi-00 Server certificate revoked; reason: superseded
-1999-03-02 09:44:33 10HmbE-0005vi-00 == CALLER@??? R=client T=send_to_server3 defer (-37) H=127.0.0.1 [127.0.0.1]: TLS session: (SSL_connect): error: <<detail omitted>>
-1999-03-02 09:44:33 10HmbF-0005vi-00 <= CALLER@??? U=CALLER P=local S=sss for CALLER@???
+1999-03-02 09:44:33 10HmbE-0005vi-00 == revoked@??? R=client T=send_to_server3 defer (-37) H=127.0.0.1 [127.0.0.1]: TLS session: (SSL_connect): error: <<detail omitted>>
+1999-03-02 09:44:33 10HmbF-0005vi-00 <= CALLER@??? U=CALLER P=local S=sss for expired@???
1999-03-02 09:44:33 10HmbF-0005vi-00 OCSP dates invalid
-1999-03-02 09:44:33 10HmbF-0005vi-00 == CALLER@??? R=client T=send_to_server3 defer (-37) H=127.0.0.1 [127.0.0.1]: TLS session: (SSL_connect): error: <<detail omitted>>
+1999-03-02 09:44:33 10HmbF-0005vi-00 == expired@??? R=client T=send_to_server3 defer (-37) H=127.0.0.1 [127.0.0.1]: TLS session: (SSL_connect): error: <<detail omitted>>

******** SERVER ********
1999-03-02 09:44:33 exim x.yz daemon started: pid=p1234, no queue runs, listening for SMTP on port PORT_D
@@ -29,8 +29,8 @@
1999-03-02 09:44:33 10HmbA-0005vi-00 => :blackhole: <nostaple@???> R=server
1999-03-02 09:44:33 10HmbA-0005vi-00 Completed
1999-03-02 09:44:33 10HmbC-0005vi-00 client claims: ocsp status 4 (verified)
-1999-03-02 09:44:33 10HmbC-0005vi-00 <= CALLER@??? H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbB-0005vi-00@??? for CALLER@???
-1999-03-02 09:44:33 10HmbC-0005vi-00 => :blackhole: <CALLER@???> R=server
+1999-03-02 09:44:33 10HmbC-0005vi-00 <= CALLER@??? H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbB-0005vi-00@??? for goodstaple@???
+1999-03-02 09:44:33 10HmbC-0005vi-00 => :blackhole: <goodstaple@???> R=server
1999-03-02 09:44:33 10HmbC-0005vi-00 Completed
1999-03-02 09:44:33 exim x.yz daemon started: pid=p1236, no queue runs, listening for SMTP on port PORT_D
1999-03-02 09:44:33 TLS error on connection from (helo.data.changed) [127.0.0.1] (SSL_accept): error: <<detail omitted>>
diff --git a/test/log/5611 b/test/log/5611
index 0c385ca7c..bb4349560 100644
--- a/test/log/5611
+++ b/test/log/5611
@@ -1,36 +1,36 @@
-1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@??? U=CALLER P=local S=sss
+1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@??? U=CALLER P=local S=sss for norequire@???
1999-03-02 09:44:33 10HmaX-0005vi-00 => norequire@??? R=client T=send_to_server2 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmaY-0005vi-00"
1999-03-02 09:44:33 10HmaX-0005vi-00 Completed
-1999-03-02 09:44:33 10HmaZ-0005vi-00 <= CALLER@??? U=CALLER P=local S=sss
-1999-03-02 09:44:33 10HmbA-0005vi-00 <= CALLER@??? U=CALLER P=local S=sss
+1999-03-02 09:44:33 10HmaZ-0005vi-00 <= CALLER@??? U=CALLER P=local S=sss for nostaple@???
+1999-03-02 09:44:33 10HmbA-0005vi-00 <= CALLER@??? U=CALLER P=local S=sss for good_staple@???
1999-03-02 09:44:33 10HmaZ-0005vi-00 => nostaple@??? R=client T=send_to_server1 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbB-0005vi-00"
1999-03-02 09:44:33 10HmaZ-0005vi-00 Completed
-1999-03-02 09:44:33 10HmbA-0005vi-00 => CALLER@??? R=client T=send_to_server3 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbC-0005vi-00"
+1999-03-02 09:44:33 10HmbA-0005vi-00 => good_staple@??? R=client T=send_to_server3 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbC-0005vi-00"
1999-03-02 09:44:33 10HmbA-0005vi-00 Completed
-1999-03-02 09:44:33 10HmbD-0005vi-00 <= CALLER@??? U=CALLER P=local S=sss
+1999-03-02 09:44:33 10HmbD-0005vi-00 <= CALLER@??? U=CALLER P=local S=sss for lack_required@???
1999-03-02 09:44:33 10HmbD-0005vi-00 Required TLS certificate status not received
-1999-03-02 09:44:33 10HmbD-0005vi-00 == CALLER@??? R=client T=send_to_server3 defer (-37) H=127.0.0.1 [127.0.0.1]: TLS session: (SSL_connect): error: <<detail omitted>>
-1999-03-02 09:44:33 10HmbE-0005vi-00 <= CALLER@??? U=CALLER P=local S=sss
+1999-03-02 09:44:33 10HmbD-0005vi-00 == lack_required@??? R=client T=send_to_server3 defer (-37) H=127.0.0.1 [127.0.0.1]: TLS session: (SSL_connect): error: <<detail omitted>>
+1999-03-02 09:44:33 10HmbE-0005vi-00 <= CALLER@??? U=CALLER P=local S=sss for revoved@???
1999-03-02 09:44:33 10HmbE-0005vi-00 Server certificate revoked; reason: superseded
-1999-03-02 09:44:33 10HmbE-0005vi-00 == CALLER@??? R=client T=send_to_server3 defer (-37) H=127.0.0.1 [127.0.0.1]: TLS session: (SSL_connect): error: <<detail omitted>>
-1999-03-02 09:44:33 10HmbF-0005vi-00 <= CALLER@??? U=CALLER P=local S=sss
+1999-03-02 09:44:33 10HmbE-0005vi-00 == revoved@??? R=client T=send_to_server3 defer (-37) H=127.0.0.1 [127.0.0.1]: TLS session: (SSL_connect): error: <<detail omitted>>
+1999-03-02 09:44:33 10HmbF-0005vi-00 <= CALLER@??? U=CALLER P=local S=sss for expired@???
1999-03-02 09:44:33 10HmbF-0005vi-00 OCSP dates invalid
-1999-03-02 09:44:33 10HmbF-0005vi-00 == CALLER@??? R=client T=send_to_server3 defer (-37) H=127.0.0.1 [127.0.0.1]: TLS session: (SSL_connect): error: <<detail omitted>>
+1999-03-02 09:44:33 10HmbF-0005vi-00 == expired@??? R=client T=send_to_server3 defer (-37) H=127.0.0.1 [127.0.0.1]: TLS session: (SSL_connect): error: <<detail omitted>>

******** SERVER ********
1999-03-02 09:44:33 exim x.yz daemon started: pid=p1234, no queue runs, listening for SMTP on port PORT_D
1999-03-02 09:44:33 10HmaY-0005vi-00 client claims: ocsp status 1 (notresp)
-1999-03-02 09:44:33 10HmaY-0005vi-00 <= CALLER@??? H=the.local.host.name (server1.example.com) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaX-0005vi-00@???
+1999-03-02 09:44:33 10HmaY-0005vi-00 <= CALLER@??? H=the.local.host.name (server1.example.com) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaX-0005vi-00@??? for norequire@???
1999-03-02 09:44:33 10HmaY-0005vi-00 => :blackhole: <norequire@???> R=server
1999-03-02 09:44:33 10HmaY-0005vi-00 Completed
1999-03-02 09:44:33 exim x.yz daemon started: pid=p1235, no queue runs, listening for SMTP on port PORT_D
1999-03-02 09:44:33 10HmbB-0005vi-00 client claims: ocsp status 0 (notreq)
-1999-03-02 09:44:33 10HmbB-0005vi-00 <= CALLER@??? H=the.local.host.name (server1.example.com) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaZ-0005vi-00@???
+1999-03-02 09:44:33 10HmbB-0005vi-00 <= CALLER@??? H=the.local.host.name (server1.example.com) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaZ-0005vi-00@??? for nostaple@???
1999-03-02 09:44:33 10HmbB-0005vi-00 => :blackhole: <nostaple@???> R=server
1999-03-02 09:44:33 10HmbB-0005vi-00 Completed
1999-03-02 09:44:33 10HmbC-0005vi-00 client claims: ocsp status 4 (verified)
-1999-03-02 09:44:33 10HmbC-0005vi-00 <= CALLER@??? H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbA-0005vi-00@???
-1999-03-02 09:44:33 10HmbC-0005vi-00 => :blackhole: <CALLER@???> R=server
+1999-03-02 09:44:33 10HmbC-0005vi-00 <= CALLER@??? H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbA-0005vi-00@??? for good_staple@???
+1999-03-02 09:44:33 10HmbC-0005vi-00 => :blackhole: <good_staple@???> R=server
1999-03-02 09:44:33 10HmbC-0005vi-00 Completed
1999-03-02 09:44:33 exim x.yz daemon started: pid=p1236, no queue runs, listening for SMTP on port PORT_D
1999-03-02 09:44:33 TLS error on connection from (helo.data.changed) [127.0.0.1] (SSL_accept): error: <<detail omitted>>
diff --git a/test/scripts/5600-OCSP-OpenSSL/5601 b/test/scripts/5600-OCSP-OpenSSL/5601
index a0e8540a2..d6eac7c3d 100644
--- a/test/scripts/5600-OCSP-OpenSSL/5601
+++ b/test/scripts/5600-OCSP-OpenSSL/5601
@@ -26,7 +26,7 @@ millisleep 700
#
#
# Client accepts good stapled info
-exim CALLER@???
+exim goodstaple@???
test message.
****
sleep 1
@@ -37,7 +37,7 @@ killdaemon
# Client fails on lack of required stapled info
exim -bd -oX PORT_D -DSERVER=server -DRETURN=""
****
-exim CALLER@???
+exim nostaple_required@???
test message.
****
sleep 1
@@ -50,7 +50,7 @@ sudo rm spool/db/retry*
EXIM_TESTHARNESS_DISABLE_OCSPVALIDITYCHECK=y exim -bd -oX PORT_D -DSERVER=server \
-DRETURN=DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.ocsp.revoked.resp
****
-exim CALLER@???
+exim revoked@???
test message.
****
sleep 1
@@ -65,7 +65,7 @@ sudo rm spool/db/retry*
EXIM_TESTHARNESS_DISABLE_OCSPVALIDITYCHECK=y exim -bd -oX PORT_D -DSERVER=server \
-DRETURN=DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.ocsp.dated.resp
****
-exim CALLER@???
+exim expired@???
test message.
****
sleep 1
diff --git a/test/scripts/5600-OCSP-OpenSSL/5611 b/test/scripts/5600-OCSP-OpenSSL/5611
index 1bcb59cdf..3d18a742d 100644
--- a/test/scripts/5600-OCSP-OpenSSL/5611
+++ b/test/scripts/5600-OCSP-OpenSSL/5611
@@ -26,7 +26,7 @@ millisleep 500
#
#
# Client accepts good stapled info
-exim CALLER@???
+exim good_staple@???
test message.
****
sleep 1
@@ -37,7 +37,7 @@ killdaemon
# Client fails on lack of required stapled info
exim -bd -oX PORT_D -DSERVER=server -DRETURN=""
****
-exim CALLER@???
+exim lack_required@???
test message.
****
sleep 1
@@ -50,7 +50,7 @@ sudo rm spool/db/retry*
EXIM_TESTHARNESS_DISABLE_OCSPVALIDITYCHECK=y exim -bd -oX PORT_D -DSERVER=server \
-DRETURN=DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.ocsp.signernocert.revoked.resp
****
-exim CALLER@???
+exim revoved@???
test message.
****
sleep 1
@@ -65,7 +65,7 @@ sudo rm spool/db/retry*
EXIM_TESTHARNESS_DISABLE_OCSPVALIDITYCHECK=y exim -bd -oX PORT_D -DSERVER=server \
-DRETURN=DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.ocsp.signernocert.dated.resp
****
-exim CALLER@???
+exim expired@???
test message.
****
sleep 1