aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem@fripost.org>2020-12-17 13:47:09 +0100
committerGuilhem Moulin <guilhem@fripost.org>2020-12-17 13:47:09 +0100
commit30c2bc3c362a4eb6b35560cff0bd95404360fe22 (patch)
tree564434ee28afd75f642937a1ec3dd734c6c76a2c
parent43516b78b6b626bb6df522e4f1c5166989d79eb5 (diff)
test suite: use stock OpenSSL config except for tests/tls-protocols.
It's best to use a stock (clean) environment when possible. We only need to test TLS protocol version <1.2 for tests/tls-protocols.
-rw-r--r--Changelog2
-rwxr-xr-xtests/run9
-rw-r--r--tests/tls-protocols/openssl.cnf (renamed from tests/config/openssl.cnf)0
-rw-r--r--tests/tls-protocols/t3
4 files changed, 9 insertions, 5 deletions
diff --git a/Changelog b/Changelog
index 000e3a1..c401c2d 100644
--- a/Changelog
+++ b/Changelog
@@ -24,7 +24,7 @@ interimap (0.5.5) upstream;
- libinterimap: use Net::SSLeay::get_version() to get the protocol
version string.
- test suite: `mv tests/snippets tests/config`
- - test suite: supply our own OpenSSL configuration file with
+ - tests/tls-protocols: use custom OpenSSL configuration file with
MinProtocol=None so we can test TLSv1 as well, not just TLSv1.2 and
later.
- test suite: explicitly set ssl_min_protocol=TLSv1 in the Dovecot
diff --git a/tests/run b/tests/run
index 329f3e3..1eaad54 100755
--- a/tests/run
+++ b/tests/run
@@ -35,6 +35,9 @@ if [ ! -d "$TESTDIR" ]; then
exit 1
fi
+# cleanup environment
+unset OPENSSL_CONF SSL_CERT_FILE SSL_CERT_DIR
+
ROOTDIR="$(mktemp --tmpdir="${TMPDIR:-/dev/shm}" --directory "$1.XXXXXXXXXX")"
declare -a DOVECOT_SERVER=()
trap cleanup EXIT INT TERM
@@ -57,13 +60,11 @@ mkdir -- "$TMPDIR" "$ROOTDIR/home"
declare -a REMOTES=()
# Set environment for the given user
-OPENSSL_CONF="$BASEDIR/config/openssl.cnf"
environ_set() {
local user="$1" home
eval home="\$HOME_$user"
ENVIRON=(
PATH="$PATH"
- OPENSSL_CONF="$OPENSSL_CONF"
USER="$user"
HOME="$home"
XDG_CONFIG_HOME="$home/.config"
@@ -209,6 +210,7 @@ _interimap_cmd() {
local script="$1" rv=0
shift
environ_set "local"
+ [ -z "${OPENSSL_CONF+x}" ] || ENVIRON+=( OPENSSL_CONF="$OPENSSL_CONF" )
[ -z "${SSL_CERT_FILE+x}" ] || ENVIRON+=( SSL_CERT_FILE="$SSL_CERT_FILE" )
[ -z "${SSL_CERT_DIR+x}" ] || ENVIRON+=( SSL_CERT_DIR="$SSL_CERT_DIR" )
env -i "${ENVIRON[@]}" perl -I./lib -T "./$script" "$@" 2>"$STDERR" || rv=$?
@@ -447,8 +449,7 @@ passed() {
# Run test in a sub-shell
declare -a ENVIRON=()
environ_set "local"
-unset SSL_CERT_FILE SSL_CERT_DIR
-export TMPDIR TESTDIR STDERR "${ENVIRON[@]}" OPENSSL_CONF
+export TMPDIR TESTDIR STDERR "${ENVIRON[@]}"
export -f environ_set doveadm interimap interimap_init pullimap _interimap_cmd
export -f sqlite3 sample_message deliver ptree_abort step_start step_done passed
export -f check_mailbox_status check_mailbox_status_values check_mailbox_status2
diff --git a/tests/config/openssl.cnf b/tests/tls-protocols/openssl.cnf
index 980097d..980097d 100644
--- a/tests/config/openssl.cnf
+++ b/tests/tls-protocols/openssl.cnf
diff --git a/tests/tls-protocols/t b/tests/tls-protocols/t
index c302731..72f7db2 100644
--- a/tests/tls-protocols/t
+++ b/tests/tls-protocols/t
@@ -5,6 +5,9 @@ interimap --debug || error
! grep -E "^remote: Maximum SSL/TLS protocol version: " <"$STDERR" || error
grep -E "^remote: SSL protocol: TLSv" <"$STDERR" || error
+# load custom OpenSSL configuration to allow TLS protocol version <=1.1
+export OPENSSL_CONF="$TESTDIR/openssl.cnf"
+
# backup config
install -m0600 "$XDG_CONFIG_HOME/interimap/config" "$XDG_CONFIG_HOME/interimap/config~"
with_remote_tls_protocols() {