diff options
author | Guilhem Moulin <guilhem@fripost.org> | 2020-12-17 13:47:09 +0100 |
---|---|---|
committer | Guilhem Moulin <guilhem@fripost.org> | 2020-12-17 13:47:09 +0100 |
commit | 30c2bc3c362a4eb6b35560cff0bd95404360fe22 (patch) | |
tree | 564434ee28afd75f642937a1ec3dd734c6c76a2c | |
parent | 43516b78b6b626bb6df522e4f1c5166989d79eb5 (diff) |
test suite: use stock OpenSSL config except for tests/tls-protocols.
It's best to use a stock (clean) environment when possible. We only
need to test TLS protocol version <1.2 for tests/tls-protocols.
-rw-r--r-- | Changelog | 2 | ||||
-rwxr-xr-x | tests/run | 9 | ||||
-rw-r--r-- | tests/tls-protocols/openssl.cnf (renamed from tests/config/openssl.cnf) | 0 | ||||
-rw-r--r-- | tests/tls-protocols/t | 3 |
4 files changed, 9 insertions, 5 deletions
@@ -24,7 +24,7 @@ interimap (0.5.5) upstream; - libinterimap: use Net::SSLeay::get_version() to get the protocol version string. - test suite: `mv tests/snippets tests/config` - - test suite: supply our own OpenSSL configuration file with + - tests/tls-protocols: use custom OpenSSL configuration file with MinProtocol=None so we can test TLSv1 as well, not just TLSv1.2 and later. - test suite: explicitly set ssl_min_protocol=TLSv1 in the Dovecot @@ -35,6 +35,9 @@ if [ ! -d "$TESTDIR" ]; then exit 1 fi +# cleanup environment +unset OPENSSL_CONF SSL_CERT_FILE SSL_CERT_DIR + ROOTDIR="$(mktemp --tmpdir="${TMPDIR:-/dev/shm}" --directory "$1.XXXXXXXXXX")" declare -a DOVECOT_SERVER=() trap cleanup EXIT INT TERM @@ -57,13 +60,11 @@ mkdir -- "$TMPDIR" "$ROOTDIR/home" declare -a REMOTES=() # Set environment for the given user -OPENSSL_CONF="$BASEDIR/config/openssl.cnf" environ_set() { local user="$1" home eval home="\$HOME_$user" ENVIRON=( PATH="$PATH" - OPENSSL_CONF="$OPENSSL_CONF" USER="$user" HOME="$home" XDG_CONFIG_HOME="$home/.config" @@ -209,6 +210,7 @@ _interimap_cmd() { local script="$1" rv=0 shift environ_set "local" + [ -z "${OPENSSL_CONF+x}" ] || ENVIRON+=( OPENSSL_CONF="$OPENSSL_CONF" ) [ -z "${SSL_CERT_FILE+x}" ] || ENVIRON+=( SSL_CERT_FILE="$SSL_CERT_FILE" ) [ -z "${SSL_CERT_DIR+x}" ] || ENVIRON+=( SSL_CERT_DIR="$SSL_CERT_DIR" ) env -i "${ENVIRON[@]}" perl -I./lib -T "./$script" "$@" 2>"$STDERR" || rv=$? @@ -447,8 +449,7 @@ passed() { # Run test in a sub-shell declare -a ENVIRON=() environ_set "local" -unset SSL_CERT_FILE SSL_CERT_DIR -export TMPDIR TESTDIR STDERR "${ENVIRON[@]}" OPENSSL_CONF +export TMPDIR TESTDIR STDERR "${ENVIRON[@]}" export -f environ_set doveadm interimap interimap_init pullimap _interimap_cmd export -f sqlite3 sample_message deliver ptree_abort step_start step_done passed export -f check_mailbox_status check_mailbox_status_values check_mailbox_status2 diff --git a/tests/config/openssl.cnf b/tests/tls-protocols/openssl.cnf index 980097d..980097d 100644 --- a/tests/config/openssl.cnf +++ b/tests/tls-protocols/openssl.cnf diff --git a/tests/tls-protocols/t b/tests/tls-protocols/t index c302731..72f7db2 100644 --- a/tests/tls-protocols/t +++ b/tests/tls-protocols/t @@ -5,6 +5,9 @@ interimap --debug || error ! grep -E "^remote: Maximum SSL/TLS protocol version: " <"$STDERR" || error grep -E "^remote: SSL protocol: TLSv" <"$STDERR" || error +# load custom OpenSSL configuration to allow TLS protocol version <=1.1 +export OPENSSL_CONF="$TESTDIR/openssl.cnf" + # backup config install -m0600 "$XDG_CONFIG_HOME/interimap/config" "$XDG_CONFIG_HOME/interimap/config~" with_remote_tls_protocols() { |