diff options
Diffstat (limited to 'tests')
51 files changed, 146 insertions, 90 deletions
diff --git a/tests/auth-login/t b/tests/auth-login/t index 7fd83d5..38e2028 100644 --- a/tests/auth-login/t +++ b/tests/auth-login/t @@ -9,4 +9,4 @@ grep -Fx "remote: C: xxx LOGIN [REDACTED]" <"$STDERR" || error check_mailbox_status "INBOX" -# vim: set filetype=sh : +# vim: set filetype=bash : diff --git a/tests/auth-logindisabled/t b/tests/auth-logindisabled/t index 0bcd0d6..402355f 100644 --- a/tests/auth-logindisabled/t +++ b/tests/auth-logindisabled/t @@ -13,4 +13,4 @@ grep -Fx "LOGINDISABLED" <"$TMPDIR/capabilities" || error grep -Fx "remote: ERROR: Logins are disabled." <"$STDERR" || error ! grep -E "^remote: C: .* (AUTHENTICATE|LOGIN) " <"$STDERR" || error -# vim: set filetype=sh : +# vim: set filetype=bash : diff --git a/tests/auth-noplaintext/t b/tests/auth-noplaintext/t index 11d7d4d..862bc8d 100644 --- a/tests/auth-noplaintext/t +++ b/tests/auth-noplaintext/t @@ -12,4 +12,4 @@ tr " " "\\n" <"$TMPDIR/capability" >"$TMPDIR/capabilities" grep -Fx "remote: ERROR: Server did not advertise STARTTLS capability." <"$STDERR" || error ! grep -E "^remote: C: .* (AUTHENTICATE|LOGIN) " <"$STDERR" || error -# vim: set filetype=sh : +# vim: set filetype=bash : diff --git a/tests/auth-sasl-plain-no-ir/t b/tests/auth-sasl-plain-no-ir/t index 17aa9e6..f236ac7 100644 --- a/tests/auth-sasl-plain-no-ir/t +++ b/tests/auth-sasl-plain-no-ir/t @@ -23,4 +23,4 @@ xcgrep "$n" -E "^remote(\(INBOX\))?: C: [0-9]+ APPEND INBOX .* \{[0-9]+\}$" <"$S check_mailbox_status "INBOX" -# vim: set filetype=sh : +# vim: set filetype=bash : diff --git a/tests/auth-sasl-plain/t b/tests/auth-sasl-plain/t index 68f71a9..c5cb024 100644 --- a/tests/auth-sasl-plain/t +++ b/tests/auth-sasl-plain/t @@ -9,4 +9,4 @@ grep -Fx "remote: C: xxx AUTHENTICATE PLAIN [REDACTED]" <"$STDERR" || error check_mailbox_status "INBOX" -# vim: set filetype=sh : +# vim: set filetype=bash : diff --git a/tests/certs/generate b/tests/certs/generate index de379a0..f449764 100755 --- a/tests/certs/generate +++ b/tests/certs/generate @@ -8,13 +8,26 @@ BASEDIR="$(dirname -- "$0")" OU="InterIMAP test suite" cd "$BASEDIR" +OPENSSL_CONF="./openssl.cnf" +export OPENSSL_CONF + cadir="$(mktemp --tmpdir --directory)" trap 'rm -rf -- "$cadir"' EXIT INT TERM +genpkey() { + local key="$1" + shift + openssl genpkey -out "$key" "$@" 2>&1 +} # generate CA (we intentionally throw away the private key and serial # file to avoid reuse) -openssl genpkey -algorithm RSA -out "$cadir/ca.key" -openssl req -new -x509 -rand /dev/urandom -subj "/OU=$OU/CN=Fake Root CA" -key "$cadir/ca.key" -out ./ca.crt +genpkey "$cadir/ca.key" -algorithm RSA +openssl req -new -x509 -rand /dev/urandom \ + -subj "/OU=$OU/CN=Fake Root CA" \ + -addext subjectKeyIdentifier="hash" \ + -addext authorityKeyIdentifier="keyid:always,issuer" \ + -addext basicConstraints="critical,CA:TRUE" \ + -key "$cadir/ca.key" -out ./ca.crt SERIAL=1 new() { @@ -31,14 +44,14 @@ new() { printf "subjectAltName = %s\\n" "$3" >>"$cadir/new-ext.cnf" fi openssl x509 -req -in "$cadir/new.csr" -CA ./ca.crt -CAkey "$cadir/ca.key" \ - -CAserial "$cadir/ca.srl" -CAcreateserial -extfile "$cadir/new-ext.cnf" + -CAserial "$cadir/ca.srl" -CAcreateserial -extfile "$cadir/new-ext.cnf" 2>&1 } -openssl genpkey -algorithm RSA -out ./dovecot.rsa.key +genpkey ./dovecot.rsa.key -algorithm RSA new ./dovecot.rsa.key "localhost" "DNS:localhost,DNS:ip6-localhost,IP:127.0.0.1,IP:::1" >./dovecot.rsa.crt -openssl genpkey -algorithm EC -pkeyopt ec_paramgen_curve:P-256 -pkeyopt ec_param_enc:named_curve -out ./dovecot.ecdsa.key +genpkey ./dovecot.ecdsa.key -algorithm EC -pkeyopt ec_paramgen_curve:P-256 -pkeyopt ec_param_enc:named_curve new ./dovecot.ecdsa.key "localhost" >./dovecot.ecdsa.crt -openssl genpkey -algorithm RSA -out ./dovecot.rsa2.key +genpkey ./dovecot.rsa2.key -algorithm RSA new ./dovecot.rsa2.key "imap.example.net" "DNS:imap.example.net,DNS:localhost" >./dovecot.rsa2.crt diff --git a/tests/certs/openssl.cnf b/tests/certs/openssl.cnf new file mode 100644 index 0000000..b1af7b8 --- /dev/null +++ b/tests/certs/openssl.cnf @@ -0,0 +1,4 @@ +[ req ] +distinguished_name = req_distinguished_name + +[ req_distinguished_name ] diff --git a/tests/compress/t b/tests/compress/t index 5625761..0a04a73 100644 --- a/tests/compress/t +++ b/tests/compress/t @@ -16,4 +16,4 @@ echo "compress = no" >>"$XDG_CONFIG_HOME/interimap/config" interimap --debug || error ! grep -E "^remote: C: [^[:blank:]]+ COMPRESS DEFLATE$" <"$STDERR" || error -# vim: set filetype=sh : +# vim: set filetype=bash : diff --git a/tests/condstore/t b/tests/condstore/t index 1963b2b..b30ca36 100644 --- a/tests/condstore/t +++ b/tests/condstore/t @@ -47,4 +47,4 @@ for f in "${FLAGS[@]}"; do error "UID list differs for keyword '$f'" done -# vim: set filetype=sh : +# vim: set filetype=bash : diff --git a/tests/config/dovecot/ssl.conf b/tests/config/dovecot/ssl.conf index 3fd99d5..1f3a698 100644 --- a/tests/config/dovecot/ssl.conf +++ b/tests/config/dovecot/ssl.conf @@ -2,4 +2,5 @@ ssl = required ssl_cert = <dovecot.rsa.crt ssl_key = <dovecot.rsa.key ssl_dh = <dhparams.pem -ssl_min_protocol = TLSv1 +ssl_min_protocol = TLSv1.2 +ssl_cipher_list = DEFAULT@SECLEVEL=2 diff --git a/tests/db-exclusive-lock/t b/tests/db-exclusive-lock/t index c2df4b5..0d0badb 100644 --- a/tests/db-exclusive-lock/t +++ b/tests/db-exclusive-lock/t @@ -10,7 +10,7 @@ sleep .5 # subsequent runs fail as we can't acquire the exclusive lock ! interimap || error -grep -Fx "DBD::SQLite::db do failed: database is locked at ./interimap line 176." <"$STDERR" \ - || error "Is \$DBH->do(\"PRAGMA locking_mode = EXCLUSIVE\"); at line 176?" +grep -Ex "DBD::SQLite::db do failed: database is locked at (\S+/)?interimap line 181\." <"$STDERR" \ + || error "Is \$DBH->do(\"PRAGMA locking_mode = EXCLUSIVE\"); at line 181?" -# vim: set filetype=sh : +# vim: set filetype=bash : diff --git a/tests/db-migration-0-1-foreign-key-violation/t b/tests/db-migration-0-1-foreign-key-violation/t index 35e5be5..fa4afb4 100644 --- a/tests/db-migration-0-1-foreign-key-violation/t +++ b/tests/db-migration-0-1-foreign-key-violation/t @@ -18,4 +18,4 @@ EOF grep -Fx "Upgrading database version from 0" <"$STDERR" || error "DB upgrade not attempted" grep -Fx "database: ERROR: Broken referential integrity! Refusing to commit changes." <"$STDERR" || error "DB upgrade successful despite broken refint" -# vim: set filetype=sh : +# vim: set filetype=bash : diff --git a/tests/db-no-create--watch/t b/tests/db-no-create--watch/t index a8ea07e..3097558 100644 --- a/tests/db-no-create--watch/t +++ b/tests/db-no-create--watch/t @@ -1,6 +1,6 @@ ! interimap --watch=60 || error -grep -Ex "DBI connect\(.*\) failed: unable to open database file at \./interimap line 172\." <"$STDERR" || error +grep -Ex "DBI connect\(.*\) failed: unable to open database file at (\S+/)?interimap line 177\." <"$STDERR" || error test \! -e "$XDG_DATA_HOME/interimap/remote.db" || error -# vim: set filetype=sh : +# vim: set filetype=bash : diff --git a/tests/db-upgrade-0-1-delim-mismatch/t b/tests/db-upgrade-0-1-delim-mismatch/t index d133437..c15927c 100644 --- a/tests/db-upgrade-0-1-delim-mismatch/t +++ b/tests/db-upgrade-0-1-delim-mismatch/t @@ -4,4 +4,4 @@ sqlite3 "$XDG_DATA_HOME/interimap/remote.db" <"$TESTDIR/before.sql" || error "Co grep -Fx 'ERROR: Local and remote hierachy delimiters differ (local "\"", remote "^"), refusing to update table `mailboxes`.' <"$STDERR" || error -# vim: set filetype=sh : +# vim: set filetype=bash : diff --git a/tests/db-upgrade-0-1/t b/tests/db-upgrade-0-1/t index 088008e..2baafe6 100644 --- a/tests/db-upgrade-0-1/t +++ b/tests/db-upgrade-0-1/t @@ -31,4 +31,4 @@ diff -u --label="a/dump.sql" --label="b/dump.sql" \ "$TMPDIR/dump-expected.sql" "$TMPDIR/dump.sql" \ || error "DB dumps differ" -# vim: set filetype=sh : +# vim: set filetype=bash : diff --git a/tests/delete/t b/tests/delete/t index c38d4d3..84fc55f 100644 --- a/tests/delete/t +++ b/tests/delete/t @@ -92,4 +92,4 @@ check_mailbox_list check_mailboxes_status "INBOX" step_done -# vim: set filetype=sh : +# vim: set filetype=bash : diff --git a/tests/delimiter-change/t b/tests/delimiter-change/t index 3f96953..c49dd66 100644 --- a/tests/delimiter-change/t +++ b/tests/delimiter-change/t @@ -34,4 +34,4 @@ run "." "." n="$(doveadm -u "local" search all | wc -l)" [ "$n" -eq 64 ] || error "$n != 64" -# vim: set filetype=sh : +# vim: set filetype=bash : diff --git a/tests/ignore-mailbox/t b/tests/ignore-mailbox/t index f90227c..0b8d553 100644 --- a/tests/ignore-mailbox/t +++ b/tests/ignore-mailbox/t @@ -59,4 +59,4 @@ EOF check_mailboxes_status "virtual" "virtual.bar" || error -# vim: set filetype=sh : +# vim: set filetype=bash : diff --git a/tests/list b/tests/interimap.list index d1058ba..559daed 100644 --- a/tests/list +++ b/tests/interimap.list @@ -61,6 +61,3 @@ split-set Split large sets to avoid extra-long command lines sync-live-crippled local/remote simulation (crippled remote) sync-live-tls local/remote simulation (TLS remote) sync-live-multi local/remote1+remote2+remote3 simulation (3 local namespaces) - -. pullimap - ... pullimap diff --git a/tests/largeint/t b/tests/largeint/t index b0877d5..c3f349e 100644 --- a/tests/largeint/t +++ b/tests/largeint/t @@ -36,4 +36,4 @@ doveadm -u "remote" mailbox update --min-next-uid 2147483648 --min-highest-modse run -# vim: set filetype=sh : +# vim: set filetype=bash : diff --git a/tests/list-mailbox/t b/tests/list-mailbox/t index e905537..a1168a6 100644 --- a/tests/list-mailbox/t +++ b/tests/list-mailbox/t @@ -54,4 +54,4 @@ for v in '""' '"f o o""bar"' '"f o o" "bar" "baz\" x'; do grep -xF "Invalid value for list-mailbox: $v" <"$STDERR" done -# vim: set filetype=sh : +# vim: set filetype=bash : diff --git a/tests/list-reference/t b/tests/list-reference/t index a2cc9c7..12e112b 100644 --- a/tests/list-reference/t +++ b/tests/list-reference/t @@ -44,4 +44,4 @@ verify ! doveadm -u "local" mailbox status uidvalidity "foobaz" || error ! doveadm -u "remote" mailbox status uidvalidity "foobar" || error -# vim: set filetype=sh : +# vim: set filetype=bash : diff --git a/tests/list-select-opts/t b/tests/list-select-opts/t index 98acb43..30c3fe9 100644 --- a/tests/list-select-opts/t +++ b/tests/list-select-opts/t @@ -53,4 +53,4 @@ grep -Fx "remote: Created mailbox foo" <"$STDERR" || error check_mailbox_list check_mailboxes_status "INBOX" "foo" "foo.bar" "bar" "baz" -# vim: set filetype=sh : +# vim: set filetype=bash : diff --git a/tests/preauth-plaintext/t b/tests/preauth-plaintext/t index bc287dd..2f3071f 100644 --- a/tests/preauth-plaintext/t +++ b/tests/preauth-plaintext/t @@ -16,4 +16,4 @@ interimap --debug || true grep -Fx "remote: S: * STATUS INBOX (UIDNEXT 1 UIDVALIDITY 1 HIGHESTMODSEQ 1)" <"$STDERR" || error -# vim: set filetype=sh : +# vim: set filetype=bash : diff --git a/tests/pullimap.list b/tests/pullimap.list new file mode 100644 index 0000000..f4304b9 --- /dev/null +++ b/tests/pullimap.list @@ -0,0 +1,2 @@ +. pullimap + ... pullimap diff --git a/tests/pullimap/t b/tests/pullimap/t index 0dfe634..e508784 100644 --- a/tests/pullimap/t +++ b/tests/pullimap/t @@ -6,6 +6,24 @@ step_start "\`pullimap --idle\` refuses to create the state file" ! pullimap --idle "remote" || error step_done +step_start "\`pullimap\` creates statefile with mode 0600" +pullimap "remote" || error +if ! st="$(stat -c"%#a" -- "$XDG_DATA_HOME/pullimap/remote")" || [ "$st" != "0600" ]; then + error "$XDG_DATA_HOME/pullimap/remote has mode $st != 0600" +fi +step_done + +step_start "\`pullimap\` locks its statefile" +pullimap --idle "remote" & PID=$! +trap "ptree_abort $PID" EXIT INT TERM +# wait a short while so we have time to lock the database (ugly and racy...) +sleep .5 +! pullimap "remote" || error +grep -F "Can't lock $XDG_DATA_HOME/pullimap/remote: Resource temporarily unavailable at " <"$STDERR" || error +ptree_abort $PID +trap - EXIT INT TERM +step_done + # compare mailboxes (can't compare the RFC 3501 TEXT as the LMTPd inconditionally # adds a Return-Path: header -- and also Delivered-To: and Received: to by default) list_mails_sha256() { @@ -104,29 +122,31 @@ doveadm -u "remote" search mailbox "$MAILBOX" unseen >"$TMPDIR/unseen" step_done -step_start "--idle (${TIMEOUT}s)" +if [ $TIMEOUT -gt 0 ]; then + step_start "--idle (${TIMEOUT}s)" -pullimap --idle "remote" & PID=$! -trap "ptree_abort $PID" EXIT INT TERM + pullimap --idle "remote" & PID=$! + trap "ptree_abort $PID" EXIT INT TERM + + timer=$(( $(date +%s) + TIMEOUT )) + while [ $(date +%s) -le $timer ]; do + n="$(shuf -n1 -i1-5)" + for (( i=0; i < n; i++)); do + sample_message | deliver -u "remote" -- -m "$MAILBOX" + done -timer=$(( $(date +%s) + TIMEOUT )) -while [ $(date +%s) -le $timer ]; do - n="$(shuf -n1 -i1-5)" - for (( i=0; i < n; i++)); do - sample_message | deliver -u "remote" -- -m "$MAILBOX" + s=$(shuf -n1 -i1-1500) + [ $s -ge 1000 ] && s="$(printf "1.%03d" $((s-1000)))" || s="$(printf "0.%03d" $s)" + sleep "$s" done - s=$(shuf -n1 -i1-1500) - [ $s -ge 1000 ] && s="$(printf "1.%03d" $((s-1000)))" || s="$(printf "0.%03d" $s)" - sleep "$s" -done + sleep 5 + ptree_abort $PID + trap - EXIT INT TERM -sleep 5 -ptree_abort $PID -trap - EXIT INT TERM - -check -step_done + check + step_done +fi step_start "Purging" @@ -140,4 +160,4 @@ doveadm -u "remote" search mailbox "$MAILBOX" all >"$TMPDIR/messages" [ ! -s "$TMPDIR/messages" ] || error "messages left" step_done -# vim: set filetype=sh : +# vim: set filetype=bash : diff --git a/tests/rename-exists-db/t b/tests/rename-exists-db/t index cb6cfcd..63d7ba0 100644 --- a/tests/rename-exists-db/t +++ b/tests/rename-exists-db/t @@ -11,4 +11,4 @@ doveadm -u "remote" mailbox delete "t\\o" ! interimap --rename "root.from" "t.o" || error grep -Fx 'database: ERROR: Mailbox t.o exists. Run `interimap --target=database --delete t.o` to delete.' <"$STDERR" || error -# vim: set filetype=sh : +# vim: set filetype=bash : diff --git a/tests/rename-exists-local/t b/tests/rename-exists-local/t index 190f49a..33c7da7 100644 --- a/tests/rename-exists-local/t +++ b/tests/rename-exists-local/t @@ -10,4 +10,4 @@ doveadm -u "remote" mailbox delete "t\\o" ! interimap --rename "root.from" "t.o" || error grep -Fx 'local: ERROR: Mailbox t.o exists. Run `interimap --target=local --delete t.o` to delete.' <"$STDERR" || error -# vim: set filetype=sh : +# vim: set filetype=bash : diff --git a/tests/rename-exists-remote/t b/tests/rename-exists-remote/t index be16a12..2e87053 100644 --- a/tests/rename-exists-remote/t +++ b/tests/rename-exists-remote/t @@ -10,4 +10,4 @@ doveadm -u "local" mailbox delete "t.o" ! interimap --rename "root.from" "t.o" || error grep -Fx 'remote: ERROR: Mailbox t\o exists. Run `interimap --target=remote --delete t.o` to delete.' <"$STDERR" || remote -# vim: set filetype=sh : +# vim: set filetype=bash : diff --git a/tests/rename-inferiors/t b/tests/rename-inferiors/t index 9267e6f..9166230 100644 --- a/tests/rename-inferiors/t +++ b/tests/rename-inferiors/t @@ -97,4 +97,4 @@ check_mailbox_list check_mailboxes_status "from.root" "from.root.child" "from.root.child2" "from.root.child.grandchild" \ "newroot.sibbling" "newroot.sibbling.grandchild" "root2" "INBOX" -# vim: set filetype=sh : +# vim: set filetype=bash : diff --git a/tests/rename-simple/t b/tests/rename-simple/t index 6ebee9a..df9d84c 100644 --- a/tests/rename-simple/t +++ b/tests/rename-simple/t @@ -58,4 +58,4 @@ grep -Fx "database: Created mailbox INBOX" <"$STDERR" check_mailbox_list check_mailboxes_status "INBOX" "bar" "baz" -# vim: set filetype=sh : +# vim: set filetype=bash : diff --git a/tests/repair/t b/tests/repair/t index 6b205ea..10fab0d 100644 --- a/tests/repair/t +++ b/tests/repair/t @@ -104,4 +104,4 @@ check_mailboxes_status "baz" "foo.bar" interimap || error check_mailboxes_status "baz" "foo.bar" "INBOX" -# vim: set filetype=sh : +# vim: set filetype=bash : diff --git a/tests/resume/t b/tests/resume/t index a281ef3..d7b9b53 100644 --- a/tests/resume/t +++ b/tests/resume/t @@ -95,4 +95,4 @@ diff -u --label="a/count" --label="b/count" "$TMPDIR/count" - <<-EOF 9 EOF -# vim: set filetype=sh : +# vim: set filetype=bash : @@ -38,6 +38,12 @@ fi # cleanup environment unset OPENSSL_CONF SSL_CERT_FILE SSL_CERT_DIR +if [ -z "${INTERIMAP_PATH+x}" ]; then + INTERIMAP_PATH="./" +elif [ -n "$INTERIMAP_PATH" ]; then + INTERIMAP_PATH="${INTERIMAP_PATH%/}/" +fi + ROOTDIR="$(mktemp --tmpdir="${TMPDIR:-/dev/shm}" --directory "$1.XXXXXXXXXX")" declare -a DOVECOT_SERVER=() trap cleanup EXIT INT TERM @@ -206,26 +212,32 @@ prepare interimap() { _interimap_cmd "interimap" "$@"; } pullimap() { _interimap_cmd "pullimap" "$@"; } _interimap_cmd() { - declare -a ENVIRON=() + declare -a ENVIRON=() args=() local script="$1" rv=0 shift environ_set "local" [ -z "${OPENSSL_CONF+x}" ] || ENVIRON+=( OPENSSL_CONF="$OPENSSL_CONF" ) [ -z "${SSL_CERT_FILE+x}" ] || ENVIRON+=( SSL_CERT_FILE="$SSL_CERT_FILE" ) [ -z "${SSL_CERT_DIR+x}" ] || ENVIRON+=( SSL_CERT_DIR="$SSL_CERT_DIR" ) - env -i "${ENVIRON[@]}" perl -I./lib -T "./$script" "$@" 2>"$STDERR" || rv=$? + [ -z "${INTERIMAP_I:+x}" ] || args+=( perl -I"$INTERIMAP_I" -T ) + args+=( "$INTERIMAP_PATH$script" "$@" ) + #printf "I: Running \`%s\`\\n" "${args[*]}" >&3 + env -i "${ENVIRON[@]}" "${args[@]}" 2>"$STDERR" || rv=$? cat <"$STDERR" >&2 return $rv } interimap_init() { local u="${1-remote}" - local db="$XDG_DATA_HOME/interimap/$u.db" + local db="$XDG_DATA_HOME/interimap/$u.db" st local cfg="config${u#remote}" test \! -e "$db" || error "Database already exists" 1 interimap --config "$cfg" || error "Couldn't initialize interimap" 1 test -f "$db" || error "Database is still missing" 1 grep -Fx "Creating new schema in database file $db" <"$STDERR" || error "DB wasn't created" 1 + if ! st="$(stat -c"%#a" -- "$db")" || [ "$st" != "0600" ]; then + error "$db has mode $st != 0600" 1 + fi } doveadm() { if [ $# -le 2 ] || [ "$1" != "-u" ]; then @@ -449,7 +461,7 @@ passed() { # Run test in a sub-shell declare -a ENVIRON=() environ_set "local" -export TMPDIR TESTDIR STDERR "${ENVIRON[@]}" +export TMPDIR TESTDIR INTERIMAP_PATH INTERIMAP_I STDERR "${ENVIRON[@]}" export -f environ_set doveadm interimap interimap_init pullimap _interimap_cmd export -f sqlite3 sample_message deliver ptree_abort step_start step_done passed export -f check_mailbox_status check_mailbox_status_values check_mailbox_status2 diff --git a/tests/run-all b/tests/run-all index d13f689..79e62d1 100755 --- a/tests/run-all +++ b/tests/run-all @@ -24,6 +24,7 @@ export PATH BASEDIR="$(dirname -- "$0")" RUN="$BASEDIR/run" +list="$1" failed=0 @@ -54,7 +55,7 @@ while IFS="" read -r x; do fi INDENT="$indent" "$RUN" "$t" ${desc+"$desc"} || failed=$(( failed+1 )) -done <"$BASEDIR/list" +done <"$BASEDIR/$list" if [ $failed -eq 0 ]; then printf "All tests passed.\\n" diff --git a/tests/split-set/t b/tests/split-set/t index 5e8ea52..d8cf948 100644 --- a/tests/split-set/t +++ b/tests/split-set/t @@ -40,4 +40,4 @@ done interimap || error check_mailbox_status "INBOX" -# vim: set filetype=sh : +# vim: set filetype=bash : diff --git a/tests/starttls-injection/t b/tests/starttls-injection/t index d57aa7a..023baff 100644 --- a/tests/starttls-injection/t +++ b/tests/starttls-injection/t @@ -13,4 +13,4 @@ grep -Fx 'remote: WARNING: Truncating non-empty output buffer (unauthenticated r ! grep -Fx 'remote: ERROR: Logins are disabled.' <"$STDERR" || error "injected capability wasn't ignored" grep -Fx 'remote: ERROR: Server did not advertise ENABLE (RFC 5161) capability.' <"$STDERR" || error "injected capability wasn't ignored" -# vim: set filetype=sh : +# vim: set filetype=bash : diff --git a/tests/starttls-logindisabled/t b/tests/starttls-logindisabled/t index 0ac7465..b2bf87b 100644 --- a/tests/starttls-logindisabled/t +++ b/tests/starttls-logindisabled/t @@ -16,4 +16,4 @@ grep -Fx "remote: C: 000001 CAPABILITY" <"$STDERR" || error # can't go further as the capability string still has the manually # enforced 'LOGINDISABLED' -# vim: set filetype=sh : +# vim: set filetype=bash : diff --git a/tests/starttls/t b/tests/starttls/t index 62b2151..7b76469 100644 --- a/tests/starttls/t +++ b/tests/starttls/t @@ -1,5 +1,5 @@ X509_SHA256="$(doveconf -c "$HOME_remote/.dovecot/config" -hx ssl_cert \ - | openssl x509 -noout -fingerprint -sha256 \ + | openssl x509 -in /dev/stdin -noout -fingerprint -sha256 \ | sed -rn "/^.*=\\s*/ {s///p;q}" | tr -d : | tr "[A-Z]" "[a-z]")" for ((i = 0; i < 32; i++)); do @@ -27,4 +27,4 @@ grep "^remote: SSL cipher: " <"$STDERR" || error check_mailbox_status "INBOX" -# vim: set filetype=sh : +# vim: set filetype=bash : diff --git a/tests/sync-live-multi/t b/tests/sync-live-multi/t index ba7f326..b91cedc 100644 --- a/tests/sync-live-multi/t +++ b/tests/sync-live-multi/t @@ -124,4 +124,4 @@ for m in "${MAILBOXES[@]}"; do check_mailbox_status2 "$blob" "$m" "$u" "$mr" done -# vim: set filetype=sh : +# vim: set filetype=bash : diff --git a/tests/sync-live/t b/tests/sync-live/t index 5f5b291..1d50b00 100644 --- a/tests/sync-live/t +++ b/tests/sync-live/t @@ -73,4 +73,4 @@ trap - EXIT INT TERM check_mailbox_list check_mailboxes_status "${MAILBOXES[@]}" -# vim: set filetype=sh : +# vim: set filetype=bash : diff --git a/tests/sync-mailbox-list/t b/tests/sync-mailbox-list/t index ea80fbf..d1567fb 100644 --- a/tests/sync-mailbox-list/t +++ b/tests/sync-mailbox-list/t @@ -90,4 +90,4 @@ EOF [ $(< "$TMPDIR/count") -eq 0 ] || error step_done -# vim: set filetype=sh : +# vim: set filetype=bash : diff --git a/tests/tls-ciphers/t b/tests/tls-ciphers/t index 0dfc771..ca0e610 100644 --- a/tests/tls-ciphers/t +++ b/tests/tls-ciphers/t @@ -28,4 +28,4 @@ EOF interimap --debug || error grep -Fx "remote: SSL cipher: TLS_CHACHA20_POLY1305_SHA256 (256 bits)" <"$STDERR" || error -# vim: set filetype=sh : +# vim: set filetype=bash : diff --git a/tests/tls-pin-fingerprint/t b/tests/tls-pin-fingerprint/t index 883a887..6c045a1 100644 --- a/tests/tls-pin-fingerprint/t +++ b/tests/tls-pin-fingerprint/t @@ -1,5 +1,6 @@ PKEY_SHA256="$(doveconf -c "$HOME_remote/.dovecot/config" -hx ssl_cert \ - | openssl x509 -pubkey | openssl pkey -pubin -outform DER \ + | openssl x509 -in /dev/stdin -pubkey \ + | openssl pkey -in /dev/stdin -pubin -outform DER \ | openssl dgst -sha256 | sed -rn "/^.*=\\s*/ {s///p;q}")" INVALID_FPR="sha256\$deadbeefdeadbeefdeadbeefdeadbeefdeadbeefdeadbeefdeadbeefdeadbeef" INVALID_FPR2="sha256\$deadbeefdeadbeefdeadbeefdeadbeefdeadbeefdeadbeefdeadbeefdeadbee2" @@ -74,4 +75,4 @@ EOF interimap --debug || error grep -Fx "remote: Peer certificate matches pinned SPKI digest sha256\$$PKEY_SHA256" <"$STDERR" || error -# vim: set filetype=sh : +# vim: set filetype=bash : diff --git a/tests/tls-protocols/openssl.cnf b/tests/tls-protocols/openssl.cnf index 980097d..3d9769d 100644 --- a/tests/tls-protocols/openssl.cnf +++ b/tests/tls-protocols/openssl.cnf @@ -11,4 +11,4 @@ system_default = system_default_sect [system_default_sect] MinProtocol = None -CipherString = DEFAULT +CipherString = DEFAULT@SECLEVEL=0 diff --git a/tests/tls-protocols/remote.conf b/tests/tls-protocols/remote.conf index 6029749..96b3713 120000..100644 --- a/tests/tls-protocols/remote.conf +++ b/tests/tls-protocols/remote.conf @@ -1 +1,4 @@ -../tls/remote.conf
\ No newline at end of file +!include conf.d/imapd.conf +!include conf.d/ssl.conf +ssl_min_protocol = TLSv1 +ssl_cipher_list = DEFAULT@SECLEVEL=0 diff --git a/tests/tls-protocols/t b/tests/tls-protocols/t index 72f7db2..b78dd69 100644 --- a/tests/tls-protocols/t +++ b/tests/tls-protocols/t @@ -96,4 +96,4 @@ grep -Fx "remote: ERROR: Can't initiate TLS/SSL handshake" <"$STDERR" || error ! grep -E "^remote: C: .* (AUTHENTICATE|LOGIN) " <"$STDERR" || error grep -Fx "remote: IMAP traffic (bytes): recv 0 sent 0" <"$STDERR" || error -# vim: set filetype=sh : +# vim: set filetype=bash : diff --git a/tests/tls-rsa+ecdsa/t b/tests/tls-rsa+ecdsa/t index c9f5b96..16ec9d9 100644 --- a/tests/tls-rsa+ecdsa/t +++ b/tests/tls-rsa+ecdsa/t @@ -2,11 +2,12 @@ doveconf_remote() { doveconf -c "$HOME_remote/.dovecot/config" -hx "$1" } pkey_sha256() { - openssl x509 -pubkey | openssl pkey -pubin -outform DER \ + openssl x509 -in /dev/stdin -pubkey \ + | openssl pkey -in /dev/stdin -pubin -outform DER \ | openssl dgst -sha256 | sed -rn "/^.*=\\s*/ {s///p;q}" } x509_sha256() { - openssl x509 -noout -fingerprint -sha256 \ + openssl x509 -in /dev/stdin -noout -fingerprint -sha256 \ | sed -rn "/^.*=\\s*/ {s///p;q}" | tr -d : | tr "[A-Z]" "[a-z]" } @@ -28,7 +29,7 @@ interimap_init check_mailbox_status "INBOX" interimap --debug || error -# which peer certificate is used is up to libssl +# which peer certificate is used is up to libssl grep -Fx -e "remote: Peer certificate fingerprint: sha256\$$X509_SHA256" \ -e "remote: Peer certificate fingerprint: sha256\$$X509_ALT_SHA256" \ <"$STDERR" || error @@ -53,4 +54,4 @@ interimap --debug || error grep -Fx "remote: Peer certificate fingerprint: sha256\$$X509_ALT_SHA256" <"$STDERR" || error grep -Fx "remote: Peer certificate matches pinned SPKI digest sha256\$$PKEY_ALT_SHA256" <"$STDERR" || error -# vim: set filetype=sh : +# vim: set filetype=bash : diff --git a/tests/tls-sni/t b/tests/tls-sni/t index f18b8b0..0565e49 100644 --- a/tests/tls-sni/t +++ b/tests/tls-sni/t @@ -1,9 +1,9 @@ SERVERNAME="imap.example.net" # cf local_name{} section in the dovecot config X509_SHA256="$(doveconf -c "$HOME_remote/.dovecot/config" -hx ssl_cert \ - | openssl x509 -noout -fingerprint -sha256 \ + | openssl x509 -in /dev/stdin -noout -fingerprint -sha256 \ | sed -rn "/^.*=\\s*/ {s///p;q}" | tr -d : | tr "[A-Z]" "[a-z]")" X509_2_SHA256="$(doveconf -c "$HOME_remote/.dovecot/config" -f lname="$SERVERNAME" -hx ssl_cert \ - | openssl x509 -noout -fingerprint -sha256 \ + | openssl x509 -in /dev/stdin -noout -fingerprint -sha256 \ | sed -rn "/^.*=\\s*/ {s///p;q}" | tr -d : | tr "[A-Z]" "[a-z]")" # check that empty SSL_hostname disables SNI @@ -63,4 +63,4 @@ echo "SSL_CAfile = $HOME/.dovecot/conf.d/ca.crt" >>"$XDG_CONFIG_HOME/interimap/c interimap --debug || error sni_ok -# vim: set filetype=sh : +# vim: set filetype=bash : diff --git a/tests/tls-verify-peer/t b/tests/tls-verify-peer/t index 8326521..ee4cd88 100644 --- a/tests/tls-verify-peer/t +++ b/tests/tls-verify-peer/t @@ -1,8 +1,9 @@ X509_SHA256="$(doveconf -c "$HOME_remote/.dovecot/config" -hx ssl_cert \ - | openssl x509 -noout -fingerprint -sha256 \ + | openssl x509 -in /dev/stdin -noout -fingerprint -sha256 \ | sed -rn "/^.*=\\s*/ {s///p;q}" | tr -d : | tr "[A-Z]" "[a-z]")" PKEY_SHA256="$(doveconf -c "$HOME_remote/.dovecot/config" -hx ssl_cert \ - | openssl x509 -pubkey | openssl pkey -pubin -outform DER \ + | openssl x509 -in /dev/stdin -pubkey \ + | openssl pkey -in /dev/stdin -pubin -outform DER \ | openssl dgst -sha256 | sed -rn "/^.*=\\s*/ {s///p;q}")" unverified_peer() { @@ -146,4 +147,4 @@ done step_done -# vim: set filetype=sh : +# vim: set filetype=bash : diff --git a/tests/tls/t b/tests/tls/t index a674b28..aee0678 100644 --- a/tests/tls/t +++ b/tests/tls/t @@ -1,5 +1,5 @@ X509_SHA256="$(doveconf -c "$HOME_remote/.dovecot/config" -hx ssl_cert \ - | openssl x509 -noout -fingerprint -sha256 \ + | openssl x509 -in /dev/stdin -noout -fingerprint -sha256 \ | sed -rn "/^.*=\\s*/ {s///p;q}" | tr -d : | tr "[A-Z]" "[a-z]")" for ((i = 0; i < 32; i++)); do @@ -14,4 +14,4 @@ grep "^remote: SSL cipher: " <"$STDERR" || error check_mailbox_status "INBOX" -# vim: set filetype=sh : +# vim: set filetype=bash : |