From 53a296f8b629e002b13f328c74ff905963f75dc4 Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem@fripost.org>
Date: Wed, 6 Mar 2024 14:36:38 +0100
Subject: tests/*/t: Replace filetype=sh with filetype=bash.

---
 tests/tls-rsa+ecdsa/t | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'tests/tls-rsa+ecdsa/t')

diff --git a/tests/tls-rsa+ecdsa/t b/tests/tls-rsa+ecdsa/t
index fd2b1be..605d7b6 100644
--- a/tests/tls-rsa+ecdsa/t
+++ b/tests/tls-rsa+ecdsa/t
@@ -53,4 +53,4 @@ interimap --debug || error
 grep -Fx "remote: Peer certificate fingerprint: sha256\$$X509_ALT_SHA256" <"$STDERR" || error
 grep -Fx "remote: Peer certificate matches pinned SPKI digest sha256\$$PKEY_ALT_SHA256" <"$STDERR" || error
 
-# vim: set filetype=sh :
+# vim: set filetype=bash :
-- 
cgit v1.2.3


From a4accc44ac1fddffba31d9bf52b76738a3562057 Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem@fripost.org>
Date: Wed, 6 Mar 2024 14:52:56 +0100
Subject: tests/*/t: Explicitly pass `-in /dev/stdin` to openssl(1).

---
 tests/tls-rsa+ecdsa/t | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'tests/tls-rsa+ecdsa/t')

diff --git a/tests/tls-rsa+ecdsa/t b/tests/tls-rsa+ecdsa/t
index 605d7b6..16ec9d9 100644
--- a/tests/tls-rsa+ecdsa/t
+++ b/tests/tls-rsa+ecdsa/t
@@ -2,11 +2,12 @@ doveconf_remote() {
     doveconf -c "$HOME_remote/.dovecot/config" -hx "$1"
 }
 pkey_sha256() {
-    openssl x509 -pubkey | openssl pkey -pubin -outform DER \
+    openssl x509 -in /dev/stdin -pubkey \
+    | openssl pkey -in /dev/stdin -pubin -outform DER \
     | openssl dgst -sha256 | sed -rn "/^.*=\\s*/ {s///p;q}"
 }
 x509_sha256() {
-    openssl x509 -noout -fingerprint -sha256 \
+    openssl x509 -in /dev/stdin -noout -fingerprint -sha256 \
     | sed -rn "/^.*=\\s*/ {s///p;q}" | tr -d : | tr "[A-Z]" "[a-z]"
 }
 
-- 
cgit v1.2.3


From 66aeda7f653cfb72731fe7ff2925d7291158500f Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem@debian.org>
Date: Fri, 25 Apr 2025 17:59:57 +0200
Subject: Port tests and documentation to Dovecot 2.4.

See https://doc.dovecot.org/main/installation/upgrade/2.3-to-2.4.html .
---
 tests/tls-rsa+ecdsa/t | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

(limited to 'tests/tls-rsa+ecdsa/t')

diff --git a/tests/tls-rsa+ecdsa/t b/tests/tls-rsa+ecdsa/t
index 16ec9d9..789d9e6 100644
--- a/tests/tls-rsa+ecdsa/t
+++ b/tests/tls-rsa+ecdsa/t
@@ -1,5 +1,7 @@
 doveconf_remote() {
-    doveconf -c "$HOME_remote/.dovecot/config" -hx "$1"
+    local p k="$1"
+    p="$(doveconf -c "$HOME_remote/.dovecot/config" -hx "$1")"
+    cat <"$p"
 }
 pkey_sha256() {
     openssl x509 -in /dev/stdin -pubkey \
@@ -11,10 +13,10 @@ x509_sha256() {
     | sed -rn "/^.*=\\s*/ {s///p;q}" | tr -d : | tr "[A-Z]" "[a-z]"
 }
 
-PKEY_SHA256="$(doveconf_remote ssl_cert | pkey_sha256)"
-X509_SHA256="$(doveconf_remote ssl_cert | x509_sha256)"
-PKEY_ALT_SHA256="$(doveconf_remote ssl_alt_cert | pkey_sha256)"
-X509_ALT_SHA256="$(doveconf_remote ssl_alt_cert | x509_sha256)"
+PKEY_SHA256="$(doveconf_remote ssl_server/cert_file | pkey_sha256)"
+X509_SHA256="$(doveconf_remote ssl_server/cert_file | x509_sha256)"
+PKEY_ALT_SHA256="$(doveconf_remote ssl_server/alt_cert_file | pkey_sha256)"
+X509_ALT_SHA256="$(doveconf_remote ssl_server/alt_cert_file | x509_sha256)"
 
 # pinned valid fingerprints
 cat >>"$XDG_CONFIG_HOME/interimap/config" <<-EOF
-- 
cgit v1.2.3