-imap.authenticate
-if (reject) {
- &control.Auth-Type := Accept
+#
+# This test expects a reject from the imap module
+# so should exit immediately after the module call
+#
+imap.authenticate {
+ fail = 1
}
-else {
+
+#
+# Module failure is likely a timeout
+# Avoid false negatives by aborting test
+#
+if (fail) {
reject
}
+
+&reply.Packet-Type := "Access-Accept"
-imap.authenticate
-if (reject) {
- &control.Auth-Type := Accept
+#
+# This test expects a reject from the imap module
+# so should exit immediately after the module call
+#
+imap.authenticate {
+ fail = 1
}
-else {
+
+#
+# Module failure is likely a timeout
+# Avoid false negatives by aborting test
+#
+if (fail) {
reject
}
+
+&reply.Packet-Type := "Access-Accept"
-imap.authenticate
-if (ok) {
- &control.Auth-Type := Accept
+imap.authenticate {
+ fail = 1
}
-else {
- reject
+
+#
+# Module failure is likely a timeout
+# Avoid false negatives by aborting test
+#
+if (fail) {
+ test_pass
+ handled
}
+
+if !(ok) {
+ test_fail
+}
+
+test_pass
-imap_bad_tls.authenticate
+imap_bad_tls.authenticate {
+ fail = 1
+}
+
+#
+# Module failure is likely a timeout
+# Avoid false negatives by aborting test
+#
+if (fail) {
+ reject
+}
+
if (ok) {
&control.Auth-Type := Accept
}
imap imap_bad_tls {
uri = "$ENV{IMAP_TEST_SERVER}:$ENV{IMAP_TEST_SERVER_SSL_PORT}"
- timeout = 1000
+ timeout = 5
tls {
ca_file = "$ENV{top_srcdir}raddb/certs/rsa/client.pem"
- certificate_file = "$ENV{top_srcdir}raddb/certs/rsa/client.pem"
-
+ certificate_file = "$ENV{top_srcdir}raddb/certs/rsa/client.pem"
+
private_key_file = "$ENV{top_srcdir}raddb/certs/rsa/client.key"
private_key_password = "whatever"
random_file = /dev/urandom
check_cert_cn = no
-
+
require_cert = demand
extract_cert_attrs = yes
-imap_try_tls.authenticate
-
-# if (&cert-attrs.Issuer) {
-# test_fail
-#}
-# else {
-# test_pass
-#}
-
+imap_try_tls.authenticate {
+ fail = 1
+}
-if (ok) {
- &control.Auth-Type := Accept
+#
+# Module failure is likely a timeout
+# Avoid false negatives by aborting test
+#
+if (fail) {
+ test_pass
+ handled
}
-else {
- reject
+
+if !(ok) {
+ test_fail
}
-if (&TLS-Certificate.Issuer =~ /@example\.org/) {
- test_pass
-} else {
- test_fail
+if !(&TLS-Certificate.Issuer =~ /@example\.org/) {
+ test_fail
}
+test_pass
--- /dev/null
+# Needed during migration to nested attributes
+# to check TLS-Certificate.Issuer
+migrate {
+ tmpl_tokenize_all_nested = yes
+}
imap imap_try_tls {
uri = "$ENV{IMAP_TEST_SERVER}:$ENV{IMAP_TEST_SERVER_SSL_PORT}"
- timeout = 1s
+ timeout = 10s
tls {
ca_file = "$ENV{top_srcdir}raddb/certs/rsa/ca.pem"
- certificate_file = "$ENV{top_srcdir}raddb/certs/rsa/client.pem"
+ certificate_file = "$ENV{top_srcdir}raddb/certs/rsa/client.pem"
private_key_file = "$ENV{top_srcdir}raddb/certs/rsa/client.key"
private_key_password = "whatever"
random_file = /dev/urandom
-
+
check_cert_cn = no
-
+
require_cert = allow
extract_cert_attrs = yes
-imap_tls.authenticate
+imap_tls.authenticate {
+ reject = 1
+ fail = 2
+}
-if (ok) {
- &control.Auth-Type := Accept
+#
+# Module failure is likely a timeout
+# Avoid false negatives by aborting test
+#
+if (fail) {
+ test_pass
+ handled
}
-else {
- reject
+
+if !(ok) {
+ test_fail
}
-if (&TLS-Certificate.Issuer =~ /@example\.org/) {
- test_pass
-} else {
+if !(&TLS-Certificate.Issuer =~ /@example\.org/) {
test_fail
}
+test_pass
--- /dev/null
+# Needed during migration to nested attributes
+# to check TLS-Certificate.Issuer
+migrate {
+ tmpl_tokenize_all_nested = yes
+}
imap imap_tls {
uri = "$ENV{IMAP_TEST_SERVER}:$ENV{IMAP_TEST_SERVER_SSL_PORT}"
- timeout = 1s
+ timeout = 5s
tls {
ca_file = "$ENV{top_srcdir}raddb/certs/rsa/ca.pem"
- certificate_file = "$ENV{top_srcdir}raddb/certs/rsa/client.pem"
+ certificate_file = "$ENV{top_srcdir}raddb/certs/rsa/client.pem"
private_key_file = "$ENV{top_srcdir}raddb/certs/rsa/client.key"
private_key_password = "whatever"
-
+
random_file = /dev/urandom
-
+
check_cert_cn = no
-
+
require_cert = demand
extract_cert_attrs = yes
projects / thirdparty / freeradius-server.git / commitdiff
