6 files changed, 66 insertions, 0 deletions

diff --git a/tests/Makefile.am b/tests/Makefile.am
index c2fe470839..b83695417d 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -32,6 +32,7 @@ EXTRA_DIST = suppressions.valgrind eagain-common.h cert-common.h test-chains.h \
 	certs/ecc521.pem certs/rsa-2432.pem x509cert-dir/ca.pem psk.passwd \
 	system.prio pkcs11/softhsm.h pkcs11/pkcs11-pubkey-import.c gnutls-asan.supp \
 	rsa-md5-collision/README safe-renegotiation/README starttls-smtp.txt starttls-ftp.txt \
+	starttls-lmtp.txt starttls-pop3.txt starttls-nntp.txt starttls-sieve.txt \
 	rsa-md5-collision/colliding-chain-md5-2.pem rsa-md5-collision/colliding-chain-md5-1.pem \
 	certs-interesting/README.md certs-interesting/cert1.der certs-interesting/cert1.der.err \
 	certs-interesting/cert2.der certs-interesting/cert2.der.err certs-interesting/cert3.der \
diff --git a/tests/starttls-lmtp.txt b/tests/starttls-lmtp.txt
new file mode 100644
index 0000000000..c6425a9b95
--- /dev/null
+++ b/tests/starttls-lmtp.txt
@@ -0,0 +1,4 @@
+TIMEOUT 120
+'' '220 mail.example.net Dovecot ready.\r\n'
+LHLO '250-mail.example.net\r\n250-8BITMIME\r\n250-ENHANCEDSTATUSCODES\r\n250-STARTTLS\r\n250 PIPELINING\r\n'
+STARTTLS '220 2.0.0 Ready to start TLS\r\n'
diff --git a/tests/starttls-nntp.txt b/tests/starttls-nntp.txt
new file mode 100644
index 0000000000..0bb123c076
--- /dev/null
+++ b/tests/starttls-nntp.txt
@@ -0,0 +1,3 @@
+TIMEOUT 120
+'' '200 nntp.example.net InterNetNews NNRP server INN 2.5.4 ready (posting ok)\r\n'
+STARTTLS '382 Begin TLS negotiation now\r\n'
diff --git a/tests/starttls-pop3.txt b/tests/starttls-pop3.txt
new file mode 100644
index 0000000000..1a99ebb1d7
--- /dev/null
+++ b/tests/starttls-pop3.txt
@@ -0,0 +1,3 @@
+TIMEOUT 120
+'' '+OK Dovecot ready.\r\n'
+STLS '+OK Begin TLS negotiation now.\r\n'
diff --git a/tests/starttls-sieve.txt b/tests/starttls-sieve.txt
new file mode 100644
index 0000000000..eaae93cb7b
--- /dev/null
+++ b/tests/starttls-sieve.txt
@@ -0,0 +1,3 @@
+TIMEOUT 120
+'' '"IMPLEMENTATION" "Dovecot Pigeonhole"\r\n"SIEVE" "fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date"\r\n"NOTIFY" "mailto"\r\n"SASL" "PLAIN LOGIN"\r\n"STARTTLS"\r\n"VERSION" "1.0"r\nOK "Dovecot ready."\r\n'
+STARTTLS 'OK "Begin TLS negotiation now."\r\n'
diff --git a/tests/starttls.sh b/tests/starttls.sh
index 522c6765b1..c0e5a6750e 100755
--- a/tests/starttls.sh
+++ b/tests/starttls.sh
@@ -108,4 +108,56 @@ fi
 kill ${PID}
 wait
 
+eval "${GETPORT}"
+socat TCP-LISTEN:${PORT} EXEC:"$CHAT -e -S -v -f ${srcdir}/starttls-lmtp.txt",pty &
+PID=$!
+wait_server ${PID}
+
+${VALGRIND} "${CLI}" -p "${PORT}" 127.0.0.1 --priority NORMAL:+ANON-ECDH --insecure --starttls-proto lmtp --verbose </dev/null >/dev/null
+if test $? != 1;then
+	fail ${PID} "connect should have failed with error code 1"
+fi
+
+kill ${PID}
+wait
+
+eval "${GETPORT}"
+socat TCP-LISTEN:${PORT} EXEC:"$CHAT -e -S -v -f ${srcdir}/starttls-pop3.txt",pty &
+PID=$!
+wait_server ${PID}
+
+${VALGRIND} "${CLI}" -p "${PORT}" 127.0.0.1 --priority NORMAL:+ANON-ECDH --insecure --starttls-proto pop3 --verbose </dev/null >/dev/null
+if test $? != 1;then
+	fail ${PID} "connect should have failed with error code 1"
+fi
+
+kill ${PID}
+wait
+
+eval "${GETPORT}"
+socat TCP-LISTEN:${PORT} EXEC:"$CHAT -e -S -v -f ${srcdir}/starttls-nntp.txt",pty &
+PID=$!
+wait_server ${PID}
+
+${VALGRIND} "${CLI}" -p "${PORT}" 127.0.0.1 --priority NORMAL:+ANON-ECDH --insecure --starttls-proto nntp --verbose </dev/null >/dev/null
+if test $? != 1;then
+	fail ${PID} "connect should have failed with error code 1"
+fi
+
+kill ${PID}
+wait
+
+eval "${GETPORT}"
+socat TCP-LISTEN:${PORT} EXEC:"$CHAT -e -S -v -f ${srcdir}/starttls-sieve.txt",pty &
+PID=$!
+wait_server ${PID}
+
+${VALGRIND} "${CLI}" -p "${PORT}" 127.0.0.1 --priority NORMAL:+ANON-ECDH --insecure --starttls-proto sieve --verbose </dev/null >/dev/null
+if test $? != 1;then
+	fail ${PID} "connect should have failed with error code 1"
+fi
+
+kill ${PID}
+wait
+
 exit 0