Merge branch 'exim-4.96+security'
[exim.git] / test / scripts / 1100-Basic-TLS / 1102
1 # TLS server: creds caching
2 #
3 #
4 mkdir -p DIR/tmp/certs
5 cp DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.pem            DIR/tmp/certs/servercert
6 cp DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key   DIR/tmp/certs/serverkey
7 cp DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.ocsp.good.resp DIR/tmp/certs/ocsp_proof
8 #
9 #exim -d-all+tls+receive+timestamp -DSERVER=server -bd -oX PORT_D
10 exim -DSERVER=server -bd -oX PORT_D
11 ****
12 client-anytls -ocsp DIR/aux-fixed/exim-ca/example.com/server1.example.com/ca_chain.pem 127.0.0.1 PORT_D
13 ??? 220
14 EHLO rhu.barb
15 ????250
16 STARTTLS
17 ??? 220
18 EHLO rhu.barb
19 ????250
20 MAIL FROM:<>
21 RCPT TO:test@example.com
22 ??? 250
23 ??? 250
24 QUIT
25 ??? 221
26 ****
27 sleep 1
28 # Now overwrite the cert
29 # XXX using server2.com fails here, on the ocsp verify.  Why?
30 cp DIR/aux-fixed/exim-ca/example.net/server1.example.net/server1.example.net.pem            DIR/tmp/certs/servercert
31 cp DIR/aux-fixed/exim-ca/example.net/server1.example.net/server1.example.net.unlocked.key   DIR/tmp/certs/serverkey
32 cp DIR/aux-fixed/exim-ca/example.net/server1.example.net/server1.example.net.ocsp.good.resp DIR/tmp/certs/ocsp_proof
33 # The watch mech waits 5 sec after the last trigger, so give that time to expire then send another message
34 sleep 7
35 client-anytls -ocsp DIR/aux-fixed/exim-ca/example.net/server1.example.net/ca_chain.pem 127.0.0.1 PORT_D
36 ??? 220
37 EHLO rhu.barb
38 ????250
39 STARTTLS
40 ??? 220
41 EHLO rhu.barb
42 ????250
43 MAIL FROM:<>
44 RCPT TO:test@example.com
45 ??? 250
46 ??? 250
47 QUIT
48 ??? 221
49 ****
50 #
51 killdaemon
52 #
53 sudo rm -fr DIR/tmp
54 no_msglog_check