Testsuite: allow --range <number> +
[exim.git] / test / confs / 5860
1 # Exim test configuration 5860
2 # DANE
3
4 SERVER=
5
6 .include DIR/aux-var/tls_conf_prefix
7
8 primary_hostname = myhost.test.ex
9
10 # ----- Main settings -----
11
12 acl_smtp_rcpt = accept
13
14 log_selector =  +received_recipients +tls_peerdn +tls_certificate_verified
15
16 queue_only
17 queue_run_in_order
18
19 tls_advertise_hosts = *
20
21 # Set certificate only if server
22 CDIR1 = DIR/aux-fixed
23 CDIR2 = DIR/aux-fixed/exim-ca/example.com/server1.example.com
24
25 tls_certificate = ${if eq {SERVER}{server} \
26         {${if eq {DETAILS}{ta} \
27                 {CDIR2/fullchain.pem}\
28                 {CDIR1/cert1}}}\
29         fail}
30
31 tls_privatekey = ${if eq {SERVER}{server} \
32         {${if eq {DETAILS}{ta} \
33                 {CDIR2/server1.example.com.unlocked.key}\
34                 {CDIR1/cert1}}}\
35         fail}
36
37
38 begin acl
39
40 logger:
41   accept condition = ${if eq {tls} {${listextract{1}{$event_name}}}}
42          logwrite = $event_name depth = $event_data \
43                         <${certextract {subject} {$tls_out_peercert}}>
44 #  message = noooo
45
46   accept condition = ${if eq {msg} {${listextract{1}{$event_name}}}}
47          logwrite = $event_name dane=$tls_out_dane
48   accept
49
50 # ----- Routers -----
51
52 begin routers
53
54 client:
55   driver = dnslookup
56   condition = ${if eq {SERVER}{}}
57   dnssec_request_domains = *
58   self = send
59   transport = send_to_server
60
61 server:
62   driver = redirect
63   data = :blackhole:
64
65
66 # ----- Transports -----
67
68 begin transports
69
70 send_to_server:
71   driver = smtp
72   allow_localhost
73   port = PORT_D
74
75 #  hosts_try_dane = *
76   hosts_require_dane = *
77   hosts_request_ocsp = ${if or { {= {4}{$tls_out_tlsa_usage}} \
78                                  {= {0}{$tls_out_tlsa_usage}} } \
79                         {*}{}}
80
81   event_action =   ${acl {logger}}
82
83 # End