Fix CVE-2016-1531

[exim.git] / test / confs / 5600

diff --git a/test/confs/5600 b/test/confs/5600
index cd5f3c8e782105407503d3c6ecdd89110b552ec9..c05bcfcf92e9271b7a5a256955a5d7ffc19fd9fd 100644 (file)
--- a/test/confs/5600
+++ b/test/confs/5600
@@ -4,9 +4,9 @@
 CRL=
 
 exim_path = EXIM_PATH
+keep_environment =
 host_lookup_order = bydns
 primary_hostname = server1.example.com
-rfc1413_query_timeout = 0s
 spool_directory = DIR/spool
 log_file_path = DIR/spool/log/%slog
 gecos_pattern = ""
@@ -40,10 +40,14 @@ tls_ocsp_file = OCSP
 begin acl
 
 check_connect:
-  accept   logwrite = acl_conn: ocsp in status: $tls_in_ocsp
+  accept   logwrite = acl_conn: ocsp in status: $tls_in_ocsp \
+    (${listextract {${eval:$tls_in_ocsp+1}} \
+               {notreq:notresp:vfynotdone:failed:verified}})
 
 check_mail:
-  accept   logwrite = acl_mail: ocsp in status: $tls_in_ocsp
+  accept   logwrite = acl_mail: ocsp in status: $tls_in_ocsp \
+    (${listextract {${eval:$tls_in_ocsp+1}} \
+               {notreq:notresp:vfynotdone:failed:verified}})
 
 check_recipient:
   deny     message = certificate not verified: peerdn=$tls_peerdn