git://git.exim.org
/
exim.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
tidying
[exim.git]
/
test
/
confs
/
5600
diff --git
a/test/confs/5600
b/test/confs/5600
index cd5f3c8e782105407503d3c6ecdd89110b552ec9..b65a2797e4917832656a65bf5a1959e601235ab5 100644
(file)
--- a/
test/confs/5600
+++ b/
test/confs/5600
@@
-3,14
+3,9
@@
CRL=
CRL=
-exim_path = EXIM_PATH
-host_lookup_order = bydns
+.include DIR/aux-var/tls_conf_prefix
+
primary_hostname = server1.example.com
primary_hostname = server1.example.com
-rfc1413_query_timeout = 0s
-spool_directory = DIR/spool
-log_file_path = DIR/spool/log/%slog
-gecos_pattern = ""
-gecos_name = CALLER_NAME
# ----- Main settings -----
# ----- Main settings -----
@@
-32,7
+27,7
@@
tls_verify_hosts = HOSTIPV4
tls_try_verify_hosts = *
tls_verify_certificates = DIR/aux-fixed/cert2
tls_crl = CRL
tls_try_verify_hosts = *
tls_verify_certificates = DIR/aux-fixed/cert2
tls_crl = CRL
-tls_ocsp_file =
OCSP
+tls_ocsp_file =
RETURN
# ------ ACL ------
# ------ ACL ------
@@
-40,10
+35,14
@@
tls_ocsp_file = OCSP
begin acl
check_connect:
begin acl
check_connect:
- accept logwrite = acl_conn: ocsp in status: $tls_in_ocsp
+ accept logwrite = acl_conn: ocsp in status: $tls_in_ocsp \
+ (${listextract {${eval:$tls_in_ocsp+1}} \
+ {notreq:notresp:vfynotdone:failed:verified}})
check_mail:
check_mail:
- accept logwrite = acl_mail: ocsp in status: $tls_in_ocsp
+ accept logwrite = acl_mail: ocsp in status: $tls_in_ocsp \
+ (${listextract {${eval:$tls_in_ocsp+1}} \
+ {notreq:notresp:vfynotdone:failed:verified}})
check_recipient:
deny message = certificate not verified: peerdn=$tls_peerdn
check_recipient:
deny message = certificate not verified: peerdn=$tls_peerdn