git://git.exim.org
/
exim.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Docs: more warnings on use of tainted data
[exim.git]
/
test
/
confs
/
2133
diff --git
a/test/confs/2133
b/test/confs/2133
index ff4350809118dce3eee4da811d069cc1d8c8c268..8fa51d0e911815d2ec400ac2ac22221fa1963683 100644
(file)
--- a/
test/confs/2133
+++ b/
test/confs/2133
@@
-1,4
+1,4
@@
-# Exim test configuration
2133
+# Exim test configuration
1162
# TLS client: verify certificate from server - name-fails
SERVER=
# TLS client: verify certificate from server - name-fails
SERVER=
@@
-81,7
+81,7
@@
client_r:
client_s:
driver = accept
client_s:
driver = accept
- local_parts = users
+ local_parts = user
_
s
retry_use_local_part
transport = send_to_server_req_passname
retry_use_local_part
transport = send_to_server_req_passname
@@
-91,7
+91,6
@@
client_t:
retry_use_local_part
transport = send_to_server_req_failcarryon
retry_use_local_part
transport = send_to_server_req_failcarryon
-
# ----- Transports -----
begin transports
# ----- Transports -----
begin transports
@@
-101,8
+100,9
@@
send_to_server_failcert:
driver = smtp
allow_localhost
hosts = HOSTIPV4
driver = smtp
allow_localhost
hosts = HOSTIPV4
- hosts_require_tls = HOSTIPV4
port = PORT_D
port = PORT_D
+ hosts_try_fastopen = :
+ hosts_require_tls = HOSTIPV4
tls_certificate = CERT2
tls_privatekey = CERT2
tls_certificate = CERT2
tls_privatekey = CERT2
@@
-113,8
+113,9
@@
send_to_server_retry:
driver = smtp
allow_localhost
hosts = HOSTIPV4 : 127.0.0.1
driver = smtp
allow_localhost
hosts = HOSTIPV4 : 127.0.0.1
- hosts_require_tls = HOSTIPV4
port = PORT_D
port = PORT_D
+ hosts_try_fastopen = :
+ hosts_require_tls = HOSTIPV4
tls_certificate = CERT2
tls_privatekey = CERT2
tls_certificate = CERT2
tls_privatekey = CERT2
@@
-126,8
+127,9
@@
send_to_server_crypt:
driver = smtp
allow_localhost
hosts = HOSTIPV4
driver = smtp
allow_localhost
hosts = HOSTIPV4
- hosts_require_tls = HOSTIPV4
port = PORT_D
port = PORT_D
+ hosts_try_fastopen = :
+ hosts_require_tls = HOSTIPV4
tls_certificate = CERT2
tls_privatekey = CERT2
tls_certificate = CERT2
tls_privatekey = CERT2
@@
-141,6
+143,7
@@
send_to_server_req_fail:
allow_localhost
hosts = HOSTNAME
port = PORT_D
allow_localhost
hosts = HOSTNAME
port = PORT_D
+ hosts_try_fastopen = :
tls_certificate = CERT2
tls_privatekey = CERT2
tls_certificate = CERT2
tls_privatekey = CERT2
@@
-154,6
+157,7
@@
send_to_server_req_failname:
allow_localhost
hosts = HOSTNAME
port = PORT_D
allow_localhost
hosts = HOSTNAME
port = PORT_D
+ hosts_try_fastopen = :
tls_certificate = CERT2
tls_privatekey = CERT2
tls_certificate = CERT2
tls_privatekey = CERT2
@@
-168,6
+172,7
@@
send_to_server_req_passname:
allow_localhost
hosts = server1.example.com
port = PORT_D
allow_localhost
hosts = server1.example.com
port = PORT_D
+ hosts_try_fastopen = :
tls_certificate = CERT2
tls_privatekey = CERT2
tls_certificate = CERT2
tls_privatekey = CERT2
@@
-175,11
+180,14
@@
send_to_server_req_passname:
tls_verify_cert_hostnames = *
tls_verify_hosts = *
tls_verify_cert_hostnames = *
tls_verify_hosts = *
+# this will fail to verify the cert name but carry on (try-verify mode)
+# fail because the cert is "server1.example.com" and the test system is something else
send_to_server_req_failcarryon:
driver = smtp
allow_localhost
hosts = HOSTNAME
port = PORT_D
send_to_server_req_failcarryon:
driver = smtp
allow_localhost
hosts = HOSTNAME
port = PORT_D
+ hosts_try_fastopen = :
tls_certificate = CERT2
tls_privatekey = CERT2
tls_certificate = CERT2
tls_privatekey = CERT2