DANE: fix TA-mode verify under GnuTLS. Bug 2311
[exim.git] / test / confs / 2132
index 0692493220e0a6b66af2ae74d26f5db46ec6a39d..7e491b8a6a9b29ff34631e7cd8ec92485eacf0be 100644 (file)
@@ -1,13 +1,8 @@
 # Exim test configuration 2132 (close copy of 2102)
 
-exim_path = EXIM_PATH
-host_lookup_order = bydns
+.include DIR/aux-var/tls_conf_prefix
+
 primary_hostname = myhost.test.ex
-rfc1413_query_timeout = 0s
-spool_directory = DIR/spool
-log_file_path = DIR/spool/log/%slog
-gecos_pattern = ""
-gecos_name = CALLER_NAME
 
 # ----- Main settings -----
 
@@ -36,12 +31,16 @@ check_recipient:
   deny    hosts = HOSTIPV4
          !encrypted = AES256-SHA : \
                       AES256-GCM-SHA384 : \
+                      AES128-GCM-SHA256 : \
                       IDEA-CBC-MD5 : \
                       DES-CBC3-SHA : \
                      DHE-RSA-AES256-SHA : \
                      DHE-RSA-AES256-GCM-SHA384 : \
                       DHE_RSA_AES_256_CBC_SHA1 : \
-                      DHE_RSA_3DES_EDE_CBC_SHA
+                      DHE_RSA_3DES_EDE_CBC_SHA : \
+                      ECDHE-RSA-AES256-GCM-SHA384 : \
+                      ECDHE-RSA-AES128-GCM-SHA256 : \
+                     ECDHE-RSA-CHACHA20-POLY1305
   warn    logwrite =  ${if def:tls_in_ourcert \
                {Our cert SN: <${certextract{subject}{$tls_in_ourcert}}>} \
                {We did not present a cert}}