git://git.exim.org / exim.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Lookups: avoid leaking user/passwd from server spec to log. Bug 3066
[exim.git] / test / confs / 2031
diff --git a/test/confs/2031 b/test/confs/2031
index d7e140844982ccadb84e02654bbaf575b94efd58..62577a61ac0e9a6cf9366486b14ac7cba1b243ec 100644 (file)
--- a/test/confs/2031
+++ b/test/confs/2031
@@ -1,43 +1,49 @@
-# Exim test configuration 2030
+# Exim test configuration 2031
 # SNI
 
 SERVER =
 
-exim_path = EXIM_PATH
-keep_environment =
-host_lookup_order = bydns
-primary_hostname = myhost.test.ex
-spool_directory = DIR/spool
-log_file_path = DIR/spool/log/SERVER%slog
-gecos_pattern = ""
-gecos_name = CALLER_NAME
+.include DIR/aux-var/tls_conf_prefix
 
+primary_hostname = myhost.test.ex
 
 # ----- Main settings -----
 
 domainlist local_domains = test.ex : *.test.ex
 
 acl_smtp_rcpt = acl_log_sni
-log_selector = +tls_peerdn +tls_sni
+log_selector = +tls_peerdn +tls_sni +received_recipients
 remote_max_parallel = 1
 
 tls_advertise_hosts = *
 
-# Set certificate only if server
-
-tls_certificate = ${if eq {SERVER}{server} \
-       {DIR/aux-fixed/${if eq {$tls_in_sni}{bill} \
-           {exim-ca/example.com/server1.example.com/server1.example.com.pem} \
+tls_certificate = DIR/aux-fixed/${if inlist {$tls_in_sni}{ : normal : badkey : noneistkeyfile : expansionfailkey} \
            {cert1} \
-                       }\
-       }fail}
-
-tls_privatekey = ${if eq {SERVER}{server} \
-       {DIR/aux-fixed/${if eq {$tls_in_sni}{bill} \
-           {exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key} \
+           {${if eq {$tls_in_sni}{alternate} \
+             {exim-ca/example.com/server1.example.com/server1.example.com.pem} \
+             {${if eq {$tls_in_sni}{badcert} \
+               {exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key} \
+               {${if eq {$tls_in_sni}{nonexistcertfile} \
+                 {nonexistent_file} \
+                 fail \
+               } } \
+             } } \
+           } } \
+                       }
+
+tls_privatekey = DIR/aux-fixed/${if inlist {$tls_in_sni}{ : normal : badcert : nonexistcertfile : expansionfailedcert} \
            {cert1} \
-                       }\
-       }fail}
+           {${if eq {$tls_in_sni}{alternate} \
+             {exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key} \
+             {${if eq {$tls_in_sni}{badkey} \
+               {cert2} \
+               {${if eq {$tls_in_sni}{noneistkeyfile} \
+                 {nonexist_file} \
+                 fail \
+               } } \
+             } } \
+           } } \
+                       }
 
 
 # ------ ACL ------
@@ -55,7 +61,7 @@ begin routers
 client:
   driver = accept
   condition = ${if !eq {SERVER}{server}}
-  transport = send_to_server${if eq{$local_part}{abcd}{2}{1}}
+  transport = send_to_server
 
 server:
   driver = redirect
@@ -66,20 +72,14 @@ server:
 
 begin transports
 
-send_to_server1:
-  driver = smtp
+send_to_server:
+  driver =             smtp
   allow_localhost
-  hosts = HOSTIPV4
-  port = PORT_D
-  tls_sni = fred
-
-send_to_server2:
-  driver = smtp
-  allow_localhost
-  hosts = HOSTIPV4
-  port = PORT_D
-  tls_sni = bill
-
+  hosts =              HOSTIPV4
+  port =               PORT_D
+  hosts_try_fastopen = :
+  hosts_require_tls =  *
+  tls_sni =            ${local_part}
 
 # ----- Retry -----
 
Master Exim source repository