Fix CVE-2016-1531

[exim.git] / test / confs / 5750

diff --git a/test/confs/5750 b/test/confs/5750
index a0bce0282bd8346992066104b0c6ec70047f16ec..3a66364d01d8eb224f00166529dc0b6ce20f389f 100644 (file)
--- a/test/confs/5750
+++ b/test/confs/5750
@@ -4,9 +4,9 @@
 SERVER=
 
 exim_path = EXIM_PATH
+keep_environment =
 host_lookup_order = bydns
 primary_hostname = myhost.test.ex
-rfc1413_query_timeout = 0s
 spool_directory = DIR/spool
 log_file_path = DIR/spool/log/SERVER%slog
 gecos_pattern = ""
@@ -58,6 +58,8 @@ ev_msg:
   accept logwrite = Peer cert:
         logwrite =  ver <${certextract {version}       {$tls_out_peercert}}>
         logwrite =  SN  <${certextract {subject}       {$tls_out_peercert}}>
+        logwrite =  SN; <${certextract {subject,>;}    {$tls_out_peercert}}>
+        logwrite =  SNCN<${certextract {subject,CN}    {$tls_out_peercert}}>
          logwrite =  IN  <${certextract {issuer}       {$tls_out_peercert}}>
          logwrite =  NB  <${certextract {notbefore}    {$tls_out_peercert}}>
          logwrite =  NA  <${certextract {notafter}     {$tls_out_peercert}}>
@@ -102,6 +104,8 @@ send_to_server:
        ${if eq {$local_part}{good}\
 {example.com/server1.example.com/ca_chain.pem}\
 {example.net/server1.example.net/ca_chain.pem}}
+  tls_try_verify_hosts =
+  tls_verify_cert_hostnames =
 
   event_action =   ${acl {logger} {$event_name} {$domain} }