X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/3af849e2045f7c580d4c533d829dc9d567162d36..38965d80d70cacd0c944d32f7107549a3a272b35:/test/confs/2102 diff --git a/test/confs/2102 b/test/confs/2102 index 0139a61c0..ce86946e3 100644 --- a/test/confs/2102 +++ b/test/confs/2102 @@ -33,6 +33,9 @@ tls_verify_hosts = HOSTIPV4 tls_verify_certificates = DRSA/server2.example.com/ca_chain.pem +.ifdef _OPT_OPENSSL_NO_TLSV1_3_X +openssl_options = +no_tlsv1_3 +.endif # ------ ACL ------ begin acl @@ -43,6 +46,7 @@ check_recipient: !encrypted = * logwrite = cipher: $tls_in_cipher # This appears to lie. Despite what's on the wire, it returns the last cert loaded. +# Fixed in OpenSSL 1.1.1 ? Testcase golden logfile has the incorrect value. warn logwrite = ${if def:tls_in_ourcert \ {Our cert SN: <${certextract{subject}{$tls_in_ourcert}}>} \ {We did not present a cert}} @@ -68,6 +72,9 @@ check_recipient: logwrite = sha1 fingerprint ${sha1:$tls_in_peercert} logwrite = sha256 fingerprint ${sha256:$tls_in_peercert} logwrite = der_b64 ${base64:$tls_in_peercert} + logwrite = cipher: $tls_in_cipher + logwrite = cipher_ $tls_in_cipher_std + logwrite = ver: $tls_in_ver # ----- Routers ----- @@ -88,6 +95,7 @@ begin transports local_delivery: driver = appendfile file = DIR/test-mail/$local_part + create_file = DIR/test-mail headers_add = TLS: cipher=$tls_cipher peerdn=$tls_peerdn user = CALLER