X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/4fab92fbc2b63bac2d89c1dae69fa1845cb640b7..690bc2ce8c7f0a76f01d03b5b158b0d64abbc86a:/test/stdout/2014?ds=inline diff --git a/test/stdout/2014 b/test/stdout/2014 index c7aab62f1..edd498aa8 100644 --- a/test/stdout/2014 +++ b/test/stdout/2014 @@ -1,3 +1,4 @@ +### No certificate, certificate required Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected ??? 220 <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 @@ -18,9 +19,12 @@ Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected ??? 220 <<< 220 TLS go ahead Attempting to start TLS -A TLS fatal alert has been received. +gnutls_record_recv: A TLS fatal alert has been received. Failed to start TLS +>>> nop +????554 End of script +### No certificate, certificate optional at TLS time, required by ACL Connecting to 127.0.0.1 port 1225 ... connected ??? 220 <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 @@ -55,9 +59,10 @@ Succeeded in starting TLS ??? 221 <<< 221 myhost.test.ex closing connection End of script +### Good certificate, certificate required Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected -Certificate file = aux-fixed/cert2 -Key file = aux-fixed/cert2 +Certificate file = aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.chain.pem +Key file = aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key ??? 220 <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 >>> ehlo rhu3.barb @@ -78,6 +83,9 @@ Key file = aux-fixed/cert2 <<< 220 TLS go ahead Attempting to start TLS Succeeded in starting TLS +>>> helo test +??? 250 +<<< 250 myhost.test.ex Hello test [ip4.ip4.ip4.ip4] >>> mail from: ??? 250 <<< 250 OK @@ -88,9 +96,10 @@ Succeeded in starting TLS ??? 221 <<< 221 myhost.test.ex closing connection End of script +### Good certificate, certificate optional at TLS time, checked by ACL Connecting to 127.0.0.1 port 1225 ... connected -Certificate file = aux-fixed/cert2 -Key file = aux-fixed/cert2 +Certificate file = aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.chain.pem +Key file = aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key ??? 220 <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 >>> ehlo rhu4.barb @@ -111,6 +120,9 @@ Key file = aux-fixed/cert2 <<< 220 TLS go ahead Attempting to start TLS Succeeded in starting TLS +>>> helo test +??? 250 +<<< 250 myhost.test.ex Hello test [127.0.0.1] >>> mail from: ??? 250 <<< 250 OK @@ -121,9 +133,10 @@ Succeeded in starting TLS ??? 221 <<< 221 myhost.test.ex closing connection End of script +### Bad certificate, certificate required Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected -Certificate file = aux-fixed/cert1 -Key file = aux-fixed/cert1 +Certificate file = aux-fixed/exim-ca/example.net/server1.example.net/server1.example.net.chain.pem +Key file = aux-fixed/exim-ca/example.net/server1.example.net/server1.example.net.unlocked.key ??? 220 <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 >>> ehlo rhu5.barb @@ -143,11 +156,15 @@ Key file = aux-fixed/cert1 ??? 220 <<< 220 TLS go ahead Attempting to start TLS -Succeeded in starting TLS +gnutls_record_recv: A TLS fatal alert has been received. +Failed to start TLS +>>> nop +????554 End of script +### Bad certificate, certificate optional at TLS time, reject at ACL time Connecting to 127.0.0.1 port 1225 ... connected -Certificate file = aux-fixed/cert1 -Key file = aux-fixed/cert1 +Certificate file = aux-fixed/exim-ca/example.net/server1.example.net/server1.example.net.chain.pem +Key file = aux-fixed/exim-ca/example.net/server1.example.net/server1.example.net.unlocked.key ??? 220 <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 >>> ehlo rhu6.barb @@ -168,21 +185,23 @@ Key file = aux-fixed/cert1 <<< 220 TLS go ahead Attempting to start TLS Succeeded in starting TLS +>>> helo test +??? 250 +<<< 250 myhost.test.ex Hello test [127.0.0.1] >>> mail from: ??? 250 <<< 250 OK >>> rcpt to: -??? 550- -<<< 550-certificate not verified: peerdn=C=UK,O=The Exim Maintainers,OU=Test ??? 550 -<<< 550 Suite,CN=Phil Pennock +<<< 550 certificate not verified: peerdn= >>> quit ??? 221 <<< 221 myhost.test.ex closing connection End of script +### Otherwise good but revoked certificate, certificate required Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected -Certificate file = aux-fixed/cert2 -Key file = aux-fixed/cert2 +Certificate file = aux-fixed/exim-ca/example.com/revoked1.example.com/revoked1.example.com.chain.pem +Key file = aux-fixed/exim-ca/example.com/revoked1.example.com/revoked1.example.com.unlocked.key ??? 220 <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 >>> ehlo rhu7.barb @@ -198,15 +217,20 @@ Key file = aux-fixed/cert2 <<< 250-STARTTLS ??? 250 <<< 250 HELP ->>> starttls +>>> STARTTLS ??? 220 <<< 220 TLS go ahead Attempting to start TLS -Succeeded in starting TLS +>>> NOP +??? 554 Security failure +<<< 554 Security failure +>>> QUIT +>>> 220 End of script +### Revoked certificate, certificate optional at TLS time, reject at ACL time Connecting to 127.0.0.1 port 1225 ... connected -Certificate file = aux-fixed/cert1 -Key file = aux-fixed/cert1 +Certificate file = aux-fixed/exim-ca/example.com/revoked1.example.com/revoked1.example.com.chain.pem +Key file = aux-fixed/exim-ca/example.com/revoked1.example.com/revoked1.example.com.unlocked.key ??? 220 <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 >>> ehlo rhu8.barb @@ -227,15 +251,64 @@ Key file = aux-fixed/cert1 <<< 220 TLS go ahead Attempting to start TLS Succeeded in starting TLS +>>> helo test +??? 250 +<<< 250 myhost.test.ex Hello test [127.0.0.1] >>> mail from: ??? 250 <<< 250 OK >>> rcpt to: -??? 550- -<<< 550-certificate not verified: peerdn=C=UK,O=The Exim Maintainers,OU=Test ??? 550 -<<< 550 Suite,CN=Phil Pennock +<<< 550 certificate not verified: peerdn=CN=revoked1.example.com +>>> quit +??? 221 +<<< 221 myhost.test.ex closing connection +End of script +### Good certificate, certificate required - but nonmatching CRL also present +Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected +Certificate file = aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.chain.pem +Key file = aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key +??? 220 +<<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 +>>> ehlo rhu9.barb +??? 250- +<<< 250-myhost.test.ex Hello rhu9.barb [ip4.ip4.ip4.ip4] +??? 250- +<<< 250-SIZE 52428800 +??? 250- +<<< 250-8BITMIME +??? 250- +<<< 250-PIPELINING +??? 250- +<<< 250-STARTTLS +??? 250 +<<< 250 HELP +>>> starttls +??? 220 +<<< 220 TLS go ahead +Attempting to start TLS +Succeeded in starting TLS +>>> helo test +??? 250 +<<< 250 myhost.test.ex Hello test [ip4.ip4.ip4.ip4] +>>> mail from: +??? 250 +<<< 250 OK +>>> rcpt to: +??? 250 +<<< 250 Accepted >>> quit ??? 221 <<< 221 myhost.test.ex closing connection End of script + +******** SERVER ******** +### No certificate, certificate required +### No certificate, certificate optional at TLS time, required by ACL +### Good certificate, certificate required +### Good certificate, certificate optional at TLS time, checked by ACL +### Bad certificate, certificate required +### Bad certificate, certificate optional at TLS time, reject at ACL time +### Otherwise good but revoked certificate, certificate required +### Revoked certificate, certificate optional at TLS time, reject at ACL time +### Good certificate, certificate required - but nonmatching CRL also present