X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/5c8cda3a8089ff340224e6ab147d4bbe18dca0e2..cd8cb71deb2d653228cc037cf91ecab980acdcd0:/test/stdout/2014?ds=sidebyside diff --git a/test/stdout/2014 b/test/stdout/2014 index 56c959f20..94b9bdee8 100644 --- a/test/stdout/2014 +++ b/test/stdout/2014 @@ -1,3 +1,4 @@ +### No certificate, certificate required Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected ??? 220 <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 @@ -7,6 +8,8 @@ Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected ??? 250- <<< 250-SIZE 52428800 ??? 250- +<<< 250-LIMITS MAILMAX=1000 RCPTMAX=50000 +??? 250- <<< 250-8BITMIME ??? 250- <<< 250-PIPELINING @@ -18,8 +21,12 @@ Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected ??? 220 <<< 220 TLS go ahead Attempting to start TLS +gnutls_record_recv: A TLS fatal alert has been received. Failed to start TLS +>>> nop +????554 End of script +### No certificate, certificate optional at TLS time, required by ACL Connecting to 127.0.0.1 port 1225 ... connected ??? 220 <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 @@ -29,6 +36,8 @@ Connecting to 127.0.0.1 port 1225 ... connected ??? 250- <<< 250-SIZE 52428800 ??? 250- +<<< 250-LIMITS MAILMAX=1000 RCPTMAX=50000 +??? 250- <<< 250-8BITMIME ??? 250- <<< 250-PIPELINING @@ -54,9 +63,10 @@ Succeeded in starting TLS ??? 221 <<< 221 myhost.test.ex closing connection End of script +### Good certificate, certificate required Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected -Certificate file = aux-fixed/cert2 -Key file = aux-fixed/cert2 +Certificate file = aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.chain.pem +Key file = aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key ??? 220 <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 >>> ehlo rhu3.barb @@ -65,6 +75,8 @@ Key file = aux-fixed/cert2 ??? 250- <<< 250-SIZE 52428800 ??? 250- +<<< 250-LIMITS MAILMAX=1000 RCPTMAX=50000 +??? 250- <<< 250-8BITMIME ??? 250- <<< 250-PIPELINING @@ -77,6 +89,9 @@ Key file = aux-fixed/cert2 <<< 220 TLS go ahead Attempting to start TLS Succeeded in starting TLS +>>> helo test +??? 250 +<<< 250 myhost.test.ex Hello test [ip4.ip4.ip4.ip4] >>> mail from: ??? 250 <<< 250 OK @@ -87,9 +102,10 @@ Succeeded in starting TLS ??? 221 <<< 221 myhost.test.ex closing connection End of script +### Good certificate, certificate optional at TLS time, checked by ACL Connecting to 127.0.0.1 port 1225 ... connected -Certificate file = aux-fixed/cert2 -Key file = aux-fixed/cert2 +Certificate file = aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.chain.pem +Key file = aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key ??? 220 <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 >>> ehlo rhu4.barb @@ -98,6 +114,8 @@ Key file = aux-fixed/cert2 ??? 250- <<< 250-SIZE 52428800 ??? 250- +<<< 250-LIMITS MAILMAX=1000 RCPTMAX=50000 +??? 250- <<< 250-8BITMIME ??? 250- <<< 250-PIPELINING @@ -110,6 +128,9 @@ Key file = aux-fixed/cert2 <<< 220 TLS go ahead Attempting to start TLS Succeeded in starting TLS +>>> helo test +??? 250 +<<< 250 myhost.test.ex Hello test [127.0.0.1] >>> mail from: ??? 250 <<< 250 OK @@ -120,9 +141,10 @@ Succeeded in starting TLS ??? 221 <<< 221 myhost.test.ex closing connection End of script +### Bad certificate, certificate required Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected -Certificate file = aux-fixed/cert1 -Key file = aux-fixed/cert1 +Certificate file = aux-fixed/exim-ca/example.net/server1.example.net/server1.example.net.chain.pem +Key file = aux-fixed/exim-ca/example.net/server1.example.net/server1.example.net.unlocked.key ??? 220 <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 >>> ehlo rhu5.barb @@ -131,6 +153,8 @@ Key file = aux-fixed/cert1 ??? 250- <<< 250-SIZE 52428800 ??? 250- +<<< 250-LIMITS MAILMAX=1000 RCPTMAX=50000 +??? 250- <<< 250-8BITMIME ??? 250- <<< 250-PIPELINING @@ -142,11 +166,15 @@ Key file = aux-fixed/cert1 ??? 220 <<< 220 TLS go ahead Attempting to start TLS -Succeeded in starting TLS +gnutls_record_recv: A TLS fatal alert has been received. +Failed to start TLS +>>> nop +????554 End of script +### Bad certificate, certificate optional at TLS time, reject at ACL time Connecting to 127.0.0.1 port 1225 ... connected -Certificate file = aux-fixed/cert1 -Key file = aux-fixed/cert1 +Certificate file = aux-fixed/exim-ca/example.net/server1.example.net/server1.example.net.chain.pem +Key file = aux-fixed/exim-ca/example.net/server1.example.net/server1.example.net.unlocked.key ??? 220 <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 >>> ehlo rhu6.barb @@ -155,6 +183,8 @@ Key file = aux-fixed/cert1 ??? 250- <<< 250-SIZE 52428800 ??? 250- +<<< 250-LIMITS MAILMAX=1000 RCPTMAX=50000 +??? 250- <<< 250-8BITMIME ??? 250- <<< 250-PIPELINING @@ -167,21 +197,23 @@ Key file = aux-fixed/cert1 <<< 220 TLS go ahead Attempting to start TLS Succeeded in starting TLS +>>> helo test +??? 250 +<<< 250 myhost.test.ex Hello test [127.0.0.1] >>> mail from: ??? 250 <<< 250 OK >>> rcpt to: -??? 550- -<<< 550-certificate not verified: peerdn=C=UK,O=The Exim Maintainers,OU=Test ??? 550 -<<< 550 Suite,CN=Phil Pennock +<<< 550 certificate not verified: peerdn= >>> quit ??? 221 <<< 221 myhost.test.ex closing connection End of script +### Otherwise good but revoked certificate, certificate required Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected -Certificate file = aux-fixed/cert2 -Key file = aux-fixed/cert2 +Certificate file = aux-fixed/exim-ca/example.com/revoked1.example.com/revoked1.example.com.chain.pem +Key file = aux-fixed/exim-ca/example.com/revoked1.example.com/revoked1.example.com.unlocked.key ??? 220 <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 >>> ehlo rhu7.barb @@ -190,6 +222,8 @@ Key file = aux-fixed/cert2 ??? 250- <<< 250-SIZE 52428800 ??? 250- +<<< 250-LIMITS MAILMAX=1000 RCPTMAX=50000 +??? 250- <<< 250-8BITMIME ??? 250- <<< 250-PIPELINING @@ -197,15 +231,20 @@ Key file = aux-fixed/cert2 <<< 250-STARTTLS ??? 250 <<< 250 HELP ->>> starttls +>>> STARTTLS ??? 220 <<< 220 TLS go ahead Attempting to start TLS -Succeeded in starting TLS +>>> NOP +??? 554 Security failure +<<< 554 Security failure +>>> QUIT +>>> 220 End of script +### Revoked certificate, certificate optional at TLS time, reject at ACL time Connecting to 127.0.0.1 port 1225 ... connected -Certificate file = aux-fixed/cert1 -Key file = aux-fixed/cert1 +Certificate file = aux-fixed/exim-ca/example.com/revoked1.example.com/revoked1.example.com.chain.pem +Key file = aux-fixed/exim-ca/example.com/revoked1.example.com/revoked1.example.com.unlocked.key ??? 220 <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 >>> ehlo rhu8.barb @@ -214,6 +253,8 @@ Key file = aux-fixed/cert1 ??? 250- <<< 250-SIZE 52428800 ??? 250- +<<< 250-LIMITS MAILMAX=1000 RCPTMAX=50000 +??? 250- <<< 250-8BITMIME ??? 250- <<< 250-PIPELINING @@ -226,15 +267,66 @@ Key file = aux-fixed/cert1 <<< 220 TLS go ahead Attempting to start TLS Succeeded in starting TLS +>>> helo test +??? 250 +<<< 250 myhost.test.ex Hello test [127.0.0.1] >>> mail from: ??? 250 <<< 250 OK >>> rcpt to: -??? 550- -<<< 550-certificate not verified: peerdn=C=UK,O=The Exim Maintainers,OU=Test ??? 550 -<<< 550 Suite,CN=Phil Pennock +<<< 550 certificate not verified: peerdn=CN=revoked1.example.com +>>> quit +??? 221 +<<< 221 myhost.test.ex closing connection +End of script +### Good certificate, certificate required - but nonmatching CRL also present +Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected +Certificate file = aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.chain.pem +Key file = aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key +??? 220 +<<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 +>>> ehlo rhu9.barb +??? 250- +<<< 250-myhost.test.ex Hello rhu9.barb [ip4.ip4.ip4.ip4] +??? 250- +<<< 250-SIZE 52428800 +??? 250- +<<< 250-LIMITS MAILMAX=1000 RCPTMAX=50000 +??? 250- +<<< 250-8BITMIME +??? 250- +<<< 250-PIPELINING +??? 250- +<<< 250-STARTTLS +??? 250 +<<< 250 HELP +>>> starttls +??? 220 +<<< 220 TLS go ahead +Attempting to start TLS +Succeeded in starting TLS +>>> helo test +??? 250 +<<< 250 myhost.test.ex Hello test [ip4.ip4.ip4.ip4] +>>> mail from: +??? 250 +<<< 250 OK +>>> rcpt to: +??? 250 +<<< 250 Accepted >>> quit ??? 221 <<< 221 myhost.test.ex closing connection End of script + +******** SERVER ******** +### No certificate, certificate required +### No certificate, certificate optional at TLS time, required by ACL +### Good certificate, certificate required +### Good certificate, certificate optional at TLS time, checked by ACL +### Bad certificate, certificate required +### Bad certificate, certificate optional at TLS time, reject at ACL time +### Otherwise good but revoked certificate, certificate required +### Revoked certificate, certificate optional at TLS time, reject at ACL time +### Good certificate, certificate required - but nonmatching CRL also present