X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/7f3555b3d8e1fccfe8f5d450bdde367018a5e764..6f3d774993c37967d5ad236691a194a40cc9da3f:/test/confs/2033?ds=inline diff --git a/test/confs/2033 b/test/confs/2033 index ce5505180..44ebbc594 100644 --- a/test/confs/2033 +++ b/test/confs/2033 @@ -3,13 +3,9 @@ SERVER= -exim_path = EXIM_PATH -host_lookup_order = bydns +.include DIR/aux-var/tls_conf_prefix + primary_hostname = myhost.test.ex -spool_directory = DIR/spool -log_file_path = DIR/spool/log/SERVER%slog -gecos_pattern = "" -gecos_name = CALLER_NAME FX = DIR/aux-fixed S1 = FX/exim-ca/example.com/server1.example.com @@ -23,6 +19,8 @@ KEY2 = FX/cert2 # ----- Main settings ----- +disable_ipv6 = true + acl_smtp_rcpt = accept log_selector = +tls_peerdn+tls_certificate_verified @@ -37,9 +35,6 @@ tls_advertise_hosts = * tls_certificate = ${if eq {SERVER}{server}{CERT1}fail} tls_privatekey = ${if eq {SERVER}{server}{KEY1}fail} -tls_verify_hosts = * -tls_verify_certificates = ${if eq {SERVER}{server}{CERT2}fail} - # ----- Routers ----- @@ -83,7 +78,7 @@ client_r: client_s: driver = accept - local_parts = users + local_parts = user_s retry_use_local_part transport = send_to_server_req_passname @@ -102,10 +97,9 @@ send_to_server_failcert: driver = smtp allow_localhost hosts = HOSTIPV4 - hosts_require_tls = HOSTIPV4 port = PORT_D - tls_certificate = CERT2 - tls_privatekey = CERT2 + hosts_try_fastopen = : + hosts_require_tls = HOSTIPV4 tls_verify_certificates = CA2 @@ -114,10 +108,9 @@ send_to_server_retry: driver = smtp allow_localhost hosts = HOSTIPV4 : 127.0.0.1 - hosts_require_tls = HOSTIPV4 port = PORT_D - tls_certificate = CERT2 - tls_privatekey = CERT2 + hosts_try_fastopen = : + hosts_require_tls = HOSTIPV4 tls_verify_certificates = \ ${if eq{$host_address}{127.0.0.1}{CA1}{CA2}} @@ -127,10 +120,9 @@ send_to_server_crypt: driver = smtp allow_localhost hosts = HOSTIPV4 - hosts_require_tls = HOSTIPV4 port = PORT_D - tls_certificate = CERT2 - tls_privatekey = CERT2 + hosts_try_fastopen = : + hosts_require_tls = HOSTIPV4 tls_verify_certificates = CA2 tls_try_verify_hosts = * @@ -142,8 +134,7 @@ send_to_server_req_fail: allow_localhost hosts = HOSTNAME port = PORT_D - tls_certificate = CERT2 - tls_privatekey = CERT2 + hosts_try_fastopen = : tls_verify_certificates = CA2 tls_verify_hosts = * @@ -155,8 +146,7 @@ send_to_server_req_failname: allow_localhost hosts = HOSTNAME port = PORT_D - tls_certificate = CERT2 - tls_privatekey = CERT2 + hosts_try_fastopen = : tls_verify_certificates = CA1 tls_verify_cert_hostnames = * @@ -169,8 +159,7 @@ send_to_server_req_passname: allow_localhost hosts = server1.example.com port = PORT_D - tls_certificate = CERT2 - tls_privatekey = CERT2 + hosts_try_fastopen = : tls_verify_certificates = CA1 tls_verify_cert_hostnames = * @@ -183,8 +172,7 @@ send_to_server_req_failcarryon: allow_localhost hosts = HOSTNAME port = PORT_D - tls_certificate = CERT2 - tls_privatekey = CERT2 + hosts_try_fastopen = : tls_verify_certificates = CA1 tls_verify_cert_hostnames = *