X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/8497e842ec8a55daad7ce936aedf01227fa0f4d1..7f3555b3d8e1fccfe8f5d450bdde367018a5e764:/test/confs/5440

diff --git a/test/confs/5440 b/test/confs/5440
deleted file mode 100644
index 479038ad6..000000000
--- a/test/confs/5440
+++ /dev/null
@@ -1,193 +0,0 @@
-# Exim test configuration 5440
-# TLS client: verify certificate from server - name-fails
-
-SERVER=
-
-exim_path = EXIM_PATH
-host_lookup_order = bydns
-primary_hostname = myhost.test.ex
-spool_directory = DIR/spool
-log_file_path = DIR/spool/log/SERVER%slog
-gecos_pattern = ""
-gecos_name = CALLER_NAME
-
-FX = DIR/aux-fixed
-S1 = FX/exim-ca/example.com/server1.example.com
-
-CA1 =   S1/ca_chain.pem 
-CERT1 = S1/server1.example.com.pem
-KEY1 =  S1/server1.example.com.unlocked.key
-CA2 =   FX/cert2
-CERT2 = FX/cert2
-KEY2 =  FX/cert2
-
-# ----- Main settings -----
-
-acl_smtp_rcpt = accept
-
-log_selector =  +tls_peerdn+tls_certificate_verified
-
-queue_only
-queue_run_in_order
-
-tls_advertise_hosts = *
-
-# Set certificate only if server
-
-tls_certificate = ${if eq {SERVER}{server}{CERT1}fail}
-tls_privatekey = ${if eq {SERVER}{server}{KEY1}fail}
-
-tls_verify_hosts = *
-tls_verify_certificates = ${if eq {SERVER}{server}{CERT2}fail}
-
-
-# ----- Routers -----
-
-begin routers
-
-server_dump:
-  driver = redirect
-  condition = ${if eq {SERVER}{server}{yes}{no}}
-  data = :blackhole:
-
-client_x:
-  driver = accept
-  local_parts = userx
-  retry_use_local_part
-  transport = send_to_server_failcert
-  errors_to = ""
-
-client_y:
-  driver = accept
-  local_parts = usery
-  retry_use_local_part
-  transport = send_to_server_retry
-
-client_z:
-  driver = accept
-  local_parts = userz
-  retry_use_local_part
-  transport = send_to_server_crypt
-
-client_q:
-  driver = accept
-  local_parts = userq
-  retry_use_local_part
-  transport = send_to_server_req_fail
-
-client_r:
-  driver = accept
-  local_parts = userr
-  retry_use_local_part
-  transport = send_to_server_req_failname
-
-client_s:
-  driver = accept
-  local_parts = users
-  retry_use_local_part
-  transport = send_to_server_req_passname
-
-client_t:
-  driver = accept
-  local_parts = usert
-  retry_use_local_part
-  transport = send_to_server_req_failcarryon
-
-# ----- Transports -----
-
-begin transports
-
-# this will fail to verify the cert at HOSTIPV4 so fail the crypt requirement
-send_to_server_failcert:
-  driver = smtp
-  allow_localhost
-  hosts = HOSTIPV4
-  hosts_require_tls = HOSTIPV4
-  port = PORT_D
-  tls_certificate = CERT2
-  tls_privatekey = CERT2
-
-  tls_verify_certificates = CA2
-
-# this will fail to verify the cert at HOSTIPV4 so fail the crypt, then retry on 127.1; ok
-send_to_server_retry:
-  driver = smtp
-  allow_localhost
-  hosts = HOSTIPV4 : 127.0.0.1
-  hosts_require_tls = HOSTIPV4
-  port = PORT_D
-  tls_certificate = CERT2
-  tls_privatekey = CERT2
-
-  tls_verify_certificates = \
-    ${if eq{$host_address}{127.0.0.1}{CA1}{CA2}}
-
-# this will fail to verify the cert but continue unverified though crypted
-send_to_server_crypt:
-  driver = smtp
-  allow_localhost
-  hosts = HOSTIPV4
-  hosts_require_tls = HOSTIPV4
-  port = PORT_D
-  tls_certificate = CERT2
-  tls_privatekey = CERT2
-
-  tls_verify_certificates = CA2
-  tls_try_verify_hosts = *
-
-# this will fail to verify the cert at HOSTNAME and fallback to unencrypted
-# Fail due to lack of correct CA
-send_to_server_req_fail:
-  driver = smtp
-  allow_localhost
-  hosts = HOSTNAME
-  port = PORT_D
-  tls_certificate = CERT2
-  tls_privatekey = CERT2
-
-  tls_verify_certificates = CA2
-  tls_verify_hosts = *
-
-# this will fail to verify the cert name and fallback to unencrypted
-# fail because the cert is "server1.example.com" and the test system is something else
-send_to_server_req_failname:
-  driver = smtp
-  allow_localhost
-  hosts = HOSTNAME
-  port = PORT_D
-  tls_certificate = CERT2
-  tls_privatekey = CERT2
-
-  tls_verify_certificates = CA1
-  tls_verify_cert_hostnames = *
-  tls_verify_hosts = *
-
-# this will pass the cert verify including name check
-# our stunt DNS has an A record for server1.example.com -> HOSTIPV4
-send_to_server_req_passname:
-  driver = smtp
-  allow_localhost
-  hosts = server1.example.com
-  port = PORT_D
-  tls_certificate = CERT2
-  tls_privatekey = CERT2
-
-  tls_verify_certificates = CA1
-  tls_verify_cert_hostnames = *
-  tls_verify_hosts = *
-
-# this will fail to verify the cert name but carry on (try-verify mode)
-# fail because the cert is "server1.example.com" and the test system is something else
-send_to_server_req_failcarryon:
-  driver = smtp
-  allow_localhost
-  hosts = HOSTNAME
-  port = PORT_D
-  tls_certificate = CERT2
-  tls_privatekey = CERT2
-
-  tls_verify_certificates = CA1
-  tls_verify_cert_hostnames = *
-  tls_try_verify_hosts = *
-
-# End