X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/9aa512a1898155484e00ee089057d28f2432b30e..0cedb352e62898761b701af0c400df8ae1989383:/test/confs/5651?ds=sidebyside diff --git a/test/confs/5651 b/test/confs/5651 index 6b70d33b2..0e5e27b85 100644 --- a/test/confs/5651 +++ b/test/confs/5651 @@ -4,13 +4,18 @@ SERVER = exim_path = EXIM_PATH +keep_environment = ^EXIM_TESTHARNESS_DISABLE_[O]CSPVALIDITYCHECK$ host_lookup_order = bydns -primary_hostname = server1.example.com -rfc1413_query_timeout = 0s spool_directory = DIR/spool log_file_path = DIR/spool/log/SERVER%slog gecos_pattern = "" gecos_name = CALLER_NAME +chunking_advertise_hosts = +primary_hostname = server1.example.com + +.ifdef _HAVE_DMARC +dmarc_tld_file = +.endif # ----- Main settings ----- @@ -35,7 +40,7 @@ tls_privatekey = ${if eq {SERVER}{server}\ fail} # from cmdline define -tls_ocsp_file = OCSP +tls_ocsp_file = OPT # ------ ACL ------ @@ -78,7 +83,7 @@ begin transports local_delivery: driver = appendfile - file = DIR/test-mail/$local_part + file = DIR/test-mail/${bless:$local_part} headers_add = TLS: cipher=$tls_cipher peerdn=$tls_peerdn user = CALLER @@ -87,7 +92,9 @@ send_to_server1: allow_localhost hosts = HOSTIPV4 port = PORT_D + hosts_try_fastopen = : tls_verify_certificates = DIR/aux-fixed/exim-ca/example.com/CA/CA.pem + tls_verify_cert_hostnames = hosts_require_tls = * hosts_request_ocsp = : headers_add = X-TLS-out: OCSP status $tls_out_ocsp \ @@ -99,7 +106,9 @@ send_to_server2: allow_localhost hosts = HOSTIPV4 port = PORT_D + hosts_try_fastopen = : tls_verify_certificates = DIR/aux-fixed/exim-ca/example.com/CA/CA.pem + tls_verify_cert_hostnames = hosts_require_tls = * # note no ocsp mention here headers_add = X-TLS-out: OCSP status $tls_out_ocsp \ @@ -111,9 +120,12 @@ send_to_server3: allow_localhost hosts = 127.0.0.1 port = PORT_D + hosts_try_fastopen = : helo_data = helo.data.changed #tls_verify_certificates = DIR/aux-fixed/exim-ca/example.com/server1.example.com/ca_chain.pem tls_verify_certificates = DIR/aux-fixed/exim-ca/example.com/CA/CA.pem + tls_try_verify_hosts = + tls_verify_cert_hostnames = hosts_require_tls = * hosts_require_ocsp = * headers_add = X-TLS-out: OCSP status $tls_out_ocsp \ @@ -125,9 +137,11 @@ send_to_server4: allow_localhost hosts = 127.0.0.1 port = PORT_D + hosts_try_fastopen = : helo_data = helo.data.changed #tls_verify_certificates = DIR/aux-fixed/exim-ca/example.com/server1.example.com/ca_chain.pem tls_verify_certificates = DIR/aux-fixed/exim-ca/example.com/CA/CA.pem + tls_verify_cert_hostnames = protocol = smtps hosts_require_tls = * hosts_require_ocsp = *