X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/d1af83598f7d6b32516a11bb28e569d592a05c48..8cb2cf17f0aba94df3a5a1109b28337949e3f7c1:/test/confs/2133 diff --git a/test/confs/2133 b/test/confs/2133 index 93ad43f04..8fa51d0e9 100644 --- a/test/confs/2133 +++ b/test/confs/2133 @@ -1,16 +1,11 @@ -# Exim test configuration 2133 +# Exim test configuration 1162 # TLS client: verify certificate from server - name-fails SERVER= -exim_path = EXIM_PATH -keep_environment = -host_lookup_order = bydns +.include DIR/aux-var/tls_conf_prefix + primary_hostname = myhost.test.ex -spool_directory = DIR/spool -log_file_path = DIR/spool/log/SERVER%slog -gecos_pattern = "" -gecos_name = CALLER_NAME FX = DIR/aux-fixed S1 = FX/exim-ca/example.com/server1.example.com @@ -86,7 +81,7 @@ client_r: client_s: driver = accept - local_parts = users + local_parts = user_s retry_use_local_part transport = send_to_server_req_passname @@ -96,7 +91,6 @@ client_t: retry_use_local_part transport = send_to_server_req_failcarryon - # ----- Transports ----- begin transports @@ -106,8 +100,9 @@ send_to_server_failcert: driver = smtp allow_localhost hosts = HOSTIPV4 - hosts_require_tls = HOSTIPV4 port = PORT_D + hosts_try_fastopen = : + hosts_require_tls = HOSTIPV4 tls_certificate = CERT2 tls_privatekey = CERT2 @@ -118,8 +113,9 @@ send_to_server_retry: driver = smtp allow_localhost hosts = HOSTIPV4 : 127.0.0.1 - hosts_require_tls = HOSTIPV4 port = PORT_D + hosts_try_fastopen = : + hosts_require_tls = HOSTIPV4 tls_certificate = CERT2 tls_privatekey = CERT2 @@ -131,8 +127,9 @@ send_to_server_crypt: driver = smtp allow_localhost hosts = HOSTIPV4 - hosts_require_tls = HOSTIPV4 port = PORT_D + hosts_try_fastopen = : + hosts_require_tls = HOSTIPV4 tls_certificate = CERT2 tls_privatekey = CERT2 @@ -146,6 +143,7 @@ send_to_server_req_fail: allow_localhost hosts = HOSTNAME port = PORT_D + hosts_try_fastopen = : tls_certificate = CERT2 tls_privatekey = CERT2 @@ -159,6 +157,7 @@ send_to_server_req_failname: allow_localhost hosts = HOSTNAME port = PORT_D + hosts_try_fastopen = : tls_certificate = CERT2 tls_privatekey = CERT2 @@ -173,6 +172,7 @@ send_to_server_req_passname: allow_localhost hosts = server1.example.com port = PORT_D + hosts_try_fastopen = : tls_certificate = CERT2 tls_privatekey = CERT2 @@ -180,11 +180,14 @@ send_to_server_req_passname: tls_verify_cert_hostnames = * tls_verify_hosts = * +# this will fail to verify the cert name but carry on (try-verify mode) +# fail because the cert is "server1.example.com" and the test system is something else send_to_server_req_failcarryon: driver = smtp allow_localhost hosts = HOSTNAME port = PORT_D + hosts_try_fastopen = : tls_certificate = CERT2 tls_privatekey = CERT2