X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/d4fd1b83a197d73cbac114fe53f3448d8b5c7cc2..ee0140e6d0b26060972cdd3b51a650ef468d9b52:/test/scripts/5820-DANE-GnuTLS/5820?ds=sidebyside diff --git a/test/scripts/5820-DANE-GnuTLS/5820 b/test/scripts/5820-DANE-GnuTLS/5820 index 84684da53..d7824a38c 100644 --- a/test/scripts/5820-DANE-GnuTLS/5820 +++ b/test/scripts/5820-DANE-GnuTLS/5820 @@ -2,11 +2,11 @@ # exim -DSERVER=server -DDETAILS=ee -bd -oX PORT_D **** -### TLSA (3 1 1) +### TLSA (3 1 1) (DANE-EE SPKI SHA2-256) exim -odq CALLER@dane256ee.test.ex Testing **** -### TLSA (3 1 2) +### TLSA (3 1 2) ( SHA2-512) exim -odq CALLER@mxdane512ee.test.ex Testing **** @@ -24,7 +24,7 @@ killdaemon # exim -DSERVER=server -DDETAILS=ta -bd -oX PORT_D **** -### TLSA (2 0 1) +### TLSA (2 0 1) (DANE-TA CERT SHA2-256) exim -odf CALLER@mxdane256ta.test.ex Testing **** @@ -44,7 +44,7 @@ killdaemon # Check we get a CV and TLS connection, with try_dane but no require_dane exim -DSERVER=server -DDETAILS=ca -bd -oX PORT_D **** -exim -odf CALLER@thishost.test.ex +exim -odf -DDETAILS=ca CALLER@thishost.test.ex Testing **** exim -DOPT=no_certname -qf @@ -102,5 +102,27 @@ exim -odf CALLER@danebroken6.test.ex Testing **** # +### A server with a mixed-usage set of TLSAs - the EE-mode one failing verify (should deliver, DANE-mode) +# that way round to excersize more code in the implementation +exim -odf CALLER@danemixed.test.ex +Testing +**** +# +killdaemon +# +# +# +### A server with a name not matching the cert. TA-mode; should fail +exim -DSERVER=server -DDETAILS=cert.net -bd -oX PORT_D +**** +exim -odf CALLER@danebroken7.example.com +Testing +**** +# +### A server with a name not matching the cert. EE-mode; should deliver and claim DANE mode +exim -odf CALLER@danebroken8.example.com +Testing +**** +# killdaemon no_msglog_check