Exim can pull out a server name, if there is one, from the response to the
client's SMTP EHLO command.
-The default value of this option:
+For normal STARTTLS use, the default value of this option:
.code
${if and { {match {$host} {.outlook.com\$}} \
{match {$item} {\N^250-([\w.]+)\s\N}} \
} {$1}}
.endd
suffices for one known case.
+
During the expansion of this option the &$item$& variable will have the
server's EHLO response.
+
+.new
+For TLS-on-connect connections we do not have an EHLO
+response to use. Because of this the default value of this option is
+set to a static string for those cases, meaning that resumption will
+always be attempted if permitted by the &%tls_resumption_hosts%& option.
+.wen
+
The result of the option expansion is included in the key used to store and
retrieve the TLS session, for session resumption.
a connection_reject log_selector, under tls_on_connect. Previously
with this combination, when the connect ACL rejected, a spurious
paniclog entry was made.
+JH/04 Fix TLS resumption for TLS-on-connect. This was broken by the advent
+ of loadbalancer-detection for resumption, in 4.96 - which tries to
+ use the EHLO response. SMTPS does not have one at the time it is starting
+ TLS. Change the default for the smtp transport host_name_extract option
+ to be a static string, for TLS-on-connect cases; meaning that resumption
+ will always be attempted (unless deliberately overriden).
+
Exim version 4.97
#define RESUME_USED BIT(4)
#define RESUME_DECODE_STRING \
- US"not requested or offered : 0x02 :client requested, no server ticket" \
- ": 0x04 : 0x05 : 0x06 :client offered session, no server action" \
- ": 0x08 :no client request: 0x0A :client requested new ticket, server provided" \
- ": 0x0C :client offered session, not used: 0x0E :client offered session, server only provided new ticket" \
- ": 0x10 :session resumed unasked: 0x12 :session resumed unasked" \
- ": 0x14 : 0x15 : 0x16 :session resumed" \
- ": 0x18 :session resumed unasked: 0x1A :session resumed unasked" \
- ": 0x1C :session resumed: 0x1E :session resumed, also new ticket"
+ US"not requested or offered" \
+ ": 0x02 :client requested, no server ticket" \
+ ": 0x04 : 0x05 " \
+ ": 0x06 :client offered session, no server action" \
+ ": 0x08 :no client request" \
+ ": 0x0A :client requested new ticket, server provided" \
+ ": 0x0C :client offered session, not used" \
+ ": 0x0E :client offered session, server only provided new ticket" \
+ ": 0x10 :session resumed unasked" \
+ ": 0x12 :session resumed unasked" \
+ ": 0x14 : 0x15" \
+ ": 0x16 :session resumed" \
+ ": 0x18 :session resumed unasked" \
+ ": 0x1A :session resumed unasked" \
+ ": 0x1C :session resumed" \
+ ": 0x1E :session resumed, also new ticket"
/* Flags for string_vformat */
#define SVFMT_EXTEND BIT(0)
tls_server_ticket_cb(gnutls_session_t sess, u_int htype, unsigned when,
unsigned incoming, const gnutls_datum_t * msg)
{
-DEBUG(D_tls) debug_printf("newticket cb\n");
+DEBUG(D_tls) debug_printf("newticket cb (on server)\n");
tls_in.resumption |= RESUME_CLIENT_REQUESTED;
return 0;
}
{
if (gnutls_session_resumption_requested(state->session))
{
- /* This tells us the client sent a full ticket. We use a
+ /* This tells us the client sent a full (?) ticket. We use a
callback on session-ticket request, elsewhere, to tell
- if a client asked for a ticket. */
+ if a client asked for a ticket.
+ XXX As of GnuTLS 3.0.1 it seems to be returning true even for
+ a pure ticket-req (a zero-length Session Ticket extension
+ in the Client Hello, for 1.2) which mucks up our logic. */
tls_in.resumption |= RESUME_CLIENT_SUGGESTED;
DEBUG(D_tls) debug_printf("client requested resumption\n");
tlsp->resumption = RESUME_SUPPORTED;
if (!conn_args->have_lbserver)
- { DEBUG(D_tls) debug_printf("resumption not supported on continued-connection\n"); }
+ { DEBUG(D_tls) debug_printf(
+ "resumption not supported: no LB detection done (continued-conn?)\n"); }
else if (verify_check_given_host(CUSS &ob->tls_resumption_hosts, conn_args->host) == OK)
{
dbdata_tls_session * dt;
dbfn_close(dbm_file);
}
}
+else DEBUG(D_tls) debug_printf("no resumption for this host\n");
}
int dlen = sizeof(dbdata_tls_session) + tkt.size;
dbdata_tls_session * dt = store_get(dlen, GET_TAINTED);
- DEBUG(D_tls) debug_printf("session data size %u\n", (unsigned)tkt.size);
+ DEBUG(D_tls) debug_printf(" session data size %u\n", (unsigned)tkt.size);
memcpy(dt->session, tkt.data, tkt.size);
gnutls_free(tkt.data);
dbfn_close(dbm_file);
DEBUG(D_tls)
- debug_printf("wrote session db (len %u)\n", (unsigned)dlen);
+ debug_printf(" wrote session db (len %u)\n", (unsigned)dlen);
}
}
- else DEBUG(D_tls)
- debug_printf("extract session data: %s\n", US gnutls_strerror(rc));
+ else
+ { DEBUG(D_tls)
+ debug_printf(" extract session data: %s\n", US gnutls_strerror(rc));
+ }
+ else DEBUG(D_tls)
+ debug_printf(" host not resmable; not saving ticket\n");
}
}
exim_gnutls_state_st * state = gnutls_session_get_ptr(sess);
tls_support * tlsp = state->tlsp;
-DEBUG(D_tls) debug_printf("newticket cb\n");
+DEBUG(D_tls) debug_printf("newticket cb (on client)\n");
if (!tlsp->ticket_received)
tls_save_session(tlsp, sess, state->host);
.tls_tempfail_tryclear = TRUE,
.tls_try_verify_hosts = US"*",
.tls_verify_cert_hostnames = US"*",
-# ifndef DISABLE_TLS_RESUME
- .host_name_extract = US"${if and {{match{$host}{.outlook.com\\$}} {match{$item}{\\N^250-([\\w.]+)\\s\\N}}} {$1}}",
-# endif
#endif
#ifdef SUPPORT_I18N
.utf8_downconvert = US"-1",
void
smtp_transport_init(transport_instance *tblock)
{
-smtp_transport_options_block *ob = SOB tblock->options_block;
+smtp_transport_options_block * ob = SOB tblock->options_block;
int old_pool = store_pool;
/* Retry_use_local_part defaults FALSE if unset */
resumption when such servers do not share a session-cache */
static void
-ehlo_response_lbserver(smtp_context * sx, smtp_transport_options_block * ob)
+ehlo_response_lbserver(smtp_context * sx, const uschar * name_extract)
{
#if !defined(DISABLE_TLS) && !defined(DISABLE_TLS_RESUME)
const uschar * s;
if (sx->conn_args.have_lbserver)
return;
iterate_item = sx->buffer;
-s = expand_cstring(ob->host_name_extract);
+s = expand_cstring(name_extract);
iterate_item = save_item;
sx->conn_args.host_lbserver = s && !*s ? NULL : s;
sx->conn_args.have_lbserver = TRUE;
if (pending_BANNER)
{
+ const uschar * s;
+
DEBUG(D_transport) debug_printf("%s expect banner\n", __FUNCTION__);
(*countp)--;
if (!smtp_reap_banner(sx))
goto fail;
}
/*XXX EXPERIMENTAL_ESMTP_LIMITS ? */
- ehlo_response_lbserver(sx, sx->conn_args.ob);
+
+ s = ((smtp_transport_options_block *)sx->conn_args.ob)->host_name_extract;
+ if (!s) s = HNE_DEFAULT;
+ ehlo_response_lbserver(sx, s);
}
if (pending_EHLO)
#ifndef DISABLE_TLS
if (sx->smtps)
{
+ const uschar * s;
+
smtp_peer_options |= OPTION_TLS;
suppress_tls = FALSE;
ob->tls_tempfail_tryclear = FALSE;
smtp_command = US"SSL-on-connect";
+
+ /* Having no EHLO response yet, cannot peek there for a servername to detect
+ an LB. Call this anyway, so that a dummy host_name_extract option value can
+ force resumption attempts. */
+
+ if (!(s = ob->host_name_extract)) s = US"never-LB";
+ ehlo_response_lbserver(sx, s);
+
goto TLS_NEGOTIATE;
}
#endif
if (!sx->early_pipe_active)
#endif
{
+ const uschar * s;
+
sx->peer_offered = ehlo_response(sx->buffer,
OPTION_TLS /* others checked later */
#ifndef DISABLE_PIPE_CONNECT
}
}
#endif
- ehlo_response_lbserver(sx, ob);
+ if (!(s = ob->host_name_extract)) s = HNE_DEFAULT;
+ ehlo_response_lbserver(sx, s);
}
/* Set tls_offered if the response to EHLO specifies support for STARTTLS. */
uschar *tls_privatekey;
uschar *tls_require_ciphers;
# ifndef DISABLE_TLS_RESUME
+# define HNE_DEFAULT US"${if and {{match{$host}{.outlook.com\\$}} {match{$item}{\\N^250-([\\w.]+)\\s\\N}}} {$1}}"
uschar *host_name_extract;
uschar *tls_resumption_hosts;
# endif
acl_smtp_helo = check_helo
acl_smtp_rcpt = check_recipient
-log_selector = +received_recipients +tls_resumption +tls_peerdn
+log_selector = +received_recipients +tls_resumption +tls_peerdn +outgoing_port
tls_advertise_hosts = *
+tls_on_connect_ports = PORT_D2
# Set certificate only if server
begin acl
check_helo:
- accept condition = ${if def:tls_in_cipher}
- logwrite = tls_in_resumption\t${listextract {$tls_in_resumption} {_RESUME_DECODE}}
- logwrite = our cert subject\t${certextract {subject}{$tls_in_ourcert}}
- logwrite = peer cert subject\t${certextract {subject}{$tls_in_peercert}}
- logwrite = peer cert verified\t${tls_in_certificate_verified}
- logwrite = peer dn\t${tls_in_peerdn}
- logwrite = cipher\t${tls_in_cipher}
- logwrite = bits\t${tls_in_bits}
+ accept condition = ${if def:tls_in_cipher}
+ logwrite = tls_in_ver\t$tls_in_ver
+ logwrite = tls_in_resumption\t${listextract {$tls_in_resumption} {_RESUME_DECODE}}
+ logwrite = our cert subject\t${certextract {subject}{$tls_in_ourcert}}
+ logwrite = peer cert subject\t${certextract {subject}{$tls_in_peercert}}
+ logwrite = peer cert verified\t${tls_in_certificate_verified}
+ logwrite = peer dn\t${tls_in_peerdn}
+ logwrite = cipher\t${tls_in_cipher}
+ logwrite = bits\t${tls_in_bits}
accept
check_recipient:
- accept domains = +local_domains
- deny message = relay not permitted
+ accept domains = +local_domains
+ deny message = relay not permitted
log_resumption:
accept condition = ${if def:tls_out_cipher}
condition = ${if eq {$event_name}{tcp:close}}
+ logwrite = tls_out_ver\t$tls_out_ver
logwrite = tls_out_resumption ${listextract {$tls_out_resumption} {_RESUME_DECODE}}
- logwrite = our cert subject\t${certextract {subject}{$tls_out_ourcert}}
- logwrite = peer cert subject\t${certextract {subject}{$tls_out_peercert}}
- logwrite = peer cert verified\t${tls_out_certificate_verified}
- logwrite = peer dn\t${tls_out_peerdn}
- logwrite = cipher\t${tls_out_cipher}
- logwrite = bits\t${tls_out_bits}
+ logwrite = our cert subject\t${certextract {subject}{$tls_out_ourcert}}
+ logwrite = peer cert subject\t${certextract {subject}{$tls_out_peercert}}
+ logwrite = peer cert verified\t${tls_out_certificate_verified}
+ logwrite = peer dn\t${tls_out_peerdn}
+ logwrite = cipher\t${tls_out_cipher}
+ logwrite = bits\t${tls_out_bits}
# ----- Routers -----
client:
driver = accept
condition = ${if eq {SERVER}{server}{no}{yes}}
- transport = send_to_server${if eq{$local_part}{abcd}{2}{1}}
+ transport = send_to_server${if eq{$local_part}{hostnotresume}{2}{1}}
server:
driver = redirect
driver = smtp
allow_localhost
hosts = 127.0.0.1
+.ifdef SELECTOR
+ port = PORT_D2
+ protocol = smtps
+ # Use HELO purely to get a P= different on the server <= line
+ hosts_avoid_esmtp = *
+.else
port = PORT_D
+.endif
helo_data = helo.data.changed
.ifdef HELO_MSG
host_name_extract = HELO_MSG
event_action = ${acl {log_resumption}}
send_to_server2:
- driver = smtp
+ driver = smtp
allow_localhost
- hosts = HOSTIPV4
- port = PORT_D
- hosts_try_fastopen = :
+ hosts = HOSTIPV4
+ port = PORT_D
+ hosts_try_fastopen = :
tls_verify_certificates = CDIR/CA/CA.pem
tls_verify_cert_hostnames = :
event_action = ${acl {log_resumption}}
acl_smtp_helo = check_helo
acl_smtp_rcpt = check_recipient
-log_selector = +received_recipients +tls_resumption +tls_peerdn
+log_selector = +received_recipients +tls_resumption +tls_peerdn +outgoing_port
.ifdef _OPT_OPENSSL_NO_TLSV1_3_X
openssl_options = +no_sslv2 +no_sslv3 +single_dh_use OPTION
openssl_options = +no_sslv2 +no_sslv3 +single_dh_use
.endif
tls_advertise_hosts = *
+tls_on_connect_ports = PORT_D2
# Set certificate only if server
begin acl
check_helo:
- accept condition = ${if def:tls_in_cipher}
- logwrite = tls_in_resumption\t${listextract {$tls_in_resumption} {_RESUME_DECODE}}
- logwrite = our cert subject\t${certextract {subject}{$tls_in_ourcert}}
- logwrite = peer cert subject\t${certextract {subject}{$tls_in_peercert}}
- logwrite = peer cert verified\t${tls_in_certificate_verified}
- logwrite = peer dn\t${tls_in_peerdn}
- logwrite = cipher\t${tls_in_cipher}
- logwrite = bits\t${tls_in_bits}
+ accept condition = ${if def:tls_in_cipher}
+ logwrite = tls_in_ver\t$tls_in_ver
+ logwrite = tls_in_resumption\t${listextract {$tls_in_resumption} {_RESUME_DECODE}}
+ logwrite = our cert subject\t${certextract {subject}{$tls_in_ourcert}}
+ logwrite = peer cert subject\t${certextract {subject}{$tls_in_peercert}}
+ logwrite = peer cert verified\t${tls_in_certificate_verified}
+ logwrite = peer dn\t${tls_in_peerdn}
+ logwrite = cipher\t${tls_in_cipher}
+ logwrite = bits\t${tls_in_bits}
accept
check_recipient:
- accept domains = +local_domains
- deny message = relay not permitted
+ accept domains = +local_domains
+ deny message = relay not permitted
log_resumption:
accept condition = ${if def:tls_out_cipher}
condition = ${if eq {$event_name}{tcp:close}}
+ logwrite = tls_out_ver\t$tls_out_ver
logwrite = tls_out_resumption ${listextract {$tls_out_resumption} {_RESUME_DECODE}}
- logwrite = our cert subject\t${certextract {subject}{$tls_out_ourcert}}
- logwrite = peer cert subject\t${certextract {subject}{$tls_out_peercert}}
- logwrite = peer cert verified\t${tls_out_certificate_verified}
- logwrite = peer dn\t${tls_out_peerdn}
- logwrite = cipher\t${tls_out_cipher}
- logwrite = bits\t${tls_out_bits}
+ logwrite = our cert subject\t${certextract {subject}{$tls_out_ourcert}}
+ logwrite = peer cert subject\t${certextract {subject}{$tls_out_peercert}}
+ logwrite = peer cert verified\t${tls_out_certificate_verified}
+ logwrite = peer dn\t${tls_out_peerdn}
+ logwrite = cipher\t${tls_out_cipher}
+ logwrite = bits\t${tls_out_bits}
# ----- Routers -----
driver = smtp
allow_localhost
hosts = 127.0.0.1
+.ifdef SELECTOR
+ port = PORT_D2
+ protocol = smtps
+ # Use HELO purely to get a P= different on the server <= line
+ hosts_avoid_esmtp = *
+.else
port = PORT_D
+.endif
helo_data = helo.data.changed
.ifdef HELO_MSG
host_name_extract = HELO_MSG
event_action = ${acl {log_resumption}}
send_to_server2:
- driver = smtp
+ driver = smtp
allow_localhost
- hosts = HOSTIPV4
- port = PORT_D
- hosts_try_fastopen = :
+ hosts = HOSTIPV4
+ port = PORT_D
+ hosts_try_fastopen = :
tls_verify_certificates = CDIR/CA/CA.pem
tls_verify_cert_hostnames = :
event_action = ${acl {log_resumption}}
acl_smtp_helo = check_helo
acl_smtp_rcpt = check_recipient
-log_selector = +received_recipients +tls_resumption +tls_peerdn
+log_selector = +received_recipients +tls_resumption +tls_peerdn +outgoing_port
openssl_options = +no_sslv2 +no_sslv3 +single_dh_use
tls_advertise_hosts = *
+tls_on_connect_ports = PORT_D2
# Set certificate only if server
begin acl
check_helo:
- accept condition = ${if def:tls_in_cipher}
- logwrite = tls_in_resumption\t${listextract {$tls_in_resumption} {_RESUME_DECODE}}
- logwrite = our cert subject\t${certextract {subject}{$tls_in_ourcert}}
- logwrite = peer cert subject\t${certextract {subject}{$tls_in_peercert}}
- logwrite = peer cert verified\t${tls_in_certificate_verified}
- logwrite = peer dn\t${tls_in_peerdn}
- logwrite = cipher\t${tls_in_cipher}
- logwrite = bits\t${tls_in_bits}
+ accept condition = ${if def:tls_in_cipher}
+ logwrite = tls_in_ver\t$tls_in_ver
+ logwrite = tls_in_resumption\t${listextract {$tls_in_resumption} {_RESUME_DECODE}}
+ logwrite = our cert subject\t${certextract {subject}{$tls_in_ourcert}}
+ logwrite = peer cert subject\t${certextract {subject}{$tls_in_peercert}}
+ logwrite = peer cert verified\t${tls_in_certificate_verified}
+ logwrite = peer dn\t${tls_in_peerdn}
+ logwrite = cipher\t${tls_in_cipher}
+ logwrite = bits\t${tls_in_bits}
accept
check_recipient:
- accept domains = +local_domains
- deny message = relay not permitted
+ accept domains = +local_domains
+ deny message = relay not permitted
log_resumption:
accept condition = ${if def:tls_out_cipher}
condition = ${if eq {$event_name}{tcp:close}}
+ logwrite = tls_out_ver\t$tls_out_ver
logwrite = tls_out_resumption ${listextract {$tls_out_resumption} {_RESUME_DECODE}}
- logwrite = our cert subject\t${certextract {subject}{$tls_out_ourcert}}
- logwrite = peer cert subject\t${certextract {subject}{$tls_out_peercert}}
- logwrite = peer cert verified\t${tls_out_certificate_verified}
- logwrite = peer dn\t${tls_out_peerdn}
- logwrite = cipher\t${tls_out_cipher}
- logwrite = bits\t${tls_out_bits}
+ logwrite = our cert subject\t${certextract {subject}{$tls_out_ourcert}}
+ logwrite = peer cert subject\t${certextract {subject}{$tls_out_peercert}}
+ logwrite = peer cert verified\t${tls_out_certificate_verified}
+ logwrite = peer dn\t${tls_out_peerdn}
+ logwrite = cipher\t${tls_out_cipher}
+ logwrite = bits\t${tls_out_bits}
# ----- Routers -----
client:
driver = accept
condition = ${if eq {SERVER}{server}{no}{yes}}
- transport = send_to_server${if eq{$local_part}{abcd}{2}{1}}
+ transport = send_to_server${if eq{$local_part}{hostnotresume}{2}{1}}
server:
driver = redirect
driver = smtp
allow_localhost
hosts = 127.0.0.1
+.ifdef SELECTOR
+ port = PORT_D2
+ protocol = smtps
+ # Use HELO purely to get a P= different on the server <= line
+ hosts_avoid_esmtp = *
+.else
port = PORT_D
+.endif
helo_data = helo.data.changed
.ifdef VALUE
tls_resumption_hosts = *
event_action = ${acl {log_resumption}}
send_to_server2:
- driver = smtp
+ driver = smtp
allow_localhost
- hosts = HOSTIPV4
- port = PORT_D
- hosts_try_fastopen = :
+ hosts = HOSTIPV4
+ port = PORT_D
+ hosts_try_fastopen = :
tls_verify_certificates = CDIR/CA/CA.pem
tls_verify_cert_hostnames = :
event_action = ${acl {log_resumption}}
1999-03-02 09:44:33 10HmaX-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for getticket@test.ex
+1999-03-02 09:44:33 10HmaX-000000005vi-0000 tls_out_ver TLS1.2
1999-03-02 09:44:33 10HmaX-000000005vi-0000 tls_out_resumption client requested new ticket, server provided
1999-03-02 09:44:33 10HmaX-000000005vi-0000 our cert subject
1999-03-02 09:44:33 10HmaX-000000005vi-0000 peer cert subject CN=server1.example.com
1999-03-02 09:44:33 10HmaX-000000005vi-0000 peer dn CN=server1.example.com
1999-03-02 09:44:33 10HmaX-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
1999-03-02 09:44:33 10HmaX-000000005vi-0000 bits 256
-1999-03-02 09:44:33 10HmaX-000000005vi-0000 => getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmaY-000000005vi-0000"
+1999-03-02 09:44:33 10HmaX-000000005vi-0000 => getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmaY-000000005vi-0000"
1999-03-02 09:44:33 10HmaX-000000005vi-0000 Completed
-1999-03-02 09:44:33 10HmaZ-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for resume@test.ex abcd@test.ex xyz@test.ex
+1999-03-02 09:44:33 10HmaZ-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for resume@test.ex hostnotresume@test.ex xyz@test.ex
+1999-03-02 09:44:33 10HmaZ-000000005vi-0000 tls_out_ver TLS1.2
1999-03-02 09:44:33 10HmaZ-000000005vi-0000 tls_out_resumption session resumed
1999-03-02 09:44:33 10HmaZ-000000005vi-0000 our cert subject
1999-03-02 09:44:33 10HmaZ-000000005vi-0000 peer cert subject CN=server1.example.com
1999-03-02 09:44:33 10HmaZ-000000005vi-0000 peer dn CN=server1.example.com
1999-03-02 09:44:33 10HmaZ-000000005vi-0000 cipher TLS1.x:ke--AES256-SHAnnn:xxx
1999-03-02 09:44:33 10HmaZ-000000005vi-0000 bits 256
+1999-03-02 09:44:33 10HmaZ-000000005vi-0000 tls_out_ver TLS1.2
1999-03-02 09:44:33 10HmaZ-000000005vi-0000 tls_out_resumption not requested or offered
1999-03-02 09:44:33 10HmaZ-000000005vi-0000 our cert subject
1999-03-02 09:44:33 10HmaZ-000000005vi-0000 peer cert subject CN=server1.example.com
1999-03-02 09:44:33 10HmaZ-000000005vi-0000 peer dn CN=server1.example.com
1999-03-02 09:44:33 10HmaZ-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
1999-03-02 09:44:33 10HmaZ-000000005vi-0000 bits 256
-1999-03-02 09:44:33 10HmaZ-000000005vi-0000 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbA-000000005vi-0000"
-1999-03-02 09:44:33 10HmaZ-000000005vi-0000 -> xyz@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbA-000000005vi-0000"
-1999-03-02 09:44:33 10HmaZ-000000005vi-0000 => abcd@test.ex R=client T=send_to_server2 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbB-000000005vi-0000"
+1999-03-02 09:44:33 10HmaZ-000000005vi-0000 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbA-000000005vi-0000"
+1999-03-02 09:44:33 10HmaZ-000000005vi-0000 -> xyz@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbA-000000005vi-0000"
+1999-03-02 09:44:33 10HmaZ-000000005vi-0000 => hostnotresume@test.ex R=client T=send_to_server2 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbB-000000005vi-0000"
1999-03-02 09:44:33 10HmaZ-000000005vi-0000 Completed
1999-03-02 09:44:33 10HmbC-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for renewal@test.ex
+1999-03-02 09:44:33 10HmbC-000000005vi-0000 tls_out_ver TLS1.2
1999-03-02 09:44:33 10HmbC-000000005vi-0000 tls_out_resumption session resumed
1999-03-02 09:44:33 10HmbC-000000005vi-0000 our cert subject
1999-03-02 09:44:33 10HmbC-000000005vi-0000 peer cert subject CN=server1.example.com
1999-03-02 09:44:33 10HmbC-000000005vi-0000 peer dn CN=server1.example.com
1999-03-02 09:44:33 10HmbC-000000005vi-0000 cipher TLS1.x:ke--AES256-SHAnnn:xxx
1999-03-02 09:44:33 10HmbC-000000005vi-0000 bits 256
-1999-03-02 09:44:33 10HmbC-000000005vi-0000 => renewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbD-000000005vi-0000"
+1999-03-02 09:44:33 10HmbC-000000005vi-0000 => renewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbD-000000005vi-0000"
1999-03-02 09:44:33 10HmbC-000000005vi-0000 Completed
1999-03-02 09:44:33 10HmbE-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for postrenewal@test.ex
+1999-03-02 09:44:33 10HmbE-000000005vi-0000 tls_out_ver TLS1.2
1999-03-02 09:44:33 10HmbE-000000005vi-0000 tls_out_resumption session resumed
1999-03-02 09:44:33 10HmbE-000000005vi-0000 our cert subject
1999-03-02 09:44:33 10HmbE-000000005vi-0000 peer cert subject CN=server1.example.com
1999-03-02 09:44:33 10HmbE-000000005vi-0000 peer dn CN=server1.example.com
1999-03-02 09:44:33 10HmbE-000000005vi-0000 cipher TLS1.x:ke--AES256-SHAnnn:xxx
1999-03-02 09:44:33 10HmbE-000000005vi-0000 bits 256
-1999-03-02 09:44:33 10HmbE-000000005vi-0000 => postrenewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbF-000000005vi-0000"
+1999-03-02 09:44:33 10HmbE-000000005vi-0000 => postrenewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbF-000000005vi-0000"
1999-03-02 09:44:33 10HmbE-000000005vi-0000 Completed
1999-03-02 09:44:33 10HmbG-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for timeout@test.ex
+1999-03-02 09:44:33 10HmbG-000000005vi-0000 tls_out_ver TLS1.2
1999-03-02 09:44:33 10HmbG-000000005vi-0000 tls_out_resumption client offered session, server only provided new ticket
1999-03-02 09:44:33 10HmbG-000000005vi-0000 our cert subject
1999-03-02 09:44:33 10HmbG-000000005vi-0000 peer cert subject CN=server1.example.com
1999-03-02 09:44:33 10HmbG-000000005vi-0000 peer dn CN=server1.example.com
1999-03-02 09:44:33 10HmbG-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
1999-03-02 09:44:33 10HmbG-000000005vi-0000 bits 256
-1999-03-02 09:44:33 10HmbG-000000005vi-0000 => timeout@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbH-000000005vi-0000"
+1999-03-02 09:44:33 10HmbG-000000005vi-0000 => timeout@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbH-000000005vi-0000"
1999-03-02 09:44:33 10HmbG-000000005vi-0000 Completed
1999-03-02 09:44:33 10HmbI-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for notreq@test.ex
+1999-03-02 09:44:33 10HmbI-000000005vi-0000 tls_out_ver TLS1.2
1999-03-02 09:44:33 10HmbI-000000005vi-0000 tls_out_resumption no client request
1999-03-02 09:44:33 10HmbI-000000005vi-0000 our cert subject
1999-03-02 09:44:33 10HmbI-000000005vi-0000 peer cert subject CN=server1.example.com
1999-03-02 09:44:33 10HmbI-000000005vi-0000 peer dn CN=server1.example.com
1999-03-02 09:44:33 10HmbI-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
1999-03-02 09:44:33 10HmbI-000000005vi-0000 bits 256
-1999-03-02 09:44:33 10HmbI-000000005vi-0000 => notreq@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbJ-000000005vi-0000"
+1999-03-02 09:44:33 10HmbI-000000005vi-0000 => notreq@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbJ-000000005vi-0000"
1999-03-02 09:44:33 10HmbI-000000005vi-0000 Completed
1999-03-02 09:44:33 10HmbK-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for noverify_getticket@test.ex
+1999-03-02 09:44:33 10HmbK-000000005vi-0000 tls_out_ver TLS1.2
1999-03-02 09:44:33 10HmbK-000000005vi-0000 tls_out_resumption client requested new ticket, server provided
1999-03-02 09:44:33 10HmbK-000000005vi-0000 our cert subject
1999-03-02 09:44:33 10HmbK-000000005vi-0000 peer cert subject CN=server1.example.com
1999-03-02 09:44:33 10HmbK-000000005vi-0000 peer dn CN=server1.example.com
1999-03-02 09:44:33 10HmbK-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
1999-03-02 09:44:33 10HmbK-000000005vi-0000 bits 256
-1999-03-02 09:44:33 10HmbK-000000005vi-0000 => noverify_getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no DN="CN=server1.example.com" C="250 OK id=10HmbL-000000005vi-0000"
+1999-03-02 09:44:33 10HmbK-000000005vi-0000 => noverify_getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no DN="CN=server1.example.com" C="250 OK id=10HmbL-000000005vi-0000"
1999-03-02 09:44:33 10HmbK-000000005vi-0000 Completed
1999-03-02 09:44:33 10HmbM-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for noverify_resume@test.ex
+1999-03-02 09:44:33 10HmbM-000000005vi-0000 tls_out_ver TLS1.2
1999-03-02 09:44:33 10HmbM-000000005vi-0000 tls_out_resumption session resumed
1999-03-02 09:44:33 10HmbM-000000005vi-0000 our cert subject
1999-03-02 09:44:33 10HmbM-000000005vi-0000 peer cert subject CN=server1.example.com
1999-03-02 09:44:33 10HmbM-000000005vi-0000 peer dn CN=server1.example.com
1999-03-02 09:44:33 10HmbM-000000005vi-0000 cipher TLS1.x:ke--AES256-SHAnnn:xxx
1999-03-02 09:44:33 10HmbM-000000005vi-0000 bits 256
-1999-03-02 09:44:33 10HmbM-000000005vi-0000 => noverify_resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=no DN="CN=server1.example.com" C="250 OK id=10HmbN-000000005vi-0000"
+1999-03-02 09:44:33 10HmbM-000000005vi-0000 => noverify_resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=no DN="CN=server1.example.com" C="250 OK id=10HmbN-000000005vi-0000"
1999-03-02 09:44:33 10HmbM-000000005vi-0000 Completed
-1999-03-02 09:44:33 10HmbO-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for getticket@test.ex
-1999-03-02 09:44:33 10HmbO-000000005vi-0000 tls_out_resumption client requested new ticket, server provided
+1999-03-02 09:44:33 10HmbO-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for resume@test.ex
+1999-03-02 09:44:33 10HmbO-000000005vi-0000 tls_out_ver TLS1.2
+1999-03-02 09:44:33 10HmbO-000000005vi-0000 tls_out_resumption session resumed
1999-03-02 09:44:33 10HmbO-000000005vi-0000 our cert subject
1999-03-02 09:44:33 10HmbO-000000005vi-0000 peer cert subject CN=server1.example.com
1999-03-02 09:44:33 10HmbO-000000005vi-0000 peer cert verified 1
1999-03-02 09:44:33 10HmbO-000000005vi-0000 peer dn CN=server1.example.com
-1999-03-02 09:44:33 10HmbO-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
+1999-03-02 09:44:33 10HmbO-000000005vi-0000 cipher TLS1.x:ke--AES256-SHAnnn:xxx
1999-03-02 09:44:33 10HmbO-000000005vi-0000 bits 256
-1999-03-02 09:44:33 10HmbO-000000005vi-0000 => getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbP-000000005vi-0000"
+1999-03-02 09:44:33 10HmbO-000000005vi-0000 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbP-000000005vi-0000"
1999-03-02 09:44:33 10HmbO-000000005vi-0000 Completed
-1999-03-02 09:44:33 10HmbQ-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for resume@test.ex abcd@test.ex xyz@test.ex
-1999-03-02 09:44:33 10HmbQ-000000005vi-0000 tls_out_resumption session resumed, also new ticket
-1999-03-02 09:44:33 10HmbQ-000000005vi-0000 our cert subject
-1999-03-02 09:44:33 10HmbQ-000000005vi-0000 peer cert subject CN=server1.example.com
-1999-03-02 09:44:33 10HmbQ-000000005vi-0000 peer cert verified 1
-1999-03-02 09:44:33 10HmbQ-000000005vi-0000 peer dn CN=server1.example.com
-1999-03-02 09:44:33 10HmbQ-000000005vi-0000 cipher TLS1.x:ke-PSK-AES256-SHAnnn:xxx
-1999-03-02 09:44:33 10HmbQ-000000005vi-0000 bits 256
-1999-03-02 09:44:33 10HmbQ-000000005vi-0000 tls_out_resumption not requested or offered
+1999-03-02 09:44:33 10HmbQ-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for getticket@test.ex
+1999-03-02 09:44:33 10HmbQ-000000005vi-0000 tls_out_ver TLS1.2
+1999-03-02 09:44:33 10HmbQ-000000005vi-0000 tls_out_resumption client requested new ticket, server provided
1999-03-02 09:44:33 10HmbQ-000000005vi-0000 our cert subject
1999-03-02 09:44:33 10HmbQ-000000005vi-0000 peer cert subject CN=server1.example.com
1999-03-02 09:44:33 10HmbQ-000000005vi-0000 peer cert verified 1
1999-03-02 09:44:33 10HmbQ-000000005vi-0000 peer dn CN=server1.example.com
1999-03-02 09:44:33 10HmbQ-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
1999-03-02 09:44:33 10HmbQ-000000005vi-0000 bits 256
-1999-03-02 09:44:33 10HmbQ-000000005vi-0000 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbR-000000005vi-0000"
-1999-03-02 09:44:33 10HmbQ-000000005vi-0000 -> xyz@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbR-000000005vi-0000"
-1999-03-02 09:44:33 10HmbQ-000000005vi-0000 => abcd@test.ex R=client T=send_to_server2 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbS-000000005vi-0000"
+1999-03-02 09:44:33 10HmbQ-000000005vi-0000 => getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D2 X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbR-000000005vi-0000"
1999-03-02 09:44:33 10HmbQ-000000005vi-0000 Completed
-1999-03-02 09:44:33 10HmbT-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for renewal@test.ex
-1999-03-02 09:44:33 10HmbT-000000005vi-0000 tls_out_resumption session resumed, also new ticket
-1999-03-02 09:44:33 10HmbT-000000005vi-0000 our cert subject
-1999-03-02 09:44:33 10HmbT-000000005vi-0000 peer cert subject CN=server1.example.com
-1999-03-02 09:44:33 10HmbT-000000005vi-0000 peer cert verified 1
-1999-03-02 09:44:33 10HmbT-000000005vi-0000 peer dn CN=server1.example.com
-1999-03-02 09:44:33 10HmbT-000000005vi-0000 cipher TLS1.x:ke-PSK-AES256-SHAnnn:xxx
-1999-03-02 09:44:33 10HmbT-000000005vi-0000 bits 256
-1999-03-02 09:44:33 10HmbT-000000005vi-0000 => renewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbU-000000005vi-0000"
-1999-03-02 09:44:33 10HmbT-000000005vi-0000 Completed
-1999-03-02 09:44:33 10HmbV-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for postrenewal@test.ex
-1999-03-02 09:44:33 10HmbV-000000005vi-0000 tls_out_resumption session resumed
-1999-03-02 09:44:33 10HmbV-000000005vi-0000 our cert subject
-1999-03-02 09:44:33 10HmbV-000000005vi-0000 peer cert subject CN=server1.example.com
-1999-03-02 09:44:33 10HmbV-000000005vi-0000 peer cert verified 1
-1999-03-02 09:44:33 10HmbV-000000005vi-0000 peer dn CN=server1.example.com
-1999-03-02 09:44:33 10HmbV-000000005vi-0000 cipher TLS1.x:ke-PSK-AES256-SHAnnn:xxx
-1999-03-02 09:44:33 10HmbV-000000005vi-0000 bits 256
-1999-03-02 09:44:33 10HmbV-000000005vi-0000 => postrenewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbW-000000005vi-0000"
-1999-03-02 09:44:33 10HmbV-000000005vi-0000 Completed
-1999-03-02 09:44:33 10HmbX-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for timeout@test.ex
-1999-03-02 09:44:33 10HmbX-000000005vi-0000 tls_out_resumption client offered session, server only provided new ticket
-1999-03-02 09:44:33 10HmbX-000000005vi-0000 our cert subject
-1999-03-02 09:44:33 10HmbX-000000005vi-0000 peer cert subject CN=server1.example.com
-1999-03-02 09:44:33 10HmbX-000000005vi-0000 peer cert verified 1
-1999-03-02 09:44:33 10HmbX-000000005vi-0000 peer dn CN=server1.example.com
-1999-03-02 09:44:33 10HmbX-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
-1999-03-02 09:44:33 10HmbX-000000005vi-0000 bits 256
-1999-03-02 09:44:33 10HmbX-000000005vi-0000 => timeout@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbY-000000005vi-0000"
-1999-03-02 09:44:33 10HmbX-000000005vi-0000 Completed
-1999-03-02 09:44:33 10HmbZ-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for notreq@test.ex
-1999-03-02 09:44:33 10HmbZ-000000005vi-0000 tls_out_resumption no client request
+1999-03-02 09:44:33 10HmbS-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for resume@test.ex
+1999-03-02 09:44:33 10HmbS-000000005vi-0000 tls_out_ver TLS1.2
+1999-03-02 09:44:33 10HmbS-000000005vi-0000 tls_out_resumption session resumed
+1999-03-02 09:44:33 10HmbS-000000005vi-0000 our cert subject
+1999-03-02 09:44:33 10HmbS-000000005vi-0000 peer cert subject CN=server1.example.com
+1999-03-02 09:44:33 10HmbS-000000005vi-0000 peer cert verified 1
+1999-03-02 09:44:33 10HmbS-000000005vi-0000 peer dn CN=server1.example.com
+1999-03-02 09:44:33 10HmbS-000000005vi-0000 cipher TLS1.x:ke--AES256-SHAnnn:xxx
+1999-03-02 09:44:33 10HmbS-000000005vi-0000 bits 256
+1999-03-02 09:44:33 10HmbS-000000005vi-0000 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D2 X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbT-000000005vi-0000"
+1999-03-02 09:44:33 10HmbS-000000005vi-0000 Completed
+1999-03-02 09:44:33 10HmbU-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for getticket@test.ex
+1999-03-02 09:44:33 10HmbU-000000005vi-0000 tls_out_ver TLS1.3
+1999-03-02 09:44:33 10HmbU-000000005vi-0000 tls_out_resumption client requested new ticket, server provided
+1999-03-02 09:44:33 10HmbU-000000005vi-0000 our cert subject
+1999-03-02 09:44:33 10HmbU-000000005vi-0000 peer cert subject CN=server1.example.com
+1999-03-02 09:44:33 10HmbU-000000005vi-0000 peer cert verified 1
+1999-03-02 09:44:33 10HmbU-000000005vi-0000 peer dn CN=server1.example.com
+1999-03-02 09:44:33 10HmbU-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
+1999-03-02 09:44:33 10HmbU-000000005vi-0000 bits 256
+1999-03-02 09:44:33 10HmbU-000000005vi-0000 => getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbV-000000005vi-0000"
+1999-03-02 09:44:33 10HmbU-000000005vi-0000 Completed
+1999-03-02 09:44:33 10HmbW-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for resume@test.ex hostnotresume@test.ex xyz@test.ex
+1999-03-02 09:44:33 10HmbW-000000005vi-0000 tls_out_ver TLS1.3
+1999-03-02 09:44:33 10HmbW-000000005vi-0000 tls_out_resumption session resumed, also new ticket
+1999-03-02 09:44:33 10HmbW-000000005vi-0000 our cert subject
+1999-03-02 09:44:33 10HmbW-000000005vi-0000 peer cert subject CN=server1.example.com
+1999-03-02 09:44:33 10HmbW-000000005vi-0000 peer cert verified 1
+1999-03-02 09:44:33 10HmbW-000000005vi-0000 peer dn CN=server1.example.com
+1999-03-02 09:44:33 10HmbW-000000005vi-0000 cipher TLS1.x:ke-PSK-AES256-SHAnnn:xxx
+1999-03-02 09:44:33 10HmbW-000000005vi-0000 bits 256
+1999-03-02 09:44:33 10HmbW-000000005vi-0000 tls_out_ver TLS1.3
+1999-03-02 09:44:33 10HmbW-000000005vi-0000 tls_out_resumption not requested or offered
+1999-03-02 09:44:33 10HmbW-000000005vi-0000 our cert subject
+1999-03-02 09:44:33 10HmbW-000000005vi-0000 peer cert subject CN=server1.example.com
+1999-03-02 09:44:33 10HmbW-000000005vi-0000 peer cert verified 1
+1999-03-02 09:44:33 10HmbW-000000005vi-0000 peer dn CN=server1.example.com
+1999-03-02 09:44:33 10HmbW-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
+1999-03-02 09:44:33 10HmbW-000000005vi-0000 bits 256
+1999-03-02 09:44:33 10HmbW-000000005vi-0000 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbX-000000005vi-0000"
+1999-03-02 09:44:33 10HmbW-000000005vi-0000 -> xyz@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbX-000000005vi-0000"
+1999-03-02 09:44:33 10HmbW-000000005vi-0000 => hostnotresume@test.ex R=client T=send_to_server2 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbY-000000005vi-0000"
+1999-03-02 09:44:33 10HmbW-000000005vi-0000 Completed
+1999-03-02 09:44:33 10HmbZ-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for renewal@test.ex
+1999-03-02 09:44:33 10HmbZ-000000005vi-0000 tls_out_ver TLS1.3
+1999-03-02 09:44:33 10HmbZ-000000005vi-0000 tls_out_resumption session resumed, also new ticket
1999-03-02 09:44:33 10HmbZ-000000005vi-0000 our cert subject
1999-03-02 09:44:33 10HmbZ-000000005vi-0000 peer cert subject CN=server1.example.com
1999-03-02 09:44:33 10HmbZ-000000005vi-0000 peer cert verified 1
1999-03-02 09:44:33 10HmbZ-000000005vi-0000 peer dn CN=server1.example.com
-1999-03-02 09:44:33 10HmbZ-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
+1999-03-02 09:44:33 10HmbZ-000000005vi-0000 cipher TLS1.x:ke-PSK-AES256-SHAnnn:xxx
1999-03-02 09:44:33 10HmbZ-000000005vi-0000 bits 256
-1999-03-02 09:44:33 10HmbZ-000000005vi-0000 => notreq@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmcA-000000005vi-0000"
+1999-03-02 09:44:33 10HmbZ-000000005vi-0000 => renewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmcA-000000005vi-0000"
1999-03-02 09:44:33 10HmbZ-000000005vi-0000 Completed
-1999-03-02 09:44:33 10HmcB-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for getticket@test.ex
-1999-03-02 09:44:33 10HmcB-000000005vi-0000 tls_out_resumption client requested new ticket, server provided
+1999-03-02 09:44:33 10HmcB-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for postrenewal@test.ex
+1999-03-02 09:44:33 10HmcB-000000005vi-0000 tls_out_ver TLS1.3
+1999-03-02 09:44:33 10HmcB-000000005vi-0000 tls_out_resumption session resumed
1999-03-02 09:44:33 10HmcB-000000005vi-0000 our cert subject
1999-03-02 09:44:33 10HmcB-000000005vi-0000 peer cert subject CN=server1.example.com
1999-03-02 09:44:33 10HmcB-000000005vi-0000 peer cert verified 1
1999-03-02 09:44:33 10HmcB-000000005vi-0000 peer dn CN=server1.example.com
-1999-03-02 09:44:33 10HmcB-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
+1999-03-02 09:44:33 10HmcB-000000005vi-0000 cipher TLS1.x:ke-PSK-AES256-SHAnnn:xxx
1999-03-02 09:44:33 10HmcB-000000005vi-0000 bits 256
-1999-03-02 09:44:33 10HmcB-000000005vi-0000 => getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmcC-000000005vi-0000"
+1999-03-02 09:44:33 10HmcB-000000005vi-0000 => postrenewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmcC-000000005vi-0000"
1999-03-02 09:44:33 10HmcB-000000005vi-0000 Completed
-1999-03-02 09:44:33 10HmcD-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for noresume@test.ex
-1999-03-02 09:44:33 10HmcD-000000005vi-0000 tls_out_resumption client requested new ticket, server provided
+1999-03-02 09:44:33 10HmcD-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for timeout@test.ex
+1999-03-02 09:44:33 10HmcD-000000005vi-0000 tls_out_ver TLS1.3
+1999-03-02 09:44:33 10HmcD-000000005vi-0000 tls_out_resumption client offered session, server only provided new ticket
1999-03-02 09:44:33 10HmcD-000000005vi-0000 our cert subject
1999-03-02 09:44:33 10HmcD-000000005vi-0000 peer cert subject CN=server1.example.com
1999-03-02 09:44:33 10HmcD-000000005vi-0000 peer cert verified 1
1999-03-02 09:44:33 10HmcD-000000005vi-0000 peer dn CN=server1.example.com
1999-03-02 09:44:33 10HmcD-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
1999-03-02 09:44:33 10HmcD-000000005vi-0000 bits 256
-1999-03-02 09:44:33 10HmcD-000000005vi-0000 => noresume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmcE-000000005vi-0000"
+1999-03-02 09:44:33 10HmcD-000000005vi-0000 => timeout@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmcE-000000005vi-0000"
1999-03-02 09:44:33 10HmcD-000000005vi-0000 Completed
-1999-03-02 09:44:33 10HmcF-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for resume@test.ex
-1999-03-02 09:44:33 10HmcF-000000005vi-0000 tls_out_resumption session resumed, also new ticket
+1999-03-02 09:44:33 10HmcF-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for notreq@test.ex
+1999-03-02 09:44:33 10HmcF-000000005vi-0000 tls_out_ver TLS1.3
+1999-03-02 09:44:33 10HmcF-000000005vi-0000 tls_out_resumption no client request
1999-03-02 09:44:33 10HmcF-000000005vi-0000 our cert subject
1999-03-02 09:44:33 10HmcF-000000005vi-0000 peer cert subject CN=server1.example.com
1999-03-02 09:44:33 10HmcF-000000005vi-0000 peer cert verified 1
1999-03-02 09:44:33 10HmcF-000000005vi-0000 peer dn CN=server1.example.com
-1999-03-02 09:44:33 10HmcF-000000005vi-0000 cipher TLS1.x:ke-PSK-AES256-SHAnnn:xxx
+1999-03-02 09:44:33 10HmcF-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
1999-03-02 09:44:33 10HmcF-000000005vi-0000 bits 256
-1999-03-02 09:44:33 10HmcF-000000005vi-0000 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmcG-000000005vi-0000"
+1999-03-02 09:44:33 10HmcF-000000005vi-0000 => notreq@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmcG-000000005vi-0000"
1999-03-02 09:44:33 10HmcF-000000005vi-0000 Completed
-1999-03-02 09:44:33 10HmcH-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for resume@test.ex
-1999-03-02 09:44:33 10HmcH-000000005vi-0000 tls_out_resumption session resumed, also new ticket
+1999-03-02 09:44:33 10HmcH-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for getticket@test.ex
+1999-03-02 09:44:33 10HmcH-000000005vi-0000 tls_out_ver TLS1.3
+1999-03-02 09:44:33 10HmcH-000000005vi-0000 tls_out_resumption client requested new ticket, server provided
1999-03-02 09:44:33 10HmcH-000000005vi-0000 our cert subject
1999-03-02 09:44:33 10HmcH-000000005vi-0000 peer cert subject CN=server1.example.com
1999-03-02 09:44:33 10HmcH-000000005vi-0000 peer cert verified 1
1999-03-02 09:44:33 10HmcH-000000005vi-0000 peer dn CN=server1.example.com
-1999-03-02 09:44:33 10HmcH-000000005vi-0000 cipher TLS1.x:ke-PSK-AES256-SHAnnn:xxx
+1999-03-02 09:44:33 10HmcH-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
1999-03-02 09:44:33 10HmcH-000000005vi-0000 bits 256
-1999-03-02 09:44:33 10HmcH-000000005vi-0000 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmcI-000000005vi-0000"
+1999-03-02 09:44:33 10HmcH-000000005vi-0000 => getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmcI-000000005vi-0000"
1999-03-02 09:44:33 10HmcH-000000005vi-0000 Completed
+1999-03-02 09:44:33 10HmcJ-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for noresume@test.ex
+1999-03-02 09:44:33 10HmcJ-000000005vi-0000 tls_out_ver TLS1.3
+1999-03-02 09:44:33 10HmcJ-000000005vi-0000 tls_out_resumption client requested new ticket, server provided
+1999-03-02 09:44:33 10HmcJ-000000005vi-0000 our cert subject
+1999-03-02 09:44:33 10HmcJ-000000005vi-0000 peer cert subject CN=server1.example.com
+1999-03-02 09:44:33 10HmcJ-000000005vi-0000 peer cert verified 1
+1999-03-02 09:44:33 10HmcJ-000000005vi-0000 peer dn CN=server1.example.com
+1999-03-02 09:44:33 10HmcJ-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
+1999-03-02 09:44:33 10HmcJ-000000005vi-0000 bits 256
+1999-03-02 09:44:33 10HmcJ-000000005vi-0000 => noresume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmcK-000000005vi-0000"
+1999-03-02 09:44:33 10HmcJ-000000005vi-0000 Completed
+1999-03-02 09:44:33 10HmcL-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for resume@test.ex
+1999-03-02 09:44:33 10HmcL-000000005vi-0000 tls_out_ver TLS1.3
+1999-03-02 09:44:33 10HmcL-000000005vi-0000 tls_out_resumption session resumed, also new ticket
+1999-03-02 09:44:33 10HmcL-000000005vi-0000 our cert subject
+1999-03-02 09:44:33 10HmcL-000000005vi-0000 peer cert subject CN=server1.example.com
+1999-03-02 09:44:33 10HmcL-000000005vi-0000 peer cert verified 1
+1999-03-02 09:44:33 10HmcL-000000005vi-0000 peer dn CN=server1.example.com
+1999-03-02 09:44:33 10HmcL-000000005vi-0000 cipher TLS1.x:ke-PSK-AES256-SHAnnn:xxx
+1999-03-02 09:44:33 10HmcL-000000005vi-0000 bits 256
+1999-03-02 09:44:33 10HmcL-000000005vi-0000 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmcM-000000005vi-0000"
+1999-03-02 09:44:33 10HmcL-000000005vi-0000 Completed
+1999-03-02 09:44:33 10HmcN-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for resume@test.ex
+1999-03-02 09:44:33 10HmcN-000000005vi-0000 tls_out_ver TLS1.3
+1999-03-02 09:44:33 10HmcN-000000005vi-0000 tls_out_resumption session resumed, also new ticket
+1999-03-02 09:44:33 10HmcN-000000005vi-0000 our cert subject
+1999-03-02 09:44:33 10HmcN-000000005vi-0000 peer cert subject CN=server1.example.com
+1999-03-02 09:44:33 10HmcN-000000005vi-0000 peer cert verified 1
+1999-03-02 09:44:33 10HmcN-000000005vi-0000 peer dn CN=server1.example.com
+1999-03-02 09:44:33 10HmcN-000000005vi-0000 cipher TLS1.x:ke-PSK-AES256-SHAnnn:xxx
+1999-03-02 09:44:33 10HmcN-000000005vi-0000 bits 256
+1999-03-02 09:44:33 10HmcN-000000005vi-0000 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmcO-000000005vi-0000"
+1999-03-02 09:44:33 10HmcN-000000005vi-0000 Completed
+1999-03-02 09:44:33 10HmcP-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for getticket@test.ex
+1999-03-02 09:44:33 10HmcP-000000005vi-0000 tls_out_ver TLS1.3
+1999-03-02 09:44:33 10HmcP-000000005vi-0000 tls_out_resumption client requested new ticket, server provided
+1999-03-02 09:44:33 10HmcP-000000005vi-0000 our cert subject
+1999-03-02 09:44:33 10HmcP-000000005vi-0000 peer cert subject CN=server1.example.com
+1999-03-02 09:44:33 10HmcP-000000005vi-0000 peer cert verified 1
+1999-03-02 09:44:33 10HmcP-000000005vi-0000 peer dn CN=server1.example.com
+1999-03-02 09:44:33 10HmcP-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
+1999-03-02 09:44:33 10HmcP-000000005vi-0000 bits 256
+1999-03-02 09:44:33 10HmcP-000000005vi-0000 => getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D2 X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmcQ-000000005vi-0000"
+1999-03-02 09:44:33 10HmcP-000000005vi-0000 Completed
+1999-03-02 09:44:33 10HmcR-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for resume@test.ex
+1999-03-02 09:44:33 10HmcR-000000005vi-0000 tls_out_ver TLS1.3
+1999-03-02 09:44:33 10HmcR-000000005vi-0000 tls_out_resumption session resumed, also new ticket
+1999-03-02 09:44:33 10HmcR-000000005vi-0000 our cert subject
+1999-03-02 09:44:33 10HmcR-000000005vi-0000 peer cert subject CN=server1.example.com
+1999-03-02 09:44:33 10HmcR-000000005vi-0000 peer cert verified 1
+1999-03-02 09:44:33 10HmcR-000000005vi-0000 peer dn CN=server1.example.com
+1999-03-02 09:44:33 10HmcR-000000005vi-0000 cipher TLS1.x:ke-PSK-AES256-SHAnnn:xxx
+1999-03-02 09:44:33 10HmcR-000000005vi-0000 bits 256
+1999-03-02 09:44:33 10HmcR-000000005vi-0000 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D2 X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmcS-000000005vi-0000"
+1999-03-02 09:44:33 10HmcR-000000005vi-0000 Completed
******** SERVER ********
-1999-03-02 09:44:33 exim x.yz daemon started: pid=p1234, no queue runs, listening for SMTP on port PORT_D
+1999-03-02 09:44:33 exim x.yz daemon started: pid=p1234, no queue runs, listening for SMTP on port PORT_D and for SMTPS on port PORT_D2
+1999-03-02 09:44:33 tls_in_ver TLS1.2
1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided
1999-03-02 09:44:33 our cert subject CN=server1.example.com
1999-03-02 09:44:33 peer cert subject
1999-03-02 09:44:33 10HmaY-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaX-000000005vi-0000@myhost.test.ex for getticket@test.ex
1999-03-02 09:44:33 10HmaY-000000005vi-0000 => :blackhole: <getticket@test.ex> R=server
1999-03-02 09:44:33 10HmaY-000000005vi-0000 Completed
+1999-03-02 09:44:33 tls_in_ver TLS1.2
1999-03-02 09:44:33 tls_in_resumption session resumed
1999-03-02 09:44:33 our cert subject
1999-03-02 09:44:33 peer cert subject
1999-03-02 09:44:33 10HmbA-000000005vi-0000 => :blackhole: <xyz@test.ex> R=server
1999-03-02 09:44:33 10HmbA-000000005vi-0000 => :blackhole: <resume@test.ex> R=server
1999-03-02 09:44:33 10HmbA-000000005vi-0000 Completed
+1999-03-02 09:44:33 tls_in_ver TLS1.2
1999-03-02 09:44:33 tls_in_resumption not requested or offered
1999-03-02 09:44:33 our cert subject CN=server1.example.com
1999-03-02 09:44:33 peer cert subject
1999-03-02 09:44:33 peer dn
1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
1999-03-02 09:44:33 bits 256
-1999-03-02 09:44:33 10HmbB-000000005vi-0000 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaZ-000000005vi-0000@myhost.test.ex for abcd@test.ex
-1999-03-02 09:44:33 10HmbB-000000005vi-0000 => :blackhole: <abcd@test.ex> R=server
+1999-03-02 09:44:33 10HmbB-000000005vi-0000 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaZ-000000005vi-0000@myhost.test.ex for hostnotresume@test.ex
+1999-03-02 09:44:33 10HmbB-000000005vi-0000 => :blackhole: <hostnotresume@test.ex> R=server
1999-03-02 09:44:33 10HmbB-000000005vi-0000 Completed
+1999-03-02 09:44:33 tls_in_ver TLS1.2
1999-03-02 09:44:33 tls_in_resumption session resumed
1999-03-02 09:44:33 our cert subject
1999-03-02 09:44:33 peer cert subject
1999-03-02 09:44:33 10HmbD-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbC-000000005vi-0000@myhost.test.ex for renewal@test.ex
1999-03-02 09:44:33 10HmbD-000000005vi-0000 => :blackhole: <renewal@test.ex> R=server
1999-03-02 09:44:33 10HmbD-000000005vi-0000 Completed
+1999-03-02 09:44:33 tls_in_ver TLS1.2
1999-03-02 09:44:33 tls_in_resumption session resumed
1999-03-02 09:44:33 our cert subject
1999-03-02 09:44:33 peer cert subject
1999-03-02 09:44:33 10HmbF-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbE-000000005vi-0000@myhost.test.ex for postrenewal@test.ex
1999-03-02 09:44:33 10HmbF-000000005vi-0000 => :blackhole: <postrenewal@test.ex> R=server
1999-03-02 09:44:33 10HmbF-000000005vi-0000 Completed
+1999-03-02 09:44:33 tls_in_ver TLS1.2
1999-03-02 09:44:33 tls_in_resumption client offered session, server only provided new ticket
1999-03-02 09:44:33 our cert subject CN=server1.example.com
1999-03-02 09:44:33 peer cert subject
1999-03-02 09:44:33 10HmbH-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbG-000000005vi-0000@myhost.test.ex for timeout@test.ex
1999-03-02 09:44:33 10HmbH-000000005vi-0000 => :blackhole: <timeout@test.ex> R=server
1999-03-02 09:44:33 10HmbH-000000005vi-0000 Completed
+1999-03-02 09:44:33 tls_in_ver TLS1.2
1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided
1999-03-02 09:44:33 our cert subject CN=server1.example.com
1999-03-02 09:44:33 peer cert subject
1999-03-02 09:44:33 10HmbJ-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbI-000000005vi-0000@myhost.test.ex for notreq@test.ex
1999-03-02 09:44:33 10HmbJ-000000005vi-0000 => :blackhole: <notreq@test.ex> R=server
1999-03-02 09:44:33 10HmbJ-000000005vi-0000 Completed
+1999-03-02 09:44:33 tls_in_ver TLS1.2
1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided
1999-03-02 09:44:33 our cert subject CN=server1.example.com
1999-03-02 09:44:33 peer cert subject
1999-03-02 09:44:33 10HmbL-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbK-000000005vi-0000@myhost.test.ex for noverify_getticket@test.ex
1999-03-02 09:44:33 10HmbL-000000005vi-0000 => :blackhole: <noverify_getticket@test.ex> R=server
1999-03-02 09:44:33 10HmbL-000000005vi-0000 Completed
+1999-03-02 09:44:33 tls_in_ver TLS1.2
1999-03-02 09:44:33 tls_in_resumption session resumed
1999-03-02 09:44:33 our cert subject
1999-03-02 09:44:33 peer cert subject
1999-03-02 09:44:33 10HmbN-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbM-000000005vi-0000@myhost.test.ex for noverify_resume@test.ex
1999-03-02 09:44:33 10HmbN-000000005vi-0000 => :blackhole: <noverify_resume@test.ex> R=server
1999-03-02 09:44:33 10HmbN-000000005vi-0000 Completed
-1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D
+1999-03-02 09:44:33 tls_in_ver TLS1.2
+1999-03-02 09:44:33 tls_in_resumption session resumed
+1999-03-02 09:44:33 our cert subject
+1999-03-02 09:44:33 peer cert subject
+1999-03-02 09:44:33 peer cert verified 0
+1999-03-02 09:44:33 peer dn
+1999-03-02 09:44:33 cipher TLS1.x:ke--AES256-SHAnnn:xxx
+1999-03-02 09:44:33 bits 256
+1999-03-02 09:44:33 10HmbP-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbO-000000005vi-0000@myhost.test.ex for resume@test.ex
+1999-03-02 09:44:33 10HmbP-000000005vi-0000 => :blackhole: <resume@test.ex> R=server
+1999-03-02 09:44:33 10HmbP-000000005vi-0000 Completed
+1999-03-02 09:44:33 tls_in_ver TLS1.2
+1999-03-02 09:44:33 tls_in_resumption client offered session, server only provided new ticket
+1999-03-02 09:44:33 our cert subject CN=server1.example.com
+1999-03-02 09:44:33 peer cert subject
+1999-03-02 09:44:33 peer cert verified 0
+1999-03-02 09:44:33 peer dn
+1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
+1999-03-02 09:44:33 bits 256
+1999-03-02 09:44:33 10HmbR-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] TFO* P=smtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbQ-000000005vi-0000@myhost.test.ex for getticket@test.ex
+1999-03-02 09:44:33 10HmbR-000000005vi-0000 => :blackhole: <getticket@test.ex> R=server
+1999-03-02 09:44:33 10HmbR-000000005vi-0000 Completed
+1999-03-02 09:44:33 tls_in_ver TLS1.2
+1999-03-02 09:44:33 tls_in_resumption session resumed
+1999-03-02 09:44:33 our cert subject
+1999-03-02 09:44:33 peer cert subject
+1999-03-02 09:44:33 peer cert verified 0
+1999-03-02 09:44:33 peer dn
+1999-03-02 09:44:33 cipher TLS1.x:ke--AES256-SHAnnn:xxx
+1999-03-02 09:44:33 bits 256
+1999-03-02 09:44:33 10HmbT-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] TFO* P=smtps X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbS-000000005vi-0000@myhost.test.ex for resume@test.ex
+1999-03-02 09:44:33 10HmbT-000000005vi-0000 => :blackhole: <resume@test.ex> R=server
+1999-03-02 09:44:33 10HmbT-000000005vi-0000 Completed
+1999-03-02 09:44:33 exim x.yz daemon started: pid=p1235, no queue runs, listening for SMTP on port PORT_D and for SMTPS on port PORT_D2
+1999-03-02 09:44:33 tls_in_ver TLS1.3
1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided
1999-03-02 09:44:33 our cert subject CN=server1.example.com
1999-03-02 09:44:33 peer cert subject
1999-03-02 09:44:33 peer dn
1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
1999-03-02 09:44:33 bits 256
-1999-03-02 09:44:33 10HmbP-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbO-000000005vi-0000@myhost.test.ex for getticket@test.ex
-1999-03-02 09:44:33 10HmbP-000000005vi-0000 => :blackhole: <getticket@test.ex> R=server
-1999-03-02 09:44:33 10HmbP-000000005vi-0000 Completed
+1999-03-02 09:44:33 10HmbV-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbU-000000005vi-0000@myhost.test.ex for getticket@test.ex
+1999-03-02 09:44:33 10HmbV-000000005vi-0000 => :blackhole: <getticket@test.ex> R=server
+1999-03-02 09:44:33 10HmbV-000000005vi-0000 Completed
+1999-03-02 09:44:33 tls_in_ver TLS1.3
1999-03-02 09:44:33 tls_in_resumption session resumed, also new ticket
1999-03-02 09:44:33 our cert subject
1999-03-02 09:44:33 peer cert subject
1999-03-02 09:44:33 peer dn
1999-03-02 09:44:33 cipher TLS1.x:ke-PSK-AES256-SHAnnn:xxx
1999-03-02 09:44:33 bits 256
-1999-03-02 09:44:33 10HmbR-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbQ-000000005vi-0000@myhost.test.ex for resume@test.ex xyz@test.ex
-1999-03-02 09:44:33 10HmbR-000000005vi-0000 => :blackhole: <xyz@test.ex> R=server
-1999-03-02 09:44:33 10HmbR-000000005vi-0000 => :blackhole: <resume@test.ex> R=server
-1999-03-02 09:44:33 10HmbR-000000005vi-0000 Completed
+1999-03-02 09:44:33 10HmbX-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbW-000000005vi-0000@myhost.test.ex for resume@test.ex xyz@test.ex
+1999-03-02 09:44:33 10HmbX-000000005vi-0000 => :blackhole: <xyz@test.ex> R=server
+1999-03-02 09:44:33 10HmbX-000000005vi-0000 => :blackhole: <resume@test.ex> R=server
+1999-03-02 09:44:33 10HmbX-000000005vi-0000 Completed
+1999-03-02 09:44:33 tls_in_ver TLS1.3
1999-03-02 09:44:33 tls_in_resumption not requested or offered
1999-03-02 09:44:33 our cert subject CN=server1.example.com
1999-03-02 09:44:33 peer cert subject
1999-03-02 09:44:33 peer dn
1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
1999-03-02 09:44:33 bits 256
-1999-03-02 09:44:33 10HmbS-000000005vi-0000 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbQ-000000005vi-0000@myhost.test.ex for abcd@test.ex
-1999-03-02 09:44:33 10HmbS-000000005vi-0000 => :blackhole: <abcd@test.ex> R=server
-1999-03-02 09:44:33 10HmbS-000000005vi-0000 Completed
+1999-03-02 09:44:33 10HmbY-000000005vi-0000 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbW-000000005vi-0000@myhost.test.ex for hostnotresume@test.ex
+1999-03-02 09:44:33 10HmbY-000000005vi-0000 => :blackhole: <hostnotresume@test.ex> R=server
+1999-03-02 09:44:33 10HmbY-000000005vi-0000 Completed
+1999-03-02 09:44:33 tls_in_ver TLS1.3
1999-03-02 09:44:33 tls_in_resumption session resumed, also new ticket
1999-03-02 09:44:33 our cert subject
1999-03-02 09:44:33 peer cert subject
1999-03-02 09:44:33 peer dn
1999-03-02 09:44:33 cipher TLS1.x:ke-PSK-AES256-SHAnnn:xxx
1999-03-02 09:44:33 bits 256
-1999-03-02 09:44:33 10HmbU-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbT-000000005vi-0000@myhost.test.ex for renewal@test.ex
-1999-03-02 09:44:33 10HmbU-000000005vi-0000 => :blackhole: <renewal@test.ex> R=server
-1999-03-02 09:44:33 10HmbU-000000005vi-0000 Completed
+1999-03-02 09:44:33 10HmcA-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbZ-000000005vi-0000@myhost.test.ex for renewal@test.ex
+1999-03-02 09:44:33 10HmcA-000000005vi-0000 => :blackhole: <renewal@test.ex> R=server
+1999-03-02 09:44:33 10HmcA-000000005vi-0000 Completed
+1999-03-02 09:44:33 tls_in_ver TLS1.3
1999-03-02 09:44:33 tls_in_resumption session resumed
1999-03-02 09:44:33 our cert subject
1999-03-02 09:44:33 peer cert subject
1999-03-02 09:44:33 peer dn
1999-03-02 09:44:33 cipher TLS1.x:ke-PSK-AES256-SHAnnn:xxx
1999-03-02 09:44:33 bits 256
-1999-03-02 09:44:33 10HmbW-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbV-000000005vi-0000@myhost.test.ex for postrenewal@test.ex
-1999-03-02 09:44:33 10HmbW-000000005vi-0000 => :blackhole: <postrenewal@test.ex> R=server
-1999-03-02 09:44:33 10HmbW-000000005vi-0000 Completed
+1999-03-02 09:44:33 10HmcC-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmcB-000000005vi-0000@myhost.test.ex for postrenewal@test.ex
+1999-03-02 09:44:33 10HmcC-000000005vi-0000 => :blackhole: <postrenewal@test.ex> R=server
+1999-03-02 09:44:33 10HmcC-000000005vi-0000 Completed
+1999-03-02 09:44:33 tls_in_ver TLS1.3
1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided
1999-03-02 09:44:33 our cert subject CN=server1.example.com
1999-03-02 09:44:33 peer cert subject
1999-03-02 09:44:33 peer dn
1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
1999-03-02 09:44:33 bits 256
-1999-03-02 09:44:33 10HmbY-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbX-000000005vi-0000@myhost.test.ex for timeout@test.ex
-1999-03-02 09:44:33 10HmbY-000000005vi-0000 => :blackhole: <timeout@test.ex> R=server
-1999-03-02 09:44:33 10HmbY-000000005vi-0000 Completed
+1999-03-02 09:44:33 10HmcE-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmcD-000000005vi-0000@myhost.test.ex for timeout@test.ex
+1999-03-02 09:44:33 10HmcE-000000005vi-0000 => :blackhole: <timeout@test.ex> R=server
+1999-03-02 09:44:33 10HmcE-000000005vi-0000 Completed
+1999-03-02 09:44:33 tls_in_ver TLS1.3
1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided
1999-03-02 09:44:33 our cert subject CN=server1.example.com
1999-03-02 09:44:33 peer cert subject
1999-03-02 09:44:33 peer dn
1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
1999-03-02 09:44:33 bits 256
-1999-03-02 09:44:33 10HmcA-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbZ-000000005vi-0000@myhost.test.ex for notreq@test.ex
-1999-03-02 09:44:33 10HmcA-000000005vi-0000 => :blackhole: <notreq@test.ex> R=server
-1999-03-02 09:44:33 10HmcA-000000005vi-0000 Completed
+1999-03-02 09:44:33 10HmcG-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmcF-000000005vi-0000@myhost.test.ex for notreq@test.ex
+1999-03-02 09:44:33 10HmcG-000000005vi-0000 => :blackhole: <notreq@test.ex> R=server
+1999-03-02 09:44:33 10HmcG-000000005vi-0000 Completed
+1999-03-02 09:44:33 tls_in_ver TLS1.3
1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided
1999-03-02 09:44:33 our cert subject CN=server1.example.com
1999-03-02 09:44:33 peer cert subject
1999-03-02 09:44:33 peer dn
1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
1999-03-02 09:44:33 bits 256
-1999-03-02 09:44:33 10HmcC-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmcB-000000005vi-0000@myhost.test.ex for getticket@test.ex
-1999-03-02 09:44:33 10HmcC-000000005vi-0000 => :blackhole: <getticket@test.ex> R=server
-1999-03-02 09:44:33 10HmcC-000000005vi-0000 Completed
+1999-03-02 09:44:33 10HmcI-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmcH-000000005vi-0000@myhost.test.ex for getticket@test.ex
+1999-03-02 09:44:33 10HmcI-000000005vi-0000 => :blackhole: <getticket@test.ex> R=server
+1999-03-02 09:44:33 10HmcI-000000005vi-0000 Completed
+1999-03-02 09:44:33 tls_in_ver TLS1.3
1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided
1999-03-02 09:44:33 our cert subject CN=server1.example.com
1999-03-02 09:44:33 peer cert subject
1999-03-02 09:44:33 peer dn
1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
1999-03-02 09:44:33 bits 256
-1999-03-02 09:44:33 10HmcE-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmcD-000000005vi-0000@myhost.test.ex for noresume@test.ex
-1999-03-02 09:44:33 10HmcE-000000005vi-0000 => :blackhole: <noresume@test.ex> R=server
-1999-03-02 09:44:33 10HmcE-000000005vi-0000 Completed
+1999-03-02 09:44:33 10HmcK-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmcJ-000000005vi-0000@myhost.test.ex for noresume@test.ex
+1999-03-02 09:44:33 10HmcK-000000005vi-0000 => :blackhole: <noresume@test.ex> R=server
+1999-03-02 09:44:33 10HmcK-000000005vi-0000 Completed
+1999-03-02 09:44:33 tls_in_ver TLS1.3
1999-03-02 09:44:33 tls_in_resumption session resumed, also new ticket
1999-03-02 09:44:33 our cert subject
1999-03-02 09:44:33 peer cert subject
1999-03-02 09:44:33 peer dn
1999-03-02 09:44:33 cipher TLS1.x:ke-PSK-AES256-SHAnnn:xxx
1999-03-02 09:44:33 bits 256
-1999-03-02 09:44:33 10HmcG-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmcF-000000005vi-0000@myhost.test.ex for resume@test.ex
-1999-03-02 09:44:33 10HmcG-000000005vi-0000 => :blackhole: <resume@test.ex> R=server
-1999-03-02 09:44:33 10HmcG-000000005vi-0000 Completed
+1999-03-02 09:44:33 10HmcM-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmcL-000000005vi-0000@myhost.test.ex for resume@test.ex
+1999-03-02 09:44:33 10HmcM-000000005vi-0000 => :blackhole: <resume@test.ex> R=server
+1999-03-02 09:44:33 10HmcM-000000005vi-0000 Completed
+1999-03-02 09:44:33 tls_in_ver TLS1.3
1999-03-02 09:44:33 tls_in_resumption session resumed, also new ticket
1999-03-02 09:44:33 our cert subject
1999-03-02 09:44:33 peer cert subject
1999-03-02 09:44:33 peer dn
1999-03-02 09:44:33 cipher TLS1.x:ke-PSK-AES256-SHAnnn:xxx
1999-03-02 09:44:33 bits 256
-1999-03-02 09:44:33 10HmcI-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmcH-000000005vi-0000@myhost.test.ex for resume@test.ex
-1999-03-02 09:44:33 10HmcI-000000005vi-0000 => :blackhole: <resume@test.ex> R=server
-1999-03-02 09:44:33 10HmcI-000000005vi-0000 Completed
+1999-03-02 09:44:33 10HmcO-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmcN-000000005vi-0000@myhost.test.ex for resume@test.ex
+1999-03-02 09:44:33 10HmcO-000000005vi-0000 => :blackhole: <resume@test.ex> R=server
+1999-03-02 09:44:33 10HmcO-000000005vi-0000 Completed
+1999-03-02 09:44:33 tls_in_ver TLS1.3
+1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided
+1999-03-02 09:44:33 our cert subject CN=server1.example.com
+1999-03-02 09:44:33 peer cert subject
+1999-03-02 09:44:33 peer cert verified 0
+1999-03-02 09:44:33 peer dn
+1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
+1999-03-02 09:44:33 bits 256
+1999-03-02 09:44:33 10HmcQ-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] TFO* P=smtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmcP-000000005vi-0000@myhost.test.ex for getticket@test.ex
+1999-03-02 09:44:33 10HmcQ-000000005vi-0000 => :blackhole: <getticket@test.ex> R=server
+1999-03-02 09:44:33 10HmcQ-000000005vi-0000 Completed
+1999-03-02 09:44:33 tls_in_ver TLS1.3
+1999-03-02 09:44:33 tls_in_resumption session resumed, also new ticket
+1999-03-02 09:44:33 our cert subject
+1999-03-02 09:44:33 peer cert subject
+1999-03-02 09:44:33 peer cert verified 0
+1999-03-02 09:44:33 peer dn
+1999-03-02 09:44:33 cipher TLS1.x:ke-PSK-AES256-SHAnnn:xxx
+1999-03-02 09:44:33 bits 256
+1999-03-02 09:44:33 10HmcS-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] TFO* P=smtps X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmcR-000000005vi-0000@myhost.test.ex for resume@test.ex
+1999-03-02 09:44:33 10HmcS-000000005vi-0000 => :blackhole: <resume@test.ex> R=server
+1999-03-02 09:44:33 10HmcS-000000005vi-0000 Completed
1999-03-02 09:44:33 10HmaX-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for getticket@test.ex
+1999-03-02 09:44:33 10HmaX-000000005vi-0000 tls_out_ver TLS1.2
1999-03-02 09:44:33 10HmaX-000000005vi-0000 tls_out_resumption client requested new ticket, server provided
1999-03-02 09:44:33 10HmaX-000000005vi-0000 our cert subject
1999-03-02 09:44:33 10HmaX-000000005vi-0000 peer cert subject CN=server1.example.com
1999-03-02 09:44:33 10HmaX-000000005vi-0000 peer dn /CN=server1.example.com
1999-03-02 09:44:33 10HmaX-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
1999-03-02 09:44:33 10HmaX-000000005vi-0000 bits 256
-1999-03-02 09:44:33 10HmaX-000000005vi-0000 => getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmaY-000000005vi-0000"
+1999-03-02 09:44:33 10HmaX-000000005vi-0000 => getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmaY-000000005vi-0000"
1999-03-02 09:44:33 10HmaX-000000005vi-0000 Completed
1999-03-02 09:44:33 10HmaZ-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for resume@test.ex hostnotresume@test.ex xyz@test.ex
+1999-03-02 09:44:33 10HmaZ-000000005vi-0000 tls_out_ver TLS1.2
1999-03-02 09:44:33 10HmaZ-000000005vi-0000 tls_out_resumption session resumed
1999-03-02 09:44:33 10HmaZ-000000005vi-0000 our cert subject
1999-03-02 09:44:33 10HmaZ-000000005vi-0000 peer cert subject CN=server1.example.com
1999-03-02 09:44:33 10HmaZ-000000005vi-0000 peer dn /CN=server1.example.com
1999-03-02 09:44:33 10HmaZ-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
1999-03-02 09:44:33 10HmaZ-000000005vi-0000 bits 256
-1999-03-02 09:44:33 10HmaZ-000000005vi-0000 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbA-000000005vi-0000"
-1999-03-02 09:44:33 10HmaZ-000000005vi-0000 -> xyz@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbA-000000005vi-0000"
+1999-03-02 09:44:33 10HmaZ-000000005vi-0000 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbA-000000005vi-0000"
+1999-03-02 09:44:33 10HmaZ-000000005vi-0000 -> xyz@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbA-000000005vi-0000"
+1999-03-02 09:44:33 10HmaZ-000000005vi-0000 tls_out_ver TLS1.2
1999-03-02 09:44:33 10HmaZ-000000005vi-0000 tls_out_resumption not requested or offered
1999-03-02 09:44:33 10HmaZ-000000005vi-0000 our cert subject
1999-03-02 09:44:33 10HmaZ-000000005vi-0000 peer cert subject CN=server1.example.com
1999-03-02 09:44:33 10HmaZ-000000005vi-0000 peer dn /CN=server1.example.com
1999-03-02 09:44:33 10HmaZ-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
1999-03-02 09:44:33 10HmaZ-000000005vi-0000 bits 256
-1999-03-02 09:44:33 10HmaZ-000000005vi-0000 => hostnotresume@test.ex R=client T=send_to_server2 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbB-000000005vi-0000"
+1999-03-02 09:44:33 10HmaZ-000000005vi-0000 => hostnotresume@test.ex R=client T=send_to_server2 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbB-000000005vi-0000"
1999-03-02 09:44:33 10HmaZ-000000005vi-0000 Completed
1999-03-02 09:44:33 10HmbC-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for renewal@test.ex
+1999-03-02 09:44:33 10HmbC-000000005vi-0000 tls_out_ver TLS1.2
1999-03-02 09:44:33 10HmbC-000000005vi-0000 tls_out_resumption session resumed
1999-03-02 09:44:33 10HmbC-000000005vi-0000 our cert subject
1999-03-02 09:44:33 10HmbC-000000005vi-0000 peer cert subject CN=server1.example.com
1999-03-02 09:44:33 10HmbC-000000005vi-0000 peer dn /CN=server1.example.com
1999-03-02 09:44:33 10HmbC-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
1999-03-02 09:44:33 10HmbC-000000005vi-0000 bits 256
-1999-03-02 09:44:33 10HmbC-000000005vi-0000 => renewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbD-000000005vi-0000"
+1999-03-02 09:44:33 10HmbC-000000005vi-0000 => renewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbD-000000005vi-0000"
1999-03-02 09:44:33 10HmbC-000000005vi-0000 Completed
1999-03-02 09:44:33 10HmbE-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for postrenewal@test.ex
+1999-03-02 09:44:33 10HmbE-000000005vi-0000 tls_out_ver TLS1.2
1999-03-02 09:44:33 10HmbE-000000005vi-0000 tls_out_resumption session resumed
1999-03-02 09:44:33 10HmbE-000000005vi-0000 our cert subject
1999-03-02 09:44:33 10HmbE-000000005vi-0000 peer cert subject CN=server1.example.com
1999-03-02 09:44:33 10HmbE-000000005vi-0000 peer dn /CN=server1.example.com
1999-03-02 09:44:33 10HmbE-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
1999-03-02 09:44:33 10HmbE-000000005vi-0000 bits 256
-1999-03-02 09:44:33 10HmbE-000000005vi-0000 => postrenewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbF-000000005vi-0000"
+1999-03-02 09:44:33 10HmbE-000000005vi-0000 => postrenewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbF-000000005vi-0000"
1999-03-02 09:44:33 10HmbE-000000005vi-0000 Completed
1999-03-02 09:44:33 10HmbG-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for aftertimeout@test.ex
+1999-03-02 09:44:33 10HmbG-000000005vi-0000 tls_out_ver TLS1.2
1999-03-02 09:44:33 10HmbG-000000005vi-0000 tls_out_resumption client requested new ticket, server provided
1999-03-02 09:44:33 10HmbG-000000005vi-0000 our cert subject
1999-03-02 09:44:33 10HmbG-000000005vi-0000 peer cert subject CN=server1.example.com
1999-03-02 09:44:33 10HmbG-000000005vi-0000 peer dn /CN=server1.example.com
1999-03-02 09:44:33 10HmbG-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
1999-03-02 09:44:33 10HmbG-000000005vi-0000 bits 256
-1999-03-02 09:44:33 10HmbG-000000005vi-0000 => aftertimeout@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbH-000000005vi-0000"
+1999-03-02 09:44:33 10HmbG-000000005vi-0000 => aftertimeout@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbH-000000005vi-0000"
1999-03-02 09:44:33 10HmbG-000000005vi-0000 Completed
1999-03-02 09:44:33 10HmbI-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for notreq@test.ex
+1999-03-02 09:44:33 10HmbI-000000005vi-0000 tls_out_ver TLS1.2
1999-03-02 09:44:33 10HmbI-000000005vi-0000 tls_out_resumption not requested or offered
1999-03-02 09:44:33 10HmbI-000000005vi-0000 our cert subject
1999-03-02 09:44:33 10HmbI-000000005vi-0000 peer cert subject CN=server1.example.com
1999-03-02 09:44:33 10HmbI-000000005vi-0000 peer dn /CN=server1.example.com
1999-03-02 09:44:33 10HmbI-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
1999-03-02 09:44:33 10HmbI-000000005vi-0000 bits 256
-1999-03-02 09:44:33 10HmbI-000000005vi-0000 => notreq@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbJ-000000005vi-0000"
+1999-03-02 09:44:33 10HmbI-000000005vi-0000 => notreq@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbJ-000000005vi-0000"
1999-03-02 09:44:33 10HmbI-000000005vi-0000 Completed
1999-03-02 09:44:33 10HmbK-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for noverify_getticket@test.ex
1999-03-02 09:44:33 10HmbK-000000005vi-0000 [127.0.0.1] SSL verify error: certificate name mismatch: DN="/CN=server1.example.com" H="127.0.0.1"
+1999-03-02 09:44:33 10HmbK-000000005vi-0000 tls_out_ver TLS1.2
1999-03-02 09:44:33 10HmbK-000000005vi-0000 tls_out_resumption client requested new ticket, server provided
1999-03-02 09:44:33 10HmbK-000000005vi-0000 our cert subject
1999-03-02 09:44:33 10HmbK-000000005vi-0000 peer cert subject CN=server1.example.com
1999-03-02 09:44:33 10HmbK-000000005vi-0000 peer dn /CN=server1.example.com
1999-03-02 09:44:33 10HmbK-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
1999-03-02 09:44:33 10HmbK-000000005vi-0000 bits 256
-1999-03-02 09:44:33 10HmbK-000000005vi-0000 => noverify_getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no DN="/CN=server1.example.com" C="250 OK id=10HmbL-000000005vi-0000"
+1999-03-02 09:44:33 10HmbK-000000005vi-0000 => noverify_getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no DN="/CN=server1.example.com" C="250 OK id=10HmbL-000000005vi-0000"
1999-03-02 09:44:33 10HmbK-000000005vi-0000 Completed
1999-03-02 09:44:33 10HmbM-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for noverify_resume@test.ex
+1999-03-02 09:44:33 10HmbM-000000005vi-0000 tls_out_ver TLS1.2
1999-03-02 09:44:33 10HmbM-000000005vi-0000 tls_out_resumption session resumed
1999-03-02 09:44:33 10HmbM-000000005vi-0000 our cert subject
1999-03-02 09:44:33 10HmbM-000000005vi-0000 peer cert subject CN=server1.example.com
1999-03-02 09:44:33 10HmbM-000000005vi-0000 peer dn /CN=server1.example.com
1999-03-02 09:44:33 10HmbM-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
1999-03-02 09:44:33 10HmbM-000000005vi-0000 bits 256
-1999-03-02 09:44:33 10HmbM-000000005vi-0000 => noverify_resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no DN="/CN=server1.example.com" C="250 OK id=10HmbN-000000005vi-0000"
+1999-03-02 09:44:33 10HmbM-000000005vi-0000 => noverify_resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no DN="/CN=server1.example.com" C="250 OK id=10HmbN-000000005vi-0000"
1999-03-02 09:44:33 10HmbM-000000005vi-0000 Completed
1999-03-02 09:44:33 10HmbO-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for getticket@test.ex
+1999-03-02 09:44:33 10HmbO-000000005vi-0000 tls_out_ver TLS1.2
1999-03-02 09:44:33 10HmbO-000000005vi-0000 tls_out_resumption client requested new ticket, server provided
1999-03-02 09:44:33 10HmbO-000000005vi-0000 our cert subject
1999-03-02 09:44:33 10HmbO-000000005vi-0000 peer cert subject CN=server1.example.com
1999-03-02 09:44:33 10HmbO-000000005vi-0000 peer dn /CN=server1.example.com
1999-03-02 09:44:33 10HmbO-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
1999-03-02 09:44:33 10HmbO-000000005vi-0000 bits 256
-1999-03-02 09:44:33 10HmbO-000000005vi-0000 => getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbP-000000005vi-0000"
+1999-03-02 09:44:33 10HmbO-000000005vi-0000 => getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbP-000000005vi-0000"
1999-03-02 09:44:33 10HmbO-000000005vi-0000 Completed
1999-03-02 09:44:33 10HmbQ-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for noresume@test.ex
+1999-03-02 09:44:33 10HmbQ-000000005vi-0000 tls_out_ver TLS1.2
1999-03-02 09:44:33 10HmbQ-000000005vi-0000 tls_out_resumption client requested new ticket, server provided
1999-03-02 09:44:33 10HmbQ-000000005vi-0000 our cert subject
1999-03-02 09:44:33 10HmbQ-000000005vi-0000 peer cert subject CN=server1.example.com
1999-03-02 09:44:33 10HmbQ-000000005vi-0000 peer dn /CN=server1.example.com
1999-03-02 09:44:33 10HmbQ-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
1999-03-02 09:44:33 10HmbQ-000000005vi-0000 bits 256
-1999-03-02 09:44:33 10HmbQ-000000005vi-0000 => noresume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbR-000000005vi-0000"
+1999-03-02 09:44:33 10HmbQ-000000005vi-0000 => noresume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbR-000000005vi-0000"
1999-03-02 09:44:33 10HmbQ-000000005vi-0000 Completed
1999-03-02 09:44:33 10HmbS-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for resume@test.ex
+1999-03-02 09:44:33 10HmbS-000000005vi-0000 tls_out_ver TLS1.2
1999-03-02 09:44:33 10HmbS-000000005vi-0000 tls_out_resumption session resumed
1999-03-02 09:44:33 10HmbS-000000005vi-0000 our cert subject
1999-03-02 09:44:33 10HmbS-000000005vi-0000 peer cert subject CN=server1.example.com
1999-03-02 09:44:33 10HmbS-000000005vi-0000 peer dn /CN=server1.example.com
1999-03-02 09:44:33 10HmbS-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
1999-03-02 09:44:33 10HmbS-000000005vi-0000 bits 256
-1999-03-02 09:44:33 10HmbS-000000005vi-0000 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbT-000000005vi-0000"
+1999-03-02 09:44:33 10HmbS-000000005vi-0000 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbT-000000005vi-0000"
1999-03-02 09:44:33 10HmbS-000000005vi-0000 Completed
1999-03-02 09:44:33 10HmbU-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for resume@test.ex
+1999-03-02 09:44:33 10HmbU-000000005vi-0000 tls_out_ver TLS1.2
1999-03-02 09:44:33 10HmbU-000000005vi-0000 tls_out_resumption session resumed
1999-03-02 09:44:33 10HmbU-000000005vi-0000 our cert subject
1999-03-02 09:44:33 10HmbU-000000005vi-0000 peer cert subject CN=server1.example.com
1999-03-02 09:44:33 10HmbU-000000005vi-0000 peer dn /CN=server1.example.com
1999-03-02 09:44:33 10HmbU-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
1999-03-02 09:44:33 10HmbU-000000005vi-0000 bits 256
-1999-03-02 09:44:33 10HmbU-000000005vi-0000 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbV-000000005vi-0000"
+1999-03-02 09:44:33 10HmbU-000000005vi-0000 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbV-000000005vi-0000"
1999-03-02 09:44:33 10HmbU-000000005vi-0000 Completed
+1999-03-02 09:44:33 10HmbW-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for getticket@test.ex
+1999-03-02 09:44:33 10HmbW-000000005vi-0000 tls_out_ver TLS1.2
+1999-03-02 09:44:33 10HmbW-000000005vi-0000 tls_out_resumption client requested new ticket, server provided
+1999-03-02 09:44:33 10HmbW-000000005vi-0000 our cert subject
+1999-03-02 09:44:33 10HmbW-000000005vi-0000 peer cert subject CN=server1.example.com
+1999-03-02 09:44:33 10HmbW-000000005vi-0000 peer cert verified 1
+1999-03-02 09:44:33 10HmbW-000000005vi-0000 peer dn /CN=server1.example.com
+1999-03-02 09:44:33 10HmbW-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
+1999-03-02 09:44:33 10HmbW-000000005vi-0000 bits 256
+1999-03-02 09:44:33 10HmbW-000000005vi-0000 => getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D2 X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbX-000000005vi-0000"
+1999-03-02 09:44:33 10HmbW-000000005vi-0000 Completed
+1999-03-02 09:44:33 10HmbY-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for resume@test.ex
+1999-03-02 09:44:33 10HmbY-000000005vi-0000 tls_out_ver TLS1.2
+1999-03-02 09:44:33 10HmbY-000000005vi-0000 tls_out_resumption session resumed
+1999-03-02 09:44:33 10HmbY-000000005vi-0000 our cert subject
+1999-03-02 09:44:33 10HmbY-000000005vi-0000 peer cert subject CN=server1.example.com
+1999-03-02 09:44:33 10HmbY-000000005vi-0000 peer cert verified 1
+1999-03-02 09:44:33 10HmbY-000000005vi-0000 peer dn /CN=server1.example.com
+1999-03-02 09:44:33 10HmbY-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
+1999-03-02 09:44:33 10HmbY-000000005vi-0000 bits 256
+1999-03-02 09:44:33 10HmbY-000000005vi-0000 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D2 X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbZ-000000005vi-0000"
+1999-03-02 09:44:33 10HmbY-000000005vi-0000 Completed
******** SERVER ********
-1999-03-02 09:44:33 exim x.yz daemon started: pid=p1234, no queue runs, listening for SMTP on port PORT_D
+1999-03-02 09:44:33 exim x.yz daemon started: pid=p1234, no queue runs, listening for SMTP on port PORT_D and for SMTPS on port PORT_D2
+1999-03-02 09:44:33 tls_in_ver TLS1.2
1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided
1999-03-02 09:44:33 our cert subject CN=server1.example.com
1999-03-02 09:44:33 peer cert subject
1999-03-02 09:44:33 10HmaY-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaX-000000005vi-0000@myhost.test.ex for getticket@test.ex
1999-03-02 09:44:33 10HmaY-000000005vi-0000 => :blackhole: <getticket@test.ex> R=server
1999-03-02 09:44:33 10HmaY-000000005vi-0000 Completed
+1999-03-02 09:44:33 tls_in_ver TLS1.2
1999-03-02 09:44:33 tls_in_resumption session resumed
1999-03-02 09:44:33 our cert subject CN=server1.example.com
1999-03-02 09:44:33 peer cert subject
1999-03-02 09:44:33 10HmbA-000000005vi-0000 => :blackhole: <xyz@test.ex> R=server
1999-03-02 09:44:33 10HmbA-000000005vi-0000 => :blackhole: <resume@test.ex> R=server
1999-03-02 09:44:33 10HmbA-000000005vi-0000 Completed
+1999-03-02 09:44:33 tls_in_ver TLS1.2
1999-03-02 09:44:33 tls_in_resumption not requested or offered
1999-03-02 09:44:33 our cert subject CN=server1.example.com
1999-03-02 09:44:33 peer cert subject
1999-03-02 09:44:33 10HmbB-000000005vi-0000 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaZ-000000005vi-0000@myhost.test.ex for hostnotresume@test.ex
1999-03-02 09:44:33 10HmbB-000000005vi-0000 => :blackhole: <hostnotresume@test.ex> R=server
1999-03-02 09:44:33 10HmbB-000000005vi-0000 Completed
+1999-03-02 09:44:33 tls_in_ver TLS1.2
1999-03-02 09:44:33 tls_in_resumption session resumed, also new ticket
1999-03-02 09:44:33 our cert subject CN=server1.example.com
1999-03-02 09:44:33 peer cert subject
1999-03-02 09:44:33 10HmbD-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbC-000000005vi-0000@myhost.test.ex for renewal@test.ex
1999-03-02 09:44:33 10HmbD-000000005vi-0000 => :blackhole: <renewal@test.ex> R=server
1999-03-02 09:44:33 10HmbD-000000005vi-0000 Completed
+1999-03-02 09:44:33 tls_in_ver TLS1.2
1999-03-02 09:44:33 tls_in_resumption session resumed, also new ticket
1999-03-02 09:44:33 our cert subject CN=server1.example.com
1999-03-02 09:44:33 peer cert subject
1999-03-02 09:44:33 10HmbF-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbE-000000005vi-0000@myhost.test.ex for postrenewal@test.ex
1999-03-02 09:44:33 10HmbF-000000005vi-0000 => :blackhole: <postrenewal@test.ex> R=server
1999-03-02 09:44:33 10HmbF-000000005vi-0000 Completed
+1999-03-02 09:44:33 tls_in_ver TLS1.2
1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided
1999-03-02 09:44:33 our cert subject CN=server1.example.com
1999-03-02 09:44:33 peer cert subject
1999-03-02 09:44:33 10HmbH-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbG-000000005vi-0000@myhost.test.ex for aftertimeout@test.ex
1999-03-02 09:44:33 10HmbH-000000005vi-0000 => :blackhole: <aftertimeout@test.ex> R=server
1999-03-02 09:44:33 10HmbH-000000005vi-0000 Completed
+1999-03-02 09:44:33 tls_in_ver TLS1.2
1999-03-02 09:44:33 tls_in_resumption no client request
1999-03-02 09:44:33 our cert subject CN=server1.example.com
1999-03-02 09:44:33 peer cert subject
1999-03-02 09:44:33 10HmbJ-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbI-000000005vi-0000@myhost.test.ex for notreq@test.ex
1999-03-02 09:44:33 10HmbJ-000000005vi-0000 => :blackhole: <notreq@test.ex> R=server
1999-03-02 09:44:33 10HmbJ-000000005vi-0000 Completed
+1999-03-02 09:44:33 tls_in_ver TLS1.2
1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided
1999-03-02 09:44:33 our cert subject CN=server1.example.com
1999-03-02 09:44:33 peer cert subject
1999-03-02 09:44:33 10HmbL-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbK-000000005vi-0000@myhost.test.ex for noverify_getticket@test.ex
1999-03-02 09:44:33 10HmbL-000000005vi-0000 => :blackhole: <noverify_getticket@test.ex> R=server
1999-03-02 09:44:33 10HmbL-000000005vi-0000 Completed
+1999-03-02 09:44:33 tls_in_ver TLS1.2
1999-03-02 09:44:33 tls_in_resumption session resumed
1999-03-02 09:44:33 our cert subject CN=server1.example.com
1999-03-02 09:44:33 peer cert subject
1999-03-02 09:44:33 10HmbN-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbM-000000005vi-0000@myhost.test.ex for noverify_resume@test.ex
1999-03-02 09:44:33 10HmbN-000000005vi-0000 => :blackhole: <noverify_resume@test.ex> R=server
1999-03-02 09:44:33 10HmbN-000000005vi-0000 Completed
+1999-03-02 09:44:33 tls_in_ver TLS1.2
1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided
1999-03-02 09:44:33 our cert subject CN=server1.example.com
1999-03-02 09:44:33 peer cert subject
1999-03-02 09:44:33 10HmbP-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbO-000000005vi-0000@myhost.test.ex for getticket@test.ex
1999-03-02 09:44:33 10HmbP-000000005vi-0000 => :blackhole: <getticket@test.ex> R=server
1999-03-02 09:44:33 10HmbP-000000005vi-0000 Completed
+1999-03-02 09:44:33 tls_in_ver TLS1.2
1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided
1999-03-02 09:44:33 our cert subject CN=server1.example.com
1999-03-02 09:44:33 peer cert subject
1999-03-02 09:44:33 10HmbR-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbQ-000000005vi-0000@myhost.test.ex for noresume@test.ex
1999-03-02 09:44:33 10HmbR-000000005vi-0000 => :blackhole: <noresume@test.ex> R=server
1999-03-02 09:44:33 10HmbR-000000005vi-0000 Completed
+1999-03-02 09:44:33 tls_in_ver TLS1.2
1999-03-02 09:44:33 tls_in_resumption session resumed
1999-03-02 09:44:33 our cert subject CN=server1.example.com
1999-03-02 09:44:33 peer cert subject
1999-03-02 09:44:33 10HmbT-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbS-000000005vi-0000@myhost.test.ex for resume@test.ex
1999-03-02 09:44:33 10HmbT-000000005vi-0000 => :blackhole: <resume@test.ex> R=server
1999-03-02 09:44:33 10HmbT-000000005vi-0000 Completed
+1999-03-02 09:44:33 tls_in_ver TLS1.2
1999-03-02 09:44:33 tls_in_resumption session resumed
1999-03-02 09:44:33 our cert subject CN=server1.example.com
1999-03-02 09:44:33 peer cert subject
1999-03-02 09:44:33 10HmbV-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbU-000000005vi-0000@myhost.test.ex for resume@test.ex
1999-03-02 09:44:33 10HmbV-000000005vi-0000 => :blackhole: <resume@test.ex> R=server
1999-03-02 09:44:33 10HmbV-000000005vi-0000 Completed
+1999-03-02 09:44:33 tls_in_ver TLS1.2
+1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided
+1999-03-02 09:44:33 our cert subject CN=server1.example.com
+1999-03-02 09:44:33 peer cert subject
+1999-03-02 09:44:33 peer cert verified 0
+1999-03-02 09:44:33 peer dn
+1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
+1999-03-02 09:44:33 bits 256
+1999-03-02 09:44:33 10HmbX-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] TFO* P=smtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbW-000000005vi-0000@myhost.test.ex for getticket@test.ex
+1999-03-02 09:44:33 10HmbX-000000005vi-0000 => :blackhole: <getticket@test.ex> R=server
+1999-03-02 09:44:33 10HmbX-000000005vi-0000 Completed
+1999-03-02 09:44:33 tls_in_ver TLS1.2
+1999-03-02 09:44:33 tls_in_resumption session resumed
+1999-03-02 09:44:33 our cert subject CN=server1.example.com
+1999-03-02 09:44:33 peer cert subject
+1999-03-02 09:44:33 peer cert verified 0
+1999-03-02 09:44:33 peer dn
+1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
+1999-03-02 09:44:33 bits 256
+1999-03-02 09:44:33 10HmbZ-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] TFO* P=smtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbY-000000005vi-0000@myhost.test.ex for resume@test.ex
+1999-03-02 09:44:33 10HmbZ-000000005vi-0000 => :blackhole: <resume@test.ex> R=server
+1999-03-02 09:44:33 10HmbZ-000000005vi-0000 Completed
1999-03-02 09:44:33 10HmaX-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for getticket@test.ex
+1999-03-02 09:44:33 10HmaX-000000005vi-0000 tls_out_ver TLS1.3
1999-03-02 09:44:33 10HmaX-000000005vi-0000 tls_out_resumption client requested new ticket, server provided
1999-03-02 09:44:33 10HmaX-000000005vi-0000 our cert subject
1999-03-02 09:44:33 10HmaX-000000005vi-0000 peer cert subject CN=server1.example.com
1999-03-02 09:44:33 10HmaX-000000005vi-0000 peer dn /CN=server1.example.com
1999-03-02 09:44:33 10HmaX-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
1999-03-02 09:44:33 10HmaX-000000005vi-0000 bits 256
-1999-03-02 09:44:33 10HmaX-000000005vi-0000 => getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmaY-000000005vi-0000"
+1999-03-02 09:44:33 10HmaX-000000005vi-0000 => getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmaY-000000005vi-0000"
1999-03-02 09:44:33 10HmaX-000000005vi-0000 Completed
-1999-03-02 09:44:33 10HmaZ-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for resume@test.ex abcd@test.ex xyz@test.ex
+1999-03-02 09:44:33 10HmaZ-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for resume@test.ex hostnotresume@test.ex xyz@test.ex
+1999-03-02 09:44:33 10HmaZ-000000005vi-0000 tls_out_ver TLS1.3
1999-03-02 09:44:33 10HmaZ-000000005vi-0000 tls_out_resumption session resumed
1999-03-02 09:44:33 10HmaZ-000000005vi-0000 our cert subject
1999-03-02 09:44:33 10HmaZ-000000005vi-0000 peer cert subject CN=server1.example.com
1999-03-02 09:44:33 10HmaZ-000000005vi-0000 peer dn /CN=server1.example.com
1999-03-02 09:44:33 10HmaZ-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
1999-03-02 09:44:33 10HmaZ-000000005vi-0000 bits 256
+1999-03-02 09:44:33 10HmaZ-000000005vi-0000 tls_out_ver TLS1.3
1999-03-02 09:44:33 10HmaZ-000000005vi-0000 tls_out_resumption not requested or offered
1999-03-02 09:44:33 10HmaZ-000000005vi-0000 our cert subject
1999-03-02 09:44:33 10HmaZ-000000005vi-0000 peer cert subject CN=server1.example.com
1999-03-02 09:44:33 10HmaZ-000000005vi-0000 peer dn /CN=server1.example.com
1999-03-02 09:44:33 10HmaZ-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
1999-03-02 09:44:33 10HmaZ-000000005vi-0000 bits 256
-1999-03-02 09:44:33 10HmaZ-000000005vi-0000 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbA-000000005vi-0000"
-1999-03-02 09:44:33 10HmaZ-000000005vi-0000 -> xyz@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbA-000000005vi-0000"
-1999-03-02 09:44:33 10HmaZ-000000005vi-0000 => abcd@test.ex R=client T=send_to_server2 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbB-000000005vi-0000"
+1999-03-02 09:44:33 10HmaZ-000000005vi-0000 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbA-000000005vi-0000"
+1999-03-02 09:44:33 10HmaZ-000000005vi-0000 -> xyz@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbA-000000005vi-0000"
+1999-03-02 09:44:33 10HmaZ-000000005vi-0000 => hostnotresume@test.ex R=client T=send_to_server2 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbB-000000005vi-0000"
1999-03-02 09:44:33 10HmaZ-000000005vi-0000 Completed
1999-03-02 09:44:33 10HmbC-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for renewal@test.ex
-1999-03-02 09:44:33 10HmbC-000000005vi-0000 tls_out_resumption session resumed, also new ticket
+1999-03-02 09:44:33 10HmbC-000000005vi-0000 tls_out_ver TLS1.3
+1999-03-02 09:44:33 10HmbC-000000005vi-0000 tls_out_resumption session resumed
1999-03-02 09:44:33 10HmbC-000000005vi-0000 our cert subject
1999-03-02 09:44:33 10HmbC-000000005vi-0000 peer cert subject CN=server1.example.com
1999-03-02 09:44:33 10HmbC-000000005vi-0000 peer cert verified 1
1999-03-02 09:44:33 10HmbC-000000005vi-0000 peer dn /CN=server1.example.com
1999-03-02 09:44:33 10HmbC-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
1999-03-02 09:44:33 10HmbC-000000005vi-0000 bits 256
-1999-03-02 09:44:33 10HmbC-000000005vi-0000 => renewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbD-000000005vi-0000"
+1999-03-02 09:44:33 10HmbC-000000005vi-0000 => renewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbD-000000005vi-0000"
1999-03-02 09:44:33 10HmbC-000000005vi-0000 Completed
1999-03-02 09:44:33 10HmbE-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for postrenewal@test.ex
-1999-03-02 09:44:33 10HmbE-000000005vi-0000 tls_out_resumption session resumed
+1999-03-02 09:44:33 10HmbE-000000005vi-0000 tls_out_ver TLS1.3
+1999-03-02 09:44:33 10HmbE-000000005vi-0000 tls_out_resumption session resumed, also new ticket
1999-03-02 09:44:33 10HmbE-000000005vi-0000 our cert subject
1999-03-02 09:44:33 10HmbE-000000005vi-0000 peer cert subject CN=server1.example.com
1999-03-02 09:44:33 10HmbE-000000005vi-0000 peer cert verified 1
1999-03-02 09:44:33 10HmbE-000000005vi-0000 peer dn /CN=server1.example.com
1999-03-02 09:44:33 10HmbE-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
1999-03-02 09:44:33 10HmbE-000000005vi-0000 bits 256
-1999-03-02 09:44:33 10HmbE-000000005vi-0000 => postrenewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbF-000000005vi-0000"
+1999-03-02 09:44:33 10HmbE-000000005vi-0000 => postrenewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbF-000000005vi-0000"
1999-03-02 09:44:33 10HmbE-000000005vi-0000 Completed
1999-03-02 09:44:33 10HmbG-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for timeout@test.ex
-1999-03-02 09:44:33 10HmbG-000000005vi-0000 tls_out_resumption session resumed, also new ticket
+1999-03-02 09:44:33 10HmbG-000000005vi-0000 tls_out_ver TLS1.3
+1999-03-02 09:44:33 10HmbG-000000005vi-0000 tls_out_resumption session resumed
1999-03-02 09:44:33 10HmbG-000000005vi-0000 our cert subject
1999-03-02 09:44:33 10HmbG-000000005vi-0000 peer cert subject CN=server1.example.com
1999-03-02 09:44:33 10HmbG-000000005vi-0000 peer cert verified 1
1999-03-02 09:44:33 10HmbG-000000005vi-0000 peer dn /CN=server1.example.com
1999-03-02 09:44:33 10HmbG-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
1999-03-02 09:44:33 10HmbG-000000005vi-0000 bits 256
-1999-03-02 09:44:33 10HmbG-000000005vi-0000 => timeout@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbH-000000005vi-0000"
+1999-03-02 09:44:33 10HmbG-000000005vi-0000 => timeout@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbH-000000005vi-0000"
1999-03-02 09:44:33 10HmbG-000000005vi-0000 Completed
1999-03-02 09:44:33 10HmbI-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for notreq@test.ex
+1999-03-02 09:44:33 10HmbI-000000005vi-0000 tls_out_ver TLS1.3
1999-03-02 09:44:33 10HmbI-000000005vi-0000 tls_out_resumption not requested or offered
1999-03-02 09:44:33 10HmbI-000000005vi-0000 our cert subject
1999-03-02 09:44:33 10HmbI-000000005vi-0000 peer cert subject CN=server1.example.com
1999-03-02 09:44:33 10HmbI-000000005vi-0000 peer dn /CN=server1.example.com
1999-03-02 09:44:33 10HmbI-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
1999-03-02 09:44:33 10HmbI-000000005vi-0000 bits 256
-1999-03-02 09:44:33 10HmbI-000000005vi-0000 => notreq@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbJ-000000005vi-0000"
+1999-03-02 09:44:33 10HmbI-000000005vi-0000 => notreq@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbJ-000000005vi-0000"
1999-03-02 09:44:33 10HmbI-000000005vi-0000 Completed
+1999-03-02 09:44:33 10HmbK-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for getticket@test.ex
+1999-03-02 09:44:33 10HmbK-000000005vi-0000 tls_out_ver TLS1.3
+1999-03-02 09:44:33 10HmbK-000000005vi-0000 tls_out_resumption client requested new ticket, server provided
+1999-03-02 09:44:33 10HmbK-000000005vi-0000 our cert subject
+1999-03-02 09:44:33 10HmbK-000000005vi-0000 peer cert subject CN=server1.example.com
+1999-03-02 09:44:33 10HmbK-000000005vi-0000 peer cert verified 1
+1999-03-02 09:44:33 10HmbK-000000005vi-0000 peer dn /CN=server1.example.com
+1999-03-02 09:44:33 10HmbK-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
+1999-03-02 09:44:33 10HmbK-000000005vi-0000 bits 256
+1999-03-02 09:44:33 10HmbK-000000005vi-0000 => getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D2 X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbL-000000005vi-0000"
+1999-03-02 09:44:33 10HmbK-000000005vi-0000 Completed
+1999-03-02 09:44:33 10HmbM-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for resume@test.ex
+1999-03-02 09:44:33 10HmbM-000000005vi-0000 tls_out_ver TLS1.3
+1999-03-02 09:44:33 10HmbM-000000005vi-0000 tls_out_resumption session resumed, also new ticket
+1999-03-02 09:44:33 10HmbM-000000005vi-0000 our cert subject
+1999-03-02 09:44:33 10HmbM-000000005vi-0000 peer cert subject CN=server1.example.com
+1999-03-02 09:44:33 10HmbM-000000005vi-0000 peer cert verified 1
+1999-03-02 09:44:33 10HmbM-000000005vi-0000 peer dn /CN=server1.example.com
+1999-03-02 09:44:33 10HmbM-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
+1999-03-02 09:44:33 10HmbM-000000005vi-0000 bits 256
+1999-03-02 09:44:33 10HmbM-000000005vi-0000 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D2 X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbN-000000005vi-0000"
+1999-03-02 09:44:33 10HmbM-000000005vi-0000 Completed
******** SERVER ********
-1999-03-02 09:44:33 exim x.yz daemon started: pid=p1234, no queue runs, listening for SMTP on port PORT_D
+1999-03-02 09:44:33 exim x.yz daemon started: pid=p1234, no queue runs, listening for SMTP on port PORT_D and for SMTPS on port PORT_D2
+1999-03-02 09:44:33 tls_in_ver TLS1.3
1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided
1999-03-02 09:44:33 our cert subject CN=server1.example.com
1999-03-02 09:44:33 peer cert subject
1999-03-02 09:44:33 10HmaY-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaX-000000005vi-0000@myhost.test.ex for getticket@test.ex
1999-03-02 09:44:33 10HmaY-000000005vi-0000 => :blackhole: <getticket@test.ex> R=server
1999-03-02 09:44:33 10HmaY-000000005vi-0000 Completed
+1999-03-02 09:44:33 tls_in_ver TLS1.3
1999-03-02 09:44:33 tls_in_resumption session resumed
1999-03-02 09:44:33 our cert subject CN=server1.example.com
1999-03-02 09:44:33 peer cert subject
1999-03-02 09:44:33 10HmbA-000000005vi-0000 => :blackhole: <xyz@test.ex> R=server
1999-03-02 09:44:33 10HmbA-000000005vi-0000 => :blackhole: <resume@test.ex> R=server
1999-03-02 09:44:33 10HmbA-000000005vi-0000 Completed
+1999-03-02 09:44:33 tls_in_ver TLS1.3
1999-03-02 09:44:33 tls_in_resumption not requested or offered
1999-03-02 09:44:33 our cert subject CN=server1.example.com
1999-03-02 09:44:33 peer cert subject
1999-03-02 09:44:33 peer dn
1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
1999-03-02 09:44:33 bits 256
-1999-03-02 09:44:33 10HmbB-000000005vi-0000 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaZ-000000005vi-0000@myhost.test.ex for abcd@test.ex
-1999-03-02 09:44:33 10HmbB-000000005vi-0000 => :blackhole: <abcd@test.ex> R=server
+1999-03-02 09:44:33 10HmbB-000000005vi-0000 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaZ-000000005vi-0000@myhost.test.ex for hostnotresume@test.ex
+1999-03-02 09:44:33 10HmbB-000000005vi-0000 => :blackhole: <hostnotresume@test.ex> R=server
1999-03-02 09:44:33 10HmbB-000000005vi-0000 Completed
+1999-03-02 09:44:33 tls_in_ver TLS1.3
1999-03-02 09:44:33 tls_in_resumption session resumed, also new ticket
1999-03-02 09:44:33 our cert subject CN=server1.example.com
1999-03-02 09:44:33 peer cert subject
1999-03-02 09:44:33 10HmbD-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbC-000000005vi-0000@myhost.test.ex for renewal@test.ex
1999-03-02 09:44:33 10HmbD-000000005vi-0000 => :blackhole: <renewal@test.ex> R=server
1999-03-02 09:44:33 10HmbD-000000005vi-0000 Completed
+1999-03-02 09:44:33 tls_in_ver TLS1.3
1999-03-02 09:44:33 tls_in_resumption session resumed
1999-03-02 09:44:33 our cert subject CN=server1.example.com
1999-03-02 09:44:33 peer cert subject
1999-03-02 09:44:33 10HmbF-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbE-000000005vi-0000@myhost.test.ex for postrenewal@test.ex
1999-03-02 09:44:33 10HmbF-000000005vi-0000 => :blackhole: <postrenewal@test.ex> R=server
1999-03-02 09:44:33 10HmbF-000000005vi-0000 Completed
+1999-03-02 09:44:33 tls_in_ver TLS1.3
1999-03-02 09:44:33 tls_in_resumption session resumed, also new ticket
1999-03-02 09:44:33 our cert subject CN=server1.example.com
1999-03-02 09:44:33 peer cert subject
1999-03-02 09:44:33 10HmbH-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbG-000000005vi-0000@myhost.test.ex for timeout@test.ex
1999-03-02 09:44:33 10HmbH-000000005vi-0000 => :blackhole: <timeout@test.ex> R=server
1999-03-02 09:44:33 10HmbH-000000005vi-0000 Completed
+1999-03-02 09:44:33 tls_in_ver TLS1.3
1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided
1999-03-02 09:44:33 our cert subject CN=server1.example.com
1999-03-02 09:44:33 peer cert subject
1999-03-02 09:44:33 10HmbJ-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbI-000000005vi-0000@myhost.test.ex for notreq@test.ex
1999-03-02 09:44:33 10HmbJ-000000005vi-0000 => :blackhole: <notreq@test.ex> R=server
1999-03-02 09:44:33 10HmbJ-000000005vi-0000 Completed
+1999-03-02 09:44:33 tls_in_ver TLS1.3
+1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided
+1999-03-02 09:44:33 our cert subject CN=server1.example.com
+1999-03-02 09:44:33 peer cert subject
+1999-03-02 09:44:33 peer cert verified 0
+1999-03-02 09:44:33 peer dn
+1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
+1999-03-02 09:44:33 bits 256
+1999-03-02 09:44:33 10HmbL-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] TFO* P=smtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbK-000000005vi-0000@myhost.test.ex for getticket@test.ex
+1999-03-02 09:44:33 10HmbL-000000005vi-0000 => :blackhole: <getticket@test.ex> R=server
+1999-03-02 09:44:33 10HmbL-000000005vi-0000 Completed
+1999-03-02 09:44:33 tls_in_ver TLS1.3
+1999-03-02 09:44:33 tls_in_resumption session resumed, also new ticket
+1999-03-02 09:44:33 our cert subject CN=server1.example.com
+1999-03-02 09:44:33 peer cert subject
+1999-03-02 09:44:33 peer cert verified 0
+1999-03-02 09:44:33 peer dn
+1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx
+1999-03-02 09:44:33 bits 256
+1999-03-02 09:44:33 10HmbN-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] TFO* P=smtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbM-000000005vi-0000@myhost.test.ex for resume@test.ex
+1999-03-02 09:44:33 10HmbN-000000005vi-0000 => :blackhole: <resume@test.ex> R=server
+1999-03-02 09:44:33 10HmbN-000000005vi-0000 Completed
# SSLKEYLOGFILE=/home/jgh/git/exim/test/foo sudo exim -DSERVER=server -bd -oX PORT_D
#
### TLS1.2
-exim -DSERVER=server -DOPTION=NORMAL:!VERS-TLS1.3 -bd -oX PORT_D
+exim -DSERVER=server -DOPTION=NORMAL:!VERS-TLS1.3 -bd -oX PORT_D:PORT_D2
****
exim -DVALUE=resume -odf getticket@test.ex
Test message. Contains FF: ÿ
****
-exim -DVALUE=resume -odf resume@test.ex abcd@test.ex xyz@test.ex
+exim -DVALUE=resume -odf resume@test.ex hostnotresume@test.ex xyz@test.ex
Test message to two different hosts, one does not support resume
****
# allow time for ticket to hit renewal time
exim -odf -DVALUE=resume noverify_resume@test.ex
Dest on this means the server cert will not verify (but try_verify will permit it)
****
+# Test TLS-on-connect
+exim -DVALUE=resume -odf resume@test.ex
+****
+exim -DVALUE=resume -DSELECTOR=smtps -odf getticket@test.ex
+****
+exim -DVALUE=resume -DSELECTOR=smtps -odf resume@test.ex
+****
killdaemon
sleep 1
sudo rm -f DIR/spool/db/tls
#
#
### TLS1.3
-exim -DSERVER=server -DOPTION=NORMAL -bd -oX PORT_D
+exim -DSERVER=server -DOPTION=NORMAL -bd -oX PORT_D:PORT_D2
****
exim -DVALUE=resume -odf getticket@test.ex
Test message. Contains FF: ÿ
****
-exim -DVALUE=resume -odf resume@test.ex abcd@test.ex xyz@test.ex
+exim -DVALUE=resume -odf resume@test.ex hostnotresume@test.ex xyz@test.ex
Test message to two different hosts, one does not support resume
****
# allow time for ticket to hit renewal time
****
exim -DVALUE=resume -odf resume@test.ex
****
+# Test TLS-on-connect
+exim -DVALUE=resume -DSELECTOR=smtps -odf getticket@test.ex
+****
+exim -DVALUE=resume -DSELECTOR=smtps -odf resume@test.ex
+****
#
killdaemon
no_msglog_check
# TLSv1.2 session resumption
#
### TLS1.2
-exim -DSERVER=server -DOPTION=+no_tlsv1_3 -bd -oX PORT_D
+exim -DSERVER=server -DOPTION=+no_tlsv1_3 -bd -oX PORT_D:PORT_D2
****
exim -DVALUE=resume -odf getticket@test.ex
Test message.
exim -DVALUE=resume -odf resume@test.ex
****
#
+# Test TLS-on-connect
+exim -DVALUE=resume -DSELECTOR=smtps -odf getticket@test.ex
+****
+exim -DVALUE=resume -DSELECTOR=smtps -odf resume@test.ex
+****
+#
# Check the -k (key only) option on dumpdb
perl
system 'DIR/eximdir/exim_dumpdb -k DIR/spool tls';
# TLSv1.3 session resumption
#
### TLS1.3
-exim -DSERVER=server -bd -oX PORT_D
+exim -DSERVER=server -DOPTION=+no_tlsv1_3 -bd -oX PORT_D:PORT_D2
****
exim -DVALUE=resume -odf getticket@test.ex
Test message. Contains FF: ÿ
****
-exim -DVALUE=resume -odf resume@test.ex abcd@test.ex xyz@test.ex
+exim -DVALUE=resume -odf resume@test.ex hostnotresume@test.ex xyz@test.ex
Test message to two different hosts, one does not support resume
****
# allow time for ticket to hit renewal time
exim -odf notreq@test.ex
Test message, not requesting resumption.
****
+#
+# Test TLS-on-connect
+exim -DVALUE=resume -DSELECTOR=smtps -odf getticket@test.ex
+****
+exim -DVALUE=resume -DSELECTOR=smtps -odf resume@test.ex
+****
+#
killdaemon
no_msglog_check
### TLS1.2
4686560d7a1d9becb8fd0c62406eaaf169b2ea1b889244342653024281bca106
+ 8ff2965550bd60d7e4496ad508a8cff91ac5de6fbec4806e8c9c3d6959300e3e
b90422e57483069e0b7dbcebbdf1be3504bae64df49ea1f699cc773acc8a76d5
******** SERVER ********
git://git.exim.org / exim.git / commitdiff