Needed for GnuTLS 3.6.15 (on Fedora 33)
22 files changed:
-# Exim test configuration 2019
+# Exim test configuration 1110
.include DIR/aux-var/tls_conf_prefix
.include DIR/aux-var/tls_conf_prefix
tls_privatekey = DIR/aux-fixed/cert1
tls_verify_hosts = HOSTIPV4
tls_privatekey = DIR/aux-fixed/cert1
tls_verify_hosts = HOSTIPV4
-tls_verify_certificates = DIR/aux-fixed/cert2
+tls_verify_certificates = DIR/aux-fixed/exim-ca/example.org/server2.example.org/ca_chain.pem
tls_certificate = DIR/tmp/certs/servercert
tls_privatekey = DIR/tmp/certs/serverkey
tls_try_verify_hosts = *
tls_certificate = DIR/tmp/certs/servercert
tls_privatekey = DIR/tmp/certs/serverkey
tls_try_verify_hosts = *
-tls_verify_certificates = DIR/aux-fixed/cert2
-#tls_verify_certificates = system,cache
+
+tls_verify_certificates = DIR/aux-fixed/exim-ca/example.org/server2.example.org/ca_chain.pem
queue_only
log_selector = +millisec
queue_only
log_selector = +millisec
allow_localhost
port = PORT_D
hosts_try_fastopen = :
allow_localhost
port = PORT_D
hosts_try_fastopen = :
- tls_certificate = DIR/aux-fixed/cert2
+ tls_certificate = DIR/aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.pem
+ tls_privatekey = DIR/aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.unlocked.key
+
tls_verify_certificates = DIR/aux-fixed/cert1
tls_verify_cert_hostnames = :
tls_verify_certificates = DIR/aux-fixed/cert1
tls_verify_cert_hostnames = :
tls_privatekey = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail}
tls_verify_hosts = *
tls_privatekey = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail}
tls_verify_hosts = *
-tls_verify_certificates = ${if eq {SERVER}{server}{DIR/aux-fixed/cert2}fail}
+tls_verify_certificates = DIR/aux-fixed/exim-ca/example.org/server2.example.org/ca_chain.pem
hosts = 127.0.0.1
port = PORT_D
hosts_try_fastopen = :
hosts = 127.0.0.1
port = PORT_D
hosts_try_fastopen = :
- tls_certificate = DIR/aux-fixed/cert2
- tls_privatekey = DIR/aux-fixed/cert2
+ tls_certificate = DIR/aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.pem
+ tls_privatekey = DIR/aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.unlocked.key
+
tls_verify_certificates = DIR/aux-fixed/cert2
tls_try_verify_hosts =
tls_verify_certificates = DIR/aux-fixed/cert2
tls_try_verify_hosts =
tls_certificate = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail}
tls_privatekey = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail}
tls_certificate = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail}
tls_privatekey = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail}
-tls_verify_hosts = *
-tls_verify_certificates = ${if eq {SERVER}{server}{DIR/aux-fixed/cert2}fail}
-
# so we can decode in wireshark
tls_require_ciphers = NORMAL:-KX-ALL:+RSA
# so we can decode in wireshark
tls_require_ciphers = NORMAL:-KX-ALL:+RSA
hosts_try_fastopen = :
OPTION
port = PORT_D
hosts_try_fastopen = :
OPTION
port = PORT_D
- tls_certificate = DIR/aux-fixed/cert2
- tls_privatekey = DIR/aux-fixed/cert2
tls_verify_certificates = DIR/aux-fixed/cert2
tls_try_verify_hosts =
tls_verify_certificates = DIR/aux-fixed/cert2
tls_try_verify_hosts =
tls_certificate = ${if eq {SERVER}{server}{CERT1}fail}
tls_privatekey = ${if eq {SERVER}{server}{KEY1}fail}
tls_certificate = ${if eq {SERVER}{server}{CERT1}fail}
tls_privatekey = ${if eq {SERVER}{server}{KEY1}fail}
-tls_verify_hosts = *
-tls_verify_certificates = ${if eq {SERVER}{server}{CERT2}fail}
-
port = PORT_D
hosts_try_fastopen = :
hosts_require_tls = HOSTIPV4
port = PORT_D
hosts_try_fastopen = :
hosts_require_tls = HOSTIPV4
- tls_certificate = CERT2
- tls_privatekey = CERT2
tls_verify_certificates = CA2
tls_try_verify_hosts =
tls_verify_certificates = CA2
tls_try_verify_hosts =
port = PORT_D
hosts_try_fastopen = :
hosts_require_tls = HOSTIPV4
port = PORT_D
hosts_try_fastopen = :
hosts_require_tls = HOSTIPV4
- tls_certificate = CERT2
- tls_privatekey = CERT2
tls_verify_certificates = \
${if eq{$host_address}{127.0.0.1}{CA1}{CA2}}
tls_verify_certificates = \
${if eq{$host_address}{127.0.0.1}{CA1}{CA2}}
port = PORT_D
hosts_try_fastopen = :
hosts_require_tls = HOSTIPV4
port = PORT_D
hosts_try_fastopen = :
hosts_require_tls = HOSTIPV4
- tls_certificate = CERT2
- tls_privatekey = CERT2
tls_verify_certificates = CA2
tls_try_verify_hosts = *
tls_verify_certificates = CA2
tls_try_verify_hosts = *
hosts = HOSTIPV4
port = PORT_D
hosts_try_fastopen = :
hosts = HOSTIPV4
port = PORT_D
hosts_try_fastopen = :
- tls_certificate = CERT2
- tls_privatekey = CERT2
tls_verify_certificates = CA2
tls_verify_hosts = *
tls_verify_certificates = CA2
tls_verify_hosts = *
hosts = serverbadname.example.com
port = PORT_D
hosts_try_fastopen = :
hosts = serverbadname.example.com
port = PORT_D
hosts_try_fastopen = :
- tls_certificate = CERT2
- tls_privatekey = CERT2
tls_verify_certificates = CA1
tls_verify_cert_hostnames = HOSTIPV4
tls_verify_certificates = CA1
tls_verify_cert_hostnames = HOSTIPV4
hosts = server1.example.com
port = PORT_D
hosts_try_fastopen = :
hosts = server1.example.com
port = PORT_D
hosts_try_fastopen = :
- tls_certificate = CERT2
- tls_privatekey = CERT2
tls_verify_certificates = CA1
tls_verify_cert_hostnames = HOSTIPV4
tls_verify_certificates = CA1
tls_verify_cert_hostnames = HOSTIPV4
hosts = serverchain1.example.com
port = PORT_D
hosts_try_fastopen = :
hosts = serverchain1.example.com
port = PORT_D
hosts_try_fastopen = :
- tls_certificate = CERT2
- tls_privatekey = CERT2
tls_verify_certificates = CA1
tls_verify_cert_hostnames = HOSTIPV4
tls_verify_certificates = CA1
tls_verify_cert_hostnames = HOSTIPV4
hosts = alternatename.server1.example.com
port = PORT_D
hosts_try_fastopen = :
hosts = alternatename.server1.example.com
port = PORT_D
hosts_try_fastopen = :
- tls_certificate = CERT2
- tls_privatekey = CERT2
tls_verify_certificates = CA1
tls_verify_cert_hostnames = HOSTIPV4
tls_verify_certificates = CA1
tls_verify_cert_hostnames = HOSTIPV4
-# Exim test configuration 1162
+# Exim test configuration 2033
# TLS client: verify certificate from server - name-fails
SERVER=
# TLS client: verify certificate from server - name-fails
SERVER=
tls_certificate = ${if eq {SERVER}{server}{CERT1}fail}
tls_privatekey = ${if eq {SERVER}{server}{KEY1}fail}
tls_certificate = ${if eq {SERVER}{server}{CERT1}fail}
tls_privatekey = ${if eq {SERVER}{server}{KEY1}fail}
-tls_verify_hosts = *
-tls_verify_certificates = ${if eq {SERVER}{server}{CERT2}fail}
-
port = PORT_D
hosts_try_fastopen = :
hosts_require_tls = HOSTIPV4
port = PORT_D
hosts_try_fastopen = :
hosts_require_tls = HOSTIPV4
- tls_certificate = CERT2
- tls_privatekey = CERT2
tls_verify_certificates = CA2
tls_verify_certificates = CA2
port = PORT_D
hosts_try_fastopen = :
hosts_require_tls = HOSTIPV4
port = PORT_D
hosts_try_fastopen = :
hosts_require_tls = HOSTIPV4
- tls_certificate = CERT2
- tls_privatekey = CERT2
tls_verify_certificates = \
${if eq{$host_address}{127.0.0.1}{CA1}{CA2}}
tls_verify_certificates = \
${if eq{$host_address}{127.0.0.1}{CA1}{CA2}}
port = PORT_D
hosts_try_fastopen = :
hosts_require_tls = HOSTIPV4
port = PORT_D
hosts_try_fastopen = :
hosts_require_tls = HOSTIPV4
- tls_certificate = CERT2
- tls_privatekey = CERT2
tls_verify_certificates = CA2
tls_try_verify_hosts = *
tls_verify_certificates = CA2
tls_try_verify_hosts = *
hosts = HOSTNAME
port = PORT_D
hosts_try_fastopen = :
hosts = HOSTNAME
port = PORT_D
hosts_try_fastopen = :
- tls_certificate = CERT2
- tls_privatekey = CERT2
tls_verify_certificates = CA2
tls_verify_hosts = *
tls_verify_certificates = CA2
tls_verify_hosts = *
hosts = HOSTNAME
port = PORT_D
hosts_try_fastopen = :
hosts = HOSTNAME
port = PORT_D
hosts_try_fastopen = :
- tls_certificate = CERT2
- tls_privatekey = CERT2
tls_verify_certificates = CA1
tls_verify_cert_hostnames = *
tls_verify_certificates = CA1
tls_verify_cert_hostnames = *
hosts = server1.example.com
port = PORT_D
hosts_try_fastopen = :
hosts = server1.example.com
port = PORT_D
hosts_try_fastopen = :
- tls_certificate = CERT2
- tls_privatekey = CERT2
tls_verify_certificates = CA1
tls_verify_cert_hostnames = *
tls_verify_certificates = CA1
tls_verify_cert_hostnames = *
hosts = HOSTNAME
port = PORT_D
hosts_try_fastopen = :
hosts = HOSTNAME
port = PORT_D
hosts_try_fastopen = :
- tls_certificate = CERT2
- tls_privatekey = CERT2
tls_verify_certificates = CA1
tls_verify_cert_hostnames = *
tls_verify_certificates = CA1
tls_verify_cert_hostnames = *
tls_on_connect_ports = PORT_S
tls_advertise_hosts = *
tls_on_connect_ports = PORT_S
tls_advertise_hosts = *
-tls_certificate = DIR/aux-fixed/cert1
+tls_certificate = DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.pem
+tls_privatekey = DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key
-tls_verify_certificates = DIR/aux-fixed/cert2
+tls_verify_certificates = DIR/aux-fixed/exim-ca/example.org/server2.example.org/ca_chain.pem
port = PORT_D
hosts_try_fastopen = :
allow_localhost
port = PORT_D
hosts_try_fastopen = :
allow_localhost
- tls_certificate = DIR/aux-fixed/cert2
- tls_verify_certificates = DIR/aux-fixed/cert1
+ tls_certificate = DIR/aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.pem
+ tls_privatekey = DIR/aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.unlocked.key
+ tls_verify_certificates = DIR/aux-fixed/exim-ca/example.com/server1.example.com/ca_chain.pem
tls_verify_cert_hostnames = :
t2:
tls_verify_cert_hostnames = :
t2:
hosts_try_fastopen = :
protocol = smtps
allow_localhost
hosts_try_fastopen = :
protocol = smtps
allow_localhost
- tls_certificate = DIR/aux-fixed/cert2
- tls_verify_certificates = DIR/aux-fixed/cert1
+ tls_certificate = DIR/aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.pem
+ tls_privatekey = DIR/aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.unlocked.key
+ tls_verify_certificates = DIR/aux-fixed/exim-ca/example.com/server1.example.com/ca_chain.pem
tls_verify_cert_hostnames = :
file:
tls_verify_cert_hostnames = :
file:
trusted_users = CALLER
tls_advertise_hosts = *
trusted_users = CALLER
tls_advertise_hosts = *
-tls_certificate = DIR/aux-fixed/cert1
+tls_certificate = DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.pem
+tls_privatekey = DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key
-tls_verify_certificates = DIR/aux-fixed/cert2
+tls_verify_certificates = DIR/aux-fixed/exim-ca/example.org/server2.example.org/ca_chain.pem
server_set_id = $auth1
server_debug_print = +++TLS \$auth1="$auth1"
server_set_id = $auth1
server_debug_print = +++TLS \$auth1="$auth1"
- client_send = "Phil Pennock"
+ client_send = "server2.example.org"
port = PORT_D
hosts_try_fastopen = :
allow_localhost
port = PORT_D
hosts_try_fastopen = :
allow_localhost
- tls_certificate = DIR/aux-fixed/cert2
- tls_verify_certificates = DIR/aux-fixed/cert1
+ tls_certificate = DIR/aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.pem
+ tls_privatekey = DIR/aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.unlocked.key
+
+ tls_verify_certificates = DIR/aux-fixed/exim-ca/example.com/server1.example.com/ca_chain.pem
tls_verify_cert_hostnames = :
hosts_try_auth = *
tls_verify_cert_hostnames = :
hosts_try_auth = *
1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D
1999-03-02 09:44:33 TLS error on connection from the.local.host.name [ip4.ip4.ip4.ip4] (recv): A TLS fatal alert has been received: Certificate is bad
1999-03-02 09:44:33 TLS error on connection from the.local.host.name [ip4.ip4.ip4.ip4] (recv): A TLS fatal alert has been received: Certificate is bad
1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D
1999-03-02 09:44:33 TLS error on connection from the.local.host.name [ip4.ip4.ip4.ip4] (recv): A TLS fatal alert has been received: Certificate is bad
1999-03-02 09:44:33 TLS error on connection from the.local.host.name [ip4.ip4.ip4.ip4] (recv): A TLS fatal alert has been received: Certificate is bad
-1999-03-02 09:44:33 10HmbF-0005vi-00 <= CALLER@myhost.test.ex H=localhost (myhost.test.ex) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="C=UK,O=The Exim Maintainers,OU=Test Suite,CN=Phil Pennock" S=sss id=E10HmaY-0005vi-00@myhost.test.ex
-1999-03-02 09:44:33 10HmbG-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="C=UK,O=The Exim Maintainers,OU=Test Suite,CN=Phil Pennock" S=sss id=E10HmaZ-0005vi-00@myhost.test.ex
+1999-03-02 09:44:33 10HmbF-0005vi-00 <= CALLER@myhost.test.ex H=localhost (myhost.test.ex) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaY-0005vi-00@myhost.test.ex
+1999-03-02 09:44:33 10HmbG-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaZ-0005vi-00@myhost.test.ex
1999-03-02 09:44:33 TLS error on connection from the.local.host.name [ip4.ip4.ip4.ip4] (recv): A TLS fatal alert has been received: Certificate is bad
1999-03-02 09:44:33 10HmbH-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmbA-0005vi-00@myhost.test.ex
1999-03-02 09:44:33 TLS error on connection from the.local.host.name [ip4.ip4.ip4.ip4] (recv): A TLS fatal alert has been received: Certificate is bad
1999-03-02 09:44:33 10HmbI-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmbB-0005vi-00@myhost.test.ex
1999-03-02 09:44:33 TLS error on connection from the.local.host.name [ip4.ip4.ip4.ip4] (recv): A TLS fatal alert has been received: Certificate is bad
1999-03-02 09:44:33 10HmbH-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmbA-0005vi-00@myhost.test.ex
1999-03-02 09:44:33 TLS error on connection from the.local.host.name [ip4.ip4.ip4.ip4] (recv): A TLS fatal alert has been received: Certificate is bad
1999-03-02 09:44:33 10HmbI-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmbB-0005vi-00@myhost.test.ex
-1999-03-02 09:44:33 10HmbJ-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="C=UK,O=The Exim Maintainers,OU=Test Suite,CN=Phil Pennock" S=sss id=E10HmbC-0005vi-00@myhost.test.ex
+1999-03-02 09:44:33 10HmbJ-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbC-0005vi-00@myhost.test.ex
1999-03-02 09:44:33 TLS error on connection from the.local.host.name [ip4.ip4.ip4.ip4] (recv): A TLS fatal alert has been received: Certificate is bad
1999-03-02 09:44:33 10HmbK-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmbD-0005vi-00@myhost.test.ex
1999-03-02 09:44:33 TLS error on connection from the.local.host.name [ip4.ip4.ip4.ip4] (recv): A TLS fatal alert has been received: Certificate is bad
1999-03-02 09:44:33 10HmbK-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmbD-0005vi-00@myhost.test.ex
-1999-03-02 09:44:33 10HmbL-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="C=UK,O=The Exim Maintainers,OU=Test Suite,CN=Phil Pennock" S=sss id=E10HmbE-0005vi-00@myhost.test.ex
+1999-03-02 09:44:33 10HmbL-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbE-0005vi-00@myhost.test.ex
1999-03-02 09:44:33 10HmbB-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmaX-0005vi-00@myhost.test.ex
1999-03-02 09:44:33 TLS error on connection from the.local.host.name [ip4.ip4.ip4.ip4] (recv): A TLS fatal alert has been received: Certificate is bad
1999-03-02 09:44:33 10HmbC-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmaY-0005vi-00@myhost.test.ex
1999-03-02 09:44:33 10HmbB-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmaX-0005vi-00@myhost.test.ex
1999-03-02 09:44:33 TLS error on connection from the.local.host.name [ip4.ip4.ip4.ip4] (recv): A TLS fatal alert has been received: Certificate is bad
1999-03-02 09:44:33 10HmbC-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmaY-0005vi-00@myhost.test.ex
-1999-03-02 09:44:33 10HmbD-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="C=UK,O=The Exim Maintainers,OU=Test Suite,CN=Phil Pennock" S=sss id=E10HmaZ-0005vi-00@myhost.test.ex
-1999-03-02 09:44:33 10HmbE-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="C=UK,O=The Exim Maintainers,OU=Test Suite,CN=Phil Pennock" S=sss id=E10HmbA-0005vi-00@myhost.test.ex
+1999-03-02 09:44:33 10HmbD-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaZ-0005vi-00@myhost.test.ex
+1999-03-02 09:44:33 10HmbE-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbA-0005vi-00@myhost.test.ex
******** SERVER ********
1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D and for SMTPS on port PORT_S
1999-03-02 09:44:33 Auth ACL called, after smtp cmd "STARTTLS"
******** SERVER ********
1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D and for SMTPS on port PORT_S
1999-03-02 09:44:33 Auth ACL called, after smtp cmd "STARTTLS"
-1999-03-02 09:44:33 10HmaZ-0005vi-00 <= ok@test.ex H=localhost (myhost.test.ex) [127.0.0.1] P=esmtpsa X=TLS_proto_and_cipher CV=yes A=tls:"Phil Pennock" S=sss id=E10HmaX-0005vi-00@myhost.test.ex for x@y
+1999-03-02 09:44:33 10HmaZ-0005vi-00 <= ok@test.ex H=localhost (myhost.test.ex) [127.0.0.1] P=esmtpsa X=TLS_proto_and_cipher CV=yes A=tls:server2.example.org S=sss id=E10HmaX-0005vi-00@myhost.test.ex for x@y
1999-03-02 09:44:33 Auth ACL called, after smtp cmd ""
1999-03-02 09:44:33 Auth ACL called, after smtp cmd ""
-1999-03-02 09:44:33 10HmbA-0005vi-00 <= ok@test.ex H=localhost (myhost.test.ex) [127.0.0.1] P=esmtpsa X=TLS_proto_and_cipher CV=yes A=tls:"Phil Pennock" S=sss id=E10HmaY-0005vi-00@myhost.test.ex for smtps@y
+1999-03-02 09:44:33 10HmbA-0005vi-00 <= ok@test.ex H=localhost (myhost.test.ex) [127.0.0.1] P=esmtpsa X=TLS_proto_and_cipher CV=yes A=tls:server2.example.org S=sss id=E10HmaY-0005vi-00@myhost.test.ex for smtps@y
1999-03-02 09:44:33 Start queue run: pid=pppp
1999-03-02 09:44:33 10HmaZ-0005vi-00 => x <x@y> R=server_r T=file
1999-03-02 09:44:33 10HmaZ-0005vi-00 Completed
1999-03-02 09:44:33 Start queue run: pid=pppp
1999-03-02 09:44:33 10HmaZ-0005vi-00 => x <x@y> R=server_r T=file
1999-03-02 09:44:33 10HmaZ-0005vi-00 Completed
******** SERVER ********
1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D
******** SERVER ********
1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D
-1999-03-02 09:44:33 Auth ACL called, after smtp cmd "AUTH EXTERNAL UGhpbCBQZW5ub2Nr"
-1999-03-02 09:44:33 Auth ACL called, after smtp cmd "AUTH EXTERNAL UGhpbCBQZW5ub2Nr"
-1999-03-02 09:44:33 10HmaY-0005vi-00 <= ok@test.ex H=localhost (myhost.test.ex) [127.0.0.1] P=esmtpsa X=TLS_proto_and_cipher CV=yes A=ext_ccert_cn:Phil Pennock S=sss id=E10HmaX-0005vi-00@myhost.test.ex for x@y
+1999-03-02 09:44:33 Auth ACL called, after smtp cmd "AUTH EXTERNAL c2VydmVyMi5leGFtcGxlLm9yZw=="
+1999-03-02 09:44:33 Auth ACL called, after smtp cmd "AUTH EXTERNAL c2VydmVyMi5leGFtcGxlLm9yZw=="
+1999-03-02 09:44:33 10HmaY-0005vi-00 <= ok@test.ex H=localhost (myhost.test.ex) [127.0.0.1] P=esmtpsa X=TLS_proto_and_cipher CV=yes A=ext_ccert_cn:server2.example.org S=sss id=E10HmaX-0005vi-00@myhost.test.ex for x@y
******** SERVER ********
1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D
******** SERVER ********
1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D
-1999-03-02 09:44:33 Auth ACL called, after smtp cmd "AUTH EXTERNAL UGhpbCBQZW5ub2Nr"
-1999-03-02 09:44:33 Auth ACL called, after smtp cmd "AUTH EXTERNAL UGhpbCBQZW5ub2Nr"
-1999-03-02 09:44:33 10HmaY-0005vi-00 <= ok@test.ex H=localhost (myhost.test.ex) [127.0.0.1] P=esmtpsa X=TLS_proto_and_cipher CV=yes A=ext_ccert_cn:Phil Pennock S=sss id=E10HmaX-0005vi-00@myhost.test.ex for x@y
+1999-03-02 09:44:33 Auth ACL called, after smtp cmd "AUTH EXTERNAL c2VydmVyMi5leGFtcGxlLm9yZw=="
+1999-03-02 09:44:33 Auth ACL called, after smtp cmd "AUTH EXTERNAL c2VydmVyMi5leGFtcGxlLm9yZw=="
+1999-03-02 09:44:33 10HmaY-0005vi-00 <= ok@test.ex H=localhost (myhost.test.ex) [127.0.0.1] P=esmtpsa X=TLS_proto_and_cipher CV=yes A=ext_ccert_cn:server2.example.org S=sss id=E10HmaX-0005vi-00@myhost.test.ex for x@y
id 10HmaY-0005vi-00
for userx@test.ex;
Tue, 2 Mar 1999 09:44:33 +0000
id 10HmaY-0005vi-00
for userx@test.ex;
Tue, 2 Mar 1999 09:44:33 +0000
-TLS: cipher=TLS1.x:ke-RSA-AES256-SHAnnn:xxx peerdn/cn 'CN=Phil Pennock'
+TLS: cipher=TLS1.x:ke-RSA-AES256-SHAnnn:xxx peerdn/cn 'CN=server2.example.org'
This is a test encrypted message from a verified host.
This is a test encrypted message from a verified host.
From ok@test.ex Tue Mar 02 09:44:33 1999
Authentication-Results: myhost.test.ex;
iprev=pass (localhost) smtp.remote-ip=127.0.0.1;
From ok@test.ex Tue Mar 02 09:44:33 1999
Authentication-Results: myhost.test.ex;
iprev=pass (localhost) smtp.remote-ip=127.0.0.1;
- auth=pass (tls) x509.auth="Phil Pennock"
+ auth=pass (tls) x509.auth=server2.example.org
Received: from localhost ([127.0.0.1] helo=myhost.test.ex)
by myhost.test.ex with esmtpsa (TLS1.x:ke-RSA-AES256-SHAnnn:xxx)
(Exim x.yz)
Received: from localhost ([127.0.0.1] helo=myhost.test.ex)
by myhost.test.ex with esmtpsa (TLS1.x:ke-RSA-AES256-SHAnnn:xxx)
(Exim x.yz)
From ok@test.ex Tue Mar 02 09:44:33 1999
Authentication-Results: myhost.test.ex;
iprev=pass (localhost) smtp.remote-ip=127.0.0.1;
From ok@test.ex Tue Mar 02 09:44:33 1999
Authentication-Results: myhost.test.ex;
iprev=pass (localhost) smtp.remote-ip=127.0.0.1;
- auth=pass (tls) x509.auth="Phil Pennock"
+ auth=pass (tls) x509.auth=server2.example.org
Received: from localhost ([127.0.0.1] helo=myhost.test.ex)
by myhost.test.ex with esmtpsa (TLS1.x:ke-RSA-AES256-SHAnnn:xxx)
(Exim x.yz)
Received: from localhost ([127.0.0.1] helo=myhost.test.ex)
by myhost.test.ex with esmtpsa (TLS1.x:ke-RSA-AES256-SHAnnn:xxx)
(Exim x.yz)
-client-anytls -tls-on-connect HOSTIPV4 PORT_D aux-fixed/cert2 aux-fixed/cert2
+client-anytls -tls-on-connect HOSTIPV4 PORT_D aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.pem aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.unlocked.key
??? 220
mail from:<userx@test.ex>
??? 250
??? 220
mail from:<userx@test.ex>
??? 250
-client-gnutls 127.0.0.1 PORT_D 127.0.0.1 DIR/aux-fixed/cert2 DIR/aux-fixed/cert2
+client-gnutls 127.0.0.1 PORT_D 127.0.0.1 DIR/aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.pem DIR/aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.unlocked.key
??? 220
EHLO tester
??? 250-
??? 220
EHLO tester
??? 250-
??? 250-
??? 250-AUTH EXTERNAL
??? 250 HELP
??? 250-
??? 250-AUTH EXTERNAL
??? 250 HELP
-AUTH EXTERNAL UGhpbCBQZW5ub2Nr
+AUTH EXTERNAL c2VydmVyMi5leGFtcGxlLm9yZw==
-client-ssl 127.0.0.1 PORT_D 127.0.0.1 DIR/aux-fixed/cert2 DIR/aux-fixed/cert2
+client-ssl 127.0.0.1 PORT_D 127.0.0.1 DIR/aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.pem DIR/aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.unlocked.key
??? 220
EHLO tester
??? 250-
??? 220
EHLO tester
??? 250-
??? 250-
??? 250-AUTH EXTERNAL
??? 250 HELP
??? 250-
??? 250-AUTH EXTERNAL
??? 250 HELP
-AUTH EXTERNAL UGhpbCBQZW5ub2Nr
+AUTH EXTERNAL c2VydmVyMi5leGFtcGxlLm9yZw==
<<< 221 myhost.test.ex closing connection
End of script
Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected
<<< 221 myhost.test.ex closing connection
End of script
Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected
-Certificate file = aux-fixed/cert2
-Key file = aux-fixed/cert2
+Certificate file = aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.pem
+Key file = aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.unlocked.key
Attempting to start TLS
Succeeded in starting TLS
??? 220
Attempting to start TLS
Succeeded in starting TLS
??? 220
Connecting to 127.0.0.1 port 1225 ... connected
Connecting to 127.0.0.1 port 1225 ... connected
-Certificate file = TESTSUITE/aux-fixed/cert2
-Key file = TESTSUITE/aux-fixed/cert2
+Certificate file = aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.pem
+Key file = aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.unlocked.key
??? 220
<<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
>>> EHLO tester
??? 220
<<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
>>> EHLO tester
<<< 250-AUTH EXTERNAL
??? 250 HELP
<<< 250 HELP
<<< 250-AUTH EXTERNAL
??? 250 HELP
<<< 250 HELP
->>> AUTH EXTERNAL UGhpbCBQZW5ub2Nr
+>>> AUTH EXTERNAL c2VydmVyMi5leGFtcGxlLm9yZw==
??? 235
<<< 235 Authentication succeeded
>>> quit
??? 235
<<< 235 Authentication succeeded
>>> quit
Connecting to 127.0.0.1 port 1225 ... connected
Connecting to 127.0.0.1 port 1225 ... connected
-Certificate file = TESTSUITE/aux-fixed/cert2
-Key file = TESTSUITE/aux-fixed/cert2
+Certificate file = TESTSUITE/aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.pem
+Key file = TESTSUITE/aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.unlocked.key
??? 220
<<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
>>> EHLO tester
??? 220
<<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
>>> EHLO tester
<<< 250-AUTH EXTERNAL
??? 250 HELP
<<< 250 HELP
<<< 250-AUTH EXTERNAL
??? 250 HELP
<<< 250 HELP
->>> AUTH EXTERNAL UGhpbCBQZW5ub2Nr
+>>> AUTH EXTERNAL c2VydmVyMi5leGFtcGxlLm9yZw==
??? 235
<<< 235 Authentication succeeded
>>> quit
??? 235
<<< 235 Authentication succeeded
>>> quit