From: Jeremy Harris Date: Mon, 13 Nov 2023 18:12:31 +0000 (+0000) Subject: TLS: fix resumption for TLS-on-connect X-Git-Tag: exim-4.98-RC0~131 X-Git-Url: https://git.exim.org/exim.git/commitdiff_plain/5d5ad9fb16a2511ff2e0e7d4528d399f06f608da TLS: fix resumption for TLS-on-connect --- diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index 5a757c4ed..add3a532e 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -25549,15 +25549,24 @@ load-balancer, matching the session stored in the client's cache. Exim can pull out a server name, if there is one, from the response to the client's SMTP EHLO command. -The default value of this option: +For normal STARTTLS use, the default value of this option: .code ${if and { {match {$host} {.outlook.com\$}} \ {match {$item} {\N^250-([\w.]+)\s\N}} \ } {$1}} .endd suffices for one known case. + During the expansion of this option the &$item$& variable will have the server's EHLO response. + +.new +For TLS-on-connect connections we do not have an EHLO +response to use. Because of this the default value of this option is +set to a static string for those cases, meaning that resumption will +always be attempted if permitted by the &%tls_resumption_hosts%& option. +.wen + The result of the option expansion is included in the key used to store and retrieve the TLS session, for session resumption. diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index c74c0c0c6..9d23e8db2 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -24,6 +24,13 @@ JH/04 Bug 3039: Fix handling of of an empty log_reject_target, with a connection_reject log_selector, under tls_on_connect. Previously with this combination, when the connect ACL rejected, a spurious paniclog entry was made. +JH/04 Fix TLS resumption for TLS-on-connect. This was broken by the advent + of loadbalancer-detection for resumption, in 4.96 - which tries to + use the EHLO response. SMTPS does not have one at the time it is starting + TLS. Change the default for the smtp transport host_name_extract option + to be a static string, for TLS-on-connect cases; meaning that resumption + will always be attempted (unless deliberately overriden). + Exim version 4.97 diff --git a/src/src/macros.h b/src/src/macros.h index 969393561..e2c1d0f94 100644 --- a/src/src/macros.h +++ b/src/src/macros.h @@ -1103,14 +1103,22 @@ should not be one active. */ #define RESUME_USED BIT(4) #define RESUME_DECODE_STRING \ - US"not requested or offered : 0x02 :client requested, no server ticket" \ - ": 0x04 : 0x05 : 0x06 :client offered session, no server action" \ - ": 0x08 :no client request: 0x0A :client requested new ticket, server provided" \ - ": 0x0C :client offered session, not used: 0x0E :client offered session, server only provided new ticket" \ - ": 0x10 :session resumed unasked: 0x12 :session resumed unasked" \ - ": 0x14 : 0x15 : 0x16 :session resumed" \ - ": 0x18 :session resumed unasked: 0x1A :session resumed unasked" \ - ": 0x1C :session resumed: 0x1E :session resumed, also new ticket" + US"not requested or offered" \ + ": 0x02 :client requested, no server ticket" \ + ": 0x04 : 0x05 " \ + ": 0x06 :client offered session, no server action" \ + ": 0x08 :no client request" \ + ": 0x0A :client requested new ticket, server provided" \ + ": 0x0C :client offered session, not used" \ + ": 0x0E :client offered session, server only provided new ticket" \ + ": 0x10 :session resumed unasked" \ + ": 0x12 :session resumed unasked" \ + ": 0x14 : 0x15" \ + ": 0x16 :session resumed" \ + ": 0x18 :session resumed unasked" \ + ": 0x1A :session resumed unasked" \ + ": 0x1C :session resumed" \ + ": 0x1E :session resumed, also new ticket" /* Flags for string_vformat */ #define SVFMT_EXTEND BIT(0) diff --git a/src/src/tls-gnu.c b/src/src/tls-gnu.c index a17597e8b..56ea93935 100644 --- a/src/src/tls-gnu.c +++ b/src/src/tls-gnu.c @@ -2851,7 +2851,7 @@ static int tls_server_ticket_cb(gnutls_session_t sess, u_int htype, unsigned when, unsigned incoming, const gnutls_datum_t * msg) { -DEBUG(D_tls) debug_printf("newticket cb\n"); +DEBUG(D_tls) debug_printf("newticket cb (on server)\n"); tls_in.resumption |= RESUME_CLIENT_REQUESTED; return 0; } @@ -2888,9 +2888,12 @@ tls_server_resume_posthandshake(exim_gnutls_state_st * state) { if (gnutls_session_resumption_requested(state->session)) { - /* This tells us the client sent a full ticket. We use a + /* This tells us the client sent a full (?) ticket. We use a callback on session-ticket request, elsewhere, to tell - if a client asked for a ticket. */ + if a client asked for a ticket. + XXX As of GnuTLS 3.0.1 it seems to be returning true even for + a pure ticket-req (a zero-length Session Ticket extension + in the Client Hello, for 1.2) which mucks up our logic. */ tls_in.resumption |= RESUME_CLIENT_SUGGESTED; DEBUG(D_tls) debug_printf("client requested resumption\n"); @@ -3319,7 +3322,8 @@ tls_retrieve_session(tls_support * tlsp, gnutls_session_t session, tlsp->resumption = RESUME_SUPPORTED; if (!conn_args->have_lbserver) - { DEBUG(D_tls) debug_printf("resumption not supported on continued-connection\n"); } + { DEBUG(D_tls) debug_printf( + "resumption not supported: no LB detection done (continued-conn?)\n"); } else if (verify_check_given_host(CUSS &ob->tls_resumption_hosts, conn_args->host) == OK) { dbdata_tls_session * dt; @@ -3347,6 +3351,7 @@ else if (verify_check_given_host(CUSS &ob->tls_resumption_hosts, conn_args->host dbfn_close(dbm_file); } } +else DEBUG(D_tls) debug_printf("no resumption for this host\n"); } @@ -3374,7 +3379,7 @@ if (gnutls_session_get_flags(session) & GNUTLS_SFLAGS_SESSION_TICKET) int dlen = sizeof(dbdata_tls_session) + tkt.size; dbdata_tls_session * dt = store_get(dlen, GET_TAINTED); - DEBUG(D_tls) debug_printf("session data size %u\n", (unsigned)tkt.size); + DEBUG(D_tls) debug_printf(" session data size %u\n", (unsigned)tkt.size); memcpy(dt->session, tkt.data, tkt.size); gnutls_free(tkt.data); @@ -3385,11 +3390,15 @@ if (gnutls_session_get_flags(session) & GNUTLS_SFLAGS_SESSION_TICKET) dbfn_close(dbm_file); DEBUG(D_tls) - debug_printf("wrote session db (len %u)\n", (unsigned)dlen); + debug_printf(" wrote session db (len %u)\n", (unsigned)dlen); } } - else DEBUG(D_tls) - debug_printf("extract session data: %s\n", US gnutls_strerror(rc)); + else + { DEBUG(D_tls) + debug_printf(" extract session data: %s\n", US gnutls_strerror(rc)); + } + else DEBUG(D_tls) + debug_printf(" host not resmable; not saving ticket\n"); } } @@ -3406,7 +3415,7 @@ tls_client_ticket_cb(gnutls_session_t sess, u_int htype, unsigned when, exim_gnutls_state_st * state = gnutls_session_get_ptr(sess); tls_support * tlsp = state->tlsp; -DEBUG(D_tls) debug_printf("newticket cb\n"); +DEBUG(D_tls) debug_printf("newticket cb (on client)\n"); if (!tlsp->ticket_received) tls_save_session(tlsp, sess, state->host); diff --git a/src/src/transports/smtp.c b/src/src/transports/smtp.c index af2e1f2dd..8c00a1ef2 100644 --- a/src/src/transports/smtp.c +++ b/src/src/transports/smtp.c @@ -203,9 +203,6 @@ smtp_transport_options_block smtp_transport_option_defaults = { .tls_tempfail_tryclear = TRUE, .tls_try_verify_hosts = US"*", .tls_verify_cert_hostnames = US"*", -# ifndef DISABLE_TLS_RESUME - .host_name_extract = US"${if and {{match{$host}{.outlook.com\\$}} {match{$item}{\\N^250-([\\w.]+)\\s\\N}}} {$1}}", -# endif #endif #ifdef SUPPORT_I18N .utf8_downconvert = US"-1", @@ -352,7 +349,7 @@ Returns: nothing void smtp_transport_init(transport_instance *tblock) { -smtp_transport_options_block *ob = SOB tblock->options_block; +smtp_transport_options_block * ob = SOB tblock->options_block; int old_pool = store_pool; /* Retry_use_local_part defaults FALSE if unset */ @@ -769,7 +766,7 @@ return TRUE; resumption when such servers do not share a session-cache */ static void -ehlo_response_lbserver(smtp_context * sx, smtp_transport_options_block * ob) +ehlo_response_lbserver(smtp_context * sx, const uschar * name_extract) { #if !defined(DISABLE_TLS) && !defined(DISABLE_TLS_RESUME) const uschar * s; @@ -778,7 +775,7 @@ uschar * save_item = iterate_item; if (sx->conn_args.have_lbserver) return; iterate_item = sx->buffer; -s = expand_cstring(ob->host_name_extract); +s = expand_cstring(name_extract); iterate_item = save_item; sx->conn_args.host_lbserver = s && !*s ? NULL : s; sx->conn_args.have_lbserver = TRUE; @@ -1067,6 +1064,8 @@ sx->pending_EHLO = FALSE; if (pending_BANNER) { + const uschar * s; + DEBUG(D_transport) debug_printf("%s expect banner\n", __FUNCTION__); (*countp)--; if (!smtp_reap_banner(sx)) @@ -1076,7 +1075,10 @@ if (pending_BANNER) goto fail; } /*XXX EXPERIMENTAL_ESMTP_LIMITS ? */ - ehlo_response_lbserver(sx, sx->conn_args.ob); + + s = ((smtp_transport_options_block *)sx->conn_args.ob)->host_name_extract; + if (!s) s = HNE_DEFAULT; + ehlo_response_lbserver(sx, s); } if (pending_EHLO) @@ -2474,10 +2476,20 @@ goto SEND_QUIT; #ifndef DISABLE_TLS if (sx->smtps) { + const uschar * s; + smtp_peer_options |= OPTION_TLS; suppress_tls = FALSE; ob->tls_tempfail_tryclear = FALSE; smtp_command = US"SSL-on-connect"; + + /* Having no EHLO response yet, cannot peek there for a servername to detect + an LB. Call this anyway, so that a dummy host_name_extract option value can + force resumption attempts. */ + + if (!(s = ob->host_name_extract)) s = US"never-LB"; + ehlo_response_lbserver(sx, s); + goto TLS_NEGOTIATE; } #endif @@ -2565,6 +2577,8 @@ goto SEND_QUIT; if (!sx->early_pipe_active) #endif { + const uschar * s; + sx->peer_offered = ehlo_response(sx->buffer, OPTION_TLS /* others checked later */ #ifndef DISABLE_PIPE_CONNECT @@ -2600,7 +2614,8 @@ goto SEND_QUIT; } } #endif - ehlo_response_lbserver(sx, ob); + if (!(s = ob->host_name_extract)) s = HNE_DEFAULT; + ehlo_response_lbserver(sx, s); } /* Set tls_offered if the response to EHLO specifies support for STARTTLS. */ diff --git a/src/src/transports/smtp.h b/src/src/transports/smtp.h index cb1d72625..0d15b9626 100644 --- a/src/src/transports/smtp.h +++ b/src/src/transports/smtp.h @@ -109,6 +109,7 @@ typedef struct { uschar *tls_privatekey; uschar *tls_require_ciphers; # ifndef DISABLE_TLS_RESUME +# define HNE_DEFAULT US"${if and {{match{$host}{.outlook.com\\$}} {match{$item}{\\N^250-([\\w.]+)\\s\\N}}} {$1}}" uschar *host_name_extract; uschar *tls_resumption_hosts; # endif diff --git a/test/confs/5890 b/test/confs/5890 index 88743cfd0..ff5adb90f 100644 --- a/test/confs/5890 +++ b/test/confs/5890 @@ -13,9 +13,10 @@ domainlist local_domains = test.ex : *.test.ex acl_smtp_helo = check_helo acl_smtp_rcpt = check_recipient -log_selector = +received_recipients +tls_resumption +tls_peerdn +log_selector = +received_recipients +tls_resumption +tls_peerdn +outgoing_port tls_advertise_hosts = * +tls_on_connect_ports = PORT_D2 # Set certificate only if server @@ -33,30 +34,32 @@ tls_resumption_hosts = 127.0.0.1 begin acl check_helo: - accept condition = ${if def:tls_in_cipher} - logwrite = tls_in_resumption\t${listextract {$tls_in_resumption} {_RESUME_DECODE}} - logwrite = our cert subject\t${certextract {subject}{$tls_in_ourcert}} - logwrite = peer cert subject\t${certextract {subject}{$tls_in_peercert}} - logwrite = peer cert verified\t${tls_in_certificate_verified} - logwrite = peer dn\t${tls_in_peerdn} - logwrite = cipher\t${tls_in_cipher} - logwrite = bits\t${tls_in_bits} + accept condition = ${if def:tls_in_cipher} + logwrite = tls_in_ver\t$tls_in_ver + logwrite = tls_in_resumption\t${listextract {$tls_in_resumption} {_RESUME_DECODE}} + logwrite = our cert subject\t${certextract {subject}{$tls_in_ourcert}} + logwrite = peer cert subject\t${certextract {subject}{$tls_in_peercert}} + logwrite = peer cert verified\t${tls_in_certificate_verified} + logwrite = peer dn\t${tls_in_peerdn} + logwrite = cipher\t${tls_in_cipher} + logwrite = bits\t${tls_in_bits} accept check_recipient: - accept domains = +local_domains - deny message = relay not permitted + accept domains = +local_domains + deny message = relay not permitted log_resumption: accept condition = ${if def:tls_out_cipher} condition = ${if eq {$event_name}{tcp:close}} + logwrite = tls_out_ver\t$tls_out_ver logwrite = tls_out_resumption ${listextract {$tls_out_resumption} {_RESUME_DECODE}} - logwrite = our cert subject\t${certextract {subject}{$tls_out_ourcert}} - logwrite = peer cert subject\t${certextract {subject}{$tls_out_peercert}} - logwrite = peer cert verified\t${tls_out_certificate_verified} - logwrite = peer dn\t${tls_out_peerdn} - logwrite = cipher\t${tls_out_cipher} - logwrite = bits\t${tls_out_bits} + logwrite = our cert subject\t${certextract {subject}{$tls_out_ourcert}} + logwrite = peer cert subject\t${certextract {subject}{$tls_out_peercert}} + logwrite = peer cert verified\t${tls_out_certificate_verified} + logwrite = peer dn\t${tls_out_peerdn} + logwrite = cipher\t${tls_out_cipher} + logwrite = bits\t${tls_out_bits} # ----- Routers ----- @@ -66,7 +69,7 @@ begin routers client: driver = accept condition = ${if eq {SERVER}{server}{no}{yes}} - transport = send_to_server${if eq{$local_part}{abcd}{2}{1}} + transport = send_to_server${if eq{$local_part}{hostnotresume}{2}{1}} server: driver = redirect @@ -80,7 +83,14 @@ send_to_server1: driver = smtp allow_localhost hosts = 127.0.0.1 +.ifdef SELECTOR + port = PORT_D2 + protocol = smtps + # Use HELO purely to get a P= different on the server <= line + hosts_avoid_esmtp = * +.else port = PORT_D +.endif helo_data = helo.data.changed .ifdef HELO_MSG host_name_extract = HELO_MSG @@ -96,11 +106,11 @@ send_to_server1: event_action = ${acl {log_resumption}} send_to_server2: - driver = smtp + driver = smtp allow_localhost - hosts = HOSTIPV4 - port = PORT_D - hosts_try_fastopen = : + hosts = HOSTIPV4 + port = PORT_D + hosts_try_fastopen = : tls_verify_certificates = CDIR/CA/CA.pem tls_verify_cert_hostnames = : event_action = ${acl {log_resumption}} diff --git a/test/confs/5892 b/test/confs/5892 index 15b09fcff..571cb8e7e 100644 --- a/test/confs/5892 +++ b/test/confs/5892 @@ -13,7 +13,7 @@ domainlist local_domains = test.ex : *.test.ex acl_smtp_helo = check_helo acl_smtp_rcpt = check_recipient -log_selector = +received_recipients +tls_resumption +tls_peerdn +log_selector = +received_recipients +tls_resumption +tls_peerdn +outgoing_port .ifdef _OPT_OPENSSL_NO_TLSV1_3_X openssl_options = +no_sslv2 +no_sslv3 +single_dh_use OPTION @@ -21,6 +21,7 @@ openssl_options = +no_sslv2 +no_sslv3 +single_dh_use OPTION openssl_options = +no_sslv2 +no_sslv3 +single_dh_use .endif tls_advertise_hosts = * +tls_on_connect_ports = PORT_D2 # Set certificate only if server @@ -38,30 +39,32 @@ remote_max_parallel = 1 begin acl check_helo: - accept condition = ${if def:tls_in_cipher} - logwrite = tls_in_resumption\t${listextract {$tls_in_resumption} {_RESUME_DECODE}} - logwrite = our cert subject\t${certextract {subject}{$tls_in_ourcert}} - logwrite = peer cert subject\t${certextract {subject}{$tls_in_peercert}} - logwrite = peer cert verified\t${tls_in_certificate_verified} - logwrite = peer dn\t${tls_in_peerdn} - logwrite = cipher\t${tls_in_cipher} - logwrite = bits\t${tls_in_bits} + accept condition = ${if def:tls_in_cipher} + logwrite = tls_in_ver\t$tls_in_ver + logwrite = tls_in_resumption\t${listextract {$tls_in_resumption} {_RESUME_DECODE}} + logwrite = our cert subject\t${certextract {subject}{$tls_in_ourcert}} + logwrite = peer cert subject\t${certextract {subject}{$tls_in_peercert}} + logwrite = peer cert verified\t${tls_in_certificate_verified} + logwrite = peer dn\t${tls_in_peerdn} + logwrite = cipher\t${tls_in_cipher} + logwrite = bits\t${tls_in_bits} accept check_recipient: - accept domains = +local_domains - deny message = relay not permitted + accept domains = +local_domains + deny message = relay not permitted log_resumption: accept condition = ${if def:tls_out_cipher} condition = ${if eq {$event_name}{tcp:close}} + logwrite = tls_out_ver\t$tls_out_ver logwrite = tls_out_resumption ${listextract {$tls_out_resumption} {_RESUME_DECODE}} - logwrite = our cert subject\t${certextract {subject}{$tls_out_ourcert}} - logwrite = peer cert subject\t${certextract {subject}{$tls_out_peercert}} - logwrite = peer cert verified\t${tls_out_certificate_verified} - logwrite = peer dn\t${tls_out_peerdn} - logwrite = cipher\t${tls_out_cipher} - logwrite = bits\t${tls_out_bits} + logwrite = our cert subject\t${certextract {subject}{$tls_out_ourcert}} + logwrite = peer cert subject\t${certextract {subject}{$tls_out_peercert}} + logwrite = peer cert verified\t${tls_out_certificate_verified} + logwrite = peer dn\t${tls_out_peerdn} + logwrite = cipher\t${tls_out_cipher} + logwrite = bits\t${tls_out_bits} # ----- Routers ----- @@ -85,7 +88,14 @@ send_to_server1: driver = smtp allow_localhost hosts = 127.0.0.1 +.ifdef SELECTOR + port = PORT_D2 + protocol = smtps + # Use HELO purely to get a P= different on the server <= line + hosts_avoid_esmtp = * +.else port = PORT_D +.endif helo_data = helo.data.changed .ifdef HELO_MSG host_name_extract = HELO_MSG @@ -101,11 +111,11 @@ send_to_server1: event_action = ${acl {log_resumption}} send_to_server2: - driver = smtp + driver = smtp allow_localhost - hosts = HOSTIPV4 - port = PORT_D - hosts_try_fastopen = : + hosts = HOSTIPV4 + port = PORT_D + hosts_try_fastopen = : tls_verify_certificates = CDIR/CA/CA.pem tls_verify_cert_hostnames = : event_action = ${acl {log_resumption}} diff --git a/test/confs/5894 b/test/confs/5894 index da347178e..4b34c75ae 100644 --- a/test/confs/5894 +++ b/test/confs/5894 @@ -12,10 +12,11 @@ domainlist local_domains = test.ex : *.test.ex acl_smtp_helo = check_helo acl_smtp_rcpt = check_recipient -log_selector = +received_recipients +tls_resumption +tls_peerdn +log_selector = +received_recipients +tls_resumption +tls_peerdn +outgoing_port openssl_options = +no_sslv2 +no_sslv3 +single_dh_use tls_advertise_hosts = * +tls_on_connect_ports = PORT_D2 # Set certificate only if server @@ -32,30 +33,32 @@ tls_resumption_hosts = 127.0.0.1 begin acl check_helo: - accept condition = ${if def:tls_in_cipher} - logwrite = tls_in_resumption\t${listextract {$tls_in_resumption} {_RESUME_DECODE}} - logwrite = our cert subject\t${certextract {subject}{$tls_in_ourcert}} - logwrite = peer cert subject\t${certextract {subject}{$tls_in_peercert}} - logwrite = peer cert verified\t${tls_in_certificate_verified} - logwrite = peer dn\t${tls_in_peerdn} - logwrite = cipher\t${tls_in_cipher} - logwrite = bits\t${tls_in_bits} + accept condition = ${if def:tls_in_cipher} + logwrite = tls_in_ver\t$tls_in_ver + logwrite = tls_in_resumption\t${listextract {$tls_in_resumption} {_RESUME_DECODE}} + logwrite = our cert subject\t${certextract {subject}{$tls_in_ourcert}} + logwrite = peer cert subject\t${certextract {subject}{$tls_in_peercert}} + logwrite = peer cert verified\t${tls_in_certificate_verified} + logwrite = peer dn\t${tls_in_peerdn} + logwrite = cipher\t${tls_in_cipher} + logwrite = bits\t${tls_in_bits} accept check_recipient: - accept domains = +local_domains - deny message = relay not permitted + accept domains = +local_domains + deny message = relay not permitted log_resumption: accept condition = ${if def:tls_out_cipher} condition = ${if eq {$event_name}{tcp:close}} + logwrite = tls_out_ver\t$tls_out_ver logwrite = tls_out_resumption ${listextract {$tls_out_resumption} {_RESUME_DECODE}} - logwrite = our cert subject\t${certextract {subject}{$tls_out_ourcert}} - logwrite = peer cert subject\t${certextract {subject}{$tls_out_peercert}} - logwrite = peer cert verified\t${tls_out_certificate_verified} - logwrite = peer dn\t${tls_out_peerdn} - logwrite = cipher\t${tls_out_cipher} - logwrite = bits\t${tls_out_bits} + logwrite = our cert subject\t${certextract {subject}{$tls_out_ourcert}} + logwrite = peer cert subject\t${certextract {subject}{$tls_out_peercert}} + logwrite = peer cert verified\t${tls_out_certificate_verified} + logwrite = peer dn\t${tls_out_peerdn} + logwrite = cipher\t${tls_out_cipher} + logwrite = bits\t${tls_out_bits} # ----- Routers ----- @@ -65,7 +68,7 @@ begin routers client: driver = accept condition = ${if eq {SERVER}{server}{no}{yes}} - transport = send_to_server${if eq{$local_part}{abcd}{2}{1}} + transport = send_to_server${if eq{$local_part}{hostnotresume}{2}{1}} server: driver = redirect @@ -79,7 +82,14 @@ send_to_server1: driver = smtp allow_localhost hosts = 127.0.0.1 +.ifdef SELECTOR + port = PORT_D2 + protocol = smtps + # Use HELO purely to get a P= different on the server <= line + hosts_avoid_esmtp = * +.else port = PORT_D +.endif helo_data = helo.data.changed .ifdef VALUE tls_resumption_hosts = * @@ -92,11 +102,11 @@ send_to_server1: event_action = ${acl {log_resumption}} send_to_server2: - driver = smtp + driver = smtp allow_localhost - hosts = HOSTIPV4 - port = PORT_D - hosts_try_fastopen = : + hosts = HOSTIPV4 + port = PORT_D + hosts_try_fastopen = : tls_verify_certificates = CDIR/CA/CA.pem tls_verify_cert_hostnames = : event_action = ${acl {log_resumption}} diff --git a/test/log/5890 b/test/log/5890 index 065e31b7f..d77b85f92 100644 --- a/test/log/5890 +++ b/test/log/5890 @@ -1,4 +1,5 @@ 1999-03-02 09:44:33 10HmaX-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for getticket@test.ex +1999-03-02 09:44:33 10HmaX-000000005vi-0000 tls_out_ver TLS1.2 1999-03-02 09:44:33 10HmaX-000000005vi-0000 tls_out_resumption client requested new ticket, server provided 1999-03-02 09:44:33 10HmaX-000000005vi-0000 our cert subject 1999-03-02 09:44:33 10HmaX-000000005vi-0000 peer cert subject CN=server1.example.com @@ -6,9 +7,10 @@ 1999-03-02 09:44:33 10HmaX-000000005vi-0000 peer dn CN=server1.example.com 1999-03-02 09:44:33 10HmaX-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmaX-000000005vi-0000 bits 256 -1999-03-02 09:44:33 10HmaX-000000005vi-0000 => getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmaY-000000005vi-0000" +1999-03-02 09:44:33 10HmaX-000000005vi-0000 => getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmaY-000000005vi-0000" 1999-03-02 09:44:33 10HmaX-000000005vi-0000 Completed -1999-03-02 09:44:33 10HmaZ-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for resume@test.ex abcd@test.ex xyz@test.ex +1999-03-02 09:44:33 10HmaZ-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for resume@test.ex hostnotresume@test.ex xyz@test.ex +1999-03-02 09:44:33 10HmaZ-000000005vi-0000 tls_out_ver TLS1.2 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 tls_out_resumption session resumed 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 our cert subject 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 peer cert subject CN=server1.example.com @@ -16,6 +18,7 @@ 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 peer dn CN=server1.example.com 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 cipher TLS1.x:ke--AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 bits 256 +1999-03-02 09:44:33 10HmaZ-000000005vi-0000 tls_out_ver TLS1.2 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 tls_out_resumption not requested or offered 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 our cert subject 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 peer cert subject CN=server1.example.com @@ -23,11 +26,12 @@ 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 peer dn CN=server1.example.com 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 bits 256 -1999-03-02 09:44:33 10HmaZ-000000005vi-0000 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbA-000000005vi-0000" -1999-03-02 09:44:33 10HmaZ-000000005vi-0000 -> xyz@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbA-000000005vi-0000" -1999-03-02 09:44:33 10HmaZ-000000005vi-0000 => abcd@test.ex R=client T=send_to_server2 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbB-000000005vi-0000" +1999-03-02 09:44:33 10HmaZ-000000005vi-0000 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbA-000000005vi-0000" +1999-03-02 09:44:33 10HmaZ-000000005vi-0000 -> xyz@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbA-000000005vi-0000" +1999-03-02 09:44:33 10HmaZ-000000005vi-0000 => hostnotresume@test.ex R=client T=send_to_server2 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbB-000000005vi-0000" 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 Completed 1999-03-02 09:44:33 10HmbC-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for renewal@test.ex +1999-03-02 09:44:33 10HmbC-000000005vi-0000 tls_out_ver TLS1.2 1999-03-02 09:44:33 10HmbC-000000005vi-0000 tls_out_resumption session resumed 1999-03-02 09:44:33 10HmbC-000000005vi-0000 our cert subject 1999-03-02 09:44:33 10HmbC-000000005vi-0000 peer cert subject CN=server1.example.com @@ -35,9 +39,10 @@ 1999-03-02 09:44:33 10HmbC-000000005vi-0000 peer dn CN=server1.example.com 1999-03-02 09:44:33 10HmbC-000000005vi-0000 cipher TLS1.x:ke--AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbC-000000005vi-0000 bits 256 -1999-03-02 09:44:33 10HmbC-000000005vi-0000 => renewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbD-000000005vi-0000" +1999-03-02 09:44:33 10HmbC-000000005vi-0000 => renewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbD-000000005vi-0000" 1999-03-02 09:44:33 10HmbC-000000005vi-0000 Completed 1999-03-02 09:44:33 10HmbE-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for postrenewal@test.ex +1999-03-02 09:44:33 10HmbE-000000005vi-0000 tls_out_ver TLS1.2 1999-03-02 09:44:33 10HmbE-000000005vi-0000 tls_out_resumption session resumed 1999-03-02 09:44:33 10HmbE-000000005vi-0000 our cert subject 1999-03-02 09:44:33 10HmbE-000000005vi-0000 peer cert subject CN=server1.example.com @@ -45,9 +50,10 @@ 1999-03-02 09:44:33 10HmbE-000000005vi-0000 peer dn CN=server1.example.com 1999-03-02 09:44:33 10HmbE-000000005vi-0000 cipher TLS1.x:ke--AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbE-000000005vi-0000 bits 256 -1999-03-02 09:44:33 10HmbE-000000005vi-0000 => postrenewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbF-000000005vi-0000" +1999-03-02 09:44:33 10HmbE-000000005vi-0000 => postrenewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbF-000000005vi-0000" 1999-03-02 09:44:33 10HmbE-000000005vi-0000 Completed 1999-03-02 09:44:33 10HmbG-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for timeout@test.ex +1999-03-02 09:44:33 10HmbG-000000005vi-0000 tls_out_ver TLS1.2 1999-03-02 09:44:33 10HmbG-000000005vi-0000 tls_out_resumption client offered session, server only provided new ticket 1999-03-02 09:44:33 10HmbG-000000005vi-0000 our cert subject 1999-03-02 09:44:33 10HmbG-000000005vi-0000 peer cert subject CN=server1.example.com @@ -55,9 +61,10 @@ 1999-03-02 09:44:33 10HmbG-000000005vi-0000 peer dn CN=server1.example.com 1999-03-02 09:44:33 10HmbG-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbG-000000005vi-0000 bits 256 -1999-03-02 09:44:33 10HmbG-000000005vi-0000 => timeout@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbH-000000005vi-0000" +1999-03-02 09:44:33 10HmbG-000000005vi-0000 => timeout@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbH-000000005vi-0000" 1999-03-02 09:44:33 10HmbG-000000005vi-0000 Completed 1999-03-02 09:44:33 10HmbI-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for notreq@test.ex +1999-03-02 09:44:33 10HmbI-000000005vi-0000 tls_out_ver TLS1.2 1999-03-02 09:44:33 10HmbI-000000005vi-0000 tls_out_resumption no client request 1999-03-02 09:44:33 10HmbI-000000005vi-0000 our cert subject 1999-03-02 09:44:33 10HmbI-000000005vi-0000 peer cert subject CN=server1.example.com @@ -65,9 +72,10 @@ 1999-03-02 09:44:33 10HmbI-000000005vi-0000 peer dn CN=server1.example.com 1999-03-02 09:44:33 10HmbI-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbI-000000005vi-0000 bits 256 -1999-03-02 09:44:33 10HmbI-000000005vi-0000 => notreq@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbJ-000000005vi-0000" +1999-03-02 09:44:33 10HmbI-000000005vi-0000 => notreq@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbJ-000000005vi-0000" 1999-03-02 09:44:33 10HmbI-000000005vi-0000 Completed 1999-03-02 09:44:33 10HmbK-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for noverify_getticket@test.ex +1999-03-02 09:44:33 10HmbK-000000005vi-0000 tls_out_ver TLS1.2 1999-03-02 09:44:33 10HmbK-000000005vi-0000 tls_out_resumption client requested new ticket, server provided 1999-03-02 09:44:33 10HmbK-000000005vi-0000 our cert subject 1999-03-02 09:44:33 10HmbK-000000005vi-0000 peer cert subject CN=server1.example.com @@ -75,9 +83,10 @@ 1999-03-02 09:44:33 10HmbK-000000005vi-0000 peer dn CN=server1.example.com 1999-03-02 09:44:33 10HmbK-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbK-000000005vi-0000 bits 256 -1999-03-02 09:44:33 10HmbK-000000005vi-0000 => noverify_getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no DN="CN=server1.example.com" C="250 OK id=10HmbL-000000005vi-0000" +1999-03-02 09:44:33 10HmbK-000000005vi-0000 => noverify_getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no DN="CN=server1.example.com" C="250 OK id=10HmbL-000000005vi-0000" 1999-03-02 09:44:33 10HmbK-000000005vi-0000 Completed 1999-03-02 09:44:33 10HmbM-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for noverify_resume@test.ex +1999-03-02 09:44:33 10HmbM-000000005vi-0000 tls_out_ver TLS1.2 1999-03-02 09:44:33 10HmbM-000000005vi-0000 tls_out_resumption session resumed 1999-03-02 09:44:33 10HmbM-000000005vi-0000 our cert subject 1999-03-02 09:44:33 10HmbM-000000005vi-0000 peer cert subject CN=server1.example.com @@ -85,120 +94,187 @@ 1999-03-02 09:44:33 10HmbM-000000005vi-0000 peer dn CN=server1.example.com 1999-03-02 09:44:33 10HmbM-000000005vi-0000 cipher TLS1.x:ke--AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbM-000000005vi-0000 bits 256 -1999-03-02 09:44:33 10HmbM-000000005vi-0000 => noverify_resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=no DN="CN=server1.example.com" C="250 OK id=10HmbN-000000005vi-0000" +1999-03-02 09:44:33 10HmbM-000000005vi-0000 => noverify_resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=no DN="CN=server1.example.com" C="250 OK id=10HmbN-000000005vi-0000" 1999-03-02 09:44:33 10HmbM-000000005vi-0000 Completed -1999-03-02 09:44:33 10HmbO-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for getticket@test.ex -1999-03-02 09:44:33 10HmbO-000000005vi-0000 tls_out_resumption client requested new ticket, server provided +1999-03-02 09:44:33 10HmbO-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for resume@test.ex +1999-03-02 09:44:33 10HmbO-000000005vi-0000 tls_out_ver TLS1.2 +1999-03-02 09:44:33 10HmbO-000000005vi-0000 tls_out_resumption session resumed 1999-03-02 09:44:33 10HmbO-000000005vi-0000 our cert subject 1999-03-02 09:44:33 10HmbO-000000005vi-0000 peer cert subject CN=server1.example.com 1999-03-02 09:44:33 10HmbO-000000005vi-0000 peer cert verified 1 1999-03-02 09:44:33 10HmbO-000000005vi-0000 peer dn CN=server1.example.com -1999-03-02 09:44:33 10HmbO-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbO-000000005vi-0000 cipher TLS1.x:ke--AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbO-000000005vi-0000 bits 256 -1999-03-02 09:44:33 10HmbO-000000005vi-0000 => getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbP-000000005vi-0000" +1999-03-02 09:44:33 10HmbO-000000005vi-0000 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbP-000000005vi-0000" 1999-03-02 09:44:33 10HmbO-000000005vi-0000 Completed -1999-03-02 09:44:33 10HmbQ-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for resume@test.ex abcd@test.ex xyz@test.ex -1999-03-02 09:44:33 10HmbQ-000000005vi-0000 tls_out_resumption session resumed, also new ticket -1999-03-02 09:44:33 10HmbQ-000000005vi-0000 our cert subject -1999-03-02 09:44:33 10HmbQ-000000005vi-0000 peer cert subject CN=server1.example.com -1999-03-02 09:44:33 10HmbQ-000000005vi-0000 peer cert verified 1 -1999-03-02 09:44:33 10HmbQ-000000005vi-0000 peer dn CN=server1.example.com -1999-03-02 09:44:33 10HmbQ-000000005vi-0000 cipher TLS1.x:ke-PSK-AES256-SHAnnn:xxx -1999-03-02 09:44:33 10HmbQ-000000005vi-0000 bits 256 -1999-03-02 09:44:33 10HmbQ-000000005vi-0000 tls_out_resumption not requested or offered +1999-03-02 09:44:33 10HmbQ-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for getticket@test.ex +1999-03-02 09:44:33 10HmbQ-000000005vi-0000 tls_out_ver TLS1.2 +1999-03-02 09:44:33 10HmbQ-000000005vi-0000 tls_out_resumption client requested new ticket, server provided 1999-03-02 09:44:33 10HmbQ-000000005vi-0000 our cert subject 1999-03-02 09:44:33 10HmbQ-000000005vi-0000 peer cert subject CN=server1.example.com 1999-03-02 09:44:33 10HmbQ-000000005vi-0000 peer cert verified 1 1999-03-02 09:44:33 10HmbQ-000000005vi-0000 peer dn CN=server1.example.com 1999-03-02 09:44:33 10HmbQ-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbQ-000000005vi-0000 bits 256 -1999-03-02 09:44:33 10HmbQ-000000005vi-0000 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbR-000000005vi-0000" -1999-03-02 09:44:33 10HmbQ-000000005vi-0000 -> xyz@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbR-000000005vi-0000" -1999-03-02 09:44:33 10HmbQ-000000005vi-0000 => abcd@test.ex R=client T=send_to_server2 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbS-000000005vi-0000" +1999-03-02 09:44:33 10HmbQ-000000005vi-0000 => getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D2 X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbR-000000005vi-0000" 1999-03-02 09:44:33 10HmbQ-000000005vi-0000 Completed -1999-03-02 09:44:33 10HmbT-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for renewal@test.ex -1999-03-02 09:44:33 10HmbT-000000005vi-0000 tls_out_resumption session resumed, also new ticket -1999-03-02 09:44:33 10HmbT-000000005vi-0000 our cert subject -1999-03-02 09:44:33 10HmbT-000000005vi-0000 peer cert subject CN=server1.example.com -1999-03-02 09:44:33 10HmbT-000000005vi-0000 peer cert verified 1 -1999-03-02 09:44:33 10HmbT-000000005vi-0000 peer dn CN=server1.example.com -1999-03-02 09:44:33 10HmbT-000000005vi-0000 cipher TLS1.x:ke-PSK-AES256-SHAnnn:xxx -1999-03-02 09:44:33 10HmbT-000000005vi-0000 bits 256 -1999-03-02 09:44:33 10HmbT-000000005vi-0000 => renewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbU-000000005vi-0000" -1999-03-02 09:44:33 10HmbT-000000005vi-0000 Completed -1999-03-02 09:44:33 10HmbV-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for postrenewal@test.ex -1999-03-02 09:44:33 10HmbV-000000005vi-0000 tls_out_resumption session resumed -1999-03-02 09:44:33 10HmbV-000000005vi-0000 our cert subject -1999-03-02 09:44:33 10HmbV-000000005vi-0000 peer cert subject CN=server1.example.com -1999-03-02 09:44:33 10HmbV-000000005vi-0000 peer cert verified 1 -1999-03-02 09:44:33 10HmbV-000000005vi-0000 peer dn CN=server1.example.com -1999-03-02 09:44:33 10HmbV-000000005vi-0000 cipher TLS1.x:ke-PSK-AES256-SHAnnn:xxx -1999-03-02 09:44:33 10HmbV-000000005vi-0000 bits 256 -1999-03-02 09:44:33 10HmbV-000000005vi-0000 => postrenewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbW-000000005vi-0000" -1999-03-02 09:44:33 10HmbV-000000005vi-0000 Completed -1999-03-02 09:44:33 10HmbX-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for timeout@test.ex -1999-03-02 09:44:33 10HmbX-000000005vi-0000 tls_out_resumption client offered session, server only provided new ticket -1999-03-02 09:44:33 10HmbX-000000005vi-0000 our cert subject -1999-03-02 09:44:33 10HmbX-000000005vi-0000 peer cert subject CN=server1.example.com -1999-03-02 09:44:33 10HmbX-000000005vi-0000 peer cert verified 1 -1999-03-02 09:44:33 10HmbX-000000005vi-0000 peer dn CN=server1.example.com -1999-03-02 09:44:33 10HmbX-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx -1999-03-02 09:44:33 10HmbX-000000005vi-0000 bits 256 -1999-03-02 09:44:33 10HmbX-000000005vi-0000 => timeout@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbY-000000005vi-0000" -1999-03-02 09:44:33 10HmbX-000000005vi-0000 Completed -1999-03-02 09:44:33 10HmbZ-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for notreq@test.ex -1999-03-02 09:44:33 10HmbZ-000000005vi-0000 tls_out_resumption no client request +1999-03-02 09:44:33 10HmbS-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for resume@test.ex +1999-03-02 09:44:33 10HmbS-000000005vi-0000 tls_out_ver TLS1.2 +1999-03-02 09:44:33 10HmbS-000000005vi-0000 tls_out_resumption session resumed +1999-03-02 09:44:33 10HmbS-000000005vi-0000 our cert subject +1999-03-02 09:44:33 10HmbS-000000005vi-0000 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmbS-000000005vi-0000 peer cert verified 1 +1999-03-02 09:44:33 10HmbS-000000005vi-0000 peer dn CN=server1.example.com +1999-03-02 09:44:33 10HmbS-000000005vi-0000 cipher TLS1.x:ke--AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbS-000000005vi-0000 bits 256 +1999-03-02 09:44:33 10HmbS-000000005vi-0000 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D2 X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbT-000000005vi-0000" +1999-03-02 09:44:33 10HmbS-000000005vi-0000 Completed +1999-03-02 09:44:33 10HmbU-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for getticket@test.ex +1999-03-02 09:44:33 10HmbU-000000005vi-0000 tls_out_ver TLS1.3 +1999-03-02 09:44:33 10HmbU-000000005vi-0000 tls_out_resumption client requested new ticket, server provided +1999-03-02 09:44:33 10HmbU-000000005vi-0000 our cert subject +1999-03-02 09:44:33 10HmbU-000000005vi-0000 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmbU-000000005vi-0000 peer cert verified 1 +1999-03-02 09:44:33 10HmbU-000000005vi-0000 peer dn CN=server1.example.com +1999-03-02 09:44:33 10HmbU-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbU-000000005vi-0000 bits 256 +1999-03-02 09:44:33 10HmbU-000000005vi-0000 => getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbV-000000005vi-0000" +1999-03-02 09:44:33 10HmbU-000000005vi-0000 Completed +1999-03-02 09:44:33 10HmbW-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for resume@test.ex hostnotresume@test.ex xyz@test.ex +1999-03-02 09:44:33 10HmbW-000000005vi-0000 tls_out_ver TLS1.3 +1999-03-02 09:44:33 10HmbW-000000005vi-0000 tls_out_resumption session resumed, also new ticket +1999-03-02 09:44:33 10HmbW-000000005vi-0000 our cert subject +1999-03-02 09:44:33 10HmbW-000000005vi-0000 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmbW-000000005vi-0000 peer cert verified 1 +1999-03-02 09:44:33 10HmbW-000000005vi-0000 peer dn CN=server1.example.com +1999-03-02 09:44:33 10HmbW-000000005vi-0000 cipher TLS1.x:ke-PSK-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbW-000000005vi-0000 bits 256 +1999-03-02 09:44:33 10HmbW-000000005vi-0000 tls_out_ver TLS1.3 +1999-03-02 09:44:33 10HmbW-000000005vi-0000 tls_out_resumption not requested or offered +1999-03-02 09:44:33 10HmbW-000000005vi-0000 our cert subject +1999-03-02 09:44:33 10HmbW-000000005vi-0000 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmbW-000000005vi-0000 peer cert verified 1 +1999-03-02 09:44:33 10HmbW-000000005vi-0000 peer dn CN=server1.example.com +1999-03-02 09:44:33 10HmbW-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbW-000000005vi-0000 bits 256 +1999-03-02 09:44:33 10HmbW-000000005vi-0000 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbX-000000005vi-0000" +1999-03-02 09:44:33 10HmbW-000000005vi-0000 -> xyz@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbX-000000005vi-0000" +1999-03-02 09:44:33 10HmbW-000000005vi-0000 => hostnotresume@test.ex R=client T=send_to_server2 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbY-000000005vi-0000" +1999-03-02 09:44:33 10HmbW-000000005vi-0000 Completed +1999-03-02 09:44:33 10HmbZ-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for renewal@test.ex +1999-03-02 09:44:33 10HmbZ-000000005vi-0000 tls_out_ver TLS1.3 +1999-03-02 09:44:33 10HmbZ-000000005vi-0000 tls_out_resumption session resumed, also new ticket 1999-03-02 09:44:33 10HmbZ-000000005vi-0000 our cert subject 1999-03-02 09:44:33 10HmbZ-000000005vi-0000 peer cert subject CN=server1.example.com 1999-03-02 09:44:33 10HmbZ-000000005vi-0000 peer cert verified 1 1999-03-02 09:44:33 10HmbZ-000000005vi-0000 peer dn CN=server1.example.com -1999-03-02 09:44:33 10HmbZ-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbZ-000000005vi-0000 cipher TLS1.x:ke-PSK-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbZ-000000005vi-0000 bits 256 -1999-03-02 09:44:33 10HmbZ-000000005vi-0000 => notreq@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmcA-000000005vi-0000" +1999-03-02 09:44:33 10HmbZ-000000005vi-0000 => renewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmcA-000000005vi-0000" 1999-03-02 09:44:33 10HmbZ-000000005vi-0000 Completed -1999-03-02 09:44:33 10HmcB-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for getticket@test.ex -1999-03-02 09:44:33 10HmcB-000000005vi-0000 tls_out_resumption client requested new ticket, server provided +1999-03-02 09:44:33 10HmcB-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for postrenewal@test.ex +1999-03-02 09:44:33 10HmcB-000000005vi-0000 tls_out_ver TLS1.3 +1999-03-02 09:44:33 10HmcB-000000005vi-0000 tls_out_resumption session resumed 1999-03-02 09:44:33 10HmcB-000000005vi-0000 our cert subject 1999-03-02 09:44:33 10HmcB-000000005vi-0000 peer cert subject CN=server1.example.com 1999-03-02 09:44:33 10HmcB-000000005vi-0000 peer cert verified 1 1999-03-02 09:44:33 10HmcB-000000005vi-0000 peer dn CN=server1.example.com -1999-03-02 09:44:33 10HmcB-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmcB-000000005vi-0000 cipher TLS1.x:ke-PSK-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmcB-000000005vi-0000 bits 256 -1999-03-02 09:44:33 10HmcB-000000005vi-0000 => getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmcC-000000005vi-0000" +1999-03-02 09:44:33 10HmcB-000000005vi-0000 => postrenewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmcC-000000005vi-0000" 1999-03-02 09:44:33 10HmcB-000000005vi-0000 Completed -1999-03-02 09:44:33 10HmcD-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for noresume@test.ex -1999-03-02 09:44:33 10HmcD-000000005vi-0000 tls_out_resumption client requested new ticket, server provided +1999-03-02 09:44:33 10HmcD-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for timeout@test.ex +1999-03-02 09:44:33 10HmcD-000000005vi-0000 tls_out_ver TLS1.3 +1999-03-02 09:44:33 10HmcD-000000005vi-0000 tls_out_resumption client offered session, server only provided new ticket 1999-03-02 09:44:33 10HmcD-000000005vi-0000 our cert subject 1999-03-02 09:44:33 10HmcD-000000005vi-0000 peer cert subject CN=server1.example.com 1999-03-02 09:44:33 10HmcD-000000005vi-0000 peer cert verified 1 1999-03-02 09:44:33 10HmcD-000000005vi-0000 peer dn CN=server1.example.com 1999-03-02 09:44:33 10HmcD-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmcD-000000005vi-0000 bits 256 -1999-03-02 09:44:33 10HmcD-000000005vi-0000 => noresume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmcE-000000005vi-0000" +1999-03-02 09:44:33 10HmcD-000000005vi-0000 => timeout@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmcE-000000005vi-0000" 1999-03-02 09:44:33 10HmcD-000000005vi-0000 Completed -1999-03-02 09:44:33 10HmcF-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for resume@test.ex -1999-03-02 09:44:33 10HmcF-000000005vi-0000 tls_out_resumption session resumed, also new ticket +1999-03-02 09:44:33 10HmcF-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for notreq@test.ex +1999-03-02 09:44:33 10HmcF-000000005vi-0000 tls_out_ver TLS1.3 +1999-03-02 09:44:33 10HmcF-000000005vi-0000 tls_out_resumption no client request 1999-03-02 09:44:33 10HmcF-000000005vi-0000 our cert subject 1999-03-02 09:44:33 10HmcF-000000005vi-0000 peer cert subject CN=server1.example.com 1999-03-02 09:44:33 10HmcF-000000005vi-0000 peer cert verified 1 1999-03-02 09:44:33 10HmcF-000000005vi-0000 peer dn CN=server1.example.com -1999-03-02 09:44:33 10HmcF-000000005vi-0000 cipher TLS1.x:ke-PSK-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmcF-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmcF-000000005vi-0000 bits 256 -1999-03-02 09:44:33 10HmcF-000000005vi-0000 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmcG-000000005vi-0000" +1999-03-02 09:44:33 10HmcF-000000005vi-0000 => notreq@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmcG-000000005vi-0000" 1999-03-02 09:44:33 10HmcF-000000005vi-0000 Completed -1999-03-02 09:44:33 10HmcH-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for resume@test.ex -1999-03-02 09:44:33 10HmcH-000000005vi-0000 tls_out_resumption session resumed, also new ticket +1999-03-02 09:44:33 10HmcH-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for getticket@test.ex +1999-03-02 09:44:33 10HmcH-000000005vi-0000 tls_out_ver TLS1.3 +1999-03-02 09:44:33 10HmcH-000000005vi-0000 tls_out_resumption client requested new ticket, server provided 1999-03-02 09:44:33 10HmcH-000000005vi-0000 our cert subject 1999-03-02 09:44:33 10HmcH-000000005vi-0000 peer cert subject CN=server1.example.com 1999-03-02 09:44:33 10HmcH-000000005vi-0000 peer cert verified 1 1999-03-02 09:44:33 10HmcH-000000005vi-0000 peer dn CN=server1.example.com -1999-03-02 09:44:33 10HmcH-000000005vi-0000 cipher TLS1.x:ke-PSK-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmcH-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmcH-000000005vi-0000 bits 256 -1999-03-02 09:44:33 10HmcH-000000005vi-0000 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmcI-000000005vi-0000" +1999-03-02 09:44:33 10HmcH-000000005vi-0000 => getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmcI-000000005vi-0000" 1999-03-02 09:44:33 10HmcH-000000005vi-0000 Completed +1999-03-02 09:44:33 10HmcJ-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for noresume@test.ex +1999-03-02 09:44:33 10HmcJ-000000005vi-0000 tls_out_ver TLS1.3 +1999-03-02 09:44:33 10HmcJ-000000005vi-0000 tls_out_resumption client requested new ticket, server provided +1999-03-02 09:44:33 10HmcJ-000000005vi-0000 our cert subject +1999-03-02 09:44:33 10HmcJ-000000005vi-0000 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmcJ-000000005vi-0000 peer cert verified 1 +1999-03-02 09:44:33 10HmcJ-000000005vi-0000 peer dn CN=server1.example.com +1999-03-02 09:44:33 10HmcJ-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmcJ-000000005vi-0000 bits 256 +1999-03-02 09:44:33 10HmcJ-000000005vi-0000 => noresume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmcK-000000005vi-0000" +1999-03-02 09:44:33 10HmcJ-000000005vi-0000 Completed +1999-03-02 09:44:33 10HmcL-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for resume@test.ex +1999-03-02 09:44:33 10HmcL-000000005vi-0000 tls_out_ver TLS1.3 +1999-03-02 09:44:33 10HmcL-000000005vi-0000 tls_out_resumption session resumed, also new ticket +1999-03-02 09:44:33 10HmcL-000000005vi-0000 our cert subject +1999-03-02 09:44:33 10HmcL-000000005vi-0000 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmcL-000000005vi-0000 peer cert verified 1 +1999-03-02 09:44:33 10HmcL-000000005vi-0000 peer dn CN=server1.example.com +1999-03-02 09:44:33 10HmcL-000000005vi-0000 cipher TLS1.x:ke-PSK-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmcL-000000005vi-0000 bits 256 +1999-03-02 09:44:33 10HmcL-000000005vi-0000 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmcM-000000005vi-0000" +1999-03-02 09:44:33 10HmcL-000000005vi-0000 Completed +1999-03-02 09:44:33 10HmcN-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for resume@test.ex +1999-03-02 09:44:33 10HmcN-000000005vi-0000 tls_out_ver TLS1.3 +1999-03-02 09:44:33 10HmcN-000000005vi-0000 tls_out_resumption session resumed, also new ticket +1999-03-02 09:44:33 10HmcN-000000005vi-0000 our cert subject +1999-03-02 09:44:33 10HmcN-000000005vi-0000 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmcN-000000005vi-0000 peer cert verified 1 +1999-03-02 09:44:33 10HmcN-000000005vi-0000 peer dn CN=server1.example.com +1999-03-02 09:44:33 10HmcN-000000005vi-0000 cipher TLS1.x:ke-PSK-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmcN-000000005vi-0000 bits 256 +1999-03-02 09:44:33 10HmcN-000000005vi-0000 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmcO-000000005vi-0000" +1999-03-02 09:44:33 10HmcN-000000005vi-0000 Completed +1999-03-02 09:44:33 10HmcP-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for getticket@test.ex +1999-03-02 09:44:33 10HmcP-000000005vi-0000 tls_out_ver TLS1.3 +1999-03-02 09:44:33 10HmcP-000000005vi-0000 tls_out_resumption client requested new ticket, server provided +1999-03-02 09:44:33 10HmcP-000000005vi-0000 our cert subject +1999-03-02 09:44:33 10HmcP-000000005vi-0000 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmcP-000000005vi-0000 peer cert verified 1 +1999-03-02 09:44:33 10HmcP-000000005vi-0000 peer dn CN=server1.example.com +1999-03-02 09:44:33 10HmcP-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmcP-000000005vi-0000 bits 256 +1999-03-02 09:44:33 10HmcP-000000005vi-0000 => getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D2 X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmcQ-000000005vi-0000" +1999-03-02 09:44:33 10HmcP-000000005vi-0000 Completed +1999-03-02 09:44:33 10HmcR-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for resume@test.ex +1999-03-02 09:44:33 10HmcR-000000005vi-0000 tls_out_ver TLS1.3 +1999-03-02 09:44:33 10HmcR-000000005vi-0000 tls_out_resumption session resumed, also new ticket +1999-03-02 09:44:33 10HmcR-000000005vi-0000 our cert subject +1999-03-02 09:44:33 10HmcR-000000005vi-0000 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmcR-000000005vi-0000 peer cert verified 1 +1999-03-02 09:44:33 10HmcR-000000005vi-0000 peer dn CN=server1.example.com +1999-03-02 09:44:33 10HmcR-000000005vi-0000 cipher TLS1.x:ke-PSK-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmcR-000000005vi-0000 bits 256 +1999-03-02 09:44:33 10HmcR-000000005vi-0000 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D2 X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmcS-000000005vi-0000" +1999-03-02 09:44:33 10HmcR-000000005vi-0000 Completed ******** SERVER ******** -1999-03-02 09:44:33 exim x.yz daemon started: pid=p1234, no queue runs, listening for SMTP on port PORT_D +1999-03-02 09:44:33 exim x.yz daemon started: pid=p1234, no queue runs, listening for SMTP on port PORT_D and for SMTPS on port PORT_D2 +1999-03-02 09:44:33 tls_in_ver TLS1.2 1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided 1999-03-02 09:44:33 our cert subject CN=server1.example.com 1999-03-02 09:44:33 peer cert subject @@ -209,6 +285,7 @@ 1999-03-02 09:44:33 10HmaY-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaX-000000005vi-0000@myhost.test.ex for getticket@test.ex 1999-03-02 09:44:33 10HmaY-000000005vi-0000 => :blackhole: R=server 1999-03-02 09:44:33 10HmaY-000000005vi-0000 Completed +1999-03-02 09:44:33 tls_in_ver TLS1.2 1999-03-02 09:44:33 tls_in_resumption session resumed 1999-03-02 09:44:33 our cert subject 1999-03-02 09:44:33 peer cert subject @@ -220,6 +297,7 @@ 1999-03-02 09:44:33 10HmbA-000000005vi-0000 => :blackhole: R=server 1999-03-02 09:44:33 10HmbA-000000005vi-0000 => :blackhole: R=server 1999-03-02 09:44:33 10HmbA-000000005vi-0000 Completed +1999-03-02 09:44:33 tls_in_ver TLS1.2 1999-03-02 09:44:33 tls_in_resumption not requested or offered 1999-03-02 09:44:33 our cert subject CN=server1.example.com 1999-03-02 09:44:33 peer cert subject @@ -227,9 +305,10 @@ 1999-03-02 09:44:33 peer dn 1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 bits 256 -1999-03-02 09:44:33 10HmbB-000000005vi-0000 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaZ-000000005vi-0000@myhost.test.ex for abcd@test.ex -1999-03-02 09:44:33 10HmbB-000000005vi-0000 => :blackhole: R=server +1999-03-02 09:44:33 10HmbB-000000005vi-0000 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaZ-000000005vi-0000@myhost.test.ex for hostnotresume@test.ex +1999-03-02 09:44:33 10HmbB-000000005vi-0000 => :blackhole: R=server 1999-03-02 09:44:33 10HmbB-000000005vi-0000 Completed +1999-03-02 09:44:33 tls_in_ver TLS1.2 1999-03-02 09:44:33 tls_in_resumption session resumed 1999-03-02 09:44:33 our cert subject 1999-03-02 09:44:33 peer cert subject @@ -240,6 +319,7 @@ 1999-03-02 09:44:33 10HmbD-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbC-000000005vi-0000@myhost.test.ex for renewal@test.ex 1999-03-02 09:44:33 10HmbD-000000005vi-0000 => :blackhole: R=server 1999-03-02 09:44:33 10HmbD-000000005vi-0000 Completed +1999-03-02 09:44:33 tls_in_ver TLS1.2 1999-03-02 09:44:33 tls_in_resumption session resumed 1999-03-02 09:44:33 our cert subject 1999-03-02 09:44:33 peer cert subject @@ -250,6 +330,7 @@ 1999-03-02 09:44:33 10HmbF-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbE-000000005vi-0000@myhost.test.ex for postrenewal@test.ex 1999-03-02 09:44:33 10HmbF-000000005vi-0000 => :blackhole: R=server 1999-03-02 09:44:33 10HmbF-000000005vi-0000 Completed +1999-03-02 09:44:33 tls_in_ver TLS1.2 1999-03-02 09:44:33 tls_in_resumption client offered session, server only provided new ticket 1999-03-02 09:44:33 our cert subject CN=server1.example.com 1999-03-02 09:44:33 peer cert subject @@ -260,6 +341,7 @@ 1999-03-02 09:44:33 10HmbH-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbG-000000005vi-0000@myhost.test.ex for timeout@test.ex 1999-03-02 09:44:33 10HmbH-000000005vi-0000 => :blackhole: R=server 1999-03-02 09:44:33 10HmbH-000000005vi-0000 Completed +1999-03-02 09:44:33 tls_in_ver TLS1.2 1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided 1999-03-02 09:44:33 our cert subject CN=server1.example.com 1999-03-02 09:44:33 peer cert subject @@ -270,6 +352,7 @@ 1999-03-02 09:44:33 10HmbJ-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbI-000000005vi-0000@myhost.test.ex for notreq@test.ex 1999-03-02 09:44:33 10HmbJ-000000005vi-0000 => :blackhole: R=server 1999-03-02 09:44:33 10HmbJ-000000005vi-0000 Completed +1999-03-02 09:44:33 tls_in_ver TLS1.2 1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided 1999-03-02 09:44:33 our cert subject CN=server1.example.com 1999-03-02 09:44:33 peer cert subject @@ -280,6 +363,7 @@ 1999-03-02 09:44:33 10HmbL-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbK-000000005vi-0000@myhost.test.ex for noverify_getticket@test.ex 1999-03-02 09:44:33 10HmbL-000000005vi-0000 => :blackhole: R=server 1999-03-02 09:44:33 10HmbL-000000005vi-0000 Completed +1999-03-02 09:44:33 tls_in_ver TLS1.2 1999-03-02 09:44:33 tls_in_resumption session resumed 1999-03-02 09:44:33 our cert subject 1999-03-02 09:44:33 peer cert subject @@ -290,7 +374,41 @@ 1999-03-02 09:44:33 10HmbN-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbM-000000005vi-0000@myhost.test.ex for noverify_resume@test.ex 1999-03-02 09:44:33 10HmbN-000000005vi-0000 => :blackhole: R=server 1999-03-02 09:44:33 10HmbN-000000005vi-0000 Completed -1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D +1999-03-02 09:44:33 tls_in_ver TLS1.2 +1999-03-02 09:44:33 tls_in_resumption session resumed +1999-03-02 09:44:33 our cert subject +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 cipher TLS1.x:ke--AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmbP-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbO-000000005vi-0000@myhost.test.ex for resume@test.ex +1999-03-02 09:44:33 10HmbP-000000005vi-0000 => :blackhole: R=server +1999-03-02 09:44:33 10HmbP-000000005vi-0000 Completed +1999-03-02 09:44:33 tls_in_ver TLS1.2 +1999-03-02 09:44:33 tls_in_resumption client offered session, server only provided new ticket +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmbR-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] TFO* P=smtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbQ-000000005vi-0000@myhost.test.ex for getticket@test.ex +1999-03-02 09:44:33 10HmbR-000000005vi-0000 => :blackhole: R=server +1999-03-02 09:44:33 10HmbR-000000005vi-0000 Completed +1999-03-02 09:44:33 tls_in_ver TLS1.2 +1999-03-02 09:44:33 tls_in_resumption session resumed +1999-03-02 09:44:33 our cert subject +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 cipher TLS1.x:ke--AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmbT-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] TFO* P=smtps X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbS-000000005vi-0000@myhost.test.ex for resume@test.ex +1999-03-02 09:44:33 10HmbT-000000005vi-0000 => :blackhole: R=server +1999-03-02 09:44:33 10HmbT-000000005vi-0000 Completed +1999-03-02 09:44:33 exim x.yz daemon started: pid=p1235, no queue runs, listening for SMTP on port PORT_D and for SMTPS on port PORT_D2 +1999-03-02 09:44:33 tls_in_ver TLS1.3 1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided 1999-03-02 09:44:33 our cert subject CN=server1.example.com 1999-03-02 09:44:33 peer cert subject @@ -298,9 +416,10 @@ 1999-03-02 09:44:33 peer dn 1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 bits 256 -1999-03-02 09:44:33 10HmbP-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbO-000000005vi-0000@myhost.test.ex for getticket@test.ex -1999-03-02 09:44:33 10HmbP-000000005vi-0000 => :blackhole: R=server -1999-03-02 09:44:33 10HmbP-000000005vi-0000 Completed +1999-03-02 09:44:33 10HmbV-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbU-000000005vi-0000@myhost.test.ex for getticket@test.ex +1999-03-02 09:44:33 10HmbV-000000005vi-0000 => :blackhole: R=server +1999-03-02 09:44:33 10HmbV-000000005vi-0000 Completed +1999-03-02 09:44:33 tls_in_ver TLS1.3 1999-03-02 09:44:33 tls_in_resumption session resumed, also new ticket 1999-03-02 09:44:33 our cert subject 1999-03-02 09:44:33 peer cert subject @@ -308,10 +427,11 @@ 1999-03-02 09:44:33 peer dn 1999-03-02 09:44:33 cipher TLS1.x:ke-PSK-AES256-SHAnnn:xxx 1999-03-02 09:44:33 bits 256 -1999-03-02 09:44:33 10HmbR-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbQ-000000005vi-0000@myhost.test.ex for resume@test.ex xyz@test.ex -1999-03-02 09:44:33 10HmbR-000000005vi-0000 => :blackhole: R=server -1999-03-02 09:44:33 10HmbR-000000005vi-0000 => :blackhole: R=server -1999-03-02 09:44:33 10HmbR-000000005vi-0000 Completed +1999-03-02 09:44:33 10HmbX-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbW-000000005vi-0000@myhost.test.ex for resume@test.ex xyz@test.ex +1999-03-02 09:44:33 10HmbX-000000005vi-0000 => :blackhole: R=server +1999-03-02 09:44:33 10HmbX-000000005vi-0000 => :blackhole: R=server +1999-03-02 09:44:33 10HmbX-000000005vi-0000 Completed +1999-03-02 09:44:33 tls_in_ver TLS1.3 1999-03-02 09:44:33 tls_in_resumption not requested or offered 1999-03-02 09:44:33 our cert subject CN=server1.example.com 1999-03-02 09:44:33 peer cert subject @@ -319,9 +439,10 @@ 1999-03-02 09:44:33 peer dn 1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 bits 256 -1999-03-02 09:44:33 10HmbS-000000005vi-0000 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbQ-000000005vi-0000@myhost.test.ex for abcd@test.ex -1999-03-02 09:44:33 10HmbS-000000005vi-0000 => :blackhole: R=server -1999-03-02 09:44:33 10HmbS-000000005vi-0000 Completed +1999-03-02 09:44:33 10HmbY-000000005vi-0000 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbW-000000005vi-0000@myhost.test.ex for hostnotresume@test.ex +1999-03-02 09:44:33 10HmbY-000000005vi-0000 => :blackhole: R=server +1999-03-02 09:44:33 10HmbY-000000005vi-0000 Completed +1999-03-02 09:44:33 tls_in_ver TLS1.3 1999-03-02 09:44:33 tls_in_resumption session resumed, also new ticket 1999-03-02 09:44:33 our cert subject 1999-03-02 09:44:33 peer cert subject @@ -329,9 +450,10 @@ 1999-03-02 09:44:33 peer dn 1999-03-02 09:44:33 cipher TLS1.x:ke-PSK-AES256-SHAnnn:xxx 1999-03-02 09:44:33 bits 256 -1999-03-02 09:44:33 10HmbU-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbT-000000005vi-0000@myhost.test.ex for renewal@test.ex -1999-03-02 09:44:33 10HmbU-000000005vi-0000 => :blackhole: R=server -1999-03-02 09:44:33 10HmbU-000000005vi-0000 Completed +1999-03-02 09:44:33 10HmcA-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbZ-000000005vi-0000@myhost.test.ex for renewal@test.ex +1999-03-02 09:44:33 10HmcA-000000005vi-0000 => :blackhole: R=server +1999-03-02 09:44:33 10HmcA-000000005vi-0000 Completed +1999-03-02 09:44:33 tls_in_ver TLS1.3 1999-03-02 09:44:33 tls_in_resumption session resumed 1999-03-02 09:44:33 our cert subject 1999-03-02 09:44:33 peer cert subject @@ -339,9 +461,10 @@ 1999-03-02 09:44:33 peer dn 1999-03-02 09:44:33 cipher TLS1.x:ke-PSK-AES256-SHAnnn:xxx 1999-03-02 09:44:33 bits 256 -1999-03-02 09:44:33 10HmbW-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbV-000000005vi-0000@myhost.test.ex for postrenewal@test.ex -1999-03-02 09:44:33 10HmbW-000000005vi-0000 => :blackhole: R=server -1999-03-02 09:44:33 10HmbW-000000005vi-0000 Completed +1999-03-02 09:44:33 10HmcC-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmcB-000000005vi-0000@myhost.test.ex for postrenewal@test.ex +1999-03-02 09:44:33 10HmcC-000000005vi-0000 => :blackhole: R=server +1999-03-02 09:44:33 10HmcC-000000005vi-0000 Completed +1999-03-02 09:44:33 tls_in_ver TLS1.3 1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided 1999-03-02 09:44:33 our cert subject CN=server1.example.com 1999-03-02 09:44:33 peer cert subject @@ -349,9 +472,10 @@ 1999-03-02 09:44:33 peer dn 1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 bits 256 -1999-03-02 09:44:33 10HmbY-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbX-000000005vi-0000@myhost.test.ex for timeout@test.ex -1999-03-02 09:44:33 10HmbY-000000005vi-0000 => :blackhole: R=server -1999-03-02 09:44:33 10HmbY-000000005vi-0000 Completed +1999-03-02 09:44:33 10HmcE-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmcD-000000005vi-0000@myhost.test.ex for timeout@test.ex +1999-03-02 09:44:33 10HmcE-000000005vi-0000 => :blackhole: R=server +1999-03-02 09:44:33 10HmcE-000000005vi-0000 Completed +1999-03-02 09:44:33 tls_in_ver TLS1.3 1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided 1999-03-02 09:44:33 our cert subject CN=server1.example.com 1999-03-02 09:44:33 peer cert subject @@ -359,9 +483,10 @@ 1999-03-02 09:44:33 peer dn 1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 bits 256 -1999-03-02 09:44:33 10HmcA-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbZ-000000005vi-0000@myhost.test.ex for notreq@test.ex -1999-03-02 09:44:33 10HmcA-000000005vi-0000 => :blackhole: R=server -1999-03-02 09:44:33 10HmcA-000000005vi-0000 Completed +1999-03-02 09:44:33 10HmcG-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmcF-000000005vi-0000@myhost.test.ex for notreq@test.ex +1999-03-02 09:44:33 10HmcG-000000005vi-0000 => :blackhole: R=server +1999-03-02 09:44:33 10HmcG-000000005vi-0000 Completed +1999-03-02 09:44:33 tls_in_ver TLS1.3 1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided 1999-03-02 09:44:33 our cert subject CN=server1.example.com 1999-03-02 09:44:33 peer cert subject @@ -369,9 +494,10 @@ 1999-03-02 09:44:33 peer dn 1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 bits 256 -1999-03-02 09:44:33 10HmcC-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmcB-000000005vi-0000@myhost.test.ex for getticket@test.ex -1999-03-02 09:44:33 10HmcC-000000005vi-0000 => :blackhole: R=server -1999-03-02 09:44:33 10HmcC-000000005vi-0000 Completed +1999-03-02 09:44:33 10HmcI-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmcH-000000005vi-0000@myhost.test.ex for getticket@test.ex +1999-03-02 09:44:33 10HmcI-000000005vi-0000 => :blackhole: R=server +1999-03-02 09:44:33 10HmcI-000000005vi-0000 Completed +1999-03-02 09:44:33 tls_in_ver TLS1.3 1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided 1999-03-02 09:44:33 our cert subject CN=server1.example.com 1999-03-02 09:44:33 peer cert subject @@ -379,9 +505,10 @@ 1999-03-02 09:44:33 peer dn 1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 bits 256 -1999-03-02 09:44:33 10HmcE-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmcD-000000005vi-0000@myhost.test.ex for noresume@test.ex -1999-03-02 09:44:33 10HmcE-000000005vi-0000 => :blackhole: R=server -1999-03-02 09:44:33 10HmcE-000000005vi-0000 Completed +1999-03-02 09:44:33 10HmcK-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmcJ-000000005vi-0000@myhost.test.ex for noresume@test.ex +1999-03-02 09:44:33 10HmcK-000000005vi-0000 => :blackhole: R=server +1999-03-02 09:44:33 10HmcK-000000005vi-0000 Completed +1999-03-02 09:44:33 tls_in_ver TLS1.3 1999-03-02 09:44:33 tls_in_resumption session resumed, also new ticket 1999-03-02 09:44:33 our cert subject 1999-03-02 09:44:33 peer cert subject @@ -389,9 +516,10 @@ 1999-03-02 09:44:33 peer dn 1999-03-02 09:44:33 cipher TLS1.x:ke-PSK-AES256-SHAnnn:xxx 1999-03-02 09:44:33 bits 256 -1999-03-02 09:44:33 10HmcG-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmcF-000000005vi-0000@myhost.test.ex for resume@test.ex -1999-03-02 09:44:33 10HmcG-000000005vi-0000 => :blackhole: R=server -1999-03-02 09:44:33 10HmcG-000000005vi-0000 Completed +1999-03-02 09:44:33 10HmcM-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmcL-000000005vi-0000@myhost.test.ex for resume@test.ex +1999-03-02 09:44:33 10HmcM-000000005vi-0000 => :blackhole: R=server +1999-03-02 09:44:33 10HmcM-000000005vi-0000 Completed +1999-03-02 09:44:33 tls_in_ver TLS1.3 1999-03-02 09:44:33 tls_in_resumption session resumed, also new ticket 1999-03-02 09:44:33 our cert subject 1999-03-02 09:44:33 peer cert subject @@ -399,6 +527,28 @@ 1999-03-02 09:44:33 peer dn 1999-03-02 09:44:33 cipher TLS1.x:ke-PSK-AES256-SHAnnn:xxx 1999-03-02 09:44:33 bits 256 -1999-03-02 09:44:33 10HmcI-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmcH-000000005vi-0000@myhost.test.ex for resume@test.ex -1999-03-02 09:44:33 10HmcI-000000005vi-0000 => :blackhole: R=server -1999-03-02 09:44:33 10HmcI-000000005vi-0000 Completed +1999-03-02 09:44:33 10HmcO-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmcN-000000005vi-0000@myhost.test.ex for resume@test.ex +1999-03-02 09:44:33 10HmcO-000000005vi-0000 => :blackhole: R=server +1999-03-02 09:44:33 10HmcO-000000005vi-0000 Completed +1999-03-02 09:44:33 tls_in_ver TLS1.3 +1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmcQ-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] TFO* P=smtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmcP-000000005vi-0000@myhost.test.ex for getticket@test.ex +1999-03-02 09:44:33 10HmcQ-000000005vi-0000 => :blackhole: R=server +1999-03-02 09:44:33 10HmcQ-000000005vi-0000 Completed +1999-03-02 09:44:33 tls_in_ver TLS1.3 +1999-03-02 09:44:33 tls_in_resumption session resumed, also new ticket +1999-03-02 09:44:33 our cert subject +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 cipher TLS1.x:ke-PSK-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmcS-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] TFO* P=smtps X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmcR-000000005vi-0000@myhost.test.ex for resume@test.ex +1999-03-02 09:44:33 10HmcS-000000005vi-0000 => :blackhole: R=server +1999-03-02 09:44:33 10HmcS-000000005vi-0000 Completed diff --git a/test/log/5892 b/test/log/5892 index aeaae546a..21b6cc597 100644 --- a/test/log/5892 +++ b/test/log/5892 @@ -1,4 +1,5 @@ 1999-03-02 09:44:33 10HmaX-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for getticket@test.ex +1999-03-02 09:44:33 10HmaX-000000005vi-0000 tls_out_ver TLS1.2 1999-03-02 09:44:33 10HmaX-000000005vi-0000 tls_out_resumption client requested new ticket, server provided 1999-03-02 09:44:33 10HmaX-000000005vi-0000 our cert subject 1999-03-02 09:44:33 10HmaX-000000005vi-0000 peer cert subject CN=server1.example.com @@ -6,9 +7,10 @@ 1999-03-02 09:44:33 10HmaX-000000005vi-0000 peer dn /CN=server1.example.com 1999-03-02 09:44:33 10HmaX-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmaX-000000005vi-0000 bits 256 -1999-03-02 09:44:33 10HmaX-000000005vi-0000 => getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmaY-000000005vi-0000" +1999-03-02 09:44:33 10HmaX-000000005vi-0000 => getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmaY-000000005vi-0000" 1999-03-02 09:44:33 10HmaX-000000005vi-0000 Completed 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for resume@test.ex hostnotresume@test.ex xyz@test.ex +1999-03-02 09:44:33 10HmaZ-000000005vi-0000 tls_out_ver TLS1.2 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 tls_out_resumption session resumed 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 our cert subject 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 peer cert subject CN=server1.example.com @@ -16,8 +18,9 @@ 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 peer dn /CN=server1.example.com 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 bits 256 -1999-03-02 09:44:33 10HmaZ-000000005vi-0000 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbA-000000005vi-0000" -1999-03-02 09:44:33 10HmaZ-000000005vi-0000 -> xyz@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbA-000000005vi-0000" +1999-03-02 09:44:33 10HmaZ-000000005vi-0000 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbA-000000005vi-0000" +1999-03-02 09:44:33 10HmaZ-000000005vi-0000 -> xyz@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbA-000000005vi-0000" +1999-03-02 09:44:33 10HmaZ-000000005vi-0000 tls_out_ver TLS1.2 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 tls_out_resumption not requested or offered 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 our cert subject 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 peer cert subject CN=server1.example.com @@ -25,9 +28,10 @@ 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 peer dn /CN=server1.example.com 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 bits 256 -1999-03-02 09:44:33 10HmaZ-000000005vi-0000 => hostnotresume@test.ex R=client T=send_to_server2 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbB-000000005vi-0000" +1999-03-02 09:44:33 10HmaZ-000000005vi-0000 => hostnotresume@test.ex R=client T=send_to_server2 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbB-000000005vi-0000" 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 Completed 1999-03-02 09:44:33 10HmbC-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for renewal@test.ex +1999-03-02 09:44:33 10HmbC-000000005vi-0000 tls_out_ver TLS1.2 1999-03-02 09:44:33 10HmbC-000000005vi-0000 tls_out_resumption session resumed 1999-03-02 09:44:33 10HmbC-000000005vi-0000 our cert subject 1999-03-02 09:44:33 10HmbC-000000005vi-0000 peer cert subject CN=server1.example.com @@ -35,9 +39,10 @@ 1999-03-02 09:44:33 10HmbC-000000005vi-0000 peer dn /CN=server1.example.com 1999-03-02 09:44:33 10HmbC-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbC-000000005vi-0000 bits 256 -1999-03-02 09:44:33 10HmbC-000000005vi-0000 => renewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbD-000000005vi-0000" +1999-03-02 09:44:33 10HmbC-000000005vi-0000 => renewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbD-000000005vi-0000" 1999-03-02 09:44:33 10HmbC-000000005vi-0000 Completed 1999-03-02 09:44:33 10HmbE-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for postrenewal@test.ex +1999-03-02 09:44:33 10HmbE-000000005vi-0000 tls_out_ver TLS1.2 1999-03-02 09:44:33 10HmbE-000000005vi-0000 tls_out_resumption session resumed 1999-03-02 09:44:33 10HmbE-000000005vi-0000 our cert subject 1999-03-02 09:44:33 10HmbE-000000005vi-0000 peer cert subject CN=server1.example.com @@ -45,9 +50,10 @@ 1999-03-02 09:44:33 10HmbE-000000005vi-0000 peer dn /CN=server1.example.com 1999-03-02 09:44:33 10HmbE-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbE-000000005vi-0000 bits 256 -1999-03-02 09:44:33 10HmbE-000000005vi-0000 => postrenewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbF-000000005vi-0000" +1999-03-02 09:44:33 10HmbE-000000005vi-0000 => postrenewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbF-000000005vi-0000" 1999-03-02 09:44:33 10HmbE-000000005vi-0000 Completed 1999-03-02 09:44:33 10HmbG-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for aftertimeout@test.ex +1999-03-02 09:44:33 10HmbG-000000005vi-0000 tls_out_ver TLS1.2 1999-03-02 09:44:33 10HmbG-000000005vi-0000 tls_out_resumption client requested new ticket, server provided 1999-03-02 09:44:33 10HmbG-000000005vi-0000 our cert subject 1999-03-02 09:44:33 10HmbG-000000005vi-0000 peer cert subject CN=server1.example.com @@ -55,9 +61,10 @@ 1999-03-02 09:44:33 10HmbG-000000005vi-0000 peer dn /CN=server1.example.com 1999-03-02 09:44:33 10HmbG-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbG-000000005vi-0000 bits 256 -1999-03-02 09:44:33 10HmbG-000000005vi-0000 => aftertimeout@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbH-000000005vi-0000" +1999-03-02 09:44:33 10HmbG-000000005vi-0000 => aftertimeout@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbH-000000005vi-0000" 1999-03-02 09:44:33 10HmbG-000000005vi-0000 Completed 1999-03-02 09:44:33 10HmbI-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for notreq@test.ex +1999-03-02 09:44:33 10HmbI-000000005vi-0000 tls_out_ver TLS1.2 1999-03-02 09:44:33 10HmbI-000000005vi-0000 tls_out_resumption not requested or offered 1999-03-02 09:44:33 10HmbI-000000005vi-0000 our cert subject 1999-03-02 09:44:33 10HmbI-000000005vi-0000 peer cert subject CN=server1.example.com @@ -65,10 +72,11 @@ 1999-03-02 09:44:33 10HmbI-000000005vi-0000 peer dn /CN=server1.example.com 1999-03-02 09:44:33 10HmbI-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbI-000000005vi-0000 bits 256 -1999-03-02 09:44:33 10HmbI-000000005vi-0000 => notreq@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbJ-000000005vi-0000" +1999-03-02 09:44:33 10HmbI-000000005vi-0000 => notreq@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbJ-000000005vi-0000" 1999-03-02 09:44:33 10HmbI-000000005vi-0000 Completed 1999-03-02 09:44:33 10HmbK-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for noverify_getticket@test.ex 1999-03-02 09:44:33 10HmbK-000000005vi-0000 [127.0.0.1] SSL verify error: certificate name mismatch: DN="/CN=server1.example.com" H="127.0.0.1" +1999-03-02 09:44:33 10HmbK-000000005vi-0000 tls_out_ver TLS1.2 1999-03-02 09:44:33 10HmbK-000000005vi-0000 tls_out_resumption client requested new ticket, server provided 1999-03-02 09:44:33 10HmbK-000000005vi-0000 our cert subject 1999-03-02 09:44:33 10HmbK-000000005vi-0000 peer cert subject CN=server1.example.com @@ -76,9 +84,10 @@ 1999-03-02 09:44:33 10HmbK-000000005vi-0000 peer dn /CN=server1.example.com 1999-03-02 09:44:33 10HmbK-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbK-000000005vi-0000 bits 256 -1999-03-02 09:44:33 10HmbK-000000005vi-0000 => noverify_getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no DN="/CN=server1.example.com" C="250 OK id=10HmbL-000000005vi-0000" +1999-03-02 09:44:33 10HmbK-000000005vi-0000 => noverify_getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no DN="/CN=server1.example.com" C="250 OK id=10HmbL-000000005vi-0000" 1999-03-02 09:44:33 10HmbK-000000005vi-0000 Completed 1999-03-02 09:44:33 10HmbM-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for noverify_resume@test.ex +1999-03-02 09:44:33 10HmbM-000000005vi-0000 tls_out_ver TLS1.2 1999-03-02 09:44:33 10HmbM-000000005vi-0000 tls_out_resumption session resumed 1999-03-02 09:44:33 10HmbM-000000005vi-0000 our cert subject 1999-03-02 09:44:33 10HmbM-000000005vi-0000 peer cert subject CN=server1.example.com @@ -86,9 +95,10 @@ 1999-03-02 09:44:33 10HmbM-000000005vi-0000 peer dn /CN=server1.example.com 1999-03-02 09:44:33 10HmbM-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbM-000000005vi-0000 bits 256 -1999-03-02 09:44:33 10HmbM-000000005vi-0000 => noverify_resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no DN="/CN=server1.example.com" C="250 OK id=10HmbN-000000005vi-0000" +1999-03-02 09:44:33 10HmbM-000000005vi-0000 => noverify_resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no DN="/CN=server1.example.com" C="250 OK id=10HmbN-000000005vi-0000" 1999-03-02 09:44:33 10HmbM-000000005vi-0000 Completed 1999-03-02 09:44:33 10HmbO-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for getticket@test.ex +1999-03-02 09:44:33 10HmbO-000000005vi-0000 tls_out_ver TLS1.2 1999-03-02 09:44:33 10HmbO-000000005vi-0000 tls_out_resumption client requested new ticket, server provided 1999-03-02 09:44:33 10HmbO-000000005vi-0000 our cert subject 1999-03-02 09:44:33 10HmbO-000000005vi-0000 peer cert subject CN=server1.example.com @@ -96,9 +106,10 @@ 1999-03-02 09:44:33 10HmbO-000000005vi-0000 peer dn /CN=server1.example.com 1999-03-02 09:44:33 10HmbO-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbO-000000005vi-0000 bits 256 -1999-03-02 09:44:33 10HmbO-000000005vi-0000 => getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbP-000000005vi-0000" +1999-03-02 09:44:33 10HmbO-000000005vi-0000 => getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbP-000000005vi-0000" 1999-03-02 09:44:33 10HmbO-000000005vi-0000 Completed 1999-03-02 09:44:33 10HmbQ-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for noresume@test.ex +1999-03-02 09:44:33 10HmbQ-000000005vi-0000 tls_out_ver TLS1.2 1999-03-02 09:44:33 10HmbQ-000000005vi-0000 tls_out_resumption client requested new ticket, server provided 1999-03-02 09:44:33 10HmbQ-000000005vi-0000 our cert subject 1999-03-02 09:44:33 10HmbQ-000000005vi-0000 peer cert subject CN=server1.example.com @@ -106,9 +117,10 @@ 1999-03-02 09:44:33 10HmbQ-000000005vi-0000 peer dn /CN=server1.example.com 1999-03-02 09:44:33 10HmbQ-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbQ-000000005vi-0000 bits 256 -1999-03-02 09:44:33 10HmbQ-000000005vi-0000 => noresume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbR-000000005vi-0000" +1999-03-02 09:44:33 10HmbQ-000000005vi-0000 => noresume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbR-000000005vi-0000" 1999-03-02 09:44:33 10HmbQ-000000005vi-0000 Completed 1999-03-02 09:44:33 10HmbS-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for resume@test.ex +1999-03-02 09:44:33 10HmbS-000000005vi-0000 tls_out_ver TLS1.2 1999-03-02 09:44:33 10HmbS-000000005vi-0000 tls_out_resumption session resumed 1999-03-02 09:44:33 10HmbS-000000005vi-0000 our cert subject 1999-03-02 09:44:33 10HmbS-000000005vi-0000 peer cert subject CN=server1.example.com @@ -116,9 +128,10 @@ 1999-03-02 09:44:33 10HmbS-000000005vi-0000 peer dn /CN=server1.example.com 1999-03-02 09:44:33 10HmbS-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbS-000000005vi-0000 bits 256 -1999-03-02 09:44:33 10HmbS-000000005vi-0000 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbT-000000005vi-0000" +1999-03-02 09:44:33 10HmbS-000000005vi-0000 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbT-000000005vi-0000" 1999-03-02 09:44:33 10HmbS-000000005vi-0000 Completed 1999-03-02 09:44:33 10HmbU-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for resume@test.ex +1999-03-02 09:44:33 10HmbU-000000005vi-0000 tls_out_ver TLS1.2 1999-03-02 09:44:33 10HmbU-000000005vi-0000 tls_out_resumption session resumed 1999-03-02 09:44:33 10HmbU-000000005vi-0000 our cert subject 1999-03-02 09:44:33 10HmbU-000000005vi-0000 peer cert subject CN=server1.example.com @@ -126,11 +139,34 @@ 1999-03-02 09:44:33 10HmbU-000000005vi-0000 peer dn /CN=server1.example.com 1999-03-02 09:44:33 10HmbU-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbU-000000005vi-0000 bits 256 -1999-03-02 09:44:33 10HmbU-000000005vi-0000 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbV-000000005vi-0000" +1999-03-02 09:44:33 10HmbU-000000005vi-0000 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbV-000000005vi-0000" 1999-03-02 09:44:33 10HmbU-000000005vi-0000 Completed +1999-03-02 09:44:33 10HmbW-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for getticket@test.ex +1999-03-02 09:44:33 10HmbW-000000005vi-0000 tls_out_ver TLS1.2 +1999-03-02 09:44:33 10HmbW-000000005vi-0000 tls_out_resumption client requested new ticket, server provided +1999-03-02 09:44:33 10HmbW-000000005vi-0000 our cert subject +1999-03-02 09:44:33 10HmbW-000000005vi-0000 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmbW-000000005vi-0000 peer cert verified 1 +1999-03-02 09:44:33 10HmbW-000000005vi-0000 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbW-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbW-000000005vi-0000 bits 256 +1999-03-02 09:44:33 10HmbW-000000005vi-0000 => getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D2 X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbX-000000005vi-0000" +1999-03-02 09:44:33 10HmbW-000000005vi-0000 Completed +1999-03-02 09:44:33 10HmbY-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for resume@test.ex +1999-03-02 09:44:33 10HmbY-000000005vi-0000 tls_out_ver TLS1.2 +1999-03-02 09:44:33 10HmbY-000000005vi-0000 tls_out_resumption session resumed +1999-03-02 09:44:33 10HmbY-000000005vi-0000 our cert subject +1999-03-02 09:44:33 10HmbY-000000005vi-0000 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmbY-000000005vi-0000 peer cert verified 1 +1999-03-02 09:44:33 10HmbY-000000005vi-0000 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbY-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbY-000000005vi-0000 bits 256 +1999-03-02 09:44:33 10HmbY-000000005vi-0000 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D2 X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbZ-000000005vi-0000" +1999-03-02 09:44:33 10HmbY-000000005vi-0000 Completed ******** SERVER ******** -1999-03-02 09:44:33 exim x.yz daemon started: pid=p1234, no queue runs, listening for SMTP on port PORT_D +1999-03-02 09:44:33 exim x.yz daemon started: pid=p1234, no queue runs, listening for SMTP on port PORT_D and for SMTPS on port PORT_D2 +1999-03-02 09:44:33 tls_in_ver TLS1.2 1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided 1999-03-02 09:44:33 our cert subject CN=server1.example.com 1999-03-02 09:44:33 peer cert subject @@ -141,6 +177,7 @@ 1999-03-02 09:44:33 10HmaY-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaX-000000005vi-0000@myhost.test.ex for getticket@test.ex 1999-03-02 09:44:33 10HmaY-000000005vi-0000 => :blackhole: R=server 1999-03-02 09:44:33 10HmaY-000000005vi-0000 Completed +1999-03-02 09:44:33 tls_in_ver TLS1.2 1999-03-02 09:44:33 tls_in_resumption session resumed 1999-03-02 09:44:33 our cert subject CN=server1.example.com 1999-03-02 09:44:33 peer cert subject @@ -152,6 +189,7 @@ 1999-03-02 09:44:33 10HmbA-000000005vi-0000 => :blackhole: R=server 1999-03-02 09:44:33 10HmbA-000000005vi-0000 => :blackhole: R=server 1999-03-02 09:44:33 10HmbA-000000005vi-0000 Completed +1999-03-02 09:44:33 tls_in_ver TLS1.2 1999-03-02 09:44:33 tls_in_resumption not requested or offered 1999-03-02 09:44:33 our cert subject CN=server1.example.com 1999-03-02 09:44:33 peer cert subject @@ -162,6 +200,7 @@ 1999-03-02 09:44:33 10HmbB-000000005vi-0000 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaZ-000000005vi-0000@myhost.test.ex for hostnotresume@test.ex 1999-03-02 09:44:33 10HmbB-000000005vi-0000 => :blackhole: R=server 1999-03-02 09:44:33 10HmbB-000000005vi-0000 Completed +1999-03-02 09:44:33 tls_in_ver TLS1.2 1999-03-02 09:44:33 tls_in_resumption session resumed, also new ticket 1999-03-02 09:44:33 our cert subject CN=server1.example.com 1999-03-02 09:44:33 peer cert subject @@ -172,6 +211,7 @@ 1999-03-02 09:44:33 10HmbD-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbC-000000005vi-0000@myhost.test.ex for renewal@test.ex 1999-03-02 09:44:33 10HmbD-000000005vi-0000 => :blackhole: R=server 1999-03-02 09:44:33 10HmbD-000000005vi-0000 Completed +1999-03-02 09:44:33 tls_in_ver TLS1.2 1999-03-02 09:44:33 tls_in_resumption session resumed, also new ticket 1999-03-02 09:44:33 our cert subject CN=server1.example.com 1999-03-02 09:44:33 peer cert subject @@ -182,6 +222,7 @@ 1999-03-02 09:44:33 10HmbF-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbE-000000005vi-0000@myhost.test.ex for postrenewal@test.ex 1999-03-02 09:44:33 10HmbF-000000005vi-0000 => :blackhole: R=server 1999-03-02 09:44:33 10HmbF-000000005vi-0000 Completed +1999-03-02 09:44:33 tls_in_ver TLS1.2 1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided 1999-03-02 09:44:33 our cert subject CN=server1.example.com 1999-03-02 09:44:33 peer cert subject @@ -192,6 +233,7 @@ 1999-03-02 09:44:33 10HmbH-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbG-000000005vi-0000@myhost.test.ex for aftertimeout@test.ex 1999-03-02 09:44:33 10HmbH-000000005vi-0000 => :blackhole: R=server 1999-03-02 09:44:33 10HmbH-000000005vi-0000 Completed +1999-03-02 09:44:33 tls_in_ver TLS1.2 1999-03-02 09:44:33 tls_in_resumption no client request 1999-03-02 09:44:33 our cert subject CN=server1.example.com 1999-03-02 09:44:33 peer cert subject @@ -202,6 +244,7 @@ 1999-03-02 09:44:33 10HmbJ-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbI-000000005vi-0000@myhost.test.ex for notreq@test.ex 1999-03-02 09:44:33 10HmbJ-000000005vi-0000 => :blackhole: R=server 1999-03-02 09:44:33 10HmbJ-000000005vi-0000 Completed +1999-03-02 09:44:33 tls_in_ver TLS1.2 1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided 1999-03-02 09:44:33 our cert subject CN=server1.example.com 1999-03-02 09:44:33 peer cert subject @@ -212,6 +255,7 @@ 1999-03-02 09:44:33 10HmbL-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbK-000000005vi-0000@myhost.test.ex for noverify_getticket@test.ex 1999-03-02 09:44:33 10HmbL-000000005vi-0000 => :blackhole: R=server 1999-03-02 09:44:33 10HmbL-000000005vi-0000 Completed +1999-03-02 09:44:33 tls_in_ver TLS1.2 1999-03-02 09:44:33 tls_in_resumption session resumed 1999-03-02 09:44:33 our cert subject CN=server1.example.com 1999-03-02 09:44:33 peer cert subject @@ -222,6 +266,7 @@ 1999-03-02 09:44:33 10HmbN-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbM-000000005vi-0000@myhost.test.ex for noverify_resume@test.ex 1999-03-02 09:44:33 10HmbN-000000005vi-0000 => :blackhole: R=server 1999-03-02 09:44:33 10HmbN-000000005vi-0000 Completed +1999-03-02 09:44:33 tls_in_ver TLS1.2 1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided 1999-03-02 09:44:33 our cert subject CN=server1.example.com 1999-03-02 09:44:33 peer cert subject @@ -232,6 +277,7 @@ 1999-03-02 09:44:33 10HmbP-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbO-000000005vi-0000@myhost.test.ex for getticket@test.ex 1999-03-02 09:44:33 10HmbP-000000005vi-0000 => :blackhole: R=server 1999-03-02 09:44:33 10HmbP-000000005vi-0000 Completed +1999-03-02 09:44:33 tls_in_ver TLS1.2 1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided 1999-03-02 09:44:33 our cert subject CN=server1.example.com 1999-03-02 09:44:33 peer cert subject @@ -242,6 +288,7 @@ 1999-03-02 09:44:33 10HmbR-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbQ-000000005vi-0000@myhost.test.ex for noresume@test.ex 1999-03-02 09:44:33 10HmbR-000000005vi-0000 => :blackhole: R=server 1999-03-02 09:44:33 10HmbR-000000005vi-0000 Completed +1999-03-02 09:44:33 tls_in_ver TLS1.2 1999-03-02 09:44:33 tls_in_resumption session resumed 1999-03-02 09:44:33 our cert subject CN=server1.example.com 1999-03-02 09:44:33 peer cert subject @@ -252,6 +299,7 @@ 1999-03-02 09:44:33 10HmbT-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbS-000000005vi-0000@myhost.test.ex for resume@test.ex 1999-03-02 09:44:33 10HmbT-000000005vi-0000 => :blackhole: R=server 1999-03-02 09:44:33 10HmbT-000000005vi-0000 Completed +1999-03-02 09:44:33 tls_in_ver TLS1.2 1999-03-02 09:44:33 tls_in_resumption session resumed 1999-03-02 09:44:33 our cert subject CN=server1.example.com 1999-03-02 09:44:33 peer cert subject @@ -262,3 +310,25 @@ 1999-03-02 09:44:33 10HmbV-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbU-000000005vi-0000@myhost.test.ex for resume@test.ex 1999-03-02 09:44:33 10HmbV-000000005vi-0000 => :blackhole: R=server 1999-03-02 09:44:33 10HmbV-000000005vi-0000 Completed +1999-03-02 09:44:33 tls_in_ver TLS1.2 +1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmbX-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] TFO* P=smtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbW-000000005vi-0000@myhost.test.ex for getticket@test.ex +1999-03-02 09:44:33 10HmbX-000000005vi-0000 => :blackhole: R=server +1999-03-02 09:44:33 10HmbX-000000005vi-0000 Completed +1999-03-02 09:44:33 tls_in_ver TLS1.2 +1999-03-02 09:44:33 tls_in_resumption session resumed +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmbZ-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] TFO* P=smtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbY-000000005vi-0000@myhost.test.ex for resume@test.ex +1999-03-02 09:44:33 10HmbZ-000000005vi-0000 => :blackhole: R=server +1999-03-02 09:44:33 10HmbZ-000000005vi-0000 Completed diff --git a/test/log/5894 b/test/log/5894 index ab0d53703..f3d447c2a 100644 --- a/test/log/5894 +++ b/test/log/5894 @@ -1,4 +1,5 @@ 1999-03-02 09:44:33 10HmaX-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for getticket@test.ex +1999-03-02 09:44:33 10HmaX-000000005vi-0000 tls_out_ver TLS1.3 1999-03-02 09:44:33 10HmaX-000000005vi-0000 tls_out_resumption client requested new ticket, server provided 1999-03-02 09:44:33 10HmaX-000000005vi-0000 our cert subject 1999-03-02 09:44:33 10HmaX-000000005vi-0000 peer cert subject CN=server1.example.com @@ -6,9 +7,10 @@ 1999-03-02 09:44:33 10HmaX-000000005vi-0000 peer dn /CN=server1.example.com 1999-03-02 09:44:33 10HmaX-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmaX-000000005vi-0000 bits 256 -1999-03-02 09:44:33 10HmaX-000000005vi-0000 => getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmaY-000000005vi-0000" +1999-03-02 09:44:33 10HmaX-000000005vi-0000 => getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmaY-000000005vi-0000" 1999-03-02 09:44:33 10HmaX-000000005vi-0000 Completed -1999-03-02 09:44:33 10HmaZ-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for resume@test.ex abcd@test.ex xyz@test.ex +1999-03-02 09:44:33 10HmaZ-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for resume@test.ex hostnotresume@test.ex xyz@test.ex +1999-03-02 09:44:33 10HmaZ-000000005vi-0000 tls_out_ver TLS1.3 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 tls_out_resumption session resumed 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 our cert subject 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 peer cert subject CN=server1.example.com @@ -16,6 +18,7 @@ 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 peer dn /CN=server1.example.com 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 bits 256 +1999-03-02 09:44:33 10HmaZ-000000005vi-0000 tls_out_ver TLS1.3 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 tls_out_resumption not requested or offered 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 our cert subject 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 peer cert subject CN=server1.example.com @@ -23,41 +26,45 @@ 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 peer dn /CN=server1.example.com 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 bits 256 -1999-03-02 09:44:33 10HmaZ-000000005vi-0000 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbA-000000005vi-0000" -1999-03-02 09:44:33 10HmaZ-000000005vi-0000 -> xyz@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbA-000000005vi-0000" -1999-03-02 09:44:33 10HmaZ-000000005vi-0000 => abcd@test.ex R=client T=send_to_server2 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbB-000000005vi-0000" +1999-03-02 09:44:33 10HmaZ-000000005vi-0000 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbA-000000005vi-0000" +1999-03-02 09:44:33 10HmaZ-000000005vi-0000 -> xyz@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbA-000000005vi-0000" +1999-03-02 09:44:33 10HmaZ-000000005vi-0000 => hostnotresume@test.ex R=client T=send_to_server2 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbB-000000005vi-0000" 1999-03-02 09:44:33 10HmaZ-000000005vi-0000 Completed 1999-03-02 09:44:33 10HmbC-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for renewal@test.ex -1999-03-02 09:44:33 10HmbC-000000005vi-0000 tls_out_resumption session resumed, also new ticket +1999-03-02 09:44:33 10HmbC-000000005vi-0000 tls_out_ver TLS1.3 +1999-03-02 09:44:33 10HmbC-000000005vi-0000 tls_out_resumption session resumed 1999-03-02 09:44:33 10HmbC-000000005vi-0000 our cert subject 1999-03-02 09:44:33 10HmbC-000000005vi-0000 peer cert subject CN=server1.example.com 1999-03-02 09:44:33 10HmbC-000000005vi-0000 peer cert verified 1 1999-03-02 09:44:33 10HmbC-000000005vi-0000 peer dn /CN=server1.example.com 1999-03-02 09:44:33 10HmbC-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbC-000000005vi-0000 bits 256 -1999-03-02 09:44:33 10HmbC-000000005vi-0000 => renewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbD-000000005vi-0000" +1999-03-02 09:44:33 10HmbC-000000005vi-0000 => renewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbD-000000005vi-0000" 1999-03-02 09:44:33 10HmbC-000000005vi-0000 Completed 1999-03-02 09:44:33 10HmbE-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for postrenewal@test.ex -1999-03-02 09:44:33 10HmbE-000000005vi-0000 tls_out_resumption session resumed +1999-03-02 09:44:33 10HmbE-000000005vi-0000 tls_out_ver TLS1.3 +1999-03-02 09:44:33 10HmbE-000000005vi-0000 tls_out_resumption session resumed, also new ticket 1999-03-02 09:44:33 10HmbE-000000005vi-0000 our cert subject 1999-03-02 09:44:33 10HmbE-000000005vi-0000 peer cert subject CN=server1.example.com 1999-03-02 09:44:33 10HmbE-000000005vi-0000 peer cert verified 1 1999-03-02 09:44:33 10HmbE-000000005vi-0000 peer dn /CN=server1.example.com 1999-03-02 09:44:33 10HmbE-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbE-000000005vi-0000 bits 256 -1999-03-02 09:44:33 10HmbE-000000005vi-0000 => postrenewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbF-000000005vi-0000" +1999-03-02 09:44:33 10HmbE-000000005vi-0000 => postrenewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbF-000000005vi-0000" 1999-03-02 09:44:33 10HmbE-000000005vi-0000 Completed 1999-03-02 09:44:33 10HmbG-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for timeout@test.ex -1999-03-02 09:44:33 10HmbG-000000005vi-0000 tls_out_resumption session resumed, also new ticket +1999-03-02 09:44:33 10HmbG-000000005vi-0000 tls_out_ver TLS1.3 +1999-03-02 09:44:33 10HmbG-000000005vi-0000 tls_out_resumption session resumed 1999-03-02 09:44:33 10HmbG-000000005vi-0000 our cert subject 1999-03-02 09:44:33 10HmbG-000000005vi-0000 peer cert subject CN=server1.example.com 1999-03-02 09:44:33 10HmbG-000000005vi-0000 peer cert verified 1 1999-03-02 09:44:33 10HmbG-000000005vi-0000 peer dn /CN=server1.example.com 1999-03-02 09:44:33 10HmbG-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbG-000000005vi-0000 bits 256 -1999-03-02 09:44:33 10HmbG-000000005vi-0000 => timeout@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbH-000000005vi-0000" +1999-03-02 09:44:33 10HmbG-000000005vi-0000 => timeout@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbH-000000005vi-0000" 1999-03-02 09:44:33 10HmbG-000000005vi-0000 Completed 1999-03-02 09:44:33 10HmbI-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for notreq@test.ex +1999-03-02 09:44:33 10HmbI-000000005vi-0000 tls_out_ver TLS1.3 1999-03-02 09:44:33 10HmbI-000000005vi-0000 tls_out_resumption not requested or offered 1999-03-02 09:44:33 10HmbI-000000005vi-0000 our cert subject 1999-03-02 09:44:33 10HmbI-000000005vi-0000 peer cert subject CN=server1.example.com @@ -65,11 +72,34 @@ 1999-03-02 09:44:33 10HmbI-000000005vi-0000 peer dn /CN=server1.example.com 1999-03-02 09:44:33 10HmbI-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbI-000000005vi-0000 bits 256 -1999-03-02 09:44:33 10HmbI-000000005vi-0000 => notreq@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbJ-000000005vi-0000" +1999-03-02 09:44:33 10HmbI-000000005vi-0000 => notreq@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbJ-000000005vi-0000" 1999-03-02 09:44:33 10HmbI-000000005vi-0000 Completed +1999-03-02 09:44:33 10HmbK-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for getticket@test.ex +1999-03-02 09:44:33 10HmbK-000000005vi-0000 tls_out_ver TLS1.3 +1999-03-02 09:44:33 10HmbK-000000005vi-0000 tls_out_resumption client requested new ticket, server provided +1999-03-02 09:44:33 10HmbK-000000005vi-0000 our cert subject +1999-03-02 09:44:33 10HmbK-000000005vi-0000 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmbK-000000005vi-0000 peer cert verified 1 +1999-03-02 09:44:33 10HmbK-000000005vi-0000 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbK-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbK-000000005vi-0000 bits 256 +1999-03-02 09:44:33 10HmbK-000000005vi-0000 => getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D2 X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbL-000000005vi-0000" +1999-03-02 09:44:33 10HmbK-000000005vi-0000 Completed +1999-03-02 09:44:33 10HmbM-000000005vi-0000 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for resume@test.ex +1999-03-02 09:44:33 10HmbM-000000005vi-0000 tls_out_ver TLS1.3 +1999-03-02 09:44:33 10HmbM-000000005vi-0000 tls_out_resumption session resumed, also new ticket +1999-03-02 09:44:33 10HmbM-000000005vi-0000 our cert subject +1999-03-02 09:44:33 10HmbM-000000005vi-0000 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmbM-000000005vi-0000 peer cert verified 1 +1999-03-02 09:44:33 10HmbM-000000005vi-0000 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbM-000000005vi-0000 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbM-000000005vi-0000 bits 256 +1999-03-02 09:44:33 10HmbM-000000005vi-0000 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1]:PORT_D2 X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbN-000000005vi-0000" +1999-03-02 09:44:33 10HmbM-000000005vi-0000 Completed ******** SERVER ******** -1999-03-02 09:44:33 exim x.yz daemon started: pid=p1234, no queue runs, listening for SMTP on port PORT_D +1999-03-02 09:44:33 exim x.yz daemon started: pid=p1234, no queue runs, listening for SMTP on port PORT_D and for SMTPS on port PORT_D2 +1999-03-02 09:44:33 tls_in_ver TLS1.3 1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided 1999-03-02 09:44:33 our cert subject CN=server1.example.com 1999-03-02 09:44:33 peer cert subject @@ -80,6 +110,7 @@ 1999-03-02 09:44:33 10HmaY-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaX-000000005vi-0000@myhost.test.ex for getticket@test.ex 1999-03-02 09:44:33 10HmaY-000000005vi-0000 => :blackhole: R=server 1999-03-02 09:44:33 10HmaY-000000005vi-0000 Completed +1999-03-02 09:44:33 tls_in_ver TLS1.3 1999-03-02 09:44:33 tls_in_resumption session resumed 1999-03-02 09:44:33 our cert subject CN=server1.example.com 1999-03-02 09:44:33 peer cert subject @@ -91,6 +122,7 @@ 1999-03-02 09:44:33 10HmbA-000000005vi-0000 => :blackhole: R=server 1999-03-02 09:44:33 10HmbA-000000005vi-0000 => :blackhole: R=server 1999-03-02 09:44:33 10HmbA-000000005vi-0000 Completed +1999-03-02 09:44:33 tls_in_ver TLS1.3 1999-03-02 09:44:33 tls_in_resumption not requested or offered 1999-03-02 09:44:33 our cert subject CN=server1.example.com 1999-03-02 09:44:33 peer cert subject @@ -98,9 +130,10 @@ 1999-03-02 09:44:33 peer dn 1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 bits 256 -1999-03-02 09:44:33 10HmbB-000000005vi-0000 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaZ-000000005vi-0000@myhost.test.ex for abcd@test.ex -1999-03-02 09:44:33 10HmbB-000000005vi-0000 => :blackhole: R=server +1999-03-02 09:44:33 10HmbB-000000005vi-0000 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaZ-000000005vi-0000@myhost.test.ex for hostnotresume@test.ex +1999-03-02 09:44:33 10HmbB-000000005vi-0000 => :blackhole: R=server 1999-03-02 09:44:33 10HmbB-000000005vi-0000 Completed +1999-03-02 09:44:33 tls_in_ver TLS1.3 1999-03-02 09:44:33 tls_in_resumption session resumed, also new ticket 1999-03-02 09:44:33 our cert subject CN=server1.example.com 1999-03-02 09:44:33 peer cert subject @@ -111,6 +144,7 @@ 1999-03-02 09:44:33 10HmbD-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbC-000000005vi-0000@myhost.test.ex for renewal@test.ex 1999-03-02 09:44:33 10HmbD-000000005vi-0000 => :blackhole: R=server 1999-03-02 09:44:33 10HmbD-000000005vi-0000 Completed +1999-03-02 09:44:33 tls_in_ver TLS1.3 1999-03-02 09:44:33 tls_in_resumption session resumed 1999-03-02 09:44:33 our cert subject CN=server1.example.com 1999-03-02 09:44:33 peer cert subject @@ -121,6 +155,7 @@ 1999-03-02 09:44:33 10HmbF-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbE-000000005vi-0000@myhost.test.ex for postrenewal@test.ex 1999-03-02 09:44:33 10HmbF-000000005vi-0000 => :blackhole: R=server 1999-03-02 09:44:33 10HmbF-000000005vi-0000 Completed +1999-03-02 09:44:33 tls_in_ver TLS1.3 1999-03-02 09:44:33 tls_in_resumption session resumed, also new ticket 1999-03-02 09:44:33 our cert subject CN=server1.example.com 1999-03-02 09:44:33 peer cert subject @@ -131,6 +166,7 @@ 1999-03-02 09:44:33 10HmbH-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbG-000000005vi-0000@myhost.test.ex for timeout@test.ex 1999-03-02 09:44:33 10HmbH-000000005vi-0000 => :blackhole: R=server 1999-03-02 09:44:33 10HmbH-000000005vi-0000 Completed +1999-03-02 09:44:33 tls_in_ver TLS1.3 1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided 1999-03-02 09:44:33 our cert subject CN=server1.example.com 1999-03-02 09:44:33 peer cert subject @@ -141,3 +177,25 @@ 1999-03-02 09:44:33 10HmbJ-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbI-000000005vi-0000@myhost.test.ex for notreq@test.ex 1999-03-02 09:44:33 10HmbJ-000000005vi-0000 => :blackhole: R=server 1999-03-02 09:44:33 10HmbJ-000000005vi-0000 Completed +1999-03-02 09:44:33 tls_in_ver TLS1.3 +1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmbL-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] TFO* P=smtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbK-000000005vi-0000@myhost.test.ex for getticket@test.ex +1999-03-02 09:44:33 10HmbL-000000005vi-0000 => :blackhole: R=server +1999-03-02 09:44:33 10HmbL-000000005vi-0000 Completed +1999-03-02 09:44:33 tls_in_ver TLS1.3 +1999-03-02 09:44:33 tls_in_resumption session resumed, also new ticket +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmbN-000000005vi-0000 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] TFO* P=smtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbM-000000005vi-0000@myhost.test.ex for resume@test.ex +1999-03-02 09:44:33 10HmbN-000000005vi-0000 => :blackhole: R=server +1999-03-02 09:44:33 10HmbN-000000005vi-0000 Completed diff --git a/test/scripts/5890-Resume-GnuTLS/5890 b/test/scripts/5890-Resume-GnuTLS/5890 index d129da2db..3395218fa 100644 --- a/test/scripts/5890-Resume-GnuTLS/5890 +++ b/test/scripts/5890-Resume-GnuTLS/5890 @@ -6,12 +6,12 @@ gnutls # SSLKEYLOGFILE=/home/jgh/git/exim/test/foo sudo exim -DSERVER=server -bd -oX PORT_D # ### TLS1.2 -exim -DSERVER=server -DOPTION=NORMAL:!VERS-TLS1.3 -bd -oX PORT_D +exim -DSERVER=server -DOPTION=NORMAL:!VERS-TLS1.3 -bd -oX PORT_D:PORT_D2 **** exim -DVALUE=resume -odf getticket@test.ex Test message. Contains FF: ÿ **** -exim -DVALUE=resume -odf resume@test.ex abcd@test.ex xyz@test.ex +exim -DVALUE=resume -odf resume@test.ex hostnotresume@test.ex xyz@test.ex Test message to two different hosts, one does not support resume **** # allow time for ticket to hit renewal time @@ -36,18 +36,25 @@ Dest on this means the server cert will not verify (but try_verify will permit i exim -odf -DVALUE=resume noverify_resume@test.ex Dest on this means the server cert will not verify (but try_verify will permit it) **** +# Test TLS-on-connect +exim -DVALUE=resume -odf resume@test.ex +**** +exim -DVALUE=resume -DSELECTOR=smtps -odf getticket@test.ex +**** +exim -DVALUE=resume -DSELECTOR=smtps -odf resume@test.ex +**** killdaemon sleep 1 sudo rm -f DIR/spool/db/tls # # ### TLS1.3 -exim -DSERVER=server -DOPTION=NORMAL -bd -oX PORT_D +exim -DSERVER=server -DOPTION=NORMAL -bd -oX PORT_D:PORT_D2 **** exim -DVALUE=resume -odf getticket@test.ex Test message. Contains FF: ÿ **** -exim -DVALUE=resume -odf resume@test.ex abcd@test.ex xyz@test.ex +exim -DVALUE=resume -odf resume@test.ex hostnotresume@test.ex xyz@test.ex Test message to two different hosts, one does not support resume **** # allow time for ticket to hit renewal time @@ -78,6 +85,11 @@ exim -DVALUE=resume -DHELO_MSG=differenthost -odf resume@test.ex **** exim -DVALUE=resume -odf resume@test.ex **** +# Test TLS-on-connect +exim -DVALUE=resume -DSELECTOR=smtps -odf getticket@test.ex +**** +exim -DVALUE=resume -DSELECTOR=smtps -odf resume@test.ex +**** # killdaemon no_msglog_check diff --git a/test/scripts/5892-Resume-OpenSSL/5892 b/test/scripts/5892-Resume-OpenSSL/5892 index 77b93704b..92eed04d2 100644 --- a/test/scripts/5892-Resume-OpenSSL/5892 +++ b/test/scripts/5892-Resume-OpenSSL/5892 @@ -1,7 +1,7 @@ # TLSv1.2 session resumption # ### TLS1.2 -exim -DSERVER=server -DOPTION=+no_tlsv1_3 -bd -oX PORT_D +exim -DSERVER=server -DOPTION=+no_tlsv1_3 -bd -oX PORT_D:PORT_D2 **** exim -DVALUE=resume -odf getticket@test.ex Test message. @@ -46,6 +46,12 @@ exim -DVALUE=resume -DHELO_MSG=differenthost -odf resume@test.ex exim -DVALUE=resume -odf resume@test.ex **** # +# Test TLS-on-connect +exim -DVALUE=resume -DSELECTOR=smtps -odf getticket@test.ex +**** +exim -DVALUE=resume -DSELECTOR=smtps -odf resume@test.ex +**** +# # Check the -k (key only) option on dumpdb perl system 'DIR/eximdir/exim_dumpdb -k DIR/spool tls'; diff --git a/test/scripts/5894-Resume-OpenSSL-TLS1.3/5894 b/test/scripts/5894-Resume-OpenSSL-TLS1.3/5894 index 722bc9b08..b85351bd5 100644 --- a/test/scripts/5894-Resume-OpenSSL-TLS1.3/5894 +++ b/test/scripts/5894-Resume-OpenSSL-TLS1.3/5894 @@ -1,12 +1,12 @@ # TLSv1.3 session resumption # ### TLS1.3 -exim -DSERVER=server -bd -oX PORT_D +exim -DSERVER=server -DOPTION=+no_tlsv1_3 -bd -oX PORT_D:PORT_D2 **** exim -DVALUE=resume -odf getticket@test.ex Test message. Contains FF: ÿ **** -exim -DVALUE=resume -odf resume@test.ex abcd@test.ex xyz@test.ex +exim -DVALUE=resume -odf resume@test.ex hostnotresume@test.ex xyz@test.ex Test message to two different hosts, one does not support resume **** # allow time for ticket to hit renewal time @@ -24,5 +24,12 @@ Test message. exim -odf notreq@test.ex Test message, not requesting resumption. **** +# +# Test TLS-on-connect +exim -DVALUE=resume -DSELECTOR=smtps -odf getticket@test.ex +**** +exim -DVALUE=resume -DSELECTOR=smtps -odf resume@test.ex +**** +# killdaemon no_msglog_check diff --git a/test/stdout/5892 b/test/stdout/5892 index 23a7bcf3e..077a3dd0e 100644 --- a/test/stdout/5892 +++ b/test/stdout/5892 @@ -1,5 +1,6 @@ ### TLS1.2 4686560d7a1d9becb8fd0c62406eaaf169b2ea1b889244342653024281bca106 + 8ff2965550bd60d7e4496ad508a8cff91ac5de6fbec4806e8c9c3d6959300e3e b90422e57483069e0b7dbcebbdf1be3504bae64df49ea1f699cc773acc8a76d5 ******** SERVER ********