TLS: use RFC 6125 rules for certifucate name checks when CNAMES are present....
[users/heiko/exim.git] / test / log / 2102
index 24a94612756cb575f60dea0771ee3a41b6e03804..d66cc0029478c2b2c35f2a5461f84e0d2976825f 100644 (file)
 1999-03-02 09:44:33 End queue run: pid=pppp -qf
 
 ******** SERVER ********
-1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225
+1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D
 1999-03-02 09:44:33 Our cert SN: <CN=server1.example_ec.com>
 1999-03-02 09:44:33 Peer did not present a cert
-1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@test.ex H=[127.0.0.1] P=smtps X=TLSv1:ke-RSA-AES256-SHA:xxx CV=no S=sss
+1999-03-02 09:44:33 10HmaX-0005vi-00 <= a@test.ex H=[127.0.0.1] P=smtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss
 1999-03-02 09:44:33 Our cert SN: <CN=server1.example_ec.com>
 1999-03-02 09:44:33 Peer did not present a cert
-1999-03-02 09:44:33 10HmaY-0005vi-00 <= "name with spaces"@test.ex H=[127.0.0.1] P=smtps X=TLSv1:ke-RSA-AES256-SHA:xxx CV=no S=sss
+1999-03-02 09:44:33 10HmaY-0005vi-00 <= "name with spaces"@test.ex H=[127.0.0.1] P=smtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss
 1999-03-02 09:44:33 TLS error on connection from (rhu.barb) [ip4.ip4.ip4.ip4] (SSL_accept): error: <<detail omitted>>
 1999-03-02 09:44:33 Our cert SN: <CN=server1.example_ec.com>
 1999-03-02 09:44:33 Peer cert:
 1999-03-02 09:44:33 SN  <CN=server2.example.com>
 1999-03-02 09:44:33 IN  <CN=clica Signing Cert rsa,O=example.com>
 1999-03-02 09:44:33 IN/O <example.com>
-1999-03-02 09:44:33 NB/r <Nov  1 12:47:30 2012 GMT>
-1999-03-02 09:44:33 NB   <Nov  1 12:47:30 2012 +0000>
-1999-03-02 09:44:33 NB/i <1351774050>
-1999-03-02 09:44:33 NA/i <2143284450>
-1999-03-02 09:44:33 NA   <Dec  1 12:47:30 2037 +0000>
+1999-03-02 09:44:33 NB/r <Nov  1 12:40:04 2012 GMT>
+1999-03-02 09:44:33 NB   <Nov  1 12:40:04 2012 +0000>
+1999-03-02 09:44:33 NB/i <1351773604>
+1999-03-02 09:44:33 NA/i <2143284004>
+1999-03-02 09:44:33 NA   <Dec  1 12:40:04 2037 +0000>
 1999-03-02 09:44:33 SA  <sha256WithRSAEncryption>
-1999-03-02 09:44:33 SG  <         0c:05:e2:24:42:2f:70:2c:8e:f1:cd:49:b8:f3:58:a8:8f:e6:\n         3b:dc:39:5f:c2:84:a4:b0:08:22:c7:be:d3:3f:1b:52:f4:0a:\n         c9:23:4d:fb:49:d3:c8:f1:48:24:d0:8f:0b:83:df:d1:48:7a:\n         3b:40:cf:3f:6b:09:01:75:05:cc:fd:9b:1b:7a:d1:be:d1:5a:\n         69:0a:fc:a0:2e:02:a8:13:9b:7a:41:45:e1:50:3e:4c:72:a6:\n         f1:a9:70:b9:2a:9b:07:63:9d:4b:4b:3d:8f:45:7e:70:67:13:\n         da:69:e1:88:8e:b1:fe:5c:f6:e0:14:35:66:a7:ad:f6:04:12:\n         d6:c6\n>
-1999-03-02 09:44:33 SAN <DNS=server2.example.com>
+1999-03-02 09:44:33 SG  <         b1:ce:91:99:2f:1c:ba:4d:9b:44:12:a1:fd:3d:be:69:9d:34:\n         51:3a:ff:ed:13:08:8a:0f:13:17:aa:a9:23:ac:cb:83:6c:17:\n         e1:da:e3:a5:ad:b6:32:51:49:5b:5b:85:1c:45:f2:3c:44:53:\n         b6:ed:3e:21:60:41:46:8e:70:96:53:c1:03:c3:86:64:12:38:\n         f3:4e:f0:64:b8:ea:82:79:ed:a4:3b:53:b3:be:5f:73:35:b1:\n         54:b9:3d:ad:88:cc:4e:af:ac:94:a1:df:8f:7f:08:d6:d3:03:\n         c5:8f:41:d5:8b:97:15:49:84:95:c0:71:93:6d:68:4b:ba:94:\n         2b:19:b8:34:8c:4e:90:2c:5b:92:38:fa:c9:f2:ae:6d:f2:bc:\n         fe:6d:d1:e0:f6:f0:ae:4b:80:22:9e:3d:7f:7a:d9:da:e4:00:\n         e3:fa:5c:64:39:d5:59:db:31:0e:db:d5:34:9d:41:e7:6d:60:\n         a2:29:47:75:4a:52:f1:b9:2b:2f:fe:d1:cf:91:9b:07:e2:d9:\n         a4:3c:a1:75:f0:7a:4c:c9:c9:2e:63:be:8b:dd:55:5b:1d:84:\n         ee:bc:22:df:91:cf:fc:ee:ae:c3:79:3e:7f:86:8f:56:2e:40:\n         d5:2c:da:70:eb:18:73:7e:54:82:05:a6:05:94:8c:b6:4e:e1:\n         b7:09:72:d6\n>
+1999-03-02 09:44:33 SAN <DNS=*.test.ex\nDNS=server2.example.com>
 1999-03-02 09:44:33 OCU <http://oscp.example.com/>
-1999-03-02 09:44:33 CRU <http://crl.example.com/latest.crl>
-1999-03-02 09:44:33 md5    fingerprint 4A6FE0FA3A8A98446BEB8E70BF201CE1
-1999-03-02 09:44:33 sha1   fingerprint DE760672322BFBA5959763A4A8DED6040D3AB95D
-1999-03-02 09:44:33 sha256 fingerprint D389DA8ED2B8B003460A0474FCF76DE4B9EDA1B59F4120B296FE58579992A254
-1999-03-02 09:44:33 der_b64 MIICjDCCAfWgAwIBAgICAMkwDQYJKoZIhvcNAQELBQAwNzEUMBIGA1UEChMLZXhhbXBsZS5jb20xHzAdBgNVBAMTFmNsaWNhIFNpZ25pbmcgQ2VydCByc2EwHhcNMTIxMTAxMTI0NzMwWhcNMzcxMjAxMTI0NzMwWjAeMRwwGgYDVQQDExNzZXJ2ZXIyLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC6IkhtSyUHJbEr7AZDWJw80qajVnnWlw9JBFQzU+Q8HXTOanOTqcyQL569l1SArnpusY/cMOVFiqKRAK9mNtxWV7e4HzITtBMQEWLfOdAhCjYL669zI6RhiNosj4MpdZAGTH5As1d9wDjXEkzHEikC2HUNywaNqJBxNVX9y4UBoQIDAQABo4G/MIG8MA4GA1UdDwEB/wQEAwIE8DAgBgNVHSUBAf8EFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwMgYDVR0fBCswKTAnoCWgI4YhaHR0cDovL2NybC5leGFtcGxlLmNvbS9sYXRlc3QuY3JsMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0cDovL29zY3AuZXhhbXBsZS5jb20vMB4GA1UdEQQXMBWCE3NlcnZlcjIuZXhhbXBsZS5jb20wDQYJKoZIhvcNAQELBQADgYEADAXiJEIvcCyO8c1JuPNYqI/mO9w5X8KEpLAIIse+0z8bUvQKySNN+0nTyPFIJNCPC4Pf0Uh6O0DPP2sJAXUFzP2bG3rRvtFaaQr8oC4CqBObekFF4VA+THKm8alwuSqbB2OdS0s9j0V+cGcT2mnhiI6x/lz24BQ1Zqet9gQS1sY=
-1999-03-02 09:44:33 10HmaZ-0005vi-00 <= CALLER@test.ex H=[ip4.ip4.ip4.ip4] P=smtps X=TLSv1:ke-RSA-AES256-SHA:xxx CV=yes DN="/CN=server2.example.com" S=sss
-1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225
+1999-03-02 09:44:33 (no CRU)
+1999-03-02 09:44:33 md5    fingerprint 861F6627E5FD9C624B4B27ECA6FA6B06
+1999-03-02 09:44:33 sha1   fingerprint E75D537E478758010505D4F339B00DFD73728088
+1999-03-02 09:44:33 sha256 fingerprint E251FA7D0372CB784294CF92B243DCE53FDDABD9F58A1B89226586C07C82CAC6
+1999-03-02 09:44:33 der_b64 MIIDuDCCAqCgAwIBAgICAMkwDQYJKoZIhvcNAQELBQAwNzEUMBIGA1UEChMLZXhhbXBsZS5jb20xHzAdBgNVBAMTFmNsaWNhIFNpZ25pbmcgQ2VydCByc2EwHhcNMTIxMTAxMTI0MDA0WhcNMzcxMjAxMTI0MDA0WjAeMRwwGgYDVQQDExNzZXJ2ZXIyLmV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA52Rfiv2Igy0NiaKN5gc0VPLbEoHngkdJWv3wEORp+iFl6skQRbsCylT8djJ2pvHstFpnzSodF3Wwjj2/EDuj3iKBzN9HeXJOvJz8j9Si1xkgCxJeUjPGgYcvKdxybaZAOpi9l3xwPCCEXN4JBq/WaQQ9+eP1PczeMNfvFtXma+VcHXG743ttPOv7eSMr0JxQl3zjQvYGOhFP/KAw6jh/N6YPqii9kV0cC/ubeVzpqJ5/+hndx5YrmAu39N5qzwWujhDPkFNSgCJUhfkEiMaQiPxFxDTbUzWnQ5jpAQ5El4WJVkGWkqxose1bOjSSNzFPJt59YtxxJC3IWN3UtGODTwIDAQABo4HmMIHjMA4GA1UdDwEB/wQEAwIE8DAgBgNVHSUBAf8EFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwTgYDVR0jBEcwRYANQUFidHdDeGNYZ2IwUaExpC8wLTEUMBIGA1UEChMLZXhhbXBsZS5jb20xFTATBgNVBAMTDGNsaWNhIENBIHJzYYIBQjA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vc2NwLmV4YW1wbGUuY29tLzApBgNVHREEIjAgghNzZXJ2ZXIyLmV4YW1wbGUuY29tggkqLnRlc3QuZXgwDQYJKoZIhvcNAQELBQADggEBALHOkZkvHLpNm0QSof09vmmdNFE6/+0TCIoPExeqqSOsy4NsF+Ha46WttjJRSVtbhRxF8jxEU7btPiFgQUaOcJZTwQPDhmQSOPNO8GS46oJ57aQ7U7O+X3M1sVS5Pa2IzE6vrJSh349/CNbTA8WPQdWLlxVJhJXAcZNtaEu6lCsZuDSMTpAsW5I4+snyrm3yvP5t0eD28K5LgCKePX962drkAOP6XGQ51VnbMQ7b1TSdQedtYKIpR3VKUvG5Ky/+0c+Rmwfi2aQ8oXXwekzJyS5jvovdVVsdhO68It+Rz/zursN5Pn+Gj1YuQNUs2nDrGHN+VIIFpgWUjLZO4bcJctY=
+1999-03-02 09:44:33 cipher: TLS1.x:ke-RSA-AES256-SHAnnn:xxx
+1999-03-02 09:44:33 cipher_ TLS1.x:ke_RSA_WITH_ci_mac
+1999-03-02 09:44:33 ver:    TLS1.x
+1999-03-02 09:44:33 10HmaZ-0005vi-00 <= b@test.ex H=[ip4.ip4.ip4.ip4] P=smtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server2.example.com" S=sss
+1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D
 1999-03-02 09:44:33 Our cert SN: <CN=server1.example_ec.com>
 1999-03-02 09:44:33 Peer did not present a cert
-1999-03-02 09:44:33 10HmbA-0005vi-00 <= CALLER@test.ex H=[127.0.0.1] P=smtps X=TLSv1:ke-ECDSA-AES256-SHA:xxx CV=no S=sss
+1999-03-02 09:44:33 10HmbA-0005vi-00 <= c@test.ex H=[127.0.0.1] P=smtps X=TLS1.x:ke-ECDSA-AES256-SHAnnn:xxx CV=no S=sss