git://git.exim.org
/
users
/
heiko
/
exim.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Testsuite: avoid cipher vs. cert validity problem
[users/heiko/exim.git]
/
test
/
confs
/
5821
diff --git
a/test/confs/5821
b/test/confs/5821
index 97d0cb8fa44e7665e3f8ebed1a6138c7b8aca085..28999d5c7b7eb27a0d343ec49024f80abd0394d1 100644
(file)
--- a/
test/confs/5821
+++ b/
test/confs/5821
@@
-10,7
+10,7
@@
primary_hostname = myhost.test.ex
# ----- Main settings -----
# ----- Main settings -----
-acl_smtp_rcpt = accept logwrite = "rcpt ACL"
+acl_smtp_rcpt = accept logwrite = "rcpt ACL
: tls_in_bits $tls_in_bits
"
log_selector = +received_recipients +tls_peerdn +tls_certificate_verified
log_selector = +received_recipients +tls_peerdn +tls_certificate_verified
@@
-19,11
+19,11
@@
tls_advertise_hosts = *
# Set certificate only if server
CDIR2 = DIR/aux-fixed/exim-ca/example.com/server1.example.com
# Set certificate only if server
CDIR2 = DIR/aux-fixed/exim-ca/example.com/server1.example.com
-tls_certificate =
${if eq {SERVER}{server} {CDIR2/fullchain.pem}fail}
-tls_privatekey =
${if eq {SERVER}{server} {CDIR2/server1.example.com.unlocked.key}fail}
+tls_certificate =
CDIR2/fullchain.pem
+tls_privatekey =
CDIR2/server1.example.com.unlocked.key
# Permit two specific ciphers
# Permit two specific ciphers
-tls_require_ciphers = NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+RSA:-CIPHER-ALL:+AES-128-CBC:+
CAMELLIA
-256-GCM
+tls_require_ciphers = NORMAL:-VERS-ALL:+VERS-TLS1.2:-KX-ALL:+RSA:-CIPHER-ALL:+AES-128-CBC:+
AES
-256-GCM
# ----- Routers -----
begin routers
# ----- Routers -----
begin routers
@@
-48,6
+48,7
@@
send_to_server:
driver = smtp
allow_localhost
port = PORT_D
driver = smtp
allow_localhost
port = PORT_D
+ hosts_try_fastopen = :
hosts_try_dane = *
tls_verify_certificates = CDIR2/ca_chain.pem
hosts_try_dane = *
tls_verify_certificates = CDIR2/ca_chain.pem