TLS: use RFC 6125 rules for certifucate name checks when CNAMES are present....
[users/heiko/exim.git] / test / log / 2102
index e5bf8f6fef639fa0c953e4e25ca831817d997dc6..d66cc0029478c2b2c35f2a5461f84e0d2976825f 100644 (file)
@@ -1,26 +1,3 @@
-1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225
-1999-03-02 09:44:33 Our cert SN: <CN=server1.example.com>
-1999-03-02 09:44:33 Peer did not present a cert
-1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@test.ex H=[127.0.0.1] P=smtps X=TLSv1:AES256-SHA:256 S=sss
-1999-03-02 09:44:33 Our cert SN: <CN=server1.example.com>
-1999-03-02 09:44:33 Peer did not present a cert
-1999-03-02 09:44:33 10HmaY-0005vi-00 <= "name with spaces"@test.ex H=[127.0.0.1] P=smtps X=TLSv1:AES256-SHA:256 S=sss
-1999-03-02 09:44:33 TLS error on connection from (rhu.barb) [ip4.ip4.ip4.ip4] (SSL_accept): error: <<detail omitted>>
-1999-03-02 09:44:33 TLS client disconnected cleanly (rejected our certificate?)
-1999-03-02 09:44:33 Our cert SN: <CN=server1.example.com>
-1999-03-02 09:44:33 Peer cert:
-1999-03-02 09:44:33 ver 2
-1999-03-02 09:44:33 SR  <c9>
-1999-03-02 09:44:33 SN  <CN=server2.example.com>
-1999-03-02 09:44:33 IN  <CN=clica Signing Cert,O=example.com>
-1999-03-02 09:44:33 NB  <Nov  1 12:34:06 2012 GMT>
-1999-03-02 09:44:33 NA  <Jan  1 12:34:06 2038 GMT>
-1999-03-02 09:44:33 SA  <undefined>
-1999-03-02 09:44:33 SG  <    Signature Algorithm: sha1WithRSAEncryption\n         6c:37:41:26:4d:5d:f4:b5:31:10:67:ca:fb:64:b6:22:98:62:\n         f7:1e:95:7b:6c:e6:74:47:21:f4:5e:89:36:3e:b9:9c:8a:c5:\n         52:bb:c4:af:12:93:26:3b:d7:3d:e0:56:71:1e:1d:21:20:02:\n         ed:f0:4e:d5:5e:45:42:fd:3c:38:41:54:83:86:0b:3b:bf:c5:\n         47:39:ff:15:ea:93:dc:fd:c7:3d:18:58:59:ca:dd:2a:d8:b9:\n         f9:2f:b9:76:93:f4:ae:e3:91:56:80:2f:8c:04:2f:ad:57:ef:\n         d2:51:19:f4:b4:ef:32:9c:ac:3a:7c:0d:b8:39:db:b1:e3:30:\n         73:1a\n>
-1999-03-02 09:44:33 SAN <DNS=server2.example.com>
-1999-03-02 09:44:33 OCU <http://oscp/example.com/>
-1999-03-02 09:44:33 CRU <http://crl.example.com/latest.crl>
-1999-03-02 09:44:33 10HmaZ-0005vi-00 <= CALLER@test.ex H=[ip4.ip4.ip4.ip4] P=smtps X=TLSv1:AES256-SHA:256 DN="/CN=server2.example.com" S=sss
 1999-03-02 09:44:33 Start queue run: pid=pppp -qf
 1999-03-02 09:44:33 10HmaX-0005vi-00 => CALLER <CALLER@test.ex> R=abc T=local_delivery
 1999-03-02 09:44:33 10HmaX-0005vi-00 Completed
@@ -28,4 +5,45 @@
 1999-03-02 09:44:33 10HmaY-0005vi-00 Completed
 1999-03-02 09:44:33 10HmaZ-0005vi-00 => CALLER <CALLER@test.ex> R=abc T=local_delivery
 1999-03-02 09:44:33 10HmaZ-0005vi-00 Completed
+1999-03-02 09:44:33 10HmbA-0005vi-00 => CALLER <CALLER@test.ex> R=abc T=local_delivery
+1999-03-02 09:44:33 10HmbA-0005vi-00 Completed
 1999-03-02 09:44:33 End queue run: pid=pppp -qf
+
+******** SERVER ********
+1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D
+1999-03-02 09:44:33 Our cert SN: <CN=server1.example_ec.com>
+1999-03-02 09:44:33 Peer did not present a cert
+1999-03-02 09:44:33 10HmaX-0005vi-00 <= a@test.ex H=[127.0.0.1] P=smtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss
+1999-03-02 09:44:33 Our cert SN: <CN=server1.example_ec.com>
+1999-03-02 09:44:33 Peer did not present a cert
+1999-03-02 09:44:33 10HmaY-0005vi-00 <= "name with spaces"@test.ex H=[127.0.0.1] P=smtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss
+1999-03-02 09:44:33 TLS error on connection from (rhu.barb) [ip4.ip4.ip4.ip4] (SSL_accept): error: <<detail omitted>>
+1999-03-02 09:44:33 Our cert SN: <CN=server1.example_ec.com>
+1999-03-02 09:44:33 Peer cert:
+1999-03-02 09:44:33 ver 2
+1999-03-02 09:44:33 SR  <c9>
+1999-03-02 09:44:33 SN  <CN=server2.example.com>
+1999-03-02 09:44:33 IN  <CN=clica Signing Cert rsa,O=example.com>
+1999-03-02 09:44:33 IN/O <example.com>
+1999-03-02 09:44:33 NB/r <Nov  1 12:40:04 2012 GMT>
+1999-03-02 09:44:33 NB   <Nov  1 12:40:04 2012 +0000>
+1999-03-02 09:44:33 NB/i <1351773604>
+1999-03-02 09:44:33 NA/i <2143284004>
+1999-03-02 09:44:33 NA   <Dec  1 12:40:04 2037 +0000>
+1999-03-02 09:44:33 SA  <sha256WithRSAEncryption>
+1999-03-02 09:44:33 SG  <         b1:ce:91:99:2f:1c:ba:4d:9b:44:12:a1:fd:3d:be:69:9d:34:\n         51:3a:ff:ed:13:08:8a:0f:13:17:aa:a9:23:ac:cb:83:6c:17:\n         e1:da:e3:a5:ad:b6:32:51:49:5b:5b:85:1c:45:f2:3c:44:53:\n         b6:ed:3e:21:60:41:46:8e:70:96:53:c1:03:c3:86:64:12:38:\n         f3:4e:f0:64:b8:ea:82:79:ed:a4:3b:53:b3:be:5f:73:35:b1:\n         54:b9:3d:ad:88:cc:4e:af:ac:94:a1:df:8f:7f:08:d6:d3:03:\n         c5:8f:41:d5:8b:97:15:49:84:95:c0:71:93:6d:68:4b:ba:94:\n         2b:19:b8:34:8c:4e:90:2c:5b:92:38:fa:c9:f2:ae:6d:f2:bc:\n         fe:6d:d1:e0:f6:f0:ae:4b:80:22:9e:3d:7f:7a:d9:da:e4:00:\n         e3:fa:5c:64:39:d5:59:db:31:0e:db:d5:34:9d:41:e7:6d:60:\n         a2:29:47:75:4a:52:f1:b9:2b:2f:fe:d1:cf:91:9b:07:e2:d9:\n         a4:3c:a1:75:f0:7a:4c:c9:c9:2e:63:be:8b:dd:55:5b:1d:84:\n         ee:bc:22:df:91:cf:fc:ee:ae:c3:79:3e:7f:86:8f:56:2e:40:\n         d5:2c:da:70:eb:18:73:7e:54:82:05:a6:05:94:8c:b6:4e:e1:\n         b7:09:72:d6\n>
+1999-03-02 09:44:33 SAN <DNS=*.test.ex\nDNS=server2.example.com>
+1999-03-02 09:44:33 OCU <http://oscp.example.com/>
+1999-03-02 09:44:33 (no CRU)
+1999-03-02 09:44:33 md5    fingerprint 861F6627E5FD9C624B4B27ECA6FA6B06
+1999-03-02 09:44:33 sha1   fingerprint E75D537E478758010505D4F339B00DFD73728088
+1999-03-02 09:44:33 sha256 fingerprint E251FA7D0372CB784294CF92B243DCE53FDDABD9F58A1B89226586C07C82CAC6
+1999-03-02 09:44:33 der_b64 MIIDuDCCAqCgAwIBAgICAMkwDQYJKoZIhvcNAQELBQAwNzEUMBIGA1UEChMLZXhhbXBsZS5jb20xHzAdBgNVBAMTFmNsaWNhIFNpZ25pbmcgQ2VydCByc2EwHhcNMTIxMTAxMTI0MDA0WhcNMzcxMjAxMTI0MDA0WjAeMRwwGgYDVQQDExNzZXJ2ZXIyLmV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA52Rfiv2Igy0NiaKN5gc0VPLbEoHngkdJWv3wEORp+iFl6skQRbsCylT8djJ2pvHstFpnzSodF3Wwjj2/EDuj3iKBzN9HeXJOvJz8j9Si1xkgCxJeUjPGgYcvKdxybaZAOpi9l3xwPCCEXN4JBq/WaQQ9+eP1PczeMNfvFtXma+VcHXG743ttPOv7eSMr0JxQl3zjQvYGOhFP/KAw6jh/N6YPqii9kV0cC/ubeVzpqJ5/+hndx5YrmAu39N5qzwWujhDPkFNSgCJUhfkEiMaQiPxFxDTbUzWnQ5jpAQ5El4WJVkGWkqxose1bOjSSNzFPJt59YtxxJC3IWN3UtGODTwIDAQABo4HmMIHjMA4GA1UdDwEB/wQEAwIE8DAgBgNVHSUBAf8EFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwTgYDVR0jBEcwRYANQUFidHdDeGNYZ2IwUaExpC8wLTEUMBIGA1UEChMLZXhhbXBsZS5jb20xFTATBgNVBAMTDGNsaWNhIENBIHJzYYIBQjA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vc2NwLmV4YW1wbGUuY29tLzApBgNVHREEIjAgghNzZXJ2ZXIyLmV4YW1wbGUuY29tggkqLnRlc3QuZXgwDQYJKoZIhvcNAQELBQADggEBALHOkZkvHLpNm0QSof09vmmdNFE6/+0TCIoPExeqqSOsy4NsF+Ha46WttjJRSVtbhRxF8jxEU7btPiFgQUaOcJZTwQPDhmQSOPNO8GS46oJ57aQ7U7O+X3M1sVS5Pa2IzE6vrJSh349/CNbTA8WPQdWLlxVJhJXAcZNtaEu6lCsZuDSMTpAsW5I4+snyrm3yvP5t0eD28K5LgCKePX962drkAOP6XGQ51VnbMQ7b1TSdQedtYKIpR3VKUvG5Ky/+0c+Rmwfi2aQ8oXXwekzJyS5jvovdVVsdhO68It+Rz/zursN5Pn+Gj1YuQNUs2nDrGHN+VIIFpgWUjLZO4bcJctY=
+1999-03-02 09:44:33 cipher: TLS1.x:ke-RSA-AES256-SHAnnn:xxx
+1999-03-02 09:44:33 cipher_ TLS1.x:ke_RSA_WITH_ci_mac
+1999-03-02 09:44:33 ver:    TLS1.x
+1999-03-02 09:44:33 10HmaZ-0005vi-00 <= b@test.ex H=[ip4.ip4.ip4.ip4] P=smtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server2.example.com" S=sss
+1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D
+1999-03-02 09:44:33 Our cert SN: <CN=server1.example_ec.com>
+1999-03-02 09:44:33 Peer did not present a cert
+1999-03-02 09:44:33 10HmbA-0005vi-00 <= c@test.ex H=[127.0.0.1] P=smtps X=TLS1.x:ke-ECDSA-AES256-SHAnnn:xxx CV=no S=sss