Fix cert-try-verify when denied by event action
[users/heiko/exim.git] / test / confs / 5750
index bcb03ac5daae4c52e495afef7c84f863fe5f3f4e..3898530b435893d77493de4cffd209d1a6f54606 100644 (file)
@@ -29,12 +29,21 @@ tls_privatekey = DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.e
 tls_verify_hosts = *
 tls_verify_certificates = DIR/aux-fixed/exim-ca/example.com/server2.example.com/ca_chain.pem
 
+event_action = ${acl {server_cert_log}}
+
 #
 
 begin acl
 
+server_cert_log:
+  accept condition = ${if eq {tls:cert}{$event_name}}
+        logwrite =  [$sender_host_address] \
+                       depth=$event_data \
+                       ${certextract{subject}{$tls_in_peercert}}
+  accept
+
 ev_tls:
-  accept logwrite =  $tpda_event depth=$tpda_data \
+  accept logwrite =  $event_name depth=$event_data \
                        <${certextract {subject} {$tls_out_peercert}}>
 #       message = noooo
 
@@ -58,9 +67,9 @@ ev_msg:
         logwrite =       ${certextract {crl_uri}       {$tls_out_peercert} {CRU <$value>}{(no CRU)}}
 
 logger:
-  accept condition = ${if eq {msg} {${listextract{1}{$tpda_event}}}}
-        acl = ev_msg $tpda_event $acl_arg2
-  accept condition = ${if eq {tls} {${listextract{1}{$tpda_event}}}}
+  accept condition = ${if eq {msg} {${listextract{1}{$event_name}}}}
+        acl = ev_msg $event_name $acl_arg2
+  accept condition = ${if eq {tls} {${listextract{1}{$event_name}}}}
         message =   ${acl {ev_tls}}
   accept
 
@@ -93,7 +102,7 @@ send_to_server:
 {example.com/server1.example.com/ca_chain.pem}\
 {example.net/server1.example.net/ca_chain.pem}}
 
-  tpda_event_action =   ${acl {logger} {$tpda_event} {$domain} }
+  event_action =   ${acl {logger} {$event_name} {$domain} }
 
 # ----- Retry -----