TLS: use RFC 6125 rules for certifucate name checks when CNAMES are present....
[users/heiko/exim.git] / test / log / 2102
index 48e58605392781c92cf0d2724f984e582f3b82a0..d66cc0029478c2b2c35f2a5461f84e0d2976825f 100644 (file)
@@ -1,37 +1,49 @@
-1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225
-1999-03-02 09:44:33 Our cert SN: <CN=server1.example.com>
+1999-03-02 09:44:33 Start queue run: pid=pppp -qf
+1999-03-02 09:44:33 10HmaX-0005vi-00 => CALLER <CALLER@test.ex> R=abc T=local_delivery
+1999-03-02 09:44:33 10HmaX-0005vi-00 Completed
+1999-03-02 09:44:33 10HmaY-0005vi-00 => CALLER <CALLER@test.ex> R=abc T=local_delivery
+1999-03-02 09:44:33 10HmaY-0005vi-00 Completed
+1999-03-02 09:44:33 10HmaZ-0005vi-00 => CALLER <CALLER@test.ex> R=abc T=local_delivery
+1999-03-02 09:44:33 10HmaZ-0005vi-00 Completed
+1999-03-02 09:44:33 10HmbA-0005vi-00 => CALLER <CALLER@test.ex> R=abc T=local_delivery
+1999-03-02 09:44:33 10HmbA-0005vi-00 Completed
+1999-03-02 09:44:33 End queue run: pid=pppp -qf
+
+******** SERVER ********
+1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D
+1999-03-02 09:44:33 Our cert SN: <CN=server1.example_ec.com>
 1999-03-02 09:44:33 Peer did not present a cert
-1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@test.ex H=[127.0.0.1] P=smtps X=TLSv1:AES256-SHA:256 CV=no S=sss
-1999-03-02 09:44:33 Our cert SN: <CN=server1.example.com>
+1999-03-02 09:44:33 10HmaX-0005vi-00 <= a@test.ex H=[127.0.0.1] P=smtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss
+1999-03-02 09:44:33 Our cert SN: <CN=server1.example_ec.com>
 1999-03-02 09:44:33 Peer did not present a cert
-1999-03-02 09:44:33 10HmaY-0005vi-00 <= "name with spaces"@test.ex H=[127.0.0.1] P=smtps X=TLSv1:AES256-SHA:256 CV=no S=sss
+1999-03-02 09:44:33 10HmaY-0005vi-00 <= "name with spaces"@test.ex H=[127.0.0.1] P=smtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss
 1999-03-02 09:44:33 TLS error on connection from (rhu.barb) [ip4.ip4.ip4.ip4] (SSL_accept): error: <<detail omitted>>
-1999-03-02 09:44:33 TLS client disconnected cleanly (rejected our certificate?)
-1999-03-02 09:44:33 Our cert SN: <CN=server1.example.com>
+1999-03-02 09:44:33 Our cert SN: <CN=server1.example_ec.com>
 1999-03-02 09:44:33 Peer cert:
 1999-03-02 09:44:33 ver 2
 1999-03-02 09:44:33 SR  <c9>
 1999-03-02 09:44:33 SN  <CN=server2.example.com>
-1999-03-02 09:44:33 IN  <CN=clica Signing Cert,O=example.com>
+1999-03-02 09:44:33 IN  <CN=clica Signing Cert rsa,O=example.com>
 1999-03-02 09:44:33 IN/O <example.com>
-1999-03-02 09:44:33 NB/r <Nov  1 12:34:38 2012 GMT>
-1999-03-02 09:44:33 NB   <Nov  1 12:34:38 2012 +0000>
-1999-03-02 09:44:33 NB/i <1351773278>
-1999-03-02 09:44:33 NA  <Jan  1 12:34:38 2038 +0000>
+1999-03-02 09:44:33 NB/r <Nov  1 12:40:04 2012 GMT>
+1999-03-02 09:44:33 NB   <Nov  1 12:40:04 2012 +0000>
+1999-03-02 09:44:33 NB/i <1351773604>
+1999-03-02 09:44:33 NA/i <2143284004>
+1999-03-02 09:44:33 NA   <Dec  1 12:40:04 2037 +0000>
 1999-03-02 09:44:33 SA  <sha256WithRSAEncryption>
-1999-03-02 09:44:33 SG  <         99:09:ea:53:5b:f2:51:45:99:71:c4:42:1c:41:59:50:2e:97:\n         5c:c6:e2:67:62:f3:5b:67:0c:e7:ec:eb:34:2b:ba:20:d5:2e:\n         e3:97:83:c3:9d:c6:a8:e8:03:e4:e9:fe:16:01:f1:63:6f:86:\n         59:73:53:72:b5:21:cf:2e:ea:1d:59:3a:18:d5:b5:33:20:13:\n         0a:c2:4f:49:a1:fd:b2:c3:69:ab:ff:71:25:cb:34:43:95:59:\n         97:ae:2f:ba:6f:45:f9:5a:67:cc:79:62:3b:9e:97:9b:e8:f9:\n         7a:9f:5f:2d:4d:82:a4:18:67:05:c2:c1:6c:0b:e0:9e:b8:b3:\n         b3:37\n>
-1999-03-02 09:44:33 SAN <DNS=server2.example.com>
-1999-03-02 09:44:33 OCU <http://oscp/example.com/>
-1999-03-02 09:44:33 CRU <http://crl.example.com/latest.crl>
-1999-03-02 09:44:33 md5    fingerprint 33728C89BBE99028425D137F7508F74A
-1999-03-02 09:44:33 sha1   fingerprint 1A420D865B90068FB822E71567A456A3578D26AA
-1999-03-02 09:44:33 sha256 fingerprint 7E194665AE12FD9AF8E604427D512E846E75EC96032BF78BAD707426F01CFF17
-1999-03-02 09:44:33 10HmaZ-0005vi-00 <= CALLER@test.ex H=[ip4.ip4.ip4.ip4] P=smtps X=TLSv1:AES256-SHA:256 CV=yes DN="/CN=server2.example.com" S=sss
-1999-03-02 09:44:33 Start queue run: pid=pppp -qf
-1999-03-02 09:44:33 10HmaX-0005vi-00 => CALLER <CALLER@test.ex> R=abc T=local_delivery
-1999-03-02 09:44:33 10HmaX-0005vi-00 Completed
-1999-03-02 09:44:33 10HmaY-0005vi-00 => CALLER <CALLER@test.ex> R=abc T=local_delivery
-1999-03-02 09:44:33 10HmaY-0005vi-00 Completed
-1999-03-02 09:44:33 10HmaZ-0005vi-00 => CALLER <CALLER@test.ex> R=abc T=local_delivery
-1999-03-02 09:44:33 10HmaZ-0005vi-00 Completed
-1999-03-02 09:44:33 End queue run: pid=pppp -qf
+1999-03-02 09:44:33 SG  <         b1:ce:91:99:2f:1c:ba:4d:9b:44:12:a1:fd:3d:be:69:9d:34:\n         51:3a:ff:ed:13:08:8a:0f:13:17:aa:a9:23:ac:cb:83:6c:17:\n         e1:da:e3:a5:ad:b6:32:51:49:5b:5b:85:1c:45:f2:3c:44:53:\n         b6:ed:3e:21:60:41:46:8e:70:96:53:c1:03:c3:86:64:12:38:\n         f3:4e:f0:64:b8:ea:82:79:ed:a4:3b:53:b3:be:5f:73:35:b1:\n         54:b9:3d:ad:88:cc:4e:af:ac:94:a1:df:8f:7f:08:d6:d3:03:\n         c5:8f:41:d5:8b:97:15:49:84:95:c0:71:93:6d:68:4b:ba:94:\n         2b:19:b8:34:8c:4e:90:2c:5b:92:38:fa:c9:f2:ae:6d:f2:bc:\n         fe:6d:d1:e0:f6:f0:ae:4b:80:22:9e:3d:7f:7a:d9:da:e4:00:\n         e3:fa:5c:64:39:d5:59:db:31:0e:db:d5:34:9d:41:e7:6d:60:\n         a2:29:47:75:4a:52:f1:b9:2b:2f:fe:d1:cf:91:9b:07:e2:d9:\n         a4:3c:a1:75:f0:7a:4c:c9:c9:2e:63:be:8b:dd:55:5b:1d:84:\n         ee:bc:22:df:91:cf:fc:ee:ae:c3:79:3e:7f:86:8f:56:2e:40:\n         d5:2c:da:70:eb:18:73:7e:54:82:05:a6:05:94:8c:b6:4e:e1:\n         b7:09:72:d6\n>
+1999-03-02 09:44:33 SAN <DNS=*.test.ex\nDNS=server2.example.com>
+1999-03-02 09:44:33 OCU <http://oscp.example.com/>
+1999-03-02 09:44:33 (no CRU)
+1999-03-02 09:44:33 md5    fingerprint 861F6627E5FD9C624B4B27ECA6FA6B06
+1999-03-02 09:44:33 sha1   fingerprint E75D537E478758010505D4F339B00DFD73728088
+1999-03-02 09:44:33 sha256 fingerprint E251FA7D0372CB784294CF92B243DCE53FDDABD9F58A1B89226586C07C82CAC6
+1999-03-02 09:44:33 der_b64 MIIDuDCCAqCgAwIBAgICAMkwDQYJKoZIhvcNAQELBQAwNzEUMBIGA1UEChMLZXhhbXBsZS5jb20xHzAdBgNVBAMTFmNsaWNhIFNpZ25pbmcgQ2VydCByc2EwHhcNMTIxMTAxMTI0MDA0WhcNMzcxMjAxMTI0MDA0WjAeMRwwGgYDVQQDExNzZXJ2ZXIyLmV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA52Rfiv2Igy0NiaKN5gc0VPLbEoHngkdJWv3wEORp+iFl6skQRbsCylT8djJ2pvHstFpnzSodF3Wwjj2/EDuj3iKBzN9HeXJOvJz8j9Si1xkgCxJeUjPGgYcvKdxybaZAOpi9l3xwPCCEXN4JBq/WaQQ9+eP1PczeMNfvFtXma+VcHXG743ttPOv7eSMr0JxQl3zjQvYGOhFP/KAw6jh/N6YPqii9kV0cC/ubeVzpqJ5/+hndx5YrmAu39N5qzwWujhDPkFNSgCJUhfkEiMaQiPxFxDTbUzWnQ5jpAQ5El4WJVkGWkqxose1bOjSSNzFPJt59YtxxJC3IWN3UtGODTwIDAQABo4HmMIHjMA4GA1UdDwEB/wQEAwIE8DAgBgNVHSUBAf8EFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwTgYDVR0jBEcwRYANQUFidHdDeGNYZ2IwUaExpC8wLTEUMBIGA1UEChMLZXhhbXBsZS5jb20xFTATBgNVBAMTDGNsaWNhIENBIHJzYYIBQjA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vc2NwLmV4YW1wbGUuY29tLzApBgNVHREEIjAgghNzZXJ2ZXIyLmV4YW1wbGUuY29tggkqLnRlc3QuZXgwDQYJKoZIhvcNAQELBQADggEBALHOkZkvHLpNm0QSof09vmmdNFE6/+0TCIoPExeqqSOsy4NsF+Ha46WttjJRSVtbhRxF8jxEU7btPiFgQUaOcJZTwQPDhmQSOPNO8GS46oJ57aQ7U7O+X3M1sVS5Pa2IzE6vrJSh349/CNbTA8WPQdWLlxVJhJXAcZNtaEu6lCsZuDSMTpAsW5I4+snyrm3yvP5t0eD28K5LgCKePX962drkAOP6XGQ51VnbMQ7b1TSdQedtYKIpR3VKUvG5Ky/+0c+Rmwfi2aQ8oXXwekzJyS5jvovdVVsdhO68It+Rz/zursN5Pn+Gj1YuQNUs2nDrGHN+VIIFpgWUjLZO4bcJctY=
+1999-03-02 09:44:33 cipher: TLS1.x:ke-RSA-AES256-SHAnnn:xxx
+1999-03-02 09:44:33 cipher_ TLS1.x:ke_RSA_WITH_ci_mac
+1999-03-02 09:44:33 ver:    TLS1.x
+1999-03-02 09:44:33 10HmaZ-0005vi-00 <= b@test.ex H=[ip4.ip4.ip4.ip4] P=smtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server2.example.com" S=sss
+1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D
+1999-03-02 09:44:33 Our cert SN: <CN=server1.example_ec.com>
+1999-03-02 09:44:33 Peer did not present a cert
+1999-03-02 09:44:33 10HmbA-0005vi-00 <= c@test.ex H=[127.0.0.1] P=smtps X=TLS1.x:ke-ECDSA-AES256-SHAnnn:xxx CV=no S=sss