X-Git-Url: https://git.exim.org/users/heiko/exim.git/blobdiff_plain/4fab92fbc2b63bac2d89c1dae69fa1845cb640b7..03976d0d27f005d68d6a37b418f168f687d49447:/test/confs/2133 diff --git a/test/confs/2133 b/test/confs/2133 index ff4350809..8fa51d0e9 100644 --- a/test/confs/2133 +++ b/test/confs/2133 @@ -1,4 +1,4 @@ -# Exim test configuration 2133 +# Exim test configuration 1162 # TLS client: verify certificate from server - name-fails SERVER= @@ -81,7 +81,7 @@ client_r: client_s: driver = accept - local_parts = users + local_parts = user_s retry_use_local_part transport = send_to_server_req_passname @@ -91,7 +91,6 @@ client_t: retry_use_local_part transport = send_to_server_req_failcarryon - # ----- Transports ----- begin transports @@ -101,8 +100,9 @@ send_to_server_failcert: driver = smtp allow_localhost hosts = HOSTIPV4 - hosts_require_tls = HOSTIPV4 port = PORT_D + hosts_try_fastopen = : + hosts_require_tls = HOSTIPV4 tls_certificate = CERT2 tls_privatekey = CERT2 @@ -113,8 +113,9 @@ send_to_server_retry: driver = smtp allow_localhost hosts = HOSTIPV4 : 127.0.0.1 - hosts_require_tls = HOSTIPV4 port = PORT_D + hosts_try_fastopen = : + hosts_require_tls = HOSTIPV4 tls_certificate = CERT2 tls_privatekey = CERT2 @@ -126,8 +127,9 @@ send_to_server_crypt: driver = smtp allow_localhost hosts = HOSTIPV4 - hosts_require_tls = HOSTIPV4 port = PORT_D + hosts_try_fastopen = : + hosts_require_tls = HOSTIPV4 tls_certificate = CERT2 tls_privatekey = CERT2 @@ -141,6 +143,7 @@ send_to_server_req_fail: allow_localhost hosts = HOSTNAME port = PORT_D + hosts_try_fastopen = : tls_certificate = CERT2 tls_privatekey = CERT2 @@ -154,6 +157,7 @@ send_to_server_req_failname: allow_localhost hosts = HOSTNAME port = PORT_D + hosts_try_fastopen = : tls_certificate = CERT2 tls_privatekey = CERT2 @@ -168,6 +172,7 @@ send_to_server_req_passname: allow_localhost hosts = server1.example.com port = PORT_D + hosts_try_fastopen = : tls_certificate = CERT2 tls_privatekey = CERT2 @@ -175,11 +180,14 @@ send_to_server_req_passname: tls_verify_cert_hostnames = * tls_verify_hosts = * +# this will fail to verify the cert name but carry on (try-verify mode) +# fail because the cert is "server1.example.com" and the test system is something else send_to_server_req_failcarryon: driver = smtp allow_localhost hosts = HOSTNAME port = PORT_D + hosts_try_fastopen = : tls_certificate = CERT2 tls_privatekey = CERT2