X-Git-Url: https://git.exim.org/users/heiko/exim.git/blobdiff_plain/ba86e143c7aeb0d70ea4c9d73a617a98f06f6baa..fd3b39c16b3040cc7f12dbc3afdfc4e9e6e0807b:/test/confs/2102?ds=sidebyside diff --git a/test/confs/2102 b/test/confs/2102 index 0139a61c0..6ae1514e9 100644 --- a/test/confs/2102 +++ b/test/confs/2102 @@ -33,6 +33,9 @@ tls_verify_hosts = HOSTIPV4 tls_verify_certificates = DRSA/server2.example.com/ca_chain.pem +.ifdef _OPT_OPENSSL_NO_TLSV1_3_X +openssl_options = +no_tlsv1_3 +.endif # ------ ACL ------ begin acl @@ -43,6 +46,7 @@ check_recipient: !encrypted = * logwrite = cipher: $tls_in_cipher # This appears to lie. Despite what's on the wire, it returns the last cert loaded. +# Fixed in OpenSSL 1.1.1 ? Testcase golden logfile has the incorrect value. warn logwrite = ${if def:tls_in_ourcert \ {Our cert SN: <${certextract{subject}{$tls_in_ourcert}}>} \ {We did not present a cert}} @@ -68,6 +72,9 @@ check_recipient: logwrite = sha1 fingerprint ${sha1:$tls_in_peercert} logwrite = sha256 fingerprint ${sha256:$tls_in_peercert} logwrite = der_b64 ${base64:$tls_in_peercert} + logwrite = cipher: $tls_in_cipher + logwrite = cipher_ $tls_in_cipher_std + logwrite = ver: $tls_in_ver # ----- Routers ----- @@ -87,7 +94,7 @@ begin transports local_delivery: driver = appendfile - file = DIR/test-mail/$local_part + file = DIR/test-mail/${bless:$local_part} headers_add = TLS: cipher=$tls_cipher peerdn=$tls_peerdn user = CALLER