From 3f0f8e6c10e1beb36d335c02692466c8911e4942 Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Sun, 2 Aug 2020 23:56:58 +0100 Subject: [PATCH] Testsuite: separate cases for TLS resumption with/out OCSP --- test/confs/5890 | 3 - test/confs/5891 | 4 +- test/confs/5892 | 114 ++++++ test/confs/5893 | 117 ++++++ test/log/5890 | 36 +- test/log/5891 | 175 +++++---- test/log/5892 | 325 ++++++++++++++++ test/log/5893 | 357 ++++++++++++++++++ test/scripts/5891-Resume-GnuTLS-OCSP/5890 | 69 ++++ test/scripts/5891-Resume-GnuTLS-OCSP/REQUIRES | 4 + .../5891 => 5892-Resume-OpenSSL/5892} | 0 .../REQUIRES | 0 test/scripts/5893-Resume-OpenSSL-OCSP/5893 | 64 ++++ .../scripts/5893-Resume-OpenSSL-OCSP/REQUIRES | 4 + test/stderr/5892 | 6 + test/stderr/5893 | 6 + test/stdout/5892 | 6 + test/stdout/5893 | 6 + 18 files changed, 1169 insertions(+), 127 deletions(-) create mode 100644 test/confs/5892 create mode 100644 test/confs/5893 create mode 100644 test/log/5892 create mode 100644 test/log/5893 create mode 100644 test/scripts/5891-Resume-GnuTLS-OCSP/5890 create mode 100644 test/scripts/5891-Resume-GnuTLS-OCSP/REQUIRES rename test/scripts/{5891-Resume-OpenSSL/5891 => 5892-Resume-OpenSSL/5892} (100%) rename test/scripts/{5891-Resume-OpenSSL => 5892-Resume-OpenSSL}/REQUIRES (100%) create mode 100644 test/scripts/5893-Resume-OpenSSL-OCSP/5893 create mode 100644 test/scripts/5893-Resume-OpenSSL-OCSP/REQUIRES create mode 100644 test/stderr/5892 create mode 100644 test/stderr/5893 create mode 100644 test/stdout/5892 create mode 100644 test/stdout/5893 diff --git a/test/confs/5890 b/test/confs/5890 index 5b154e5db..0c812fd89 100644 --- a/test/confs/5890 +++ b/test/confs/5890 @@ -23,7 +23,6 @@ CDIR=DIR/aux-fixed/exim-ca/example.com tls_certificate = CDIR/server1.example.com/server1.example.com.chain.pem tls_privatekey = CDIR/server1.example.com/server1.example.com.unlocked.key -tls_ocsp_file = CDIR/server1.example.com/server1.example.com.ocsp.good.resp tls_require_ciphers = OPTION tls_resumption_hosts = 127.0.0.1 @@ -40,7 +39,6 @@ check_helo: logwrite = peer cert subject\t${certextract {subject}{$tls_in_peercert}} logwrite = peer cert verified\t${tls_in_certificate_verified} logwrite = peer dn\t${tls_in_peerdn} - logwrite = ocsp\t${tls_in_ocsp} logwrite = cipher\t${tls_in_cipher} logwrite = bits\t${tls_in_bits} accept @@ -57,7 +55,6 @@ log_resumption: logwrite = peer cert subject\t${certextract {subject}{$tls_out_peercert}} logwrite = peer cert verified\t${tls_out_certificate_verified} logwrite = peer dn\t${tls_out_peerdn} - logwrite = ocsp\t${tls_out_ocsp} logwrite = cipher\t${tls_out_cipher} logwrite = bits\t${tls_out_bits} diff --git a/test/confs/5891 b/test/confs/5891 index e0f824357..89ee8fd53 100644 --- a/test/confs/5891 +++ b/test/confs/5891 @@ -1,7 +1,7 @@ # Exim test configuration 5891 SERVER = -OPTION = +OPTION = NORMAL .include DIR/aux-var/tls_conf_prefix @@ -15,7 +15,6 @@ acl_smtp_helo = check_helo acl_smtp_rcpt = check_recipient log_selector = +received_recipients +tls_resumption +tls_peerdn -openssl_options = +no_sslv2 +no_sslv3 +single_dh_use OPTION tls_advertise_hosts = * # Set certificate only if server @@ -26,6 +25,7 @@ tls_certificate = CDIR/server1.example.com/server1.example.com.chain.pem tls_privatekey = CDIR/server1.example.com/server1.example.com.unlocked.key tls_ocsp_file = CDIR/server1.example.com/server1.example.com.ocsp.good.resp +tls_require_ciphers = OPTION tls_resumption_hosts = 127.0.0.1 diff --git a/test/confs/5892 b/test/confs/5892 new file mode 100644 index 000000000..4e6883fc2 --- /dev/null +++ b/test/confs/5892 @@ -0,0 +1,114 @@ +# Exim test configuration 5892 + +SERVER = +OPTION = + +.include DIR/aux-var/tls_conf_prefix + +primary_hostname = myhost.test.ex + +# ----- Main settings ----- + +domainlist local_domains = test.ex : *.test.ex + +acl_smtp_helo = check_helo +acl_smtp_rcpt = check_recipient +log_selector = +received_recipients +tls_resumption +tls_peerdn + +openssl_options = +no_sslv2 +no_sslv3 +single_dh_use OPTION +tls_advertise_hosts = * + +# Set certificate only if server + +CDIR=DIR/aux-fixed/exim-ca/example.com + +tls_certificate = CDIR/server1.example.com/server1.example.com.chain.pem +tls_privatekey = CDIR/server1.example.com/server1.example.com.unlocked.key + +tls_resumption_hosts = 127.0.0.1 + + +# ------ ACL ------ + +begin acl + +check_helo: + accept condition = ${if def:tls_in_cipher} + logwrite = tls_in_resumption\t${listextract {$tls_in_resumption} {_RESUME_DECODE}} + logwrite = our cert subject\t${certextract {subject}{$tls_in_ourcert}} + logwrite = peer cert subject\t${certextract {subject}{$tls_in_peercert}} + logwrite = peer cert verified\t${tls_in_certificate_verified} + logwrite = peer dn\t${tls_in_peerdn} + logwrite = cipher\t${tls_in_cipher} + logwrite = bits\t${tls_in_bits} + accept + +check_recipient: + accept domains = +local_domains + deny message = relay not permitted + +log_resumption: + accept condition = ${if def:tls_out_cipher} + condition = ${if eq {$event_name}{tcp:close}} + logwrite = tls_out_resumption ${listextract {$tls_out_resumption} {_RESUME_DECODE}} + logwrite = our cert subject\t${certextract {subject}{$tls_out_ourcert}} + logwrite = peer cert subject\t${certextract {subject}{$tls_out_peercert}} + logwrite = peer cert verified\t${tls_out_certificate_verified} + logwrite = peer dn\t${tls_out_peerdn} + logwrite = cipher\t${tls_out_cipher} + logwrite = bits\t${tls_out_bits} + + +# ----- Routers ----- + +begin routers + +client: + driver = accept + condition = ${if eq {SERVER}{server}{no}{yes}} + transport = send_to_server${if eq{$local_part}{abcd}{2}{1}} + +server: + driver = redirect + data = :blackhole: + +# ----- Transports ----- + +begin transports + +send_to_server1: + driver = smtp + allow_localhost + hosts = 127.0.0.1 + port = PORT_D + helo_data = helo.data.changed +.ifdef VALUE + tls_resumption_hosts = * +.else + tls_resumption_hosts = : +.endif + tls_verify_certificates = CDIR/CA/CA.pem + tls_verify_cert_hostnames = ${if match {$local_part}{^noverify} {*}{:}} + tls_try_verify_hosts = * + event_action = ${acl {log_resumption}} + +send_to_server2: + driver = smtp + allow_localhost + hosts = HOSTIPV4 + port = PORT_D + hosts_try_fastopen = : + tls_verify_certificates = CDIR/CA/CA.pem + tls_verify_cert_hostnames = : + event_action = ${acl {log_resumption}} + + +# ----- Retry ----- + + +begin retry + +* * F,5d,10s + + +# End diff --git a/test/confs/5893 b/test/confs/5893 new file mode 100644 index 000000000..74b61b70b --- /dev/null +++ b/test/confs/5893 @@ -0,0 +1,117 @@ +# Exim test configuration 5893 + +SERVER = +OPTION = + +.include DIR/aux-var/tls_conf_prefix + +primary_hostname = myhost.test.ex + +# ----- Main settings ----- + +domainlist local_domains = test.ex : *.test.ex + +acl_smtp_helo = check_helo +acl_smtp_rcpt = check_recipient +log_selector = +received_recipients +tls_resumption +tls_peerdn + +openssl_options = +no_sslv2 +no_sslv3 +single_dh_use OPTION +tls_advertise_hosts = * + +# Set certificate only if server + +CDIR=DIR/aux-fixed/exim-ca/example.com + +tls_certificate = CDIR/server1.example.com/server1.example.com.chain.pem +tls_privatekey = CDIR/server1.example.com/server1.example.com.unlocked.key +tls_ocsp_file = CDIR/server1.example.com/server1.example.com.ocsp.good.resp + +tls_resumption_hosts = 127.0.0.1 + + +# ------ ACL ------ + +begin acl + +check_helo: + accept condition = ${if def:tls_in_cipher} + logwrite = tls_in_resumption\t${listextract {$tls_in_resumption} {_RESUME_DECODE}} + logwrite = our cert subject\t${certextract {subject}{$tls_in_ourcert}} + logwrite = peer cert subject\t${certextract {subject}{$tls_in_peercert}} + logwrite = peer cert verified\t${tls_in_certificate_verified} + logwrite = peer dn\t${tls_in_peerdn} + logwrite = ocsp\t${tls_in_ocsp} + logwrite = cipher\t${tls_in_cipher} + logwrite = bits\t${tls_in_bits} + accept + +check_recipient: + accept domains = +local_domains + deny message = relay not permitted + +log_resumption: + accept condition = ${if def:tls_out_cipher} + condition = ${if eq {$event_name}{tcp:close}} + logwrite = tls_out_resumption ${listextract {$tls_out_resumption} {_RESUME_DECODE}} + logwrite = our cert subject\t${certextract {subject}{$tls_out_ourcert}} + logwrite = peer cert subject\t${certextract {subject}{$tls_out_peercert}} + logwrite = peer cert verified\t${tls_out_certificate_verified} + logwrite = peer dn\t${tls_out_peerdn} + logwrite = ocsp\t${tls_out_ocsp} + logwrite = cipher\t${tls_out_cipher} + logwrite = bits\t${tls_out_bits} + + +# ----- Routers ----- + +begin routers + +client: + driver = accept + condition = ${if eq {SERVER}{server}{no}{yes}} + transport = send_to_server${if eq{$local_part}{abcd}{2}{1}} + +server: + driver = redirect + data = :blackhole: + +# ----- Transports ----- + +begin transports + +send_to_server1: + driver = smtp + allow_localhost + hosts = 127.0.0.1 + port = PORT_D + helo_data = helo.data.changed +.ifdef VALUE + tls_resumption_hosts = * +.else + tls_resumption_hosts = : +.endif + tls_verify_certificates = CDIR/CA/CA.pem + tls_verify_cert_hostnames = ${if match {$local_part}{^noverify} {*}{:}} + tls_try_verify_hosts = * + event_action = ${acl {log_resumption}} + +send_to_server2: + driver = smtp + allow_localhost + hosts = HOSTIPV4 + port = PORT_D + hosts_try_fastopen = : + tls_verify_certificates = CDIR/CA/CA.pem + tls_verify_cert_hostnames = : + event_action = ${acl {log_resumption}} + + +# ----- Retry ----- + + +begin retry + +* * F,5d,10s + + +# End diff --git a/test/log/5890 b/test/log/5890 index 5ffb9ccf7..6d6a6a8b2 100644 --- a/test/log/5890 +++ b/test/log/5890 @@ -4,7 +4,6 @@ 1999-03-02 09:44:33 10HmaX-0005vi-00 peer cert subject CN=server1.example.com 1999-03-02 09:44:33 10HmaX-0005vi-00 peer cert verified 1 1999-03-02 09:44:33 10HmaX-0005vi-00 peer dn CN=server1.example.com -1999-03-02 09:44:33 10HmaX-0005vi-00 ocsp 4 1999-03-02 09:44:33 10HmaX-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmaX-0005vi-00 bits 256 1999-03-02 09:44:33 10HmaX-0005vi-00 => getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmaY-0005vi-00" @@ -15,7 +14,6 @@ 1999-03-02 09:44:33 10HmaZ-0005vi-00 peer cert subject CN=server1.example.com 1999-03-02 09:44:33 10HmaZ-0005vi-00 peer cert verified 1 1999-03-02 09:44:33 10HmaZ-0005vi-00 peer dn CN=server1.example.com -1999-03-02 09:44:33 10HmaZ-0005vi-00 ocsp 4 1999-03-02 09:44:33 10HmaZ-0005vi-00 cipher TLS1.x:ke--AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmaZ-0005vi-00 bits 256 1999-03-02 09:44:33 10HmaZ-0005vi-00 tls_out_resumption not requested or offered @@ -23,7 +21,6 @@ 1999-03-02 09:44:33 10HmaZ-0005vi-00 peer cert subject CN=server1.example.com 1999-03-02 09:44:33 10HmaZ-0005vi-00 peer cert verified 1 1999-03-02 09:44:33 10HmaZ-0005vi-00 peer dn CN=server1.example.com -1999-03-02 09:44:33 10HmaZ-0005vi-00 ocsp 4 1999-03-02 09:44:33 10HmaZ-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmaZ-0005vi-00 bits 256 1999-03-02 09:44:33 10HmaZ-0005vi-00 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbA-0005vi-00" @@ -36,7 +33,6 @@ 1999-03-02 09:44:33 10HmbC-0005vi-00 peer cert subject CN=server1.example.com 1999-03-02 09:44:33 10HmbC-0005vi-00 peer cert verified 1 1999-03-02 09:44:33 10HmbC-0005vi-00 peer dn CN=server1.example.com -1999-03-02 09:44:33 10HmbC-0005vi-00 ocsp 4 1999-03-02 09:44:33 10HmbC-0005vi-00 cipher TLS1.x:ke--AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbC-0005vi-00 bits 256 1999-03-02 09:44:33 10HmbC-0005vi-00 => renewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbD-0005vi-00" @@ -47,7 +43,6 @@ 1999-03-02 09:44:33 10HmbE-0005vi-00 peer cert subject CN=server1.example.com 1999-03-02 09:44:33 10HmbE-0005vi-00 peer cert verified 1 1999-03-02 09:44:33 10HmbE-0005vi-00 peer dn CN=server1.example.com -1999-03-02 09:44:33 10HmbE-0005vi-00 ocsp 4 1999-03-02 09:44:33 10HmbE-0005vi-00 cipher TLS1.x:ke--AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbE-0005vi-00 bits 256 1999-03-02 09:44:33 10HmbE-0005vi-00 => postrenewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbF-0005vi-00" @@ -58,7 +53,6 @@ 1999-03-02 09:44:33 10HmbG-0005vi-00 peer cert subject CN=server1.example.com 1999-03-02 09:44:33 10HmbG-0005vi-00 peer cert verified 1 1999-03-02 09:44:33 10HmbG-0005vi-00 peer dn CN=server1.example.com -1999-03-02 09:44:33 10HmbG-0005vi-00 ocsp 4 1999-03-02 09:44:33 10HmbG-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbG-0005vi-00 bits 256 1999-03-02 09:44:33 10HmbG-0005vi-00 => timeout@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbH-0005vi-00" @@ -69,7 +63,6 @@ 1999-03-02 09:44:33 10HmbI-0005vi-00 peer cert subject CN=server1.example.com 1999-03-02 09:44:33 10HmbI-0005vi-00 peer cert verified 1 1999-03-02 09:44:33 10HmbI-0005vi-00 peer dn CN=server1.example.com -1999-03-02 09:44:33 10HmbI-0005vi-00 ocsp 4 1999-03-02 09:44:33 10HmbI-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbI-0005vi-00 bits 256 1999-03-02 09:44:33 10HmbI-0005vi-00 => notreq@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbJ-0005vi-00" @@ -80,7 +73,6 @@ 1999-03-02 09:44:33 10HmbK-0005vi-00 peer cert subject CN=server1.example.com 1999-03-02 09:44:33 10HmbK-0005vi-00 peer cert verified 0 1999-03-02 09:44:33 10HmbK-0005vi-00 peer dn CN=server1.example.com -1999-03-02 09:44:33 10HmbK-0005vi-00 ocsp 4 1999-03-02 09:44:33 10HmbK-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbK-0005vi-00 bits 256 1999-03-02 09:44:33 10HmbK-0005vi-00 => noverify_getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no DN="CN=server1.example.com" C="250 OK id=10HmbL-0005vi-00" @@ -91,7 +83,6 @@ 1999-03-02 09:44:33 10HmbM-0005vi-00 peer cert subject CN=server1.example.com 1999-03-02 09:44:33 10HmbM-0005vi-00 peer cert verified 0 1999-03-02 09:44:33 10HmbM-0005vi-00 peer dn CN=server1.example.com -1999-03-02 09:44:33 10HmbM-0005vi-00 ocsp 4 1999-03-02 09:44:33 10HmbM-0005vi-00 cipher TLS1.x:ke--AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbM-0005vi-00 bits 256 1999-03-02 09:44:33 10HmbM-0005vi-00 => noverify_resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=no DN="CN=server1.example.com" C="250 OK id=10HmbN-0005vi-00" @@ -102,7 +93,6 @@ 1999-03-02 09:44:33 10HmbO-0005vi-00 peer cert subject CN=server1.example.com 1999-03-02 09:44:33 10HmbO-0005vi-00 peer cert verified 1 1999-03-02 09:44:33 10HmbO-0005vi-00 peer dn CN=server1.example.com -1999-03-02 09:44:33 10HmbO-0005vi-00 ocsp 4 1999-03-02 09:44:33 10HmbO-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbO-0005vi-00 bits 256 1999-03-02 09:44:33 10HmbO-0005vi-00 => getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbP-0005vi-00" @@ -113,7 +103,6 @@ 1999-03-02 09:44:33 10HmbQ-0005vi-00 peer cert subject CN=server1.example.com 1999-03-02 09:44:33 10HmbQ-0005vi-00 peer cert verified 1 1999-03-02 09:44:33 10HmbQ-0005vi-00 peer dn CN=server1.example.com -1999-03-02 09:44:33 10HmbQ-0005vi-00 ocsp 4 1999-03-02 09:44:33 10HmbQ-0005vi-00 cipher TLS1.x:ke-PSK-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbQ-0005vi-00 bits 256 1999-03-02 09:44:33 10HmbQ-0005vi-00 tls_out_resumption not requested or offered @@ -121,7 +110,6 @@ 1999-03-02 09:44:33 10HmbQ-0005vi-00 peer cert subject CN=server1.example.com 1999-03-02 09:44:33 10HmbQ-0005vi-00 peer cert verified 1 1999-03-02 09:44:33 10HmbQ-0005vi-00 peer dn CN=server1.example.com -1999-03-02 09:44:33 10HmbQ-0005vi-00 ocsp 4 1999-03-02 09:44:33 10HmbQ-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbQ-0005vi-00 bits 256 1999-03-02 09:44:33 10HmbQ-0005vi-00 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbR-0005vi-00" @@ -134,18 +122,16 @@ 1999-03-02 09:44:33 10HmbT-0005vi-00 peer cert subject CN=server1.example.com 1999-03-02 09:44:33 10HmbT-0005vi-00 peer cert verified 1 1999-03-02 09:44:33 10HmbT-0005vi-00 peer dn CN=server1.example.com -1999-03-02 09:44:33 10HmbT-0005vi-00 ocsp 4 1999-03-02 09:44:33 10HmbT-0005vi-00 cipher TLS1.x:ke-PSK-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbT-0005vi-00 bits 256 1999-03-02 09:44:33 10HmbT-0005vi-00 => renewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbU-0005vi-00" 1999-03-02 09:44:33 10HmbT-0005vi-00 Completed 1999-03-02 09:44:33 10HmbV-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for postrenewal@test.ex -1999-03-02 09:44:33 10HmbV-0005vi-00 tls_out_resumption session resumed, also new ticket +1999-03-02 09:44:33 10HmbV-0005vi-00 tls_out_resumption session resumed 1999-03-02 09:44:33 10HmbV-0005vi-00 our cert subject 1999-03-02 09:44:33 10HmbV-0005vi-00 peer cert subject CN=server1.example.com 1999-03-02 09:44:33 10HmbV-0005vi-00 peer cert verified 1 1999-03-02 09:44:33 10HmbV-0005vi-00 peer dn CN=server1.example.com -1999-03-02 09:44:33 10HmbV-0005vi-00 ocsp 4 1999-03-02 09:44:33 10HmbV-0005vi-00 cipher TLS1.x:ke-PSK-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbV-0005vi-00 bits 256 1999-03-02 09:44:33 10HmbV-0005vi-00 => postrenewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbW-0005vi-00" @@ -156,7 +142,6 @@ 1999-03-02 09:44:33 10HmbX-0005vi-00 peer cert subject CN=server1.example.com 1999-03-02 09:44:33 10HmbX-0005vi-00 peer cert verified 1 1999-03-02 09:44:33 10HmbX-0005vi-00 peer dn CN=server1.example.com -1999-03-02 09:44:33 10HmbX-0005vi-00 ocsp 4 1999-03-02 09:44:33 10HmbX-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbX-0005vi-00 bits 256 1999-03-02 09:44:33 10HmbX-0005vi-00 => timeout@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbY-0005vi-00" @@ -167,7 +152,6 @@ 1999-03-02 09:44:33 10HmbZ-0005vi-00 peer cert subject CN=server1.example.com 1999-03-02 09:44:33 10HmbZ-0005vi-00 peer cert verified 1 1999-03-02 09:44:33 10HmbZ-0005vi-00 peer dn CN=server1.example.com -1999-03-02 09:44:33 10HmbZ-0005vi-00 ocsp 4 1999-03-02 09:44:33 10HmbZ-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbZ-0005vi-00 bits 256 1999-03-02 09:44:33 10HmbZ-0005vi-00 => notreq@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmcA-0005vi-00" @@ -180,7 +164,6 @@ 1999-03-02 09:44:33 peer cert subject 1999-03-02 09:44:33 peer cert verified 0 1999-03-02 09:44:33 peer dn -1999-03-02 09:44:33 ocsp 4 1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 bits 256 1999-03-02 09:44:33 10HmaY-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaX-0005vi-00@myhost.test.ex for getticket@test.ex @@ -191,7 +174,6 @@ 1999-03-02 09:44:33 peer cert subject 1999-03-02 09:44:33 peer cert verified 0 1999-03-02 09:44:33 peer dn -1999-03-02 09:44:33 ocsp 1 1999-03-02 09:44:33 cipher TLS1.x:ke--AES256-SHAnnn:xxx 1999-03-02 09:44:33 bits 256 1999-03-02 09:44:33 10HmbA-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=no S=sss id=E10HmaZ-0005vi-00@myhost.test.ex for resume@test.ex xyz@test.ex @@ -203,7 +185,6 @@ 1999-03-02 09:44:33 peer cert subject 1999-03-02 09:44:33 peer cert verified 0 1999-03-02 09:44:33 peer dn -1999-03-02 09:44:33 ocsp 4 1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 bits 256 1999-03-02 09:44:33 10HmbB-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaZ-0005vi-00@myhost.test.ex for abcd@test.ex @@ -214,7 +195,6 @@ 1999-03-02 09:44:33 peer cert subject 1999-03-02 09:44:33 peer cert verified 0 1999-03-02 09:44:33 peer dn -1999-03-02 09:44:33 ocsp 1 1999-03-02 09:44:33 cipher TLS1.x:ke--AES256-SHAnnn:xxx 1999-03-02 09:44:33 bits 256 1999-03-02 09:44:33 10HmbD-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbC-0005vi-00@myhost.test.ex for renewal@test.ex @@ -225,7 +205,6 @@ 1999-03-02 09:44:33 peer cert subject 1999-03-02 09:44:33 peer cert verified 0 1999-03-02 09:44:33 peer dn -1999-03-02 09:44:33 ocsp 1 1999-03-02 09:44:33 cipher TLS1.x:ke--AES256-SHAnnn:xxx 1999-03-02 09:44:33 bits 256 1999-03-02 09:44:33 10HmbF-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbE-0005vi-00@myhost.test.ex for postrenewal@test.ex @@ -236,7 +215,6 @@ 1999-03-02 09:44:33 peer cert subject 1999-03-02 09:44:33 peer cert verified 0 1999-03-02 09:44:33 peer dn -1999-03-02 09:44:33 ocsp 4 1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 bits 256 1999-03-02 09:44:33 10HmbH-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbG-0005vi-00@myhost.test.ex for timeout@test.ex @@ -247,7 +225,6 @@ 1999-03-02 09:44:33 peer cert subject 1999-03-02 09:44:33 peer cert verified 0 1999-03-02 09:44:33 peer dn -1999-03-02 09:44:33 ocsp 4 1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 bits 256 1999-03-02 09:44:33 10HmbJ-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbI-0005vi-00@myhost.test.ex for notreq@test.ex @@ -258,7 +235,6 @@ 1999-03-02 09:44:33 peer cert subject 1999-03-02 09:44:33 peer cert verified 0 1999-03-02 09:44:33 peer dn -1999-03-02 09:44:33 ocsp 4 1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 bits 256 1999-03-02 09:44:33 10HmbL-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbK-0005vi-00@myhost.test.ex for noverify_getticket@test.ex @@ -269,7 +245,6 @@ 1999-03-02 09:44:33 peer cert subject 1999-03-02 09:44:33 peer cert verified 0 1999-03-02 09:44:33 peer dn -1999-03-02 09:44:33 ocsp 1 1999-03-02 09:44:33 cipher TLS1.x:ke--AES256-SHAnnn:xxx 1999-03-02 09:44:33 bits 256 1999-03-02 09:44:33 10HmbN-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbM-0005vi-00@myhost.test.ex for noverify_resume@test.ex @@ -281,7 +256,6 @@ 1999-03-02 09:44:33 peer cert subject 1999-03-02 09:44:33 peer cert verified 0 1999-03-02 09:44:33 peer dn -1999-03-02 09:44:33 ocsp 1 1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 bits 256 1999-03-02 09:44:33 10HmbP-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbO-0005vi-00@myhost.test.ex for getticket@test.ex @@ -292,7 +266,6 @@ 1999-03-02 09:44:33 peer cert subject 1999-03-02 09:44:33 peer cert verified 0 1999-03-02 09:44:33 peer dn -1999-03-02 09:44:33 ocsp 1 1999-03-02 09:44:33 cipher TLS1.x:ke-PSK-AES256-SHAnnn:xxx 1999-03-02 09:44:33 bits 256 1999-03-02 09:44:33 10HmbR-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbQ-0005vi-00@myhost.test.ex for resume@test.ex xyz@test.ex @@ -304,7 +277,6 @@ 1999-03-02 09:44:33 peer cert subject 1999-03-02 09:44:33 peer cert verified 0 1999-03-02 09:44:33 peer dn -1999-03-02 09:44:33 ocsp 1 1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 bits 256 1999-03-02 09:44:33 10HmbS-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbQ-0005vi-00@myhost.test.ex for abcd@test.ex @@ -315,18 +287,16 @@ 1999-03-02 09:44:33 peer cert subject 1999-03-02 09:44:33 peer cert verified 0 1999-03-02 09:44:33 peer dn -1999-03-02 09:44:33 ocsp 1 1999-03-02 09:44:33 cipher TLS1.x:ke-PSK-AES256-SHAnnn:xxx 1999-03-02 09:44:33 bits 256 1999-03-02 09:44:33 10HmbU-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbT-0005vi-00@myhost.test.ex for renewal@test.ex 1999-03-02 09:44:33 10HmbU-0005vi-00 => :blackhole: R=server 1999-03-02 09:44:33 10HmbU-0005vi-00 Completed -1999-03-02 09:44:33 tls_in_resumption session resumed, also new ticket +1999-03-02 09:44:33 tls_in_resumption session resumed 1999-03-02 09:44:33 our cert subject 1999-03-02 09:44:33 peer cert subject 1999-03-02 09:44:33 peer cert verified 0 1999-03-02 09:44:33 peer dn -1999-03-02 09:44:33 ocsp 1 1999-03-02 09:44:33 cipher TLS1.x:ke-PSK-AES256-SHAnnn:xxx 1999-03-02 09:44:33 bits 256 1999-03-02 09:44:33 10HmbW-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbV-0005vi-00@myhost.test.ex for postrenewal@test.ex @@ -337,7 +307,6 @@ 1999-03-02 09:44:33 peer cert subject 1999-03-02 09:44:33 peer cert verified 0 1999-03-02 09:44:33 peer dn -1999-03-02 09:44:33 ocsp 1 1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 bits 256 1999-03-02 09:44:33 10HmbY-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbX-0005vi-00@myhost.test.ex for timeout@test.ex @@ -348,7 +317,6 @@ 1999-03-02 09:44:33 peer cert subject 1999-03-02 09:44:33 peer cert verified 0 1999-03-02 09:44:33 peer dn -1999-03-02 09:44:33 ocsp 1 1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 bits 256 1999-03-02 09:44:33 10HmcA-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbZ-0005vi-00@myhost.test.ex for notreq@test.ex diff --git a/test/log/5891 b/test/log/5891 index 6b0405704..5ffb9ccf7 100644 --- a/test/log/5891 +++ b/test/log/5891 @@ -3,175 +3,174 @@ 1999-03-02 09:44:33 10HmaX-0005vi-00 our cert subject 1999-03-02 09:44:33 10HmaX-0005vi-00 peer cert subject CN=server1.example.com 1999-03-02 09:44:33 10HmaX-0005vi-00 peer cert verified 1 -1999-03-02 09:44:33 10HmaX-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmaX-0005vi-00 peer dn CN=server1.example.com 1999-03-02 09:44:33 10HmaX-0005vi-00 ocsp 4 1999-03-02 09:44:33 10HmaX-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmaX-0005vi-00 bits 256 -1999-03-02 09:44:33 10HmaX-0005vi-00 => getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmaY-0005vi-00" +1999-03-02 09:44:33 10HmaX-0005vi-00 => getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmaY-0005vi-00" 1999-03-02 09:44:33 10HmaX-0005vi-00 Completed 1999-03-02 09:44:33 10HmaZ-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for resume@test.ex abcd@test.ex xyz@test.ex 1999-03-02 09:44:33 10HmaZ-0005vi-00 tls_out_resumption session resumed 1999-03-02 09:44:33 10HmaZ-0005vi-00 our cert subject 1999-03-02 09:44:33 10HmaZ-0005vi-00 peer cert subject CN=server1.example.com 1999-03-02 09:44:33 10HmaZ-0005vi-00 peer cert verified 1 -1999-03-02 09:44:33 10HmaZ-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmaZ-0005vi-00 peer dn CN=server1.example.com 1999-03-02 09:44:33 10HmaZ-0005vi-00 ocsp 4 -1999-03-02 09:44:33 10HmaZ-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmaZ-0005vi-00 cipher TLS1.x:ke--AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmaZ-0005vi-00 bits 256 1999-03-02 09:44:33 10HmaZ-0005vi-00 tls_out_resumption not requested or offered 1999-03-02 09:44:33 10HmaZ-0005vi-00 our cert subject 1999-03-02 09:44:33 10HmaZ-0005vi-00 peer cert subject CN=server1.example.com 1999-03-02 09:44:33 10HmaZ-0005vi-00 peer cert verified 1 -1999-03-02 09:44:33 10HmaZ-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmaZ-0005vi-00 peer dn CN=server1.example.com 1999-03-02 09:44:33 10HmaZ-0005vi-00 ocsp 4 1999-03-02 09:44:33 10HmaZ-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmaZ-0005vi-00 bits 256 -1999-03-02 09:44:33 10HmaZ-0005vi-00 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbA-0005vi-00" -1999-03-02 09:44:33 10HmaZ-0005vi-00 -> xyz@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbA-0005vi-00" -1999-03-02 09:44:33 10HmaZ-0005vi-00 => abcd@test.ex R=client T=send_to_server2 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbB-0005vi-00" +1999-03-02 09:44:33 10HmaZ-0005vi-00 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbA-0005vi-00" +1999-03-02 09:44:33 10HmaZ-0005vi-00 -> xyz@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbA-0005vi-00" +1999-03-02 09:44:33 10HmaZ-0005vi-00 => abcd@test.ex R=client T=send_to_server2 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbB-0005vi-00" 1999-03-02 09:44:33 10HmaZ-0005vi-00 Completed 1999-03-02 09:44:33 10HmbC-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for renewal@test.ex 1999-03-02 09:44:33 10HmbC-0005vi-00 tls_out_resumption session resumed 1999-03-02 09:44:33 10HmbC-0005vi-00 our cert subject 1999-03-02 09:44:33 10HmbC-0005vi-00 peer cert subject CN=server1.example.com 1999-03-02 09:44:33 10HmbC-0005vi-00 peer cert verified 1 -1999-03-02 09:44:33 10HmbC-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbC-0005vi-00 peer dn CN=server1.example.com 1999-03-02 09:44:33 10HmbC-0005vi-00 ocsp 4 -1999-03-02 09:44:33 10HmbC-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbC-0005vi-00 cipher TLS1.x:ke--AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbC-0005vi-00 bits 256 -1999-03-02 09:44:33 10HmbC-0005vi-00 => renewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbD-0005vi-00" +1999-03-02 09:44:33 10HmbC-0005vi-00 => renewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbD-0005vi-00" 1999-03-02 09:44:33 10HmbC-0005vi-00 Completed 1999-03-02 09:44:33 10HmbE-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for postrenewal@test.ex 1999-03-02 09:44:33 10HmbE-0005vi-00 tls_out_resumption session resumed 1999-03-02 09:44:33 10HmbE-0005vi-00 our cert subject 1999-03-02 09:44:33 10HmbE-0005vi-00 peer cert subject CN=server1.example.com 1999-03-02 09:44:33 10HmbE-0005vi-00 peer cert verified 1 -1999-03-02 09:44:33 10HmbE-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbE-0005vi-00 peer dn CN=server1.example.com 1999-03-02 09:44:33 10HmbE-0005vi-00 ocsp 4 -1999-03-02 09:44:33 10HmbE-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbE-0005vi-00 cipher TLS1.x:ke--AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbE-0005vi-00 bits 256 -1999-03-02 09:44:33 10HmbE-0005vi-00 => postrenewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbF-0005vi-00" +1999-03-02 09:44:33 10HmbE-0005vi-00 => postrenewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbF-0005vi-00" 1999-03-02 09:44:33 10HmbE-0005vi-00 Completed 1999-03-02 09:44:33 10HmbG-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for timeout@test.ex -1999-03-02 09:44:33 10HmbG-0005vi-00 tls_out_resumption client requested new ticket, server provided +1999-03-02 09:44:33 10HmbG-0005vi-00 tls_out_resumption client offered session, server only provided new ticket 1999-03-02 09:44:33 10HmbG-0005vi-00 our cert subject 1999-03-02 09:44:33 10HmbG-0005vi-00 peer cert subject CN=server1.example.com 1999-03-02 09:44:33 10HmbG-0005vi-00 peer cert verified 1 -1999-03-02 09:44:33 10HmbG-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbG-0005vi-00 peer dn CN=server1.example.com 1999-03-02 09:44:33 10HmbG-0005vi-00 ocsp 4 1999-03-02 09:44:33 10HmbG-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbG-0005vi-00 bits 256 -1999-03-02 09:44:33 10HmbG-0005vi-00 => timeout@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbH-0005vi-00" +1999-03-02 09:44:33 10HmbG-0005vi-00 => timeout@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbH-0005vi-00" 1999-03-02 09:44:33 10HmbG-0005vi-00 Completed 1999-03-02 09:44:33 10HmbI-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for notreq@test.ex -1999-03-02 09:44:33 10HmbI-0005vi-00 tls_out_resumption not requested or offered +1999-03-02 09:44:33 10HmbI-0005vi-00 tls_out_resumption no client request 1999-03-02 09:44:33 10HmbI-0005vi-00 our cert subject 1999-03-02 09:44:33 10HmbI-0005vi-00 peer cert subject CN=server1.example.com 1999-03-02 09:44:33 10HmbI-0005vi-00 peer cert verified 1 -1999-03-02 09:44:33 10HmbI-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbI-0005vi-00 peer dn CN=server1.example.com 1999-03-02 09:44:33 10HmbI-0005vi-00 ocsp 4 1999-03-02 09:44:33 10HmbI-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbI-0005vi-00 bits 256 -1999-03-02 09:44:33 10HmbI-0005vi-00 => notreq@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbJ-0005vi-00" +1999-03-02 09:44:33 10HmbI-0005vi-00 => notreq@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbJ-0005vi-00" 1999-03-02 09:44:33 10HmbI-0005vi-00 Completed 1999-03-02 09:44:33 10HmbK-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for noverify_getticket@test.ex -1999-03-02 09:44:33 10HmbK-0005vi-00 [127.0.0.1] SSL verify error: certificate name mismatch: DN="/CN=server1.example.com" H="127.0.0.1" 1999-03-02 09:44:33 10HmbK-0005vi-00 tls_out_resumption client requested new ticket, server provided 1999-03-02 09:44:33 10HmbK-0005vi-00 our cert subject 1999-03-02 09:44:33 10HmbK-0005vi-00 peer cert subject CN=server1.example.com 1999-03-02 09:44:33 10HmbK-0005vi-00 peer cert verified 0 -1999-03-02 09:44:33 10HmbK-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbK-0005vi-00 peer dn CN=server1.example.com 1999-03-02 09:44:33 10HmbK-0005vi-00 ocsp 4 1999-03-02 09:44:33 10HmbK-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbK-0005vi-00 bits 256 -1999-03-02 09:44:33 10HmbK-0005vi-00 => noverify_getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no DN="/CN=server1.example.com" C="250 OK id=10HmbL-0005vi-00" +1999-03-02 09:44:33 10HmbK-0005vi-00 => noverify_getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no DN="CN=server1.example.com" C="250 OK id=10HmbL-0005vi-00" 1999-03-02 09:44:33 10HmbK-0005vi-00 Completed 1999-03-02 09:44:33 10HmbM-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for noverify_resume@test.ex 1999-03-02 09:44:33 10HmbM-0005vi-00 tls_out_resumption session resumed 1999-03-02 09:44:33 10HmbM-0005vi-00 our cert subject 1999-03-02 09:44:33 10HmbM-0005vi-00 peer cert subject CN=server1.example.com 1999-03-02 09:44:33 10HmbM-0005vi-00 peer cert verified 0 -1999-03-02 09:44:33 10HmbM-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbM-0005vi-00 peer dn CN=server1.example.com 1999-03-02 09:44:33 10HmbM-0005vi-00 ocsp 4 -1999-03-02 09:44:33 10HmbM-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbM-0005vi-00 cipher TLS1.x:ke--AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbM-0005vi-00 bits 256 -1999-03-02 09:44:33 10HmbM-0005vi-00 => noverify_resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no DN="/CN=server1.example.com" C="250 OK id=10HmbN-0005vi-00" +1999-03-02 09:44:33 10HmbM-0005vi-00 => noverify_resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=no DN="CN=server1.example.com" C="250 OK id=10HmbN-0005vi-00" 1999-03-02 09:44:33 10HmbM-0005vi-00 Completed 1999-03-02 09:44:33 10HmbO-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for getticket@test.ex 1999-03-02 09:44:33 10HmbO-0005vi-00 tls_out_resumption client requested new ticket, server provided 1999-03-02 09:44:33 10HmbO-0005vi-00 our cert subject 1999-03-02 09:44:33 10HmbO-0005vi-00 peer cert subject CN=server1.example.com 1999-03-02 09:44:33 10HmbO-0005vi-00 peer cert verified 1 -1999-03-02 09:44:33 10HmbO-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbO-0005vi-00 peer dn CN=server1.example.com 1999-03-02 09:44:33 10HmbO-0005vi-00 ocsp 4 1999-03-02 09:44:33 10HmbO-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbO-0005vi-00 bits 256 -1999-03-02 09:44:33 10HmbO-0005vi-00 => getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbP-0005vi-00" +1999-03-02 09:44:33 10HmbO-0005vi-00 => getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbP-0005vi-00" 1999-03-02 09:44:33 10HmbO-0005vi-00 Completed 1999-03-02 09:44:33 10HmbQ-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for resume@test.ex abcd@test.ex xyz@test.ex -1999-03-02 09:44:33 10HmbQ-0005vi-00 tls_out_resumption session resumed +1999-03-02 09:44:33 10HmbQ-0005vi-00 tls_out_resumption session resumed, also new ticket 1999-03-02 09:44:33 10HmbQ-0005vi-00 our cert subject 1999-03-02 09:44:33 10HmbQ-0005vi-00 peer cert subject CN=server1.example.com 1999-03-02 09:44:33 10HmbQ-0005vi-00 peer cert verified 1 -1999-03-02 09:44:33 10HmbQ-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbQ-0005vi-00 peer dn CN=server1.example.com 1999-03-02 09:44:33 10HmbQ-0005vi-00 ocsp 4 -1999-03-02 09:44:33 10HmbQ-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbQ-0005vi-00 cipher TLS1.x:ke-PSK-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbQ-0005vi-00 bits 256 1999-03-02 09:44:33 10HmbQ-0005vi-00 tls_out_resumption not requested or offered 1999-03-02 09:44:33 10HmbQ-0005vi-00 our cert subject 1999-03-02 09:44:33 10HmbQ-0005vi-00 peer cert subject CN=server1.example.com 1999-03-02 09:44:33 10HmbQ-0005vi-00 peer cert verified 1 -1999-03-02 09:44:33 10HmbQ-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbQ-0005vi-00 peer dn CN=server1.example.com 1999-03-02 09:44:33 10HmbQ-0005vi-00 ocsp 4 1999-03-02 09:44:33 10HmbQ-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbQ-0005vi-00 bits 256 -1999-03-02 09:44:33 10HmbQ-0005vi-00 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbR-0005vi-00" -1999-03-02 09:44:33 10HmbQ-0005vi-00 -> xyz@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbR-0005vi-00" -1999-03-02 09:44:33 10HmbQ-0005vi-00 => abcd@test.ex R=client T=send_to_server2 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbS-0005vi-00" +1999-03-02 09:44:33 10HmbQ-0005vi-00 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbR-0005vi-00" +1999-03-02 09:44:33 10HmbQ-0005vi-00 -> xyz@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbR-0005vi-00" +1999-03-02 09:44:33 10HmbQ-0005vi-00 => abcd@test.ex R=client T=send_to_server2 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbS-0005vi-00" 1999-03-02 09:44:33 10HmbQ-0005vi-00 Completed 1999-03-02 09:44:33 10HmbT-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for renewal@test.ex 1999-03-02 09:44:33 10HmbT-0005vi-00 tls_out_resumption session resumed, also new ticket 1999-03-02 09:44:33 10HmbT-0005vi-00 our cert subject 1999-03-02 09:44:33 10HmbT-0005vi-00 peer cert subject CN=server1.example.com 1999-03-02 09:44:33 10HmbT-0005vi-00 peer cert verified 1 -1999-03-02 09:44:33 10HmbT-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbT-0005vi-00 peer dn CN=server1.example.com 1999-03-02 09:44:33 10HmbT-0005vi-00 ocsp 4 -1999-03-02 09:44:33 10HmbT-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbT-0005vi-00 cipher TLS1.x:ke-PSK-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbT-0005vi-00 bits 256 -1999-03-02 09:44:33 10HmbT-0005vi-00 => renewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbU-0005vi-00" +1999-03-02 09:44:33 10HmbT-0005vi-00 => renewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbU-0005vi-00" 1999-03-02 09:44:33 10HmbT-0005vi-00 Completed 1999-03-02 09:44:33 10HmbV-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for postrenewal@test.ex -1999-03-02 09:44:33 10HmbV-0005vi-00 tls_out_resumption session resumed +1999-03-02 09:44:33 10HmbV-0005vi-00 tls_out_resumption session resumed, also new ticket 1999-03-02 09:44:33 10HmbV-0005vi-00 our cert subject 1999-03-02 09:44:33 10HmbV-0005vi-00 peer cert subject CN=server1.example.com 1999-03-02 09:44:33 10HmbV-0005vi-00 peer cert verified 1 -1999-03-02 09:44:33 10HmbV-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbV-0005vi-00 peer dn CN=server1.example.com 1999-03-02 09:44:33 10HmbV-0005vi-00 ocsp 4 -1999-03-02 09:44:33 10HmbV-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbV-0005vi-00 cipher TLS1.x:ke-PSK-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbV-0005vi-00 bits 256 -1999-03-02 09:44:33 10HmbV-0005vi-00 => postrenewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbW-0005vi-00" +1999-03-02 09:44:33 10HmbV-0005vi-00 => postrenewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbW-0005vi-00" 1999-03-02 09:44:33 10HmbV-0005vi-00 Completed 1999-03-02 09:44:33 10HmbX-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for timeout@test.ex -1999-03-02 09:44:33 10HmbX-0005vi-00 tls_out_resumption session resumed, also new ticket +1999-03-02 09:44:33 10HmbX-0005vi-00 tls_out_resumption client offered session, server only provided new ticket 1999-03-02 09:44:33 10HmbX-0005vi-00 our cert subject 1999-03-02 09:44:33 10HmbX-0005vi-00 peer cert subject CN=server1.example.com 1999-03-02 09:44:33 10HmbX-0005vi-00 peer cert verified 1 -1999-03-02 09:44:33 10HmbX-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbX-0005vi-00 peer dn CN=server1.example.com 1999-03-02 09:44:33 10HmbX-0005vi-00 ocsp 4 1999-03-02 09:44:33 10HmbX-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbX-0005vi-00 bits 256 -1999-03-02 09:44:33 10HmbX-0005vi-00 => timeout@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbY-0005vi-00" +1999-03-02 09:44:33 10HmbX-0005vi-00 => timeout@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbY-0005vi-00" 1999-03-02 09:44:33 10HmbX-0005vi-00 Completed 1999-03-02 09:44:33 10HmbZ-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for notreq@test.ex -1999-03-02 09:44:33 10HmbZ-0005vi-00 tls_out_resumption not requested or offered +1999-03-02 09:44:33 10HmbZ-0005vi-00 tls_out_resumption no client request 1999-03-02 09:44:33 10HmbZ-0005vi-00 our cert subject 1999-03-02 09:44:33 10HmbZ-0005vi-00 peer cert subject CN=server1.example.com 1999-03-02 09:44:33 10HmbZ-0005vi-00 peer cert verified 1 -1999-03-02 09:44:33 10HmbZ-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbZ-0005vi-00 peer dn CN=server1.example.com 1999-03-02 09:44:33 10HmbZ-0005vi-00 ocsp 4 1999-03-02 09:44:33 10HmbZ-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 10HmbZ-0005vi-00 bits 256 -1999-03-02 09:44:33 10HmbZ-0005vi-00 => notreq@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmcA-0005vi-00" +1999-03-02 09:44:33 10HmbZ-0005vi-00 => notreq@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmcA-0005vi-00" 1999-03-02 09:44:33 10HmbZ-0005vi-00 Completed ******** SERVER ******** @@ -188,14 +187,14 @@ 1999-03-02 09:44:33 10HmaY-0005vi-00 => :blackhole: R=server 1999-03-02 09:44:33 10HmaY-0005vi-00 Completed 1999-03-02 09:44:33 tls_in_resumption session resumed -1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 our cert subject 1999-03-02 09:44:33 peer cert subject 1999-03-02 09:44:33 peer cert verified 0 1999-03-02 09:44:33 peer dn -1999-03-02 09:44:33 ocsp 0 -1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 ocsp 1 +1999-03-02 09:44:33 cipher TLS1.x:ke--AES256-SHAnnn:xxx 1999-03-02 09:44:33 bits 256 -1999-03-02 09:44:33 10HmbA-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmaZ-0005vi-00@myhost.test.ex for resume@test.ex xyz@test.ex +1999-03-02 09:44:33 10HmbA-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=no S=sss id=E10HmaZ-0005vi-00@myhost.test.ex for resume@test.ex xyz@test.ex 1999-03-02 09:44:33 10HmbA-0005vi-00 => :blackhole: R=server 1999-03-02 09:44:33 10HmbA-0005vi-00 => :blackhole: R=server 1999-03-02 09:44:33 10HmbA-0005vi-00 Completed @@ -210,29 +209,29 @@ 1999-03-02 09:44:33 10HmbB-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaZ-0005vi-00@myhost.test.ex for abcd@test.ex 1999-03-02 09:44:33 10HmbB-0005vi-00 => :blackhole: R=server 1999-03-02 09:44:33 10HmbB-0005vi-00 Completed -1999-03-02 09:44:33 tls_in_resumption session resumed, also new ticket -1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 tls_in_resumption session resumed +1999-03-02 09:44:33 our cert subject 1999-03-02 09:44:33 peer cert subject 1999-03-02 09:44:33 peer cert verified 0 1999-03-02 09:44:33 peer dn -1999-03-02 09:44:33 ocsp 0 -1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 ocsp 1 +1999-03-02 09:44:33 cipher TLS1.x:ke--AES256-SHAnnn:xxx 1999-03-02 09:44:33 bits 256 -1999-03-02 09:44:33 10HmbD-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbC-0005vi-00@myhost.test.ex for renewal@test.ex +1999-03-02 09:44:33 10HmbD-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbC-0005vi-00@myhost.test.ex for renewal@test.ex 1999-03-02 09:44:33 10HmbD-0005vi-00 => :blackhole: R=server 1999-03-02 09:44:33 10HmbD-0005vi-00 Completed -1999-03-02 09:44:33 tls_in_resumption session resumed, also new ticket -1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 tls_in_resumption session resumed +1999-03-02 09:44:33 our cert subject 1999-03-02 09:44:33 peer cert subject 1999-03-02 09:44:33 peer cert verified 0 1999-03-02 09:44:33 peer dn -1999-03-02 09:44:33 ocsp 0 -1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 ocsp 1 +1999-03-02 09:44:33 cipher TLS1.x:ke--AES256-SHAnnn:xxx 1999-03-02 09:44:33 bits 256 -1999-03-02 09:44:33 10HmbF-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbE-0005vi-00@myhost.test.ex for postrenewal@test.ex +1999-03-02 09:44:33 10HmbF-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbE-0005vi-00@myhost.test.ex for postrenewal@test.ex 1999-03-02 09:44:33 10HmbF-0005vi-00 => :blackhole: R=server 1999-03-02 09:44:33 10HmbF-0005vi-00 Completed -1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided +1999-03-02 09:44:33 tls_in_resumption client offered session, server only provided new ticket 1999-03-02 09:44:33 our cert subject CN=server1.example.com 1999-03-02 09:44:33 peer cert subject 1999-03-02 09:44:33 peer cert verified 0 @@ -243,7 +242,7 @@ 1999-03-02 09:44:33 10HmbH-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbG-0005vi-00@myhost.test.ex for timeout@test.ex 1999-03-02 09:44:33 10HmbH-0005vi-00 => :blackhole: R=server 1999-03-02 09:44:33 10HmbH-0005vi-00 Completed -1999-03-02 09:44:33 tls_in_resumption no client request +1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided 1999-03-02 09:44:33 our cert subject CN=server1.example.com 1999-03-02 09:44:33 peer cert subject 1999-03-02 09:44:33 peer cert verified 0 @@ -266,14 +265,14 @@ 1999-03-02 09:44:33 10HmbL-0005vi-00 => :blackhole: R=server 1999-03-02 09:44:33 10HmbL-0005vi-00 Completed 1999-03-02 09:44:33 tls_in_resumption session resumed -1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 our cert subject 1999-03-02 09:44:33 peer cert subject 1999-03-02 09:44:33 peer cert verified 0 1999-03-02 09:44:33 peer dn -1999-03-02 09:44:33 ocsp 0 -1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 ocsp 1 +1999-03-02 09:44:33 cipher TLS1.x:ke--AES256-SHAnnn:xxx 1999-03-02 09:44:33 bits 256 -1999-03-02 09:44:33 10HmbN-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbM-0005vi-00@myhost.test.ex for noverify_resume@test.ex +1999-03-02 09:44:33 10HmbN-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke--AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbM-0005vi-00@myhost.test.ex for noverify_resume@test.ex 1999-03-02 09:44:33 10HmbN-0005vi-00 => :blackhole: R=server 1999-03-02 09:44:33 10HmbN-0005vi-00 Completed 1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D @@ -282,21 +281,21 @@ 1999-03-02 09:44:33 peer cert subject 1999-03-02 09:44:33 peer cert verified 0 1999-03-02 09:44:33 peer dn -1999-03-02 09:44:33 ocsp 4 +1999-03-02 09:44:33 ocsp 1 1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 bits 256 1999-03-02 09:44:33 10HmbP-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbO-0005vi-00@myhost.test.ex for getticket@test.ex 1999-03-02 09:44:33 10HmbP-0005vi-00 => :blackhole: R=server 1999-03-02 09:44:33 10HmbP-0005vi-00 Completed -1999-03-02 09:44:33 tls_in_resumption session resumed -1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 tls_in_resumption session resumed, also new ticket +1999-03-02 09:44:33 our cert subject 1999-03-02 09:44:33 peer cert subject 1999-03-02 09:44:33 peer cert verified 0 1999-03-02 09:44:33 peer dn -1999-03-02 09:44:33 ocsp 0 -1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 ocsp 1 +1999-03-02 09:44:33 cipher TLS1.x:ke-PSK-AES256-SHAnnn:xxx 1999-03-02 09:44:33 bits 256 -1999-03-02 09:44:33 10HmbR-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbQ-0005vi-00@myhost.test.ex for resume@test.ex xyz@test.ex +1999-03-02 09:44:33 10HmbR-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbQ-0005vi-00@myhost.test.ex for resume@test.ex xyz@test.ex 1999-03-02 09:44:33 10HmbR-0005vi-00 => :blackhole: R=server 1999-03-02 09:44:33 10HmbR-0005vi-00 => :blackhole: R=server 1999-03-02 09:44:33 10HmbR-0005vi-00 Completed @@ -305,43 +304,43 @@ 1999-03-02 09:44:33 peer cert subject 1999-03-02 09:44:33 peer cert verified 0 1999-03-02 09:44:33 peer dn -1999-03-02 09:44:33 ocsp 4 +1999-03-02 09:44:33 ocsp 1 1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 bits 256 1999-03-02 09:44:33 10HmbS-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbQ-0005vi-00@myhost.test.ex for abcd@test.ex 1999-03-02 09:44:33 10HmbS-0005vi-00 => :blackhole: R=server 1999-03-02 09:44:33 10HmbS-0005vi-00 Completed 1999-03-02 09:44:33 tls_in_resumption session resumed, also new ticket -1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 our cert subject 1999-03-02 09:44:33 peer cert subject 1999-03-02 09:44:33 peer cert verified 0 1999-03-02 09:44:33 peer dn -1999-03-02 09:44:33 ocsp 0 -1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 ocsp 1 +1999-03-02 09:44:33 cipher TLS1.x:ke-PSK-AES256-SHAnnn:xxx 1999-03-02 09:44:33 bits 256 -1999-03-02 09:44:33 10HmbU-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbT-0005vi-00@myhost.test.ex for renewal@test.ex +1999-03-02 09:44:33 10HmbU-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbT-0005vi-00@myhost.test.ex for renewal@test.ex 1999-03-02 09:44:33 10HmbU-0005vi-00 => :blackhole: R=server 1999-03-02 09:44:33 10HmbU-0005vi-00 Completed -1999-03-02 09:44:33 tls_in_resumption session resumed -1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 tls_in_resumption session resumed, also new ticket +1999-03-02 09:44:33 our cert subject 1999-03-02 09:44:33 peer cert subject 1999-03-02 09:44:33 peer cert verified 0 1999-03-02 09:44:33 peer dn -1999-03-02 09:44:33 ocsp 0 -1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 ocsp 1 +1999-03-02 09:44:33 cipher TLS1.x:ke-PSK-AES256-SHAnnn:xxx 1999-03-02 09:44:33 bits 256 -1999-03-02 09:44:33 10HmbW-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbV-0005vi-00@myhost.test.ex for postrenewal@test.ex +1999-03-02 09:44:33 10HmbW-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-PSK-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbV-0005vi-00@myhost.test.ex for postrenewal@test.ex 1999-03-02 09:44:33 10HmbW-0005vi-00 => :blackhole: R=server 1999-03-02 09:44:33 10HmbW-0005vi-00 Completed -1999-03-02 09:44:33 tls_in_resumption session resumed, also new ticket +1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided 1999-03-02 09:44:33 our cert subject CN=server1.example.com 1999-03-02 09:44:33 peer cert subject 1999-03-02 09:44:33 peer cert verified 0 1999-03-02 09:44:33 peer dn -1999-03-02 09:44:33 ocsp 0 +1999-03-02 09:44:33 ocsp 1 1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 bits 256 -1999-03-02 09:44:33 10HmbY-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbX-0005vi-00@myhost.test.ex for timeout@test.ex +1999-03-02 09:44:33 10HmbY-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbX-0005vi-00@myhost.test.ex for timeout@test.ex 1999-03-02 09:44:33 10HmbY-0005vi-00 => :blackhole: R=server 1999-03-02 09:44:33 10HmbY-0005vi-00 Completed 1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided @@ -349,7 +348,7 @@ 1999-03-02 09:44:33 peer cert subject 1999-03-02 09:44:33 peer cert verified 0 1999-03-02 09:44:33 peer dn -1999-03-02 09:44:33 ocsp 4 +1999-03-02 09:44:33 ocsp 1 1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx 1999-03-02 09:44:33 bits 256 1999-03-02 09:44:33 10HmcA-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbZ-0005vi-00@myhost.test.ex for notreq@test.ex diff --git a/test/log/5892 b/test/log/5892 new file mode 100644 index 000000000..61450a7a9 --- /dev/null +++ b/test/log/5892 @@ -0,0 +1,325 @@ +1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for getticket@test.ex +1999-03-02 09:44:33 10HmaX-0005vi-00 tls_out_resumption client requested new ticket, server provided +1999-03-02 09:44:33 10HmaX-0005vi-00 our cert subject +1999-03-02 09:44:33 10HmaX-0005vi-00 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmaX-0005vi-00 peer cert verified 1 +1999-03-02 09:44:33 10HmaX-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmaX-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmaX-0005vi-00 bits 256 +1999-03-02 09:44:33 10HmaX-0005vi-00 => getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmaY-0005vi-00" +1999-03-02 09:44:33 10HmaX-0005vi-00 Completed +1999-03-02 09:44:33 10HmaZ-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for resume@test.ex abcd@test.ex xyz@test.ex +1999-03-02 09:44:33 10HmaZ-0005vi-00 tls_out_resumption session resumed +1999-03-02 09:44:33 10HmaZ-0005vi-00 our cert subject +1999-03-02 09:44:33 10HmaZ-0005vi-00 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmaZ-0005vi-00 peer cert verified 1 +1999-03-02 09:44:33 10HmaZ-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmaZ-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmaZ-0005vi-00 bits 256 +1999-03-02 09:44:33 10HmaZ-0005vi-00 tls_out_resumption not requested or offered +1999-03-02 09:44:33 10HmaZ-0005vi-00 our cert subject +1999-03-02 09:44:33 10HmaZ-0005vi-00 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmaZ-0005vi-00 peer cert verified 1 +1999-03-02 09:44:33 10HmaZ-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmaZ-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmaZ-0005vi-00 bits 256 +1999-03-02 09:44:33 10HmaZ-0005vi-00 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbA-0005vi-00" +1999-03-02 09:44:33 10HmaZ-0005vi-00 -> xyz@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbA-0005vi-00" +1999-03-02 09:44:33 10HmaZ-0005vi-00 => abcd@test.ex R=client T=send_to_server2 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbB-0005vi-00" +1999-03-02 09:44:33 10HmaZ-0005vi-00 Completed +1999-03-02 09:44:33 10HmbC-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for renewal@test.ex +1999-03-02 09:44:33 10HmbC-0005vi-00 tls_out_resumption session resumed +1999-03-02 09:44:33 10HmbC-0005vi-00 our cert subject +1999-03-02 09:44:33 10HmbC-0005vi-00 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmbC-0005vi-00 peer cert verified 1 +1999-03-02 09:44:33 10HmbC-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbC-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbC-0005vi-00 bits 256 +1999-03-02 09:44:33 10HmbC-0005vi-00 => renewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbD-0005vi-00" +1999-03-02 09:44:33 10HmbC-0005vi-00 Completed +1999-03-02 09:44:33 10HmbE-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for postrenewal@test.ex +1999-03-02 09:44:33 10HmbE-0005vi-00 tls_out_resumption session resumed +1999-03-02 09:44:33 10HmbE-0005vi-00 our cert subject +1999-03-02 09:44:33 10HmbE-0005vi-00 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmbE-0005vi-00 peer cert verified 1 +1999-03-02 09:44:33 10HmbE-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbE-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbE-0005vi-00 bits 256 +1999-03-02 09:44:33 10HmbE-0005vi-00 => postrenewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbF-0005vi-00" +1999-03-02 09:44:33 10HmbE-0005vi-00 Completed +1999-03-02 09:44:33 10HmbG-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for timeout@test.ex +1999-03-02 09:44:33 10HmbG-0005vi-00 tls_out_resumption client requested new ticket, server provided +1999-03-02 09:44:33 10HmbG-0005vi-00 our cert subject +1999-03-02 09:44:33 10HmbG-0005vi-00 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmbG-0005vi-00 peer cert verified 1 +1999-03-02 09:44:33 10HmbG-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbG-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbG-0005vi-00 bits 256 +1999-03-02 09:44:33 10HmbG-0005vi-00 => timeout@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbH-0005vi-00" +1999-03-02 09:44:33 10HmbG-0005vi-00 Completed +1999-03-02 09:44:33 10HmbI-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for notreq@test.ex +1999-03-02 09:44:33 10HmbI-0005vi-00 tls_out_resumption not requested or offered +1999-03-02 09:44:33 10HmbI-0005vi-00 our cert subject +1999-03-02 09:44:33 10HmbI-0005vi-00 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmbI-0005vi-00 peer cert verified 1 +1999-03-02 09:44:33 10HmbI-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbI-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbI-0005vi-00 bits 256 +1999-03-02 09:44:33 10HmbI-0005vi-00 => notreq@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbJ-0005vi-00" +1999-03-02 09:44:33 10HmbI-0005vi-00 Completed +1999-03-02 09:44:33 10HmbK-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for noverify_getticket@test.ex +1999-03-02 09:44:33 10HmbK-0005vi-00 [127.0.0.1] SSL verify error: certificate name mismatch: DN="/CN=server1.example.com" H="127.0.0.1" +1999-03-02 09:44:33 10HmbK-0005vi-00 tls_out_resumption client requested new ticket, server provided +1999-03-02 09:44:33 10HmbK-0005vi-00 our cert subject +1999-03-02 09:44:33 10HmbK-0005vi-00 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmbK-0005vi-00 peer cert verified 0 +1999-03-02 09:44:33 10HmbK-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbK-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbK-0005vi-00 bits 256 +1999-03-02 09:44:33 10HmbK-0005vi-00 => noverify_getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no DN="/CN=server1.example.com" C="250 OK id=10HmbL-0005vi-00" +1999-03-02 09:44:33 10HmbK-0005vi-00 Completed +1999-03-02 09:44:33 10HmbM-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for noverify_resume@test.ex +1999-03-02 09:44:33 10HmbM-0005vi-00 tls_out_resumption session resumed +1999-03-02 09:44:33 10HmbM-0005vi-00 our cert subject +1999-03-02 09:44:33 10HmbM-0005vi-00 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmbM-0005vi-00 peer cert verified 0 +1999-03-02 09:44:33 10HmbM-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbM-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbM-0005vi-00 bits 256 +1999-03-02 09:44:33 10HmbM-0005vi-00 => noverify_resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no DN="/CN=server1.example.com" C="250 OK id=10HmbN-0005vi-00" +1999-03-02 09:44:33 10HmbM-0005vi-00 Completed +1999-03-02 09:44:33 10HmbO-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for getticket@test.ex +1999-03-02 09:44:33 10HmbO-0005vi-00 tls_out_resumption client requested new ticket, server provided +1999-03-02 09:44:33 10HmbO-0005vi-00 our cert subject +1999-03-02 09:44:33 10HmbO-0005vi-00 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmbO-0005vi-00 peer cert verified 1 +1999-03-02 09:44:33 10HmbO-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbO-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbO-0005vi-00 bits 256 +1999-03-02 09:44:33 10HmbO-0005vi-00 => getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbP-0005vi-00" +1999-03-02 09:44:33 10HmbO-0005vi-00 Completed +1999-03-02 09:44:33 10HmbQ-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for resume@test.ex abcd@test.ex xyz@test.ex +1999-03-02 09:44:33 10HmbQ-0005vi-00 tls_out_resumption session resumed +1999-03-02 09:44:33 10HmbQ-0005vi-00 our cert subject +1999-03-02 09:44:33 10HmbQ-0005vi-00 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmbQ-0005vi-00 peer cert verified 1 +1999-03-02 09:44:33 10HmbQ-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbQ-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbQ-0005vi-00 bits 256 +1999-03-02 09:44:33 10HmbQ-0005vi-00 tls_out_resumption not requested or offered +1999-03-02 09:44:33 10HmbQ-0005vi-00 our cert subject +1999-03-02 09:44:33 10HmbQ-0005vi-00 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmbQ-0005vi-00 peer cert verified 1 +1999-03-02 09:44:33 10HmbQ-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbQ-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbQ-0005vi-00 bits 256 +1999-03-02 09:44:33 10HmbQ-0005vi-00 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbR-0005vi-00" +1999-03-02 09:44:33 10HmbQ-0005vi-00 -> xyz@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbR-0005vi-00" +1999-03-02 09:44:33 10HmbQ-0005vi-00 => abcd@test.ex R=client T=send_to_server2 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbS-0005vi-00" +1999-03-02 09:44:33 10HmbQ-0005vi-00 Completed +1999-03-02 09:44:33 10HmbT-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for renewal@test.ex +1999-03-02 09:44:33 10HmbT-0005vi-00 tls_out_resumption session resumed, also new ticket +1999-03-02 09:44:33 10HmbT-0005vi-00 our cert subject +1999-03-02 09:44:33 10HmbT-0005vi-00 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmbT-0005vi-00 peer cert verified 1 +1999-03-02 09:44:33 10HmbT-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbT-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbT-0005vi-00 bits 256 +1999-03-02 09:44:33 10HmbT-0005vi-00 => renewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbU-0005vi-00" +1999-03-02 09:44:33 10HmbT-0005vi-00 Completed +1999-03-02 09:44:33 10HmbV-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for postrenewal@test.ex +1999-03-02 09:44:33 10HmbV-0005vi-00 tls_out_resumption session resumed +1999-03-02 09:44:33 10HmbV-0005vi-00 our cert subject +1999-03-02 09:44:33 10HmbV-0005vi-00 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmbV-0005vi-00 peer cert verified 1 +1999-03-02 09:44:33 10HmbV-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbV-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbV-0005vi-00 bits 256 +1999-03-02 09:44:33 10HmbV-0005vi-00 => postrenewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbW-0005vi-00" +1999-03-02 09:44:33 10HmbV-0005vi-00 Completed +1999-03-02 09:44:33 10HmbX-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for timeout@test.ex +1999-03-02 09:44:33 10HmbX-0005vi-00 tls_out_resumption session resumed, also new ticket +1999-03-02 09:44:33 10HmbX-0005vi-00 our cert subject +1999-03-02 09:44:33 10HmbX-0005vi-00 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmbX-0005vi-00 peer cert verified 1 +1999-03-02 09:44:33 10HmbX-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbX-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbX-0005vi-00 bits 256 +1999-03-02 09:44:33 10HmbX-0005vi-00 => timeout@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbY-0005vi-00" +1999-03-02 09:44:33 10HmbX-0005vi-00 Completed +1999-03-02 09:44:33 10HmbZ-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for notreq@test.ex +1999-03-02 09:44:33 10HmbZ-0005vi-00 tls_out_resumption not requested or offered +1999-03-02 09:44:33 10HmbZ-0005vi-00 our cert subject +1999-03-02 09:44:33 10HmbZ-0005vi-00 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmbZ-0005vi-00 peer cert verified 1 +1999-03-02 09:44:33 10HmbZ-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbZ-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbZ-0005vi-00 bits 256 +1999-03-02 09:44:33 10HmbZ-0005vi-00 => notreq@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmcA-0005vi-00" +1999-03-02 09:44:33 10HmbZ-0005vi-00 Completed + +******** SERVER ******** +1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D +1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmaY-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaX-0005vi-00@myhost.test.ex for getticket@test.ex +1999-03-02 09:44:33 10HmaY-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmaY-0005vi-00 Completed +1999-03-02 09:44:33 tls_in_resumption session resumed +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmbA-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmaZ-0005vi-00@myhost.test.ex for resume@test.ex xyz@test.ex +1999-03-02 09:44:33 10HmbA-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbA-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbA-0005vi-00 Completed +1999-03-02 09:44:33 tls_in_resumption not requested or offered +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmbB-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaZ-0005vi-00@myhost.test.ex for abcd@test.ex +1999-03-02 09:44:33 10HmbB-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbB-0005vi-00 Completed +1999-03-02 09:44:33 tls_in_resumption session resumed, also new ticket +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmbD-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbC-0005vi-00@myhost.test.ex for renewal@test.ex +1999-03-02 09:44:33 10HmbD-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbD-0005vi-00 Completed +1999-03-02 09:44:33 tls_in_resumption session resumed, also new ticket +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmbF-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbE-0005vi-00@myhost.test.ex for postrenewal@test.ex +1999-03-02 09:44:33 10HmbF-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbF-0005vi-00 Completed +1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmbH-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbG-0005vi-00@myhost.test.ex for timeout@test.ex +1999-03-02 09:44:33 10HmbH-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbH-0005vi-00 Completed +1999-03-02 09:44:33 tls_in_resumption no client request +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmbJ-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbI-0005vi-00@myhost.test.ex for notreq@test.ex +1999-03-02 09:44:33 10HmbJ-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbJ-0005vi-00 Completed +1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmbL-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbK-0005vi-00@myhost.test.ex for noverify_getticket@test.ex +1999-03-02 09:44:33 10HmbL-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbL-0005vi-00 Completed +1999-03-02 09:44:33 tls_in_resumption session resumed +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmbN-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbM-0005vi-00@myhost.test.ex for noverify_resume@test.ex +1999-03-02 09:44:33 10HmbN-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbN-0005vi-00 Completed +1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D +1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmbP-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbO-0005vi-00@myhost.test.ex for getticket@test.ex +1999-03-02 09:44:33 10HmbP-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbP-0005vi-00 Completed +1999-03-02 09:44:33 tls_in_resumption session resumed +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmbR-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbQ-0005vi-00@myhost.test.ex for resume@test.ex xyz@test.ex +1999-03-02 09:44:33 10HmbR-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbR-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbR-0005vi-00 Completed +1999-03-02 09:44:33 tls_in_resumption not requested or offered +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmbS-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbQ-0005vi-00@myhost.test.ex for abcd@test.ex +1999-03-02 09:44:33 10HmbS-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbS-0005vi-00 Completed +1999-03-02 09:44:33 tls_in_resumption session resumed, also new ticket +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmbU-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbT-0005vi-00@myhost.test.ex for renewal@test.ex +1999-03-02 09:44:33 10HmbU-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbU-0005vi-00 Completed +1999-03-02 09:44:33 tls_in_resumption session resumed +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmbW-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbV-0005vi-00@myhost.test.ex for postrenewal@test.ex +1999-03-02 09:44:33 10HmbW-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbW-0005vi-00 Completed +1999-03-02 09:44:33 tls_in_resumption session resumed, also new ticket +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmbY-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbX-0005vi-00@myhost.test.ex for timeout@test.ex +1999-03-02 09:44:33 10HmbY-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbY-0005vi-00 Completed +1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmcA-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbZ-0005vi-00@myhost.test.ex for notreq@test.ex +1999-03-02 09:44:33 10HmcA-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmcA-0005vi-00 Completed diff --git a/test/log/5893 b/test/log/5893 new file mode 100644 index 000000000..6b0405704 --- /dev/null +++ b/test/log/5893 @@ -0,0 +1,357 @@ +1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for getticket@test.ex +1999-03-02 09:44:33 10HmaX-0005vi-00 tls_out_resumption client requested new ticket, server provided +1999-03-02 09:44:33 10HmaX-0005vi-00 our cert subject +1999-03-02 09:44:33 10HmaX-0005vi-00 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmaX-0005vi-00 peer cert verified 1 +1999-03-02 09:44:33 10HmaX-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmaX-0005vi-00 ocsp 4 +1999-03-02 09:44:33 10HmaX-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmaX-0005vi-00 bits 256 +1999-03-02 09:44:33 10HmaX-0005vi-00 => getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmaY-0005vi-00" +1999-03-02 09:44:33 10HmaX-0005vi-00 Completed +1999-03-02 09:44:33 10HmaZ-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for resume@test.ex abcd@test.ex xyz@test.ex +1999-03-02 09:44:33 10HmaZ-0005vi-00 tls_out_resumption session resumed +1999-03-02 09:44:33 10HmaZ-0005vi-00 our cert subject +1999-03-02 09:44:33 10HmaZ-0005vi-00 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmaZ-0005vi-00 peer cert verified 1 +1999-03-02 09:44:33 10HmaZ-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmaZ-0005vi-00 ocsp 4 +1999-03-02 09:44:33 10HmaZ-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmaZ-0005vi-00 bits 256 +1999-03-02 09:44:33 10HmaZ-0005vi-00 tls_out_resumption not requested or offered +1999-03-02 09:44:33 10HmaZ-0005vi-00 our cert subject +1999-03-02 09:44:33 10HmaZ-0005vi-00 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmaZ-0005vi-00 peer cert verified 1 +1999-03-02 09:44:33 10HmaZ-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmaZ-0005vi-00 ocsp 4 +1999-03-02 09:44:33 10HmaZ-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmaZ-0005vi-00 bits 256 +1999-03-02 09:44:33 10HmaZ-0005vi-00 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbA-0005vi-00" +1999-03-02 09:44:33 10HmaZ-0005vi-00 -> xyz@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbA-0005vi-00" +1999-03-02 09:44:33 10HmaZ-0005vi-00 => abcd@test.ex R=client T=send_to_server2 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbB-0005vi-00" +1999-03-02 09:44:33 10HmaZ-0005vi-00 Completed +1999-03-02 09:44:33 10HmbC-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for renewal@test.ex +1999-03-02 09:44:33 10HmbC-0005vi-00 tls_out_resumption session resumed +1999-03-02 09:44:33 10HmbC-0005vi-00 our cert subject +1999-03-02 09:44:33 10HmbC-0005vi-00 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmbC-0005vi-00 peer cert verified 1 +1999-03-02 09:44:33 10HmbC-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbC-0005vi-00 ocsp 4 +1999-03-02 09:44:33 10HmbC-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbC-0005vi-00 bits 256 +1999-03-02 09:44:33 10HmbC-0005vi-00 => renewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbD-0005vi-00" +1999-03-02 09:44:33 10HmbC-0005vi-00 Completed +1999-03-02 09:44:33 10HmbE-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for postrenewal@test.ex +1999-03-02 09:44:33 10HmbE-0005vi-00 tls_out_resumption session resumed +1999-03-02 09:44:33 10HmbE-0005vi-00 our cert subject +1999-03-02 09:44:33 10HmbE-0005vi-00 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmbE-0005vi-00 peer cert verified 1 +1999-03-02 09:44:33 10HmbE-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbE-0005vi-00 ocsp 4 +1999-03-02 09:44:33 10HmbE-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbE-0005vi-00 bits 256 +1999-03-02 09:44:33 10HmbE-0005vi-00 => postrenewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbF-0005vi-00" +1999-03-02 09:44:33 10HmbE-0005vi-00 Completed +1999-03-02 09:44:33 10HmbG-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for timeout@test.ex +1999-03-02 09:44:33 10HmbG-0005vi-00 tls_out_resumption client requested new ticket, server provided +1999-03-02 09:44:33 10HmbG-0005vi-00 our cert subject +1999-03-02 09:44:33 10HmbG-0005vi-00 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmbG-0005vi-00 peer cert verified 1 +1999-03-02 09:44:33 10HmbG-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbG-0005vi-00 ocsp 4 +1999-03-02 09:44:33 10HmbG-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbG-0005vi-00 bits 256 +1999-03-02 09:44:33 10HmbG-0005vi-00 => timeout@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbH-0005vi-00" +1999-03-02 09:44:33 10HmbG-0005vi-00 Completed +1999-03-02 09:44:33 10HmbI-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for notreq@test.ex +1999-03-02 09:44:33 10HmbI-0005vi-00 tls_out_resumption not requested or offered +1999-03-02 09:44:33 10HmbI-0005vi-00 our cert subject +1999-03-02 09:44:33 10HmbI-0005vi-00 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmbI-0005vi-00 peer cert verified 1 +1999-03-02 09:44:33 10HmbI-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbI-0005vi-00 ocsp 4 +1999-03-02 09:44:33 10HmbI-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbI-0005vi-00 bits 256 +1999-03-02 09:44:33 10HmbI-0005vi-00 => notreq@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbJ-0005vi-00" +1999-03-02 09:44:33 10HmbI-0005vi-00 Completed +1999-03-02 09:44:33 10HmbK-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for noverify_getticket@test.ex +1999-03-02 09:44:33 10HmbK-0005vi-00 [127.0.0.1] SSL verify error: certificate name mismatch: DN="/CN=server1.example.com" H="127.0.0.1" +1999-03-02 09:44:33 10HmbK-0005vi-00 tls_out_resumption client requested new ticket, server provided +1999-03-02 09:44:33 10HmbK-0005vi-00 our cert subject +1999-03-02 09:44:33 10HmbK-0005vi-00 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmbK-0005vi-00 peer cert verified 0 +1999-03-02 09:44:33 10HmbK-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbK-0005vi-00 ocsp 4 +1999-03-02 09:44:33 10HmbK-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbK-0005vi-00 bits 256 +1999-03-02 09:44:33 10HmbK-0005vi-00 => noverify_getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no DN="/CN=server1.example.com" C="250 OK id=10HmbL-0005vi-00" +1999-03-02 09:44:33 10HmbK-0005vi-00 Completed +1999-03-02 09:44:33 10HmbM-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for noverify_resume@test.ex +1999-03-02 09:44:33 10HmbM-0005vi-00 tls_out_resumption session resumed +1999-03-02 09:44:33 10HmbM-0005vi-00 our cert subject +1999-03-02 09:44:33 10HmbM-0005vi-00 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmbM-0005vi-00 peer cert verified 0 +1999-03-02 09:44:33 10HmbM-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbM-0005vi-00 ocsp 4 +1999-03-02 09:44:33 10HmbM-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbM-0005vi-00 bits 256 +1999-03-02 09:44:33 10HmbM-0005vi-00 => noverify_resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no DN="/CN=server1.example.com" C="250 OK id=10HmbN-0005vi-00" +1999-03-02 09:44:33 10HmbM-0005vi-00 Completed +1999-03-02 09:44:33 10HmbO-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for getticket@test.ex +1999-03-02 09:44:33 10HmbO-0005vi-00 tls_out_resumption client requested new ticket, server provided +1999-03-02 09:44:33 10HmbO-0005vi-00 our cert subject +1999-03-02 09:44:33 10HmbO-0005vi-00 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmbO-0005vi-00 peer cert verified 1 +1999-03-02 09:44:33 10HmbO-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbO-0005vi-00 ocsp 4 +1999-03-02 09:44:33 10HmbO-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbO-0005vi-00 bits 256 +1999-03-02 09:44:33 10HmbO-0005vi-00 => getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbP-0005vi-00" +1999-03-02 09:44:33 10HmbO-0005vi-00 Completed +1999-03-02 09:44:33 10HmbQ-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for resume@test.ex abcd@test.ex xyz@test.ex +1999-03-02 09:44:33 10HmbQ-0005vi-00 tls_out_resumption session resumed +1999-03-02 09:44:33 10HmbQ-0005vi-00 our cert subject +1999-03-02 09:44:33 10HmbQ-0005vi-00 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmbQ-0005vi-00 peer cert verified 1 +1999-03-02 09:44:33 10HmbQ-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbQ-0005vi-00 ocsp 4 +1999-03-02 09:44:33 10HmbQ-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbQ-0005vi-00 bits 256 +1999-03-02 09:44:33 10HmbQ-0005vi-00 tls_out_resumption not requested or offered +1999-03-02 09:44:33 10HmbQ-0005vi-00 our cert subject +1999-03-02 09:44:33 10HmbQ-0005vi-00 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmbQ-0005vi-00 peer cert verified 1 +1999-03-02 09:44:33 10HmbQ-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbQ-0005vi-00 ocsp 4 +1999-03-02 09:44:33 10HmbQ-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbQ-0005vi-00 bits 256 +1999-03-02 09:44:33 10HmbQ-0005vi-00 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbR-0005vi-00" +1999-03-02 09:44:33 10HmbQ-0005vi-00 -> xyz@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbR-0005vi-00" +1999-03-02 09:44:33 10HmbQ-0005vi-00 => abcd@test.ex R=client T=send_to_server2 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbS-0005vi-00" +1999-03-02 09:44:33 10HmbQ-0005vi-00 Completed +1999-03-02 09:44:33 10HmbT-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for renewal@test.ex +1999-03-02 09:44:33 10HmbT-0005vi-00 tls_out_resumption session resumed, also new ticket +1999-03-02 09:44:33 10HmbT-0005vi-00 our cert subject +1999-03-02 09:44:33 10HmbT-0005vi-00 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmbT-0005vi-00 peer cert verified 1 +1999-03-02 09:44:33 10HmbT-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbT-0005vi-00 ocsp 4 +1999-03-02 09:44:33 10HmbT-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbT-0005vi-00 bits 256 +1999-03-02 09:44:33 10HmbT-0005vi-00 => renewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbU-0005vi-00" +1999-03-02 09:44:33 10HmbT-0005vi-00 Completed +1999-03-02 09:44:33 10HmbV-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for postrenewal@test.ex +1999-03-02 09:44:33 10HmbV-0005vi-00 tls_out_resumption session resumed +1999-03-02 09:44:33 10HmbV-0005vi-00 our cert subject +1999-03-02 09:44:33 10HmbV-0005vi-00 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmbV-0005vi-00 peer cert verified 1 +1999-03-02 09:44:33 10HmbV-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbV-0005vi-00 ocsp 4 +1999-03-02 09:44:33 10HmbV-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbV-0005vi-00 bits 256 +1999-03-02 09:44:33 10HmbV-0005vi-00 => postrenewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbW-0005vi-00" +1999-03-02 09:44:33 10HmbV-0005vi-00 Completed +1999-03-02 09:44:33 10HmbX-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for timeout@test.ex +1999-03-02 09:44:33 10HmbX-0005vi-00 tls_out_resumption session resumed, also new ticket +1999-03-02 09:44:33 10HmbX-0005vi-00 our cert subject +1999-03-02 09:44:33 10HmbX-0005vi-00 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmbX-0005vi-00 peer cert verified 1 +1999-03-02 09:44:33 10HmbX-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbX-0005vi-00 ocsp 4 +1999-03-02 09:44:33 10HmbX-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbX-0005vi-00 bits 256 +1999-03-02 09:44:33 10HmbX-0005vi-00 => timeout@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbY-0005vi-00" +1999-03-02 09:44:33 10HmbX-0005vi-00 Completed +1999-03-02 09:44:33 10HmbZ-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for notreq@test.ex +1999-03-02 09:44:33 10HmbZ-0005vi-00 tls_out_resumption not requested or offered +1999-03-02 09:44:33 10HmbZ-0005vi-00 our cert subject +1999-03-02 09:44:33 10HmbZ-0005vi-00 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmbZ-0005vi-00 peer cert verified 1 +1999-03-02 09:44:33 10HmbZ-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbZ-0005vi-00 ocsp 4 +1999-03-02 09:44:33 10HmbZ-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbZ-0005vi-00 bits 256 +1999-03-02 09:44:33 10HmbZ-0005vi-00 => notreq@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmcA-0005vi-00" +1999-03-02 09:44:33 10HmbZ-0005vi-00 Completed + +******** SERVER ******** +1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D +1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 ocsp 4 +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmaY-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaX-0005vi-00@myhost.test.ex for getticket@test.ex +1999-03-02 09:44:33 10HmaY-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmaY-0005vi-00 Completed +1999-03-02 09:44:33 tls_in_resumption session resumed +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 ocsp 0 +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmbA-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmaZ-0005vi-00@myhost.test.ex for resume@test.ex xyz@test.ex +1999-03-02 09:44:33 10HmbA-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbA-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbA-0005vi-00 Completed +1999-03-02 09:44:33 tls_in_resumption not requested or offered +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 ocsp 4 +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmbB-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaZ-0005vi-00@myhost.test.ex for abcd@test.ex +1999-03-02 09:44:33 10HmbB-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbB-0005vi-00 Completed +1999-03-02 09:44:33 tls_in_resumption session resumed, also new ticket +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 ocsp 0 +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmbD-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbC-0005vi-00@myhost.test.ex for renewal@test.ex +1999-03-02 09:44:33 10HmbD-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbD-0005vi-00 Completed +1999-03-02 09:44:33 tls_in_resumption session resumed, also new ticket +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 ocsp 0 +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmbF-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbE-0005vi-00@myhost.test.ex for postrenewal@test.ex +1999-03-02 09:44:33 10HmbF-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbF-0005vi-00 Completed +1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 ocsp 4 +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmbH-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbG-0005vi-00@myhost.test.ex for timeout@test.ex +1999-03-02 09:44:33 10HmbH-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbH-0005vi-00 Completed +1999-03-02 09:44:33 tls_in_resumption no client request +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 ocsp 4 +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmbJ-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbI-0005vi-00@myhost.test.ex for notreq@test.ex +1999-03-02 09:44:33 10HmbJ-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbJ-0005vi-00 Completed +1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 ocsp 4 +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmbL-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbK-0005vi-00@myhost.test.ex for noverify_getticket@test.ex +1999-03-02 09:44:33 10HmbL-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbL-0005vi-00 Completed +1999-03-02 09:44:33 tls_in_resumption session resumed +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 ocsp 0 +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmbN-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbM-0005vi-00@myhost.test.ex for noverify_resume@test.ex +1999-03-02 09:44:33 10HmbN-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbN-0005vi-00 Completed +1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D +1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 ocsp 4 +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmbP-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbO-0005vi-00@myhost.test.ex for getticket@test.ex +1999-03-02 09:44:33 10HmbP-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbP-0005vi-00 Completed +1999-03-02 09:44:33 tls_in_resumption session resumed +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 ocsp 0 +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmbR-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbQ-0005vi-00@myhost.test.ex for resume@test.ex xyz@test.ex +1999-03-02 09:44:33 10HmbR-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbR-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbR-0005vi-00 Completed +1999-03-02 09:44:33 tls_in_resumption not requested or offered +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 ocsp 4 +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmbS-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbQ-0005vi-00@myhost.test.ex for abcd@test.ex +1999-03-02 09:44:33 10HmbS-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbS-0005vi-00 Completed +1999-03-02 09:44:33 tls_in_resumption session resumed, also new ticket +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 ocsp 0 +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmbU-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbT-0005vi-00@myhost.test.ex for renewal@test.ex +1999-03-02 09:44:33 10HmbU-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbU-0005vi-00 Completed +1999-03-02 09:44:33 tls_in_resumption session resumed +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 ocsp 0 +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmbW-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbV-0005vi-00@myhost.test.ex for postrenewal@test.ex +1999-03-02 09:44:33 10HmbW-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbW-0005vi-00 Completed +1999-03-02 09:44:33 tls_in_resumption session resumed, also new ticket +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 ocsp 0 +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmbY-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbX-0005vi-00@myhost.test.ex for timeout@test.ex +1999-03-02 09:44:33 10HmbY-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbY-0005vi-00 Completed +1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 ocsp 4 +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmcA-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbZ-0005vi-00@myhost.test.ex for notreq@test.ex +1999-03-02 09:44:33 10HmcA-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmcA-0005vi-00 Completed diff --git a/test/scripts/5891-Resume-GnuTLS-OCSP/5890 b/test/scripts/5891-Resume-GnuTLS-OCSP/5890 new file mode 100644 index 000000000..449b0eb3d --- /dev/null +++ b/test/scripts/5891-Resume-GnuTLS-OCSP/5890 @@ -0,0 +1,69 @@ +# TLS session resumption with OCSP +gnutls +# +# For keying info: +# (requires SSLKEYLOGFILE added to /etc/sudoers) +# SSLKEYLOGFILE=/home/jgh/git/exim/test/foo sudo exim -DSERVER=server -bd -oX PORT_D +# +### TLS1.2 +exim -DSERVER=server -DOPTION=NORMAL:!VERS-TLS1.3 -bd -oX PORT_D +**** +exim -DVALUE=resume -odf getticket@test.ex +Test message. Contains FF: ÿ +**** +exim -DVALUE=resume -odf resume@test.ex abcd@test.ex xyz@test.ex +Test message to two different hosts, one does not support resume +**** +# allow time for ticket to hit renewal time +sleep 3 +exim -DVALUE=resume -odf renewal@test.ex +Test message. +**** +exim -DVALUE=resume -odf postrenewal@test.ex +Test message. +**** +sleep 3 +exim -DVALUE=resume -odf timeout@test.ex +Test message. +**** +exim -odf notreq@test.ex +Test message, not requesting resumption. +**** +sudo rm -f DIR/spool/db/tls +exim -odf -DVALUE=resume noverify_getticket@test.ex +Dest on this means the server cert will not verify (but try_verify will permit it) +**** +exim -odf -DVALUE=resume noverify_resume@test.ex +Dest on this means the server cert will not verify (but try_verify will permit it) +**** +killdaemon +sleep 1 +sudo rm -f DIR/spool/db/tls +# +# +### TLS1.3 +exim -DSERVER=server -DOPTION=NORMAL -bd -oX PORT_D +**** +exim -DVALUE=resume -odf getticket@test.ex +Test message. Contains FF: ÿ +**** +exim -DVALUE=resume -odf resume@test.ex abcd@test.ex xyz@test.ex +Test message to two different hosts, one does not support resume +**** +# allow time for ticket to hit renewal time +sleep 3 +exim -DVALUE=resume -odf renewal@test.ex +Test message. +**** +exim -DVALUE=resume -odf postrenewal@test.ex +Test message. +**** +sleep 3 +exim -DVALUE=resume -odf timeout@test.ex +Test message. +**** +exim -odf notreq@test.ex +Test message, not requesting resumption. +**** +killdaemon +no_msglog_check diff --git a/test/scripts/5891-Resume-GnuTLS-OCSP/REQUIRES b/test/scripts/5891-Resume-GnuTLS-OCSP/REQUIRES new file mode 100644 index 000000000..ea7e8959e --- /dev/null +++ b/test/scripts/5891-Resume-GnuTLS-OCSP/REQUIRES @@ -0,0 +1,4 @@ +support GnuTLS +running IPv4 +support TLS_resume +support OCSP diff --git a/test/scripts/5891-Resume-OpenSSL/5891 b/test/scripts/5892-Resume-OpenSSL/5892 similarity index 100% rename from test/scripts/5891-Resume-OpenSSL/5891 rename to test/scripts/5892-Resume-OpenSSL/5892 diff --git a/test/scripts/5891-Resume-OpenSSL/REQUIRES b/test/scripts/5892-Resume-OpenSSL/REQUIRES similarity index 100% rename from test/scripts/5891-Resume-OpenSSL/REQUIRES rename to test/scripts/5892-Resume-OpenSSL/REQUIRES diff --git a/test/scripts/5893-Resume-OpenSSL-OCSP/5893 b/test/scripts/5893-Resume-OpenSSL-OCSP/5893 new file mode 100644 index 000000000..18bce1f27 --- /dev/null +++ b/test/scripts/5893-Resume-OpenSSL-OCSP/5893 @@ -0,0 +1,64 @@ +# TLS session resumption with OCSP +# +### TLS1.2 +exim -DSERVER=server -DOPTION=+no_tlsv1_3 -bd -oX PORT_D +**** +exim -DVALUE=resume -odf getticket@test.ex +Test message. Contains FF: ÿ +**** +exim -DVALUE=resume -odf resume@test.ex abcd@test.ex xyz@test.ex +Test message to two different hosts, one does not support resume +**** +# allow time for ticket to hit renewal time +sleep 3 +exim -DVALUE=resume -odf renewal@test.ex +Test message. +**** +exim -DVALUE=resume -odf postrenewal@test.ex +Test message. +**** +sleep 3 +exim -DVALUE=resume -odf timeout@test.ex +Test message. +**** +exim -odf notreq@test.ex +Test message, not requesting resumption. +**** +sudo rm -f DIR/spool/db/tls +exim -odf -DVALUE=resume noverify_getticket@test.ex +Dest on this means the server cert will not verify (but try_verify will permit it) +**** +exim -odf -DVALUE=resume noverify_resume@test.ex +Dest on this means the server cert will not verify (but try_verify will permit it) +**** +killdaemon +sleep 1 +sudo rm -f DIR/spool/db/tls +# +# +### TLS1.3 +exim -DSERVER=server -bd -oX PORT_D +**** +exim -DVALUE=resume -odf getticket@test.ex +Test message. Contains FF: ÿ +**** +exim -DVALUE=resume -odf resume@test.ex abcd@test.ex xyz@test.ex +Test message to two different hosts, one does not support resume +**** +# allow time for ticket to hit renewal time +sleep 3 +exim -DVALUE=resume -odf renewal@test.ex +Test message. +**** +exim -DVALUE=resume -odf postrenewal@test.ex +Test message. +**** +sleep 3 +exim -DVALUE=resume -odf timeout@test.ex +Test message. +**** +exim -odf notreq@test.ex +Test message, not requesting resumption. +**** +killdaemon +no_msglog_check diff --git a/test/scripts/5893-Resume-OpenSSL-OCSP/REQUIRES b/test/scripts/5893-Resume-OpenSSL-OCSP/REQUIRES new file mode 100644 index 000000000..136ac8c6b --- /dev/null +++ b/test/scripts/5893-Resume-OpenSSL-OCSP/REQUIRES @@ -0,0 +1,4 @@ +support OpenSSL +running IPv4 +support TLS_resume +support OCSP diff --git a/test/stderr/5892 b/test/stderr/5892 new file mode 100644 index 000000000..6b5c4341e --- /dev/null +++ b/test/stderr/5892 @@ -0,0 +1,6 @@ +### TLS1.2 +### TLS1.3 + +******** SERVER ******** +### TLS1.2 +### TLS1.3 diff --git a/test/stderr/5893 b/test/stderr/5893 new file mode 100644 index 000000000..6b5c4341e --- /dev/null +++ b/test/stderr/5893 @@ -0,0 +1,6 @@ +### TLS1.2 +### TLS1.3 + +******** SERVER ******** +### TLS1.2 +### TLS1.3 diff --git a/test/stdout/5892 b/test/stdout/5892 new file mode 100644 index 000000000..6b5c4341e --- /dev/null +++ b/test/stdout/5892 @@ -0,0 +1,6 @@ +### TLS1.2 +### TLS1.3 + +******** SERVER ******** +### TLS1.2 +### TLS1.3 diff --git a/test/stdout/5893 b/test/stdout/5893 new file mode 100644 index 000000000..6b5c4341e --- /dev/null +++ b/test/stdout/5893 @@ -0,0 +1,6 @@ +### TLS1.2 +### TLS1.3 + +******** SERVER ******** +### TLS1.2 +### TLS1.3 -- 2.30.2