OpenSSL: fix tls_out_ocsp under resumption
[users/jgh/exim.git] / test / confs / 4064
1 # test config 4064
2 # Early-pipe, AUTH, GnuTLS
3
4 keep_environment = PATH
5 exim_path = EXIM_PATH
6 host_lookup_order = bydns
7 spool_directory = DIR/spool
8
9 .ifdef SERVER
10 log_file_path = DIR/spool/log/SERVER%slog
11 .else
12 log_file_path = DIR/spool/log/%slog
13 .endif
14
15 gecos_pattern = ""
16 gecos_name = CALLER_NAME
17 dns_cname_loops = 9
18 chunking_advertise_hosts = OPT
19 tls_advertise_hosts = *
20 tls_certificate = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail}
21
22 # Avoid ECDHE key-exchange so that we can wireshark-decode
23 .ifdef _HAVE_GNUTLS
24 tls_require_ciphers = NORMAL:-KX-ALL:+RSA
25 .endif
26
27 .ifdef _HAVE_DMARC
28 dmarc_tld_file =
29 .endif
30
31 pipelining_connect_advertise_hosts = *
32 auth_advertise_hosts = *
33
34 log_selector = +received_recipients +pipelining
35 queue_only
36
37 acl_smtp_rcpt = accept
38
39 #
40 begin routers
41
42 server:
43   driver =      redirect
44   condition =   ${if eq {SERVER}{server}}
45   data =        :blackhole:
46
47 client:
48   driver =      manualroute
49   route_data =  127.0.0.1::PORT_D
50   self =        send
51   transport =   smtp
52
53 #
54 begin transports
55
56 smtp:
57   driver =              smtp
58   hosts_pipe_connect =  *
59   tls_verify_hosts =
60   tls_try_verify_hosts =
61   hosts_require_auth =  *
62
63 #
64 begin authenticators
65
66 plain:
67   driver = plaintext
68   public_name = PLAIN
69
70   server_advertise_condition = ${if eq{$tls_in_cipher}{}{no}{yes}}
71   server_condition = "\
72     ${if and {{eq{$auth2}{userx}}{eq{$auth3}{secret}}}{yes}{no}}"
73   server_set_id = $auth2
74
75   client_send = ^userx^secret
76