OpenSSL: fix tls_try_verify_hosts under resumption
[users/jgh/exim.git] / test / confs / 4060
index a87c3d6b276e13891bc541d6e31308702d85c918..1916770731335d8a07f43f5efd6cc9a794691375 100644 (file)
@@ -3,6 +3,7 @@
 
 CONTROL=*
 OPT=
+CONNECTCOND=
 
 keep_environment = PATH
 exim_path = EXIM_PATH
@@ -22,7 +23,11 @@ chunking_advertise_hosts = OPT
 tls_advertise_hosts = *
 tls_certificate = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail}
 
-# Avoid ECDHE key-exchange so that we can wireshark-decode
+.ifdef _HAVE_DMARC
+dmarc_tld_file =
+.endif
+
+# Avoid ECDHE key-exchange so that we can wireshark-decode (not TLS1.3)
 .ifdef _HAVE_GNUTLS
 tls_require_ciphers = NORMAL:-KX-ALL:+RSA
 .else
@@ -30,7 +35,7 @@ tls_require_ciphers = DEFAULT:!kECDHE
 .endif
 
 pipelining_connect_advertise_hosts = *
-log_selector = +received_recipients +pipelining
+log_selector = +received_recipients +millisec +pipelining
 queue_only
 
 acl_smtp_rcpt = accept
@@ -54,6 +59,7 @@ begin transports
 
 smtp:
   driver =             smtp
+  hosts_try_fastopen = CONNECTCOND
   hosts_pipe_connect = CONTROL
   tls_verify_hosts =
   tls_try_verify_hosts =