X-Git-Url: https://git.exim.org/users/jgh/exim.git/blobdiff_plain/899b8bbc6d360af6362c2a41d40b786279f41492..570cb1bdbc6ea378b2dcaf6ebabb45a5610ed1ef:/test/scripts/5820-DANE-GnuTLS/5820 diff --git a/test/scripts/5820-DANE-GnuTLS/5820 b/test/scripts/5820-DANE-GnuTLS/5820 index 84684da53..d7824a38c 100644 --- a/test/scripts/5820-DANE-GnuTLS/5820 +++ b/test/scripts/5820-DANE-GnuTLS/5820 @@ -2,11 +2,11 @@ # exim -DSERVER=server -DDETAILS=ee -bd -oX PORT_D **** -### TLSA (3 1 1) +### TLSA (3 1 1) (DANE-EE SPKI SHA2-256) exim -odq CALLER@dane256ee.test.ex Testing **** -### TLSA (3 1 2) +### TLSA (3 1 2) ( SHA2-512) exim -odq CALLER@mxdane512ee.test.ex Testing **** @@ -24,7 +24,7 @@ killdaemon # exim -DSERVER=server -DDETAILS=ta -bd -oX PORT_D **** -### TLSA (2 0 1) +### TLSA (2 0 1) (DANE-TA CERT SHA2-256) exim -odf CALLER@mxdane256ta.test.ex Testing **** @@ -44,7 +44,7 @@ killdaemon # Check we get a CV and TLS connection, with try_dane but no require_dane exim -DSERVER=server -DDETAILS=ca -bd -oX PORT_D **** -exim -odf CALLER@thishost.test.ex +exim -odf -DDETAILS=ca CALLER@thishost.test.ex Testing **** exim -DOPT=no_certname -qf @@ -102,5 +102,27 @@ exim -odf CALLER@danebroken6.test.ex Testing **** # +### A server with a mixed-usage set of TLSAs - the EE-mode one failing verify (should deliver, DANE-mode) +# that way round to excersize more code in the implementation +exim -odf CALLER@danemixed.test.ex +Testing +**** +# +killdaemon +# +# +# +### A server with a name not matching the cert. TA-mode; should fail +exim -DSERVER=server -DDETAILS=cert.net -bd -oX PORT_D +**** +exim -odf CALLER@danebroken7.example.com +Testing +**** +# +### A server with a name not matching the cert. EE-mode; should deliver and claim DANE mode +exim -odf CALLER@danebroken8.example.com +Testing +**** +# killdaemon no_msglog_check