diff options
| author | Jeremy Harris <jgh146exb@wizmail.org> | 2019-05-02 17:16:05 +0100 |
|---|---|---|
| committer | Jeremy Harris <jgh146exb@wizmail.org> | 2019-05-02 17:23:05 +0100 |
| commit | b10c87b38c2345d15d30da5c18c823355ac506a9 (patch) | |
| tree | dd521dbada2ce29bfdea4ecdc0995b833d152f2d /test/confs/5890 | |
| parent | 0565fc5a1155f97f29fb6e081343cfc4e477c611 (diff) | |
TLS: Session resumption, under the EXPERIMENTAL_TLS_RESUME build option.
Diffstat (limited to 'test/confs/5890')
| -rw-r--r-- | test/confs/5890 | 94 |
1 files changed, 94 insertions, 0 deletions
diff --git a/test/confs/5890 b/test/confs/5890 new file mode 100644 index 000000000..6daf59667 --- /dev/null +++ b/test/confs/5890 @@ -0,0 +1,94 @@ +# Exim test configuration 5890 + +SERVER = +OPTION = NORMAL + +.include DIR/aux-var/tls_conf_prefix + +primary_hostname = myhost.test.ex + +# ----- Main settings ----- + +domainlist local_domains = test.ex : *.test.ex + +acl_smtp_helo = check_helo +acl_smtp_rcpt = check_recipient +log_selector = +received_recipients +tls_resumption + +tls_advertise_hosts = * + +# Set certificate only if server + +tls_certificate = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail} + +tls_require_ciphers = OPTION +tls_resumption_hosts = 127.0.0.1 + + +# ------ ACL ------ + +begin acl + +check_helo: + accept condition = ${if def:tls_in_cipher} + logwrite = tls_in_resumption ${listextract {$tls_in_resumption} {_RESUME_DECODE}} + accept + +check_recipient: + accept domains = +local_domains + deny message = relay not permitted + +log_resumption: + accept condition = ${if def:tls_out_cipher} + condition = ${if eq {$event_name}{tcp:close}} + logwrite = tls_out_resumption ${listextract {$tls_out_resumption} {_RESUME_DECODE}} + + +# ----- Routers ----- + +begin routers + +client: + driver = accept + condition = ${if eq {SERVER}{server}{no}{yes}} + retry_use_local_part + transport = send_to_server${if eq{$local_part}{abcd}{2}{1}} + +server: + driver = redirect + data = :blackhole: + +# ----- Transports ----- + +begin transports + +send_to_server1: + driver = smtp + allow_localhost + hosts = 127.0.0.1 + port = PORT_D + helo_data = helo.data.changed +.ifdef VALUE + tls_resumption_hosts = * +.else + tls_resumption_hosts = : +.endif + event_action = ${acl {log_resumption}} + +send_to_server2: + driver = smtp + allow_localhost + hosts = HOSTIPV4 + port = PORT_D + event_action = ${acl {log_resumption}} + + +# ----- Retry ----- + + +begin retry + +* * F,5d,10s + + +# End |