diff options
| author | Jeremy Harris <jgh146exb@wizmail.org> | 2014-03-15 14:06:07 +0000 |
|---|---|---|
| committer | Jeremy Harris <jgh146exb@wizmail.org> | 2014-03-15 14:06:07 +0000 |
| commit | 02bf26279e41fa715e74ea45d2a5903635ad5ee1 (patch) | |
| tree | 4f814cebeb89ad2fe79e1e5fb8e0e35cf43cc06b /test/confs | |
| parent | 214042d23115fe1353ee41041ec91a9dbba3b23d (diff) | |
Testcases
Diffstat (limited to 'test/confs')
| -rw-r--r-- | test/confs/2112 | 65 |
1 files changed, 61 insertions, 4 deletions
diff --git a/test/confs/2112 b/test/confs/2112 index 78733513e..242d2d67c 100644 --- a/test/confs/2112 +++ b/test/confs/2112 @@ -1,4 +1,5 @@ # Exim test configuration 2112 +# TLS client: verify certificate from server - fails SERVER= @@ -35,18 +36,53 @@ tls_verify_certificates = ${if eq {SERVER}{server}{DIR/aux-fixed/cert2}fail} begin routers -client: +server_dump: + driver = redirect + condition = ${if eq {SERVER}{server}{yes}{no}} + data = :blackhole: + +client_x: + driver = accept + local_parts = userx + retry_use_local_part + transport = send_to_server_failcert + errors_to = "" + +client_y: + driver = accept + local_parts = usery + retry_use_local_part + transport = send_to_server_retry + +client_z: driver = accept - condition = ${if eq {SERVER}{server}{no}{yes}} + local_parts = userz retry_use_local_part - transport = send_to_server + transport = send_to_server_crypt + +client_q: + driver = accept + local_parts = userq + retry_use_local_part + transport = send_to_server_req_fail # ----- Transports ----- begin transports -send_to_server: +# this will fail to verify the cert at HOSTIPV4 so fail the crypt requirement +send_to_server_failcert: + driver = smtp + allow_localhost + hosts = HOSTIPV4 + hosts_require_tls = HOSTIPV4 + port = PORT_D + tls_certificate = DIR/aux-fixed/cert2 + tls_verify_certificates = DIR/aux-fixed/cert2 + +# this will fail to verify the cert at HOSTIPV4 so fail the crypt, then retry on 127.1; ok +send_to_server_retry: driver = smtp allow_localhost hosts = HOSTIPV4 : 127.0.0.1 @@ -56,4 +92,25 @@ send_to_server: tls_verify_certificates = \ ${if eq{$host_address}{127.0.0.1}{DIR/aux-fixed/cert1}{DIR/aux-fixed/cert2}} +# this will fail to verify the cert but continue unverified though cypted +send_to_server_crypt: + driver = smtp + allow_localhost + hosts = HOSTIPV4 + hosts_require_tls = HOSTIPV4 + port = PORT_D + tls_certificate = DIR/aux-fixed/cert2 + tls_verify_certificates = DIR/aux-fixed/cert2 + tls_try_verify_hosts = * + +# this will fail to verify the cert at HOSTIPV4 and fallback to unencrypted +send_to_server_req_fail: + driver = smtp + allow_localhost + hosts = HOSTIPV4 + port = PORT_D + tls_certificate = DIR/aux-fixed/cert2 + tls_verify_certificates = DIR/aux-fixed/cert2 + tls_verify_hosts = * + # End |