diff options
author | Philip Hazel <ph10@hermes.cam.ac.uk> | 2007-01-18 15:35:42 +0000 |
---|---|---|
committer | Philip Hazel <ph10@hermes.cam.ac.uk> | 2007-01-18 15:35:42 +0000 |
commit | 83da1223921fe30362e8374951360dcc8f21c4e7 (patch) | |
tree | 174a4beafbf240347d2ecad6d35640469baf96e8 /test/scripts/2000-GnuTLS | |
parent | 7b90bba702ae0f7267931524c4c523c4ee9d46b6 (diff) |
Add gnutls_require_{kx,mac,protocols}.
Diffstat (limited to 'test/scripts/2000-GnuTLS')
-rw-r--r-- | test/scripts/2000-GnuTLS/2011 | 30 |
1 files changed, 29 insertions, 1 deletions
diff --git a/test/scripts/2000-GnuTLS/2011 b/test/scripts/2000-GnuTLS/2011 index 4e48ebce6..6f72fba80 100644 --- a/test/scripts/2000-GnuTLS/2011 +++ b/test/scripts/2000-GnuTLS/2011 @@ -1,10 +1,38 @@ -# TLS client: require_ciphers +# TLS client & server: (gnu)tls_require_xxx gnutls +# Start up the server exim -DSERVER=server -bd -oX PORT_D **** +# This puts a message on the queue (queue_only is set). exim userx@test.ex Testing **** +# This will fail to deliver encrypted because there are no acceptable +# ciphers, so it will deliver in clear. +exim -qf -DCREQCIP=tls_require_ciphers=IDEA-CBC-MD5 +**** +# This delivers the message to the server, where it will remain +# on the queue because queue_only is set. +exim -qf -DCREQCIP=tls_require_ciphers=IDEA-CBC-MD5:DES-CBC3-SHA:RSA_ARCFOUR_SHA +**** +# So we can deliver it again and again, with different parameters. +exim -qf -DCREQMAC=gnutls_require_mac=MD5 +**** +exim -qf -DCREQMAC=gnutls_require_mac=!SHA1 +**** +exim -qf -DCREQMAC=gnutls_require_mac=MD5:SHA +**** +exim -qf -DCREQMAC=gnutls_require_kx=!DHE +**** +exim -qf -DCREQMAC=gnutls_require_protocols=SSL3 +**** +# Restart the server with a cipher restriction +killdaemon +exim -DSERVER=server \ + -DSREQCIP=tls_require_ciphers=ARCFOUR \ + -DSREQMAC=gnutls_require_mac=MD5 \ + -bd -oX PORT_D +**** exim -qf **** killdaemon |