Hopefully the final lot of test files.

30 files changed, 775 insertions, 0 deletions

diff --git a/test/scripts/2000-GnuTLS/2000 b/test/scripts/2000-GnuTLS/2000
new file mode 100644
index 000000000..60afb52b4
--- /dev/null
+++ b/test/scripts/2000-GnuTLS/2000
@@ -0,0 +1,16 @@
+# TLS client: TLS setup fails - retry in clear
+#
+# For this first GnuTLS test, we do not obey "gnutls", so that Exim has to
+# create the GnuTLS paramter data for itself.
+#
+echo ==> Creating GnuTLS parameter data ... may take some time ... 
+echo ==> Moving the mouse about may help ...
+exim -DSERVER=server -bd -oX PORT_D
+****
+exim CALLER@test.ex
+Testing
+****
+exim -qf
+****
+killdaemon
+no_msglog_check
diff --git a/test/scripts/2000-GnuTLS/2001 b/test/scripts/2000-GnuTLS/2001
new file mode 100644
index 000000000..cf1611a15
--- /dev/null
+++ b/test/scripts/2000-GnuTLS/2001
@@ -0,0 +1,13 @@
+# TLS client: TLS setup fails - don't retry in clear
+gnutls
+exim -DSERVER=server -bd -oX PORT_D
+****
+exim CALLER@test.ex
+Testing
+****
+exim -DOPTION=hosts_require_tls=127.0.0.1 -qf
+****
+exim -DOPTION=tls_tempfail_tryclear=false -qf
+****
+killdaemon
+no_msglog_check
diff --git a/test/scripts/2000-GnuTLS/2002 b/test/scripts/2000-GnuTLS/2002
new file mode 100644
index 000000000..9c7ad0ff0
--- /dev/null
+++ b/test/scripts/2000-GnuTLS/2002
@@ -0,0 +1,66 @@
+# TLS server: general
+gnutls
+exim -DSERVER=server -bd -oX PORT_D
+****
+client-gnutls 127.0.0.1 PORT_D
+??? 220
+ehlo rhu.barb
+??? 250-
+??? 250-
+??? 250-
+??? 250-
+??? 250
+starttls
+??? 220
+mail from:<CALLER@test.ex>
+??? 250
+rcpt to:<CALLER@test.ex>
+??? 250
+DATA
+??? 3
+This is a test encrypted message.
+.
+??? 250
+quit
+??? 221
+****
+client-gnutls HOSTIPV4 PORT_D
+??? 220
+ehlo rhu.barb
+??? 250-
+??? 250-
+??? 250-
+??? 250-
+??? 250
+starttls
+??? 220
+****
+client-gnutls HOSTIPV4 PORT_D DIR/aux-fixed/cert2 DIR/aux-fixed/cert2
+??? 220
+ehlo rhu.barb
+??? 250-
+??? 250-
+??? 250-
+??? 250-
+??? 250
+starttls
+??? 220
+mail from:<CALLER@test.ex>
+??? 250
+rcpt to:<CALLER@test.ex>
+??? 250
+DATA
+??? 3
+This is a test encrypted message from a verified host.
+.
+??? 250
+quit
+??? 221
+****
+killdaemon
+exim -qf
+****
+exim -bh 10.0.0.1
+starttls
+quit
+****
diff --git a/test/scripts/2000-GnuTLS/2003 b/test/scripts/2000-GnuTLS/2003
new file mode 100644
index 000000000..2e8eeae5f
--- /dev/null
+++ b/test/scripts/2000-GnuTLS/2003
@@ -0,0 +1,48 @@
+# TLS server: unavailable cipher
+gnutls
+exim -DSERVER=server -bd -oX PORT_D
+****
+client-gnutls HOSTIPV4 PORT_D
+??? 220
+ehlo rhu.barb
+??? 250-
+??? 250-
+??? 250-
+??? 250-
+??? 250
+starttls
+??? 220
+mail from:<userx@test.ex>
+??? 250
+rcpt to:<userx@test.ex>
+??? 550
+quit
+??? 221
+****
+client-gnutls 127.0.0.1 PORT_D
+??? 220
+ehlo rhu.barb
+??? 250-
+??? 250-
+??? 250-
+??? 250-
+??? 250
+starttls
+??? 220
+helo rhu.barb
+??? 250
+mail from:<userx@test.ex>
+??? 250
+rcpt to:<userx@test.ex>
+??? 250
+DATA
+??? 3
+This is a test encrypted message.
+.
+??? 250
+quit
+??? 221
+****
+killdaemon
+exim -qf
+****
diff --git a/test/scripts/2000-GnuTLS/2004 b/test/scripts/2000-GnuTLS/2004
new file mode 100644
index 000000000..4cdcab48f
--- /dev/null
+++ b/test/scripts/2000-GnuTLS/2004
@@ -0,0 +1,42 @@
+# TLS server: TLS required
+gnutls
+exim -DSERVER=server -bd -oX PORT_D
+****
+client-gnutls 127.0.0.1 PORT_D
+??? 220
+ehlo rhu.barb
+??? 250-
+??? 250-
+??? 250-
+??? 250-
+??? 250
+mail from:<userx@test.ex>
+??? 250
+rcpt to:<userx@test.ex>
+??? 550
+quit
+??? 221
+****
+client-gnutls HOSTIPV4 PORT_D
+??? 220
+ehlo rhu.barb
+??? 250-
+??? 250-
+??? 250-
+??? 250-
+??? 250
+mail from:<userx@test.ex>
+??? 250
+rcpt to:<userx@test.ex>
+??? 250
+DATA
+??? 3
+This is a test unencrypted message.
+.
+??? 250
+quit
+??? 221
+****
+killdaemon
+exim -qf
+****
diff --git a/test/scripts/2000-GnuTLS/2005 b/test/scripts/2000-GnuTLS/2005
new file mode 100644
index 000000000..333f8bc6a
--- /dev/null
+++ b/test/scripts/2000-GnuTLS/2005
@@ -0,0 +1,28 @@
+# TLS server: accept for relay if encrypted
+gnutls
+exim -DSERVER=server -bd -oX PORT_D
+****
+client-gnutls 127.0.0.1 PORT_D
+??? 220
+mail from:<userx@test.ex>
+??? 250
+rcpt to:<userx@remote.test.ex>
+??? 550
+ehlo rhu.barb
+??? 250-
+??? 250-
+??? 250-
+??? 250-
+??? 250
+starttls
+??? 220
+mail from:<userx@test.ex>
+??? 250
+rcpt to:<userx@remote.test.ex>
+??? 250
+quit
+??? 221
+****
+killdaemon
+exim -qf
+****
diff --git a/test/scripts/2000-GnuTLS/2006 b/test/scripts/2000-GnuTLS/2006
new file mode 100644
index 000000000..7fd89dc3f
--- /dev/null
+++ b/test/scripts/2000-GnuTLS/2006
@@ -0,0 +1,17 @@
+# TLS server: timeout in TLS session
+gnutls
+exim -DSERVER=server -bd -oX PORT_D
+****
+client-gnutls 127.0.0.1 PORT_D
+??? 220
+ehlo rhu.barb
+??? 250-
+??? 250-
+??? 250-
+??? 250-
+??? 250
+starttls
+??? 220
++++ 3
+****
+killdaemon
diff --git a/test/scripts/2000-GnuTLS/2007 b/test/scripts/2000-GnuTLS/2007
new file mode 100644
index 000000000..280c426d2
--- /dev/null
+++ b/test/scripts/2000-GnuTLS/2007
@@ -0,0 +1,11 @@
+# TLS client: log_smtp_confirmation
+gnutls
+exim -DSERVER=server -bd -oX PORT_D
+****
+exim userx@test.ex
+Test message
+****
+exim -qf
+****
+killdaemon
+no_msglog_check
diff --git a/test/scripts/2000-GnuTLS/2008 b/test/scripts/2000-GnuTLS/2008
new file mode 100644
index 000000000..f22086a76
--- /dev/null
+++ b/test/scripts/2000-GnuTLS/2008
@@ -0,0 +1,15 @@
+# TLS client: general
+gnutls
+exim -DSERVER=server -bd -oX PORT_D
+****
+exim CALLER@test.ex
+Test message. Contains FF: ÿ
+****
+exim CALLER@test.ex abcd@test.ex xyz@test.ex
+Test message to two different hosts
+****
+exim -v -qf
+****
+killdaemon
+exim -DSERVER=server -DNOTDAEMON -qf
+****
diff --git a/test/scripts/2000-GnuTLS/2009 b/test/scripts/2000-GnuTLS/2009
new file mode 100644
index 000000000..69eb61d07
--- /dev/null
+++ b/test/scripts/2000-GnuTLS/2009
@@ -0,0 +1,11 @@
+# TLS client: hosts_avoid_tls
+gnutls
+exim -DSERVER=server -bd -oX PORT_D
+****
+exim userx@test.ex
+Test message
+****
+exim -qf
+****
+killdaemon
+no_msglog_check
diff --git a/test/scripts/2000-GnuTLS/2010 b/test/scripts/2000-GnuTLS/2010
new file mode 100644
index 000000000..06e259567
--- /dev/null
+++ b/test/scripts/2000-GnuTLS/2010
@@ -0,0 +1,11 @@
+# TLS client: hosts_require_tls
+gnutls
+exim -DSERVER=server -bd -oX PORT_D
+****
+exim userx@test.ex
+Test message
+****
+exim -qf
+****
+killdaemon
+no_msglog_check
diff --git a/test/scripts/2000-GnuTLS/2011 b/test/scripts/2000-GnuTLS/2011
new file mode 100644
index 000000000..4e48ebce6
--- /dev/null
+++ b/test/scripts/2000-GnuTLS/2011
@@ -0,0 +1,11 @@
+# TLS client: require_ciphers
+gnutls
+exim -DSERVER=server -bd -oX PORT_D
+****
+exim userx@test.ex
+Testing
+****
+exim -qf
+****
+killdaemon
+no_msglog_check
diff --git a/test/scripts/2000-GnuTLS/2012 b/test/scripts/2000-GnuTLS/2012
new file mode 100644
index 000000000..e86bf1707
--- /dev/null
+++ b/test/scripts/2000-GnuTLS/2012
@@ -0,0 +1,11 @@
+# TLS client: verify certificate from server - fails
+gnutls
+exim -DSERVER=server -bd -oX PORT_D
+****
+exim userx@test.ex
+Testing
+****
+exim -qf
+****
+killdaemon
+no_msglog_check
diff --git a/test/scripts/2000-GnuTLS/2013 b/test/scripts/2000-GnuTLS/2013
new file mode 100644
index 000000000..ef34a6677
--- /dev/null
+++ b/test/scripts/2000-GnuTLS/2013
@@ -0,0 +1,15 @@
+# TLS client: multiple messages over one connection
+gnutls
+exim -DSERVER=server -bd -oX PORT_D
+****
+exim userx@test.ex
+Test message 1
+****
+exim userx@test.ex
+Test message 2
+****
+exim -qqf
+****
+killdaemon
+exim -DSERVER=server -DNOTDAEMON -qf
+****
diff --git a/test/scripts/2000-GnuTLS/2014 b/test/scripts/2000-GnuTLS/2014
new file mode 100644
index 000000000..21b703c38
--- /dev/null
+++ b/test/scripts/2000-GnuTLS/2014
@@ -0,0 +1,138 @@
+# TLS server: mandatory, optional, and revoked certificates
+gnutls
+exim -DSERVER=server -bd -oX PORT_D
+****
+# No certificate, certificate required
+client-gnutls HOSTIPV4 PORT_D
+??? 220
+ehlo rhu.barb
+??? 250-
+??? 250-
+??? 250-
+??? 250-
+??? 250
+starttls
+??? 220
+****
+# No certificate, certificate optional at TLS time, required by ACL
+client-gnutls 127.0.0.1 PORT_D
+??? 220
+ehlo rhu.barb
+??? 250-
+??? 250-
+??? 250-
+??? 250-
+??? 250
+starttls
+??? 220
+helo rhu.barb
+??? 250
+mail from:<userx@test.ex>
+??? 250
+rcpt to:<userx@test.ex>
+??? 550
+quit
+??? 221
+****
+# Good certificate, certificate required
+client-gnutls HOSTIPV4 PORT_D aux-fixed/cert2 aux-fixed/cert2
+??? 220
+ehlo rhu.barb
+??? 250-
+??? 250-
+??? 250-
+??? 250-
+??? 250
+starttls
+??? 220
+mail from:<userx@test.ex>
+??? 250
+rcpt to:<userx@test.ex>
+??? 250
+quit
+??? 221
+****
+# Good certificate, certificate optional at TLS time, checked by ACL
+client-gnutls 127.0.0.1 PORT_D aux-fixed/cert2 aux-fixed/cert2
+??? 220
+ehlo rhu.barb
+??? 250-
+??? 250-
+??? 250-
+??? 250-
+??? 250
+starttls
+??? 220
+mail from:<userx@test.ex>
+??? 250
+rcpt to:<userx@test.ex>
+??? 250
+quit
+??? 221
+****
+# Bad certificate, certificate required
+client-gnutls HOSTIPV4 PORT_D aux-fixed/cert1 aux-fixed/cert1
+??? 220
+ehlo rhu.barb
+??? 250-
+??? 250-
+??? 250-
+??? 250-
+??? 250
+starttls
+??? 220
+****
+# Bad certificate, certificate optional at TLS time, reject at ACL time
+client-gnutls 127.0.0.1 PORT_D aux-fixed/cert1 aux-fixed/cert1
+??? 220
+ehlo rhu.barb
+??? 250-
+??? 250-
+??? 250-
+??? 250-
+??? 250
+starttls
+??? 220
+mail from:<userx@test.ex>
+??? 250
+rcpt to:<userx@test.ex>
+??? 550-
+??? 550
+quit
+??? 221
+****
+killdaemon
+exim -DCRL=DIR/aux-fixed/crl.pem -DSERVER=server -bd -oX PORT_D
+****
+# Good but revoked certificate, certificate required
+client-gnutls HOSTIPV4 PORT_D aux-fixed/cert2 aux-fixed/cert2
+??? 220
+ehlo rhu.barb
+??? 250-
+??? 250-
+??? 250-
+??? 250-
+??? 250
+starttls
+??? 220
+****
+# Revoked certificate, certificate optional at TLS time, reject at ACL time
+client-gnutls 127.0.0.1 PORT_D aux-fixed/cert1 aux-fixed/cert1
+??? 220
+ehlo rhu.barb
+??? 250-
+??? 250-
+??? 250-
+??? 250-
+??? 250
+starttls
+??? 220
+mail from:<userx@test.ex>
+??? 250
+rcpt to:<userx@test.ex>
+??? 550-
+??? 550
+quit
+??? 221
+****
+killdaemon
diff --git a/test/scripts/2000-GnuTLS/2015 b/test/scripts/2000-GnuTLS/2015
new file mode 100644
index 000000000..a03bf9b51
--- /dev/null
+++ b/test/scripts/2000-GnuTLS/2015
@@ -0,0 +1,18 @@
+# TLS server: timeout after accepting STARTTLS
+gnutls
+exim -DSERVER=server -bd -oX PORT_D
+****
+client-gnutls 127.0.0.1 PORT_D
+??? 220
+ehlo rhu.barb
+??? 250-
+??? 250-
+??? 250-
+??? 250-
+??? 250
+starttls_wait
+??? 220
++++ 2
+??? 421
+****
+killdaemon
diff --git a/test/scripts/2000-GnuTLS/2016 b/test/scripts/2000-GnuTLS/2016
new file mode 100644
index 000000000..2da309d68
--- /dev/null
+++ b/test/scripts/2000-GnuTLS/2016
@@ -0,0 +1,16 @@
+# TLS client: timeout while setting up TLS
+gnutls
+server PORT_S
+220 ESMTP
+EHLO
+250-OK
+250-STARTTLS
+250 HELP
+STARTTLS
+220 Go ahead
+*sleep 2
+****
+exim -odi userx@domain1
+Test message
+****
+no_msglog_check
diff --git a/test/scripts/2000-GnuTLS/2017 b/test/scripts/2000-GnuTLS/2017
new file mode 100644
index 000000000..af08df0b1
--- /dev/null
+++ b/test/scripts/2000-GnuTLS/2017
@@ -0,0 +1,15 @@
+# TLS client: hosts_nopass_tls
+gnutls
+exim -DSERVER=server -bd -oX PORT_D
+****
+exim userx@test.ex
+Test message 1
+****
+exim userx@test.ex
+Test message 2
+****
+exim -qqf
+****
+killdaemon
+exim -DSERVER=server -DNOTDAEMON -qf
+****
diff --git a/test/scripts/2000-GnuTLS/2018 b/test/scripts/2000-GnuTLS/2018
new file mode 100644
index 000000000..6f67615a5
--- /dev/null
+++ b/test/scripts/2000-GnuTLS/2018
@@ -0,0 +1,43 @@
+# TLS: ACL encryption test
+gnutls
+exim -DSERVER=server -bd -oX PORT_D
+****
+client-gnutls 127.0.0.1 PORT_D
+??? 220
+ehlo rhu.barb
+??? 250-
+??? 250-
+??? 250-
+??? 250-
+??? 250
+starttls
+??? 220
+mail from:<userx@test.ex>
+??? 250
+rcpt to:<userx@test.ex>
+??? 250
+DATA
+??? 3
+This is a test encrypted message.
+.
+??? 250
+quit
+??? 221
+****
+client-gnutls 127.0.0.1 PORT_D
+??? 220
+ehlo rhu.barb
+??? 250-
+??? 250-
+??? 250-
+??? 250-
+??? 250
+mail from:<userx@test.ex>
+??? 250
+rcpt to:<userx@test.ex>
+??? 550
+quit
+??? 221
+****
+killdaemon
+no_msglog_check
diff --git a/test/scripts/2000-GnuTLS/2019 b/test/scripts/2000-GnuTLS/2019
new file mode 100644
index 000000000..28d2de0ef
--- /dev/null
+++ b/test/scripts/2000-GnuTLS/2019
@@ -0,0 +1,40 @@
+# TLS server: -tls-on-connect
+gnutls
+exim -DSERVER=server -tls-on-connect -bd -oX PORT_D
+****
+client-gnutls -tls-on-connect 127.0.0.1 PORT_D
+??? 220
+ehlo rhu.barb
+??? 250-
+??? 250-
+??? 250-
+??? 250
+mail from:<userx@test.ex>
+??? 250
+rcpt to:<userx@test.ex>
+??? 250
+DATA
+??? 3
+This is a test encrypted message.
+.
+??? 250
+quit
+??? 221
+****
+client-gnutls -tls-on-connect HOSTIPV4 PORT_D aux-fixed/cert2 aux-fixed/cert2
+??? 220
+mail from:<userx@test.ex>
+??? 250
+rcpt to:<userx@test.ex>
+??? 250
+DATA
+??? 3
+This is a test encrypted message from a verified host.
+.
+??? 250
+quit
+??? 221
+****
+killdaemon
+exim -qf
+****
diff --git a/test/scripts/2000-GnuTLS/2020 b/test/scripts/2000-GnuTLS/2020
new file mode 100644
index 000000000..bd00740bf
--- /dev/null
+++ b/test/scripts/2000-GnuTLS/2020
@@ -0,0 +1,11 @@
+# TLS server: no certificate defined, client sends in clear
+gnutls
+exim -DSERVER=server -bd -oX PORT_D
+****
+exim userx
+Test
+****
+exim -qf
+****
+killdaemon
+no_msglog_check
diff --git a/test/scripts/2000-GnuTLS/2021 b/test/scripts/2000-GnuTLS/2021
new file mode 100644
index 000000000..5c402ce2c
--- /dev/null
+++ b/test/scripts/2000-GnuTLS/2021
@@ -0,0 +1,53 @@
+# TLS client: 4xx response to STARTTLS
+gnutls
+server PORT_S
+220 ESMTP
+EHLO
+250-OK
+250-HELP
+250-STARTTLS
+250 PIPELINING
+STARTTLS
+450 temp problem
+QUIT
+250 OK
+****
+exim -DTRYCLEAR=tls_tempfail_tryclear=false -odi x@y
+****
+server PORT_S
+220 ESMTP
+EHLO
+250-OK
+250-HELP
+250-STARTTLS
+250 PIPELINING
+STARTTLS
+450 temp problem
+MAIL FROM:
+250 OK
+RCPT TO:
+250 OK
+DATA
+354 Go ahead
+.
+250 OK
+QUIT
+250 OK
+****
+exim -qf
+****
+server PORT_S
+220 ESMTP
+EHLO
+250-OK
+250-HELP
+250-STARTTLS
+250 PIPELINING
+STARTTLS
+450 temp problem
+QUIT
+250 OK
+****
+exim -DREQUIRE=hosts_require_tls=* -odi x@y
+****
+no_msglog_check
diff --git a/test/scripts/2000-GnuTLS/2022 b/test/scripts/2000-GnuTLS/2022
new file mode 100644
index 000000000..4a3d53339
--- /dev/null
+++ b/test/scripts/2000-GnuTLS/2022
@@ -0,0 +1,21 @@
+# TLS server: help command in encrypted session
+gnutls
+exim -DSERVER=server -bd -oX PORT_D
+****
+client-gnutls HOSTIPV4 PORT_D
+??? 220
+ehlo rhu.barb
+??? 250-
+??? 250-
+??? 250-
+??? 250-
+??? 250
+starttls
+??? 220
+help
+??? 214-
+??? 214
+quit
+??? 221
+****
+killdaemon
diff --git a/test/scripts/2000-GnuTLS/2023 b/test/scripts/2000-GnuTLS/2023
new file mode 100644
index 000000000..395fcdcde
--- /dev/null
+++ b/test/scripts/2000-GnuTLS/2023
@@ -0,0 +1,7 @@
+# TLS: ACL for STARTTLS
+gnutls
+exim -bs -oMa 10.9.8.10
+ehlo a.b.c
+starttls
+quit
+****
diff --git a/test/scripts/2000-GnuTLS/2024 b/test/scripts/2000-GnuTLS/2024
new file mode 100644
index 000000000..46b93d413
--- /dev/null
+++ b/test/scripts/2000-GnuTLS/2024
@@ -0,0 +1,30 @@
+# TLS server: empty/non-existent certificate file
+gnutls
+exim -DSERVER=server -bd -oX PORT_D
+****
+client-gnutls HOSTIPV4 PORT_D aux-fixed/cert2 aux-fixed/cert2
+??? 220
+ehlo rhu.barb
+??? 250-
+??? 250-
+??? 250-
+??? 250-
+??? 250
+starttls
+??? 220
+****
+killdaemon
+exim -DSERVER=server -DCERT=/non/exist -bd -oX PORT_D
+****
+client-gnutls HOSTIPV4 PORT_D aux-fixed/cert2 aux-fixed/cert2
+??? 220
+ehlo rhu.barb
+??? 250-
+??? 250-
+??? 250-
+??? 250-
+??? 250
+starttls
+??? 454
+****
+killdaemon
diff --git a/test/scripts/2000-GnuTLS/2025 b/test/scripts/2000-GnuTLS/2025
new file mode 100644
index 000000000..38ffccf84
--- /dev/null
+++ b/test/scripts/2000-GnuTLS/2025
@@ -0,0 +1,11 @@
+# TLS server: tls_require_ciphers
+gnutls
+exim -DSERVER=server -bd -oX PORT_D
+****
+exim userx@test.ex
+Testing
+****
+exim -qf
+****
+killdaemon
+no_msglog_check
diff --git a/test/scripts/2000-GnuTLS/2026 b/test/scripts/2000-GnuTLS/2026
new file mode 100644
index 000000000..18361c62f
--- /dev/null
+++ b/test/scripts/2000-GnuTLS/2026
@@ -0,0 +1,9 @@
+# TLS: logging parameters for 2 different recipients
+gnutls
+exim -DSERVER=server -bd -oX PORT_D
+****
+exim -odi userx usery
+****
+# Wait to allow delivery to finish before killing the daemon
+sleep 1
+killdaemon
diff --git a/test/scripts/2000-GnuTLS/2027 b/test/scripts/2000-GnuTLS/2027
new file mode 100644
index 000000000..5d713121d
--- /dev/null
+++ b/test/scripts/2000-GnuTLS/2027
@@ -0,0 +1,15 @@
+# TLS server & client: no certificate in client
+gnutls
+exim -DSERVER=server -bd -oX PORT_D
+****
+exim userx@test.ex
+Test message
+****
+exim usery@test.ex
+Test message
+****
+exim -qf
+****
+killdaemon
+exim -DSERVER=server -DNOTDAEMON -qf
+****
diff --git a/test/scripts/2000-GnuTLS/2028 b/test/scripts/2000-GnuTLS/2028
new file mode 100644
index 000000000..64855c2a9
--- /dev/null
+++ b/test/scripts/2000-GnuTLS/2028
@@ -0,0 +1,31 @@
+# tls_on_connect_ports 
+need_ipv4
+#
+gnutls
+exim -DSERVER=server -bd -oX PORT_D:PORT_D2:PORT_D3
+****
+client-gnutls 127.0.0.1 PORT_D
+??? 220
+ehlo rhu.barb
+??? 250-
+??? 250-
+??? 250-
+??? 250-
+??? 250
+starttls
+??? 220
+quit
+??? 221
+****
+client-gnutls -tls-on-connect 127.0.0.1 PORT_D2
+??? 220
+ehlo rhu.barb
+??? 250-
+??? 250-
+??? 250-
+??? 250
+quit
+??? 221
+****
+killdaemon
+no_msglog_check
diff --git a/test/scripts/2000-GnuTLS/REQUIRES b/test/scripts/2000-GnuTLS/REQUIRES
new file mode 100644
index 000000000..d21ee471d
--- /dev/null
+++ b/test/scripts/2000-GnuTLS/REQUIRES
@@ -0,0 +1,2 @@
+support GnuTLS
+running IPv4