diff options
author | Jeremy Harris <jgh146exb@wizmail.org> | 2017-12-22 17:19:37 +0000 |
---|---|---|
committer | Jeremy Harris <jgh146exb@wizmail.org> | 2017-12-22 20:42:38 +0000 |
commit | 94c1328507098238ae5ec784150c1ae58f3b3118 (patch) | |
tree | 33f9a1ecdf808459581ec9f5254cc5e5fd33ccb1 /test/scripts/5820-DANE-GnuTLS/5820 | |
parent | 2b01e5359b79cfa9b31296700eb7fc5ae69162c5 (diff) |
DANE/GnuTLS: split verification of mixed sets of TLSA records by usage
This is because we cannot do the required CA-anchor and names checks for TA-mode
and not for EE-mode, without knowing which usage TLSA was used.
Diffstat (limited to 'test/scripts/5820-DANE-GnuTLS/5820')
-rw-r--r-- | test/scripts/5820-DANE-GnuTLS/5820 | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/test/scripts/5820-DANE-GnuTLS/5820 b/test/scripts/5820-DANE-GnuTLS/5820 index f5ac4a7fe..652661cc1 100644 --- a/test/scripts/5820-DANE-GnuTLS/5820 +++ b/test/scripts/5820-DANE-GnuTLS/5820 @@ -102,9 +102,16 @@ exim -odf CALLER@danebroken6.test.ex Testing **** # +### A server with a mixed-usage set of TLSAs - the EE-mode one failing verify (should deliver, DANE-mode) +# that way round to excersize more code in the implementation +exim -odf CALLER@danemixed.test.ex +Testing +**** +# killdaemon - - +# +# +# ### A server with a name not matching the cert. TA-mode; should fail exim -DSERVER=server -DDETAILS=cert.net -bd -oX PORT_D **** |