diff options
author | Jeremy Harris <jgh146exb@wizmail.org> | 2017-12-19 15:06:49 +0000 |
---|---|---|
committer | Jeremy Harris <jgh146exb@wizmail.org> | 2017-12-19 15:22:42 +0000 |
commit | 899b8bbc6d360af6362c2a41d40b786279f41492 (patch) | |
tree | 15a1f12f46b59c6c1d88e774a02ade152e842de0 /test/stdout/5820 | |
parent | dc9c8f8b52cbf2e8424f5e98f63d29aa7fb81fe7 (diff) |
DANE: support under GnuTLS. Bug 1523
GnuTLS version 3.0.0 onwards; still Experimental
Diffstat (limited to 'test/stdout/5820')
-rw-r--r-- | test/stdout/5820 | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/test/stdout/5820 b/test/stdout/5820 new file mode 100644 index 000000000..49dac098a --- /dev/null +++ b/test/stdout/5820 @@ -0,0 +1,45 @@ +### TLSA (3 1 1) +### TLSA (3 1 2) +### Recipient callout + +**** SMTP testing session as if from host 127.0.0.1 +**** but without any ident (RFC 1413) callback. +**** This is not for real! + +220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
+250 OK
+250 Accepted
+421 myhost.test.ex lost input connection
+### TLSA (2 0 1) +### A server with a nonverifying cert and no TLSA +### A server with a verifying cert and no TLSA +### A server with two MXs for which both TLSA lookups return defer (delivery should defer) +### A server lacking a TLSA, dane required (should fail) +### A server lacking a TLSA, dane requested only (should deliver, non-DANE, as the NXDOMAIN is not DNSSEC) +### A server where the A is dnssec and the TLSA lookup _fails_ (delivery should defer) +### A server securely saying "no TLSA records here", dane required (delivery should fail) +### A server securely saying "no TLSA records here", dane requested only (should deliver) +### A server securely serving a wrong TLSA record, dane requested only (delivery should fail) +### A server insecurely serving a good TLSA record, dane requested only (should deliver, non-DANE) +### A server insecurely serving a good TLSA record, dane required (delivery should fail) +### A server insecurely serving a good A record, dane requested only (should deliver, non-DANE) +### A server insecurely serving a good A record, dane required (delivery should fail) + +******** SERVER ******** +### TLSA (3 1 1) +### TLSA (3 1 2) +### Recipient callout +### TLSA (2 0 1) +### A server with a nonverifying cert and no TLSA +### A server with a verifying cert and no TLSA +### A server with two MXs for which both TLSA lookups return defer (delivery should defer) +### A server lacking a TLSA, dane required (should fail) +### A server lacking a TLSA, dane requested only (should deliver, non-DANE, as the NXDOMAIN is not DNSSEC) +### A server where the A is dnssec and the TLSA lookup _fails_ (delivery should defer) +### A server securely saying "no TLSA records here", dane required (delivery should fail) +### A server securely saying "no TLSA records here", dane requested only (should deliver) +### A server securely serving a wrong TLSA record, dane requested only (delivery should fail) +### A server insecurely serving a good TLSA record, dane requested only (should deliver, non-DANE) +### A server insecurely serving a good TLSA record, dane required (delivery should fail) +### A server insecurely serving a good A record, dane requested only (should deliver, non-DANE) +### A server insecurely serving a good A record, dane required (delivery should fail) |