diff options
| author | Jeremy Harris <jgh146exb@wizmail.org> | 2019-11-18 11:03:15 +0000 |
|---|---|---|
| committer | Jeremy Harris <jgh146exb@wizmail.org> | 2019-11-18 11:04:19 +0000 |
| commit | da40b1ec6b91ccd3faa4def9e5cff05ec51ca573 (patch) | |
| tree | afd6cf4fab9b69af24fe554c5c03023b9aa04dc2 /test | |
| parent | 84b1b2779773e86c221ac0641b9d7c107c5594a5 (diff) | |
TLS: restore TLS protocol version to default Received: header
Broken-by: f1be21cf0b
Diffstat (limited to 'test')
| -rw-r--r-- | test/confs/2002 | 3 | ||||
| -rw-r--r-- | test/confs/2102 | 3 | ||||
| -rw-r--r-- | test/confs/5710 | 2 | ||||
| -rw-r--r-- | test/confs/5720 | 2 | ||||
| -rw-r--r-- | test/log/2002 | 3 | ||||
| -rw-r--r-- | test/log/2102 | 3 | ||||
| -rw-r--r-- | test/log/2102.openssl_1_1_1 | 3 | ||||
| -rw-r--r-- | test/log/5710 | 8 | ||||
| -rw-r--r-- | test/log/5720 | 8 | ||||
| -rw-r--r-- | test/log/5821 | 4 | ||||
| -rw-r--r-- | test/mail/3700.smtps | 2 | ||||
| -rw-r--r-- | test/mail/3700.x | 2 | ||||
| -rwxr-xr-x | test/runtest | 23 | ||||
| -rw-r--r-- | test/stderr/0402 | 26 | ||||
| -rw-r--r-- | test/stderr/0544 | 26 | ||||
| -rw-r--r-- | test/stderr/5410 | 78 | ||||
| -rw-r--r-- | test/stderr/5420 | 78 |
17 files changed, 198 insertions, 76 deletions
diff --git a/test/confs/2002 b/test/confs/2002 index dfeb172b1..6475fb7fb 100644 --- a/test/confs/2002 +++ b/test/confs/2002 @@ -62,6 +62,9 @@ check_recipient: logwrite = sha1 fingerprint ${sha1:$tls_in_peercert} logwrite = sha256 fingerprint ${sha256:$tls_in_peercert} logwrite = der_b64 ${base64:$tls_in_peercert} + logwrite = cipher: $tls_in_cipher + logwrite = cipher_ $tls_in_cipher_std + logwrite = ver: $tls_in_ver # ----- Routers ----- diff --git a/test/confs/2102 b/test/confs/2102 index 99f659fd2..5e156d486 100644 --- a/test/confs/2102 +++ b/test/confs/2102 @@ -72,6 +72,9 @@ check_recipient: logwrite = sha1 fingerprint ${sha1:$tls_in_peercert} logwrite = sha256 fingerprint ${sha256:$tls_in_peercert} logwrite = der_b64 ${base64:$tls_in_peercert} + logwrite = cipher: $tls_in_cipher + logwrite = cipher_ $tls_in_cipher_std + logwrite = ver: $tls_in_ver # ----- Routers ----- diff --git a/test/confs/5710 b/test/confs/5710 index 6ab64f4ec..85293a566 100644 --- a/test/confs/5710 +++ b/test/confs/5710 @@ -71,6 +71,8 @@ logger: message = ${acl {ev_tls}} accept condition = ${if eq {smtp:ehlo}{$event_name}} logwrite = $tls_out_cipher smtp:ehlo $event_data + logwrite = cipher_ $tls_out_cipher_std + logwrite = ver: $tls_out_ver accept # ----- Routers ----- diff --git a/test/confs/5720 b/test/confs/5720 index 030434973..906266290 100644 --- a/test/confs/5720 +++ b/test/confs/5720 @@ -71,6 +71,8 @@ logger: message = ${acl {ev_tls}} accept condition = ${if eq {smtp:ehlo}{$event_name}} logwrite = $tls_out_cipher smtp:ehlo $event_data + logwrite = cipher_ $tls_out_cipher_std + logwrite = ver: $tls_out_ver accept # ----- Routers ----- diff --git a/test/log/2002 b/test/log/2002 index 825c0dfd0..36ea6c173 100644 --- a/test/log/2002 +++ b/test/log/2002 @@ -41,6 +41,9 @@ 1999-03-02 09:44:33 sha1 fingerprint E75D537E478758010505D4F339B00DFD73728088 1999-03-02 09:44:33 sha256 fingerprint E251FA7D0372CB784294CF92B243DCE53FDDABD9F58A1B89226586C07C82CAC6 1999-03-02 09:44:33 der_b64 MIIDuDCCAqCgAwIBAgICAMkwDQYJKoZIhvcNAQELBQAwNzEUMBIGA1UEChMLZXhhbXBsZS5jb20xHzAdBgNVBAMTFmNsaWNhIFNpZ25pbmcgQ2VydCByc2EwHhcNMTIxMTAxMTI0MDA0WhcNMzcxMjAxMTI0MDA0WjAeMRwwGgYDVQQDExNzZXJ2ZXIyLmV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA52Rfiv2Igy0NiaKN5gc0VPLbEoHngkdJWv3wEORp+iFl6skQRbsCylT8djJ2pvHstFpnzSodF3Wwjj2/EDuj3iKBzN9HeXJOvJz8j9Si1xkgCxJeUjPGgYcvKdxybaZAOpi9l3xwPCCEXN4JBq/WaQQ9+eP1PczeMNfvFtXma+VcHXG743ttPOv7eSMr0JxQl3zjQvYGOhFP/KAw6jh/N6YPqii9kV0cC/ubeVzpqJ5/+hndx5YrmAu39N5qzwWujhDPkFNSgCJUhfkEiMaQiPxFxDTbUzWnQ5jpAQ5El4WJVkGWkqxose1bOjSSNzFPJt59YtxxJC3IWN3UtGODTwIDAQABo4HmMIHjMA4GA1UdDwEB/wQEAwIE8DAgBgNVHSUBAf8EFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwTgYDVR0jBEcwRYANQUFidHdDeGNYZ2IwUaExpC8wLTEUMBIGA1UEChMLZXhhbXBsZS5jb20xFTATBgNVBAMTDGNsaWNhIENBIHJzYYIBQjA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vc2NwLmV4YW1wbGUuY29tLzApBgNVHREEIjAgghNzZXJ2ZXIyLmV4YW1wbGUuY29tggkqLnRlc3QuZXgwDQYJKoZIhvcNAQELBQADggEBALHOkZkvHLpNm0QSof09vmmdNFE6/+0TCIoPExeqqSOsy4NsF+Ha46WttjJRSVtbhRxF8jxEU7btPiFgQUaOcJZTwQPDhmQSOPNO8GS46oJ57aQ7U7O+X3M1sVS5Pa2IzE6vrJSh349/CNbTA8WPQdWLlxVJhJXAcZNtaEu6lCsZuDSMTpAsW5I4+snyrm3yvP5t0eD28K5LgCKePX962drkAOP6XGQ51VnbMQ7b1TSdQedtYKIpR3VKUvG5Ky/+0c+Rmwfi2aQ8oXXwekzJyS5jvovdVVsdhO68It+Rz/zursN5Pn+Gj1YuQNUs2nDrGHN+VIIFpgWUjLZO4bcJctY= +1999-03-02 09:44:33 cipher: TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 cipher_ TLS1.x:ke_RSA_WITH_ci_mac +1999-03-02 09:44:33 ver: TLS1.x 1999-03-02 09:44:33 10HmaZ-0005vi-00 <= CALLER@test.ex H=[ip4.ip4.ip4.ip4] P=smtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server2.example.com" S=sss 1999-03-02 09:44:33 Our cert SN: <CN=server1.example.com> 1999-03-02 09:44:33 Peer did not present a cert diff --git a/test/log/2102 b/test/log/2102 index 215bbe243..bddb8e973 100644 --- a/test/log/2102 +++ b/test/log/2102 @@ -39,6 +39,9 @@ 1999-03-02 09:44:33 sha1 fingerprint E75D537E478758010505D4F339B00DFD73728088 1999-03-02 09:44:33 sha256 fingerprint E251FA7D0372CB784294CF92B243DCE53FDDABD9F58A1B89226586C07C82CAC6 1999-03-02 09:44:33 der_b64 MIIDuDCCAqCgAwIBAgICAMkwDQYJKoZIhvcNAQELBQAwNzEUMBIGA1UEChMLZXhhbXBsZS5jb20xHzAdBgNVBAMTFmNsaWNhIFNpZ25pbmcgQ2VydCByc2EwHhcNMTIxMTAxMTI0MDA0WhcNMzcxMjAxMTI0MDA0WjAeMRwwGgYDVQQDExNzZXJ2ZXIyLmV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA52Rfiv2Igy0NiaKN5gc0VPLbEoHngkdJWv3wEORp+iFl6skQRbsCylT8djJ2pvHstFpnzSodF3Wwjj2/EDuj3iKBzN9HeXJOvJz8j9Si1xkgCxJeUjPGgYcvKdxybaZAOpi9l3xwPCCEXN4JBq/WaQQ9+eP1PczeMNfvFtXma+VcHXG743ttPOv7eSMr0JxQl3zjQvYGOhFP/KAw6jh/N6YPqii9kV0cC/ubeVzpqJ5/+hndx5YrmAu39N5qzwWujhDPkFNSgCJUhfkEiMaQiPxFxDTbUzWnQ5jpAQ5El4WJVkGWkqxose1bOjSSNzFPJt59YtxxJC3IWN3UtGODTwIDAQABo4HmMIHjMA4GA1UdDwEB/wQEAwIE8DAgBgNVHSUBAf8EFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwTgYDVR0jBEcwRYANQUFidHdDeGNYZ2IwUaExpC8wLTEUMBIGA1UEChMLZXhhbXBsZS5jb20xFTATBgNVBAMTDGNsaWNhIENBIHJzYYIBQjA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vc2NwLmV4YW1wbGUuY29tLzApBgNVHREEIjAgghNzZXJ2ZXIyLmV4YW1wbGUuY29tggkqLnRlc3QuZXgwDQYJKoZIhvcNAQELBQADggEBALHOkZkvHLpNm0QSof09vmmdNFE6/+0TCIoPExeqqSOsy4NsF+Ha46WttjJRSVtbhRxF8jxEU7btPiFgQUaOcJZTwQPDhmQSOPNO8GS46oJ57aQ7U7O+X3M1sVS5Pa2IzE6vrJSh349/CNbTA8WPQdWLlxVJhJXAcZNtaEu6lCsZuDSMTpAsW5I4+snyrm3yvP5t0eD28K5LgCKePX962drkAOP6XGQ51VnbMQ7b1TSdQedtYKIpR3VKUvG5Ky/+0c+Rmwfi2aQ8oXXwekzJyS5jvovdVVsdhO68It+Rz/zursN5Pn+Gj1YuQNUs2nDrGHN+VIIFpgWUjLZO4bcJctY= +1999-03-02 09:44:33 cipher: TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 cipher_ TLS1.x:ke_RSA_WITH_ci_mac +1999-03-02 09:44:33 ver: TLSv1.x 1999-03-02 09:44:33 10HmaZ-0005vi-00 <= CALLER@test.ex H=[ip4.ip4.ip4.ip4] P=smtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server2.example.com" S=sss 1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D 1999-03-02 09:44:33 Our cert SN: <CN=server1.example_ec.com> diff --git a/test/log/2102.openssl_1_1_1 b/test/log/2102.openssl_1_1_1 index 3e2e65f7a..951caaf1a 100644 --- a/test/log/2102.openssl_1_1_1 +++ b/test/log/2102.openssl_1_1_1 @@ -39,6 +39,9 @@ 1999-03-02 09:44:33 sha1 fingerprint E75D537E478758010505D4F339B00DFD73728088 1999-03-02 09:44:33 sha256 fingerprint E251FA7D0372CB784294CF92B243DCE53FDDABD9F58A1B89226586C07C82CAC6 1999-03-02 09:44:33 der_b64 MIIDuDCCAqCgAwIBAgICAMkwDQYJKoZIhvcNAQELBQAwNzEUMBIGA1UEChMLZXhhbXBsZS5jb20xHzAdBgNVBAMTFmNsaWNhIFNpZ25pbmcgQ2VydCByc2EwHhcNMTIxMTAxMTI0MDA0WhcNMzcxMjAxMTI0MDA0WjAeMRwwGgYDVQQDExNzZXJ2ZXIyLmV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA52Rfiv2Igy0NiaKN5gc0VPLbEoHngkdJWv3wEORp+iFl6skQRbsCylT8djJ2pvHstFpnzSodF3Wwjj2/EDuj3iKBzN9HeXJOvJz8j9Si1xkgCxJeUjPGgYcvKdxybaZAOpi9l3xwPCCEXN4JBq/WaQQ9+eP1PczeMNfvFtXma+VcHXG743ttPOv7eSMr0JxQl3zjQvYGOhFP/KAw6jh/N6YPqii9kV0cC/ubeVzpqJ5/+hndx5YrmAu39N5qzwWujhDPkFNSgCJUhfkEiMaQiPxFxDTbUzWnQ5jpAQ5El4WJVkGWkqxose1bOjSSNzFPJt59YtxxJC3IWN3UtGODTwIDAQABo4HmMIHjMA4GA1UdDwEB/wQEAwIE8DAgBgNVHSUBAf8EFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwTgYDVR0jBEcwRYANQUFidHdDeGNYZ2IwUaExpC8wLTEUMBIGA1UEChMLZXhhbXBsZS5jb20xFTATBgNVBAMTDGNsaWNhIENBIHJzYYIBQjA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vc2NwLmV4YW1wbGUuY29tLzApBgNVHREEIjAgghNzZXJ2ZXIyLmV4YW1wbGUuY29tggkqLnRlc3QuZXgwDQYJKoZIhvcNAQELBQADggEBALHOkZkvHLpNm0QSof09vmmdNFE6/+0TCIoPExeqqSOsy4NsF+Ha46WttjJRSVtbhRxF8jxEU7btPiFgQUaOcJZTwQPDhmQSOPNO8GS46oJ57aQ7U7O+X3M1sVS5Pa2IzE6vrJSh349/CNbTA8WPQdWLlxVJhJXAcZNtaEu6lCsZuDSMTpAsW5I4+snyrm3yvP5t0eD28K5LgCKePX962drkAOP6XGQ51VnbMQ7b1TSdQedtYKIpR3VKUvG5Ky/+0c+Rmwfi2aQ8oXXwekzJyS5jvovdVVsdhO68It+Rz/zursN5Pn+Gj1YuQNUs2nDrGHN+VIIFpgWUjLZO4bcJctY= +1999-03-02 09:44:33 cipher: TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 cipher_ TLS1.x:ke_RSA_WITH_ci_mac +1999-03-02 09:44:33 ver: TLS1.x 1999-03-02 09:44:33 10HmaZ-0005vi-00 <= CALLER@test.ex H=[ip4.ip4.ip4.ip4] P=smtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server2.example.com" S=sss 1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D 1999-03-02 09:44:33 Our cert SN: <CN=server1.example_ec.com> diff --git a/test/log/5710 b/test/log/5710 index 72bba14e6..4a3a18095 100644 --- a/test/log/5710 +++ b/test/log/5710 @@ -2,6 +2,8 @@ 1999-03-02 09:44:33 10HmaY-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss 1999-03-02 09:44:33 Start queue run: pid=pppp -qf 1999-03-02 09:44:33 10HmaX-0005vi-00 smtp:ehlo 250-myhost.test.ex Hello localhost [127.0.0.1]\n250-SIZE 52428800\n250-8BITMIME\n250-PIPELINING\n250-STARTTLS\n250 HELP +1999-03-02 09:44:33 10HmaX-0005vi-00 cipher_ +1999-03-02 09:44:33 10HmaX-0005vi-00 ver: 1999-03-02 09:44:33 10HmaX-0005vi-00 tls:cert depth=0 <CN=server1.example.com> 1999-03-02 09:44:33 10HmaX-0005vi-00 msg:host:defer bad 1999-03-02 09:44:33 10HmaX-0005vi-00 NO CLIENT CERT presented @@ -19,14 +21,20 @@ 1999-03-02 09:44:33 10HmaX-0005vi-00 CRU <http://crl.example.com/latest.crl> 1999-03-02 09:44:33 10HmaX-0005vi-00 TLS session: (certificate verification failed): certificate invalid: delivering unencrypted to H=127.0.0.1 [127.0.0.1] (not in hosts_require_tls) 1999-03-02 09:44:33 10HmaX-0005vi-00 smtp:ehlo 250-myhost.test.ex Hello localhost [127.0.0.1]\n250-SIZE 52428800\n250-8BITMIME\n250-PIPELINING\n250-STARTTLS\n250 HELP +1999-03-02 09:44:33 10HmaX-0005vi-00 cipher_ TLS1.x:ke_RSA_WITH_ci_mac +1999-03-02 09:44:33 10HmaX-0005vi-00 ver: 1999-03-02 09:44:33 10HmaX-0005vi-00 => bad@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1] C="250 OK id=10HmaZ-0005vi-00" 1999-03-02 09:44:33 10HmaX-0005vi-00 msg:delivery bad 1999-03-02 09:44:33 10HmaX-0005vi-00 NO CLIENT CERT presented 1999-03-02 09:44:33 10HmaX-0005vi-00 No Peer cert 1999-03-02 09:44:33 10HmaX-0005vi-00 Completed 1999-03-02 09:44:33 10HmaY-0005vi-00 smtp:ehlo 250-myhost.test.ex Hello localhost [127.0.0.1]\n250-SIZE 52428800\n250-8BITMIME\n250-PIPELINING\n250-STARTTLS\n250 HELP +1999-03-02 09:44:33 10HmaY-0005vi-00 cipher_ +1999-03-02 09:44:33 10HmaY-0005vi-00 ver: 1999-03-02 09:44:33 10HmaY-0005vi-00 tls:cert depth=0 <CN=server1.example.com> 1999-03-02 09:44:33 10HmaY-0005vi-00 TLS1.x:ke-RSA-AES256-SHAnnn:xxx smtp:ehlo 250-myhost.test.ex Hello localhost [127.0.0.1]\n250-SIZE 52428800\n250-8BITMIME\n250-PIPELINING\n250 HELP +1999-03-02 09:44:33 10HmaY-0005vi-00 cipher_ TLS1.x:ke_RSA_WITH_ci_mac +1999-03-02 09:44:33 10HmaY-0005vi-00 ver: TLS1.x 1999-03-02 09:44:33 10HmaY-0005vi-00 => good@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbA-0005vi-00" 1999-03-02 09:44:33 10HmaY-0005vi-00 msg:delivery good 1999-03-02 09:44:33 10HmaY-0005vi-00 Our cert SN: CN=server2.example.com diff --git a/test/log/5720 b/test/log/5720 index 066f7fb35..4f6254f62 100644 --- a/test/log/5720 +++ b/test/log/5720 @@ -2,6 +2,8 @@ 1999-03-02 09:44:33 10HmaY-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss 1999-03-02 09:44:33 Start queue run: pid=pppp -qf 1999-03-02 09:44:33 10HmaX-0005vi-00 smtp:ehlo 250-myhost.test.ex Hello localhost [127.0.0.1]\n250-SIZE 52428800\n250-8BITMIME\n250-PIPELINING\n250-STARTTLS\n250 HELP +1999-03-02 09:44:33 10HmaX-0005vi-00 cipher_ +1999-03-02 09:44:33 10HmaX-0005vi-00 ver: 1999-03-02 09:44:33 10HmaX-0005vi-00 [127.0.0.1] SSL verify error: depth=2 error=self signed certificate in certificate chain cert=/O=example.com/CN=clica CA rsa 1999-03-02 09:44:33 10HmaX-0005vi-00 msg:host:defer bad 1999-03-02 09:44:33 10HmaX-0005vi-00 NO CLIENT CERT presented @@ -20,16 +22,22 @@ 1999-03-02 09:44:33 10HmaX-0005vi-00 (no CRU) 1999-03-02 09:44:33 10HmaX-0005vi-00 TLS session: (SSL_connect): error: <<detail omitted>> 1999-03-02 09:44:33 10HmaX-0005vi-00 smtp:ehlo 250-myhost.test.ex Hello localhost [127.0.0.1]\n250-SIZE 52428800\n250-8BITMIME\n250-PIPELINING\n250-STARTTLS\n250 HELP +1999-03-02 09:44:33 10HmaX-0005vi-00 cipher_ +1999-03-02 09:44:33 10HmaX-0005vi-00 ver: 1999-03-02 09:44:33 10HmaX-0005vi-00 => bad@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1] C="250 OK id=10HmaZ-0005vi-00" 1999-03-02 09:44:33 10HmaX-0005vi-00 msg:delivery bad 1999-03-02 09:44:33 10HmaX-0005vi-00 NO CLIENT CERT presented 1999-03-02 09:44:33 10HmaX-0005vi-00 No Peer cert 1999-03-02 09:44:33 10HmaX-0005vi-00 Completed 1999-03-02 09:44:33 10HmaY-0005vi-00 smtp:ehlo 250-myhost.test.ex Hello localhost [127.0.0.1]\n250-SIZE 52428800\n250-8BITMIME\n250-PIPELINING\n250-STARTTLS\n250 HELP +1999-03-02 09:44:33 10HmaY-0005vi-00 cipher_ +1999-03-02 09:44:33 10HmaY-0005vi-00 ver: 1999-03-02 09:44:33 10HmaY-0005vi-00 tls:cert depth=2 <CN=clica CA rsa,O=example.com> 1999-03-02 09:44:33 10HmaY-0005vi-00 tls:cert depth=1 <CN=clica Signing Cert rsa,O=example.com> 1999-03-02 09:44:33 10HmaY-0005vi-00 tls:cert depth=0 <CN=server1.example.com> 1999-03-02 09:44:33 10HmaY-0005vi-00 TLS1.x:ke-RSA-AES256-SHAnnn:xxx smtp:ehlo 250-myhost.test.ex Hello localhost [127.0.0.1]\n250-SIZE 52428800\n250-8BITMIME\n250-PIPELINING\n250 HELP +1999-03-02 09:44:33 10HmaY-0005vi-00 cipher_ TLS1.x:ke_RSA_WITH_ci_mac +1999-03-02 09:44:33 10HmaY-0005vi-00 ver: TLS1.x 1999-03-02 09:44:33 10HmaY-0005vi-00 => good@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbA-0005vi-00" 1999-03-02 09:44:33 10HmaY-0005vi-00 msg:delivery good 1999-03-02 09:44:33 10HmaY-0005vi-00 Our cert SN: CN=server2.example.com diff --git a/test/log/5821 b/test/log/5821 index 98282ecc2..c1da057cf 100644 --- a/test/log/5821 +++ b/test/log/5821 @@ -8,7 +8,7 @@ 1999-03-02 09:44:33 10HmbB-0005vi-00 => CALLER@localhost.test.ex R=client T=send_to_server H=localhost.test.ex [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="CN=server1.example.com" C="250 OK id=10HmbC-0005vi-00" 1999-03-02 09:44:33 10HmbB-0005vi-00 Completed 1999-03-02 09:44:33 10HmbD-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for CALLER@dane256ee.test.ex -1999-03-02 09:44:33 10HmbD-0005vi-00 => CALLER@dane256ee.test.ex R=client T=send_to_server H=dane256ee.test.ex [ip4.ip4.ip4.ip4] X=TLS1.2:RSA_CAMELLIA_256_GCM-SHAnnn:256 CV=dane DN="CN=server1.example.com" C="250 OK id=10HmbE-0005vi-00" +1999-03-02 09:44:33 10HmbD-0005vi-00 => CALLER@dane256ee.test.ex R=client T=send_to_server H=dane256ee.test.ex [ip4.ip4.ip4.ip4] X=TLS1.x:RSA__CAMELLIA_256_GCM:256 CV=dane DN="CN=server1.example.com" C="250 OK id=10HmbE-0005vi-00" 1999-03-02 09:44:33 10HmbD-0005vi-00 Completed ******** SERVER ******** @@ -26,6 +26,6 @@ 1999-03-02 09:44:33 10HmbC-0005vi-00 => :blackhole: <CALLER@localhost.test.ex> R=server 1999-03-02 09:44:33 10HmbC-0005vi-00 Completed 1999-03-02 09:44:33 "rcpt ACL" -1999-03-02 09:44:33 10HmbE-0005vi-00 <= <> H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.2:RSA_CAMELLIA_256_GCM-SHAnnn:256 CV=no S=sss id=E10HmbD-0005vi-00@myhost.test.ex for CALLER@dane256ee.test.ex +1999-03-02 09:44:33 10HmbE-0005vi-00 <= <> H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:RSA__CAMELLIA_256_GCM:256 CV=no S=sss id=E10HmbD-0005vi-00@myhost.test.ex for CALLER@dane256ee.test.ex 1999-03-02 09:44:33 10HmbE-0005vi-00 => :blackhole: <CALLER@dane256ee.test.ex> R=server 1999-03-02 09:44:33 10HmbE-0005vi-00 Completed diff --git a/test/mail/3700.smtps b/test/mail/3700.smtps index 700d68128..66d2afe48 100644 --- a/test/mail/3700.smtps +++ b/test/mail/3700.smtps @@ -3,7 +3,7 @@ Authentication-Results: myhost.test.ex; iprev=pass (localhost) smtp.remote-ip=127.0.0.1; auth=pass (tls) x509.auth="Phil Pennock" Received: from localhost ([127.0.0.1] helo=myhost.test.ex) - by myhost.test.ex with esmtpsa (TLS_proto_and_cipher) + by myhost.test.ex with esmtpsa (TLS1.x:ke-RSA-AES256-SHAnnn:xxx) (Exim x.yz) (envelope-from <ok@test.ex>) id 10HmbA-0005vi-00 diff --git a/test/mail/3700.x b/test/mail/3700.x index 8b589be7a..d520cfe15 100644 --- a/test/mail/3700.x +++ b/test/mail/3700.x @@ -3,7 +3,7 @@ Authentication-Results: myhost.test.ex; iprev=pass (localhost) smtp.remote-ip=127.0.0.1; auth=pass (tls) x509.auth="Phil Pennock" Received: from localhost ([127.0.0.1] helo=myhost.test.ex) - by myhost.test.ex with esmtpsa (TLS_proto_and_cipher) + by myhost.test.ex with esmtpsa (TLS1.x:ke-RSA-AES256-SHAnnn:xxx) (Exim x.yz) (envelope-from <ok@test.ex>) id 10HmaZ-0005vi-00 diff --git a/test/runtest b/test/runtest index 8ef5d6409..1ec546e6d 100755 --- a/test/runtest +++ b/test/runtest @@ -552,15 +552,19 @@ RESET_AFTER_EXTRA_LINE_READ: # the older (comment) style, keeping only the Auth element # (discarding kex, cipher, mac). For TLS 1.3 there is no kex # element (and no _WITH); insert a spurious "RSA". + # Also in $tls_X_cipher_std reporting. - s/^\s+by .+ with .+ \K tls TLS_.*?([^_]+)_WITH.+$/(TLS1.x:ke-$1-AES256-SHAnnn:xxx)/; - s/^\s+by .+ with .+ \K tls TLS_.+$/(TLS1.x:ke-RSA-AES256-SHAnnn:xxx)/; + s/^\s+by \S+ with .+ \K \(TLS1(?:\.[0-3])?\) tls TLS_.*?([^_]+)_WITH.+$/(TLS1.x:ke-$1-AES256-SHAnnn:xxx)/; + s/^\s+by \S+ with .+ \K \(TLS1(?:\.[0-3])?\) tls TLS_.+$/(TLS1.x:ke-RSA-AES256-SHAnnn:xxx)/; + + s/ cipher_ TLS_.*?([^_]+)_WITH.+$/ cipher_ TLS1.x:ke_$1_WITH_ci_mac/; + s/ cipher_ TLS_.*$/ cipher_ TLS1.x:ke_RSA_WITH_ci_mac/; # Test machines might have various different TLS library versions supporting # different protocols; can't rely upon TLS 1.2's AES256-GCM-SHA384, so we # treat the standard algorithms the same. # - # TLSversion : KeyExchange? - Authentication/Signature - C_iph_er - MAC : ??? + # TLSversion : KeyExchange? - Authentication/Signature - C_iph_er - MAC : bits # # So far, have seen: # TLSv1:AES128-GCM-SHA256:128 @@ -578,7 +582,7 @@ RESET_AFTER_EXTRA_LINE_READ: # # Retain the authentication algorith field as we want to test that. - s/( (?: (?:\b|\s) [\(=] ) | \s )TLSv1(\.[123])?:/$1TLS1.x:/xg; + s/( (?: (?:\b|\s) [\(=] ) | \s )TLS1(\.[123])?:/$1TLS1.x:/xg; s/(?<!ke-)((EC)?DHE-)?(RSA|ECDSA)-AES(128|256)-(GCM-SHA(256|384)|SHA)(?!:)/ke-$3-AES256-SHAnnn/g; s/(?<!ke-)((EC)?DHE-)?(RSA|ECDSA)-AES(128|256)-(GCM-SHA(256|384)|SHA):(128|256)/ke-$3-AES256-SHAnnn:xxx/g; @@ -633,10 +637,11 @@ RESET_AFTER_EXTRA_LINE_READ: # DHE-RSA-AES256-SHA # picking latter as canonical simply because regex easier that way. s/\bDHE_RSA_AES_128_CBC_SHA1:128/RSA-AES256-SHA1:256/g; - s/TLS1.[0123](-PKIX)?: # TLS version + s/TLS1.[x0123](-PKIX)?: # TLS version ((EC)?DHE(_((?<psk>PSK)_)?((?<auth>RSA|ECDSA)_)? (SECP(256|521)R1|X25519))?__?)? # key-exchange ((?<auth>RSA|ECDSA)((_PSS_RSAE)?_SHA(512|256))?__?)? # authentication + (?<with>WITH_)? # stdname-with AES_(256|128)_(CBC|GCM) # cipher (__?AEAD)? # pseudo-MAC (__?SHA(1|256|384))? # PRF @@ -644,10 +649,15 @@ RESET_AFTER_EXTRA_LINE_READ: /"TLS1.x:ke-" . (defined($+{psk}) ? $+{psk} : "") . (defined($+{auth}) ? $+{auth} : "") + . (defined($+{with}) ? $+{with} : "") . "-AES256-SHAnnn:xxx"/gex; s/TLS1.2:RSA__CAMELLIA_256_GCM(_SHA384)?:256/TLS1.2:RSA_CAMELLIA_256_GCM-SHAnnn:256/g; s/\b(ECDHE-(RSA|ECDSA)-AES256-SHA|DHE-RSA-AES256-SHA256)\b/ke-$2-AES256-SHAnnn/g; + # Separate reporting of TLS version + s/ver: TLS1(\.[0-3])?$/ver: TLS1.x/; + s/ \(TLS1(\.[0-3])?\) / (TLS1.x) /; + # GnuTLS library error message changes s/(No certificate was found|Certificate is required)/The peer did not send any certificate/g; #(dodgy test?) s/\(certificate verification failed\): invalid/\(gnutls_handshake\): The peer did not send any certificate./g; @@ -1758,9 +1768,6 @@ $munges = s! DN="[^,"]*\K,!/!; ', 'rejectlog' => 's/ X=TLS\S+ / X=TLS_proto_and_cipher /', - 'mail' => 's/^\s+by .+ with .+ \K tls TLS_.+$/(TLS_proto_and_cipher)/; - s/ \(TLS[^)]*\)/ (TLS_proto_and_cipher)/; - ', }, 'debug_pid' => diff --git a/test/stderr/0402 b/test/stderr/0402 index 582622196..a469f8aae 100644 --- a/test/stderr/0402 +++ b/test/stderr/0402 @@ -42,7 +42,7 @@ Data file written for message 10HmaX-0005vi-00 ╰─────result: Tue, 2 Mar 1999 09:44:33 +0000 ╭considering: Received: ${if def:sender_rcvhost {from $sender_rcvhost }{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) - }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { @@ -51,7 +51,7 @@ Data file written for message 10HmaX-0005vi-00 ├─────result: false ╭───scanning: from $sender_rcvhost }{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) - }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { @@ -62,7 +62,7 @@ Data file written for message 10HmaX-0005vi-00 ╰───skipping: result is not used ╭considering: ${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) - }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { @@ -70,13 +70,13 @@ Data file written for message 10HmaX-0005vi-00 ├──condition: def:sender_ident ├─────result: true ╭considering: from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) - }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { for $received_for}} ╎╭considering: $sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) - ╎ }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + ╎ }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std ╎ }}(Exim $version_number) ╎ ${if def:sender_address {(envelope-from <$sender_address>) ╎ }}id $message_exim_id${if def:received_for { @@ -88,7 +88,7 @@ Data file written for message 10HmaX-0005vi-00 ├──condition: def:sender_helo_name ├─────result: false ╭───scanning: (helo=$sender_helo_name) - }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { @@ -103,13 +103,23 @@ Data file written for message 10HmaX-0005vi-00 ╰─────result: from CALLER ├──condition: def:received_protocol ├─────result: true - ╭considering: with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + ╭considering: with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { for $received_for}} ├──expanding: with $received_protocol ╰─────result: with local + ├──condition: def:tls_in_ver + ├─────result: false + ╭───scanning: ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}(Exim $version_number) + ${if def:sender_address {(envelope-from <$sender_address>) + }}id $message_exim_id${if def:received_for { + for $received_for}} + ├──expanding: ($tls_in_ver) + ├─────result: () + ╰───skipping: result is not used ├──condition: def:sender_address ├─────result: true ╭considering: (envelope-from <$sender_address>) @@ -130,7 +140,7 @@ Data file written for message 10HmaX-0005vi-00 ╰───skipping: result is not used ├──expanding: Received: ${if def:sender_rcvhost {from $sender_rcvhost }{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) - }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { diff --git a/test/stderr/0544 b/test/stderr/0544 index 94d65fcd3..4f4e07b02 100644 --- a/test/stderr/0544 +++ b/test/stderr/0544 @@ -7,7 +7,7 @@ admin user ╰─────result: Tue, 2 Mar 1999 09:44:33 +0000 ╭considering: Received: ${if def:sender_rcvhost {from $sender_rcvhost }{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) - }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { @@ -16,7 +16,7 @@ admin user ├─────result: false ╭───scanning: from $sender_rcvhost }{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) - }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { @@ -27,7 +27,7 @@ admin user ╰───skipping: result is not used ╭considering: ${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) - }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { @@ -35,13 +35,13 @@ admin user ├──condition: def:sender_ident ├─────result: true ╭considering: from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) - }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { for $received_for}} ╎╭considering: $sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) - ╎ }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + ╎ }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std ╎ }}(Exim $version_number) ╎ ${if def:sender_address {(envelope-from <$sender_address>) ╎ }}id $message_exim_id${if def:received_for { @@ -53,7 +53,7 @@ admin user ├──condition: def:sender_helo_name ├─────result: false ╭───scanning: (helo=$sender_helo_name) - }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { @@ -68,13 +68,23 @@ admin user ╰─────result: from CALLER ├──condition: def:received_protocol ├─────result: true - ╭considering: with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + ╭considering: with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { for $received_for}} ├──expanding: with $received_protocol ╰─────result: with local + ├──condition: def:tls_in_ver + ├─────result: false + ╭───scanning: ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}(Exim $version_number) + ${if def:sender_address {(envelope-from <$sender_address>) + }}id $message_exim_id${if def:received_for { + for $received_for}} + ├──expanding: ($tls_in_ver) + ├─────result: () + ╰───skipping: result is not used ├──condition: def:sender_address ├─────result: true ╭considering: (envelope-from <$sender_address>) @@ -95,7 +105,7 @@ admin user ╰───skipping: result is not used ├──expanding: Received: ${if def:sender_rcvhost {from $sender_rcvhost }{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) - }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { diff --git a/test/stderr/5410 b/test/stderr/5410 index e808be9db..0461d84ed 100644 --- a/test/stderr/5410 +++ b/test/stderr/5410 @@ -141,7 +141,7 @@ end of inline ACL: ACCEPT ╰─────result: Tue, 2 Mar 1999 09:44:33 +0000 ╭considering: Received: ${if def:sender_rcvhost {from $sender_rcvhost }{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) - }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { @@ -150,7 +150,7 @@ end of inline ACL: ACCEPT ├─────result: false ╭───scanning: from $sender_rcvhost }{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) - }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { @@ -161,7 +161,7 @@ end of inline ACL: ACCEPT ╰───skipping: result is not used ╭considering: ${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) - }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { @@ -169,13 +169,13 @@ end of inline ACL: ACCEPT ├──condition: def:sender_ident ├─────result: true ╭considering: from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) - }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { for $received_for}} ╎╭considering: $sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) - ╎ }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + ╎ }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std ╎ }}(Exim $version_number) ╎ ${if def:sender_address {(envelope-from <$sender_address>) ╎ }}id $message_exim_id${if def:received_for { @@ -187,7 +187,7 @@ end of inline ACL: ACCEPT ├──condition: def:sender_helo_name ├─────result: true ╭considering: (helo=$sender_helo_name) - }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { @@ -204,13 +204,23 @@ end of inline ACL: ACCEPT ╰──(tainted) ├──condition: def:received_protocol ├─────result: true - ╭considering: with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + ╭considering: with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { for $received_for}} ├──expanding: with $received_protocol ╰─────result: with local-esmtp + ├──condition: def:tls_in_ver + ├─────result: false + ╭───scanning: ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}(Exim $version_number) + ${if def:sender_address {(envelope-from <$sender_address>) + }}id $message_exim_id${if def:received_for { + for $received_for}} + ├──expanding: ($tls_in_ver) + ├─────result: () + ╰───skipping: result is not used ├──condition: def:sender_address ├─────result: true ╭considering: (envelope-from <$sender_address>) @@ -231,7 +241,7 @@ end of inline ACL: ACCEPT ╰──(tainted) ├──expanding: Received: ${if def:sender_rcvhost {from $sender_rcvhost }{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) - }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { @@ -373,7 +383,7 @@ end of inline ACL: ACCEPT ╰─────result: Tue, 2 Mar 1999 09:44:33 +0000 ╭considering: Received: ${if def:sender_rcvhost {from $sender_rcvhost }{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) - }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { @@ -382,7 +392,7 @@ end of inline ACL: ACCEPT ├─────result: false ╭───scanning: from $sender_rcvhost }{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) - }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { @@ -393,7 +403,7 @@ end of inline ACL: ACCEPT ╰───skipping: result is not used ╭considering: ${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) - }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { @@ -401,13 +411,13 @@ end of inline ACL: ACCEPT ├──condition: def:sender_ident ├─────result: true ╭considering: from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) - }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { for $received_for}} ╎╭considering: $sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) - ╎ }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + ╎ }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std ╎ }}(Exim $version_number) ╎ ${if def:sender_address {(envelope-from <$sender_address>) ╎ }}id $message_exim_id${if def:received_for { @@ -419,7 +429,7 @@ end of inline ACL: ACCEPT ├──condition: def:sender_helo_name ├─────result: true ╭considering: (helo=$sender_helo_name) - }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { @@ -436,13 +446,23 @@ end of inline ACL: ACCEPT ╰──(tainted) ├──condition: def:received_protocol ├─────result: true - ╭considering: with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + ╭considering: with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { for $received_for}} ├──expanding: with $received_protocol ╰─────result: with local-esmtp + ├──condition: def:tls_in_ver + ├─────result: false + ╭───scanning: ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}(Exim $version_number) + ${if def:sender_address {(envelope-from <$sender_address>) + }}id $message_exim_id${if def:received_for { + for $received_for}} + ├──expanding: ($tls_in_ver) + ├─────result: () + ╰───skipping: result is not used ├──condition: def:sender_address ├─────result: true ╭considering: (envelope-from <$sender_address>) @@ -463,7 +483,7 @@ end of inline ACL: ACCEPT ╰──(tainted) ├──expanding: Received: ${if def:sender_rcvhost {from $sender_rcvhost }{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) - }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { @@ -605,7 +625,7 @@ end of inline ACL: ACCEPT ╰─────result: Tue, 2 Mar 1999 09:44:33 +0000 ╭considering: Received: ${if def:sender_rcvhost {from $sender_rcvhost }{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) - }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { @@ -614,7 +634,7 @@ end of inline ACL: ACCEPT ├─────result: false ╭───scanning: from $sender_rcvhost }{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) - }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { @@ -625,7 +645,7 @@ end of inline ACL: ACCEPT ╰───skipping: result is not used ╭considering: ${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) - }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { @@ -633,13 +653,13 @@ end of inline ACL: ACCEPT ├──condition: def:sender_ident ├─────result: true ╭considering: from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) - }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { for $received_for}} ╎╭considering: $sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) - ╎ }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + ╎ }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std ╎ }}(Exim $version_number) ╎ ${if def:sender_address {(envelope-from <$sender_address>) ╎ }}id $message_exim_id${if def:received_for { @@ -651,7 +671,7 @@ end of inline ACL: ACCEPT ├──condition: def:sender_helo_name ├─────result: true ╭considering: (helo=$sender_helo_name) - }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { @@ -668,13 +688,23 @@ end of inline ACL: ACCEPT ╰──(tainted) ├──condition: def:received_protocol ├─────result: true - ╭considering: with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + ╭considering: with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { for $received_for}} ├──expanding: with $received_protocol ╰─────result: with local-esmtp + ├──condition: def:tls_in_ver + ├─────result: false + ╭───scanning: ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}(Exim $version_number) + ${if def:sender_address {(envelope-from <$sender_address>) + }}id $message_exim_id${if def:received_for { + for $received_for}} + ├──expanding: ($tls_in_ver) + ├─────result: () + ╰───skipping: result is not used ├──condition: def:sender_address ├─────result: true ╭considering: (envelope-from <$sender_address>) @@ -695,7 +725,7 @@ end of inline ACL: ACCEPT ╰──(tainted) ├──expanding: Received: ${if def:sender_rcvhost {from $sender_rcvhost }{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) - }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { diff --git a/test/stderr/5420 b/test/stderr/5420 index c335c9e56..b0f1f0a09 100644 --- a/test/stderr/5420 +++ b/test/stderr/5420 @@ -142,7 +142,7 @@ end of inline ACL: ACCEPT ╰─────result: Tue, 2 Mar 1999 09:44:33 +0000 ╭considering: Received: ${if def:sender_rcvhost {from $sender_rcvhost }{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) - }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { @@ -151,7 +151,7 @@ end of inline ACL: ACCEPT ├─────result: false ╭───scanning: from $sender_rcvhost }{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) - }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { @@ -162,7 +162,7 @@ end of inline ACL: ACCEPT ╰───skipping: result is not used ╭considering: ${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) - }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { @@ -170,13 +170,13 @@ end of inline ACL: ACCEPT ├──condition: def:sender_ident ├─────result: true ╭considering: from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) - }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { for $received_for}} ╎╭considering: $sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) - ╎ }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + ╎ }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std ╎ }}(Exim $version_number) ╎ ${if def:sender_address {(envelope-from <$sender_address>) ╎ }}id $message_exim_id${if def:received_for { @@ -188,7 +188,7 @@ end of inline ACL: ACCEPT ├──condition: def:sender_helo_name ├─────result: true ╭considering: (helo=$sender_helo_name) - }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { @@ -205,13 +205,23 @@ end of inline ACL: ACCEPT ╰──(tainted) ├──condition: def:received_protocol ├─────result: true - ╭considering: with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + ╭considering: with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { for $received_for}} ├──expanding: with $received_protocol ╰─────result: with local-esmtp + ├──condition: def:tls_in_ver + ├─────result: false + ╭───scanning: ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}(Exim $version_number) + ${if def:sender_address {(envelope-from <$sender_address>) + }}id $message_exim_id${if def:received_for { + for $received_for}} + ├──expanding: ($tls_in_ver) + ├─────result: () + ╰───skipping: result is not used ├──condition: def:sender_address ├─────result: true ╭considering: (envelope-from <$sender_address>) @@ -232,7 +242,7 @@ end of inline ACL: ACCEPT ╰──(tainted) ├──expanding: Received: ${if def:sender_rcvhost {from $sender_rcvhost }{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) - }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { @@ -374,7 +384,7 @@ end of inline ACL: ACCEPT ╰─────result: Tue, 2 Mar 1999 09:44:33 +0000 ╭considering: Received: ${if def:sender_rcvhost {from $sender_rcvhost }{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) - }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { @@ -383,7 +393,7 @@ end of inline ACL: ACCEPT ├─────result: false ╭───scanning: from $sender_rcvhost }{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) - }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { @@ -394,7 +404,7 @@ end of inline ACL: ACCEPT ╰───skipping: result is not used ╭considering: ${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) - }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { @@ -402,13 +412,13 @@ end of inline ACL: ACCEPT ├──condition: def:sender_ident ├─────result: true ╭considering: from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) - }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { for $received_for}} ╎╭considering: $sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) - ╎ }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + ╎ }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std ╎ }}(Exim $version_number) ╎ ${if def:sender_address {(envelope-from <$sender_address>) ╎ }}id $message_exim_id${if def:received_for { @@ -420,7 +430,7 @@ end of inline ACL: ACCEPT ├──condition: def:sender_helo_name ├─────result: true ╭considering: (helo=$sender_helo_name) - }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { @@ -437,13 +447,23 @@ end of inline ACL: ACCEPT ╰──(tainted) ├──condition: def:received_protocol ├─────result: true - ╭considering: with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + ╭considering: with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { for $received_for}} ├──expanding: with $received_protocol ╰─────result: with local-esmtp + ├──condition: def:tls_in_ver + ├─────result: false + ╭───scanning: ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}(Exim $version_number) + ${if def:sender_address {(envelope-from <$sender_address>) + }}id $message_exim_id${if def:received_for { + for $received_for}} + ├──expanding: ($tls_in_ver) + ├─────result: () + ╰───skipping: result is not used ├──condition: def:sender_address ├─────result: true ╭considering: (envelope-from <$sender_address>) @@ -464,7 +484,7 @@ end of inline ACL: ACCEPT ╰──(tainted) ├──expanding: Received: ${if def:sender_rcvhost {from $sender_rcvhost }{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) - }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { @@ -606,7 +626,7 @@ end of inline ACL: ACCEPT ╰─────result: Tue, 2 Mar 1999 09:44:33 +0000 ╭considering: Received: ${if def:sender_rcvhost {from $sender_rcvhost }{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) - }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { @@ -615,7 +635,7 @@ end of inline ACL: ACCEPT ├─────result: false ╭───scanning: from $sender_rcvhost }{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) - }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { @@ -626,7 +646,7 @@ end of inline ACL: ACCEPT ╰───skipping: result is not used ╭considering: ${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) - }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { @@ -634,13 +654,13 @@ end of inline ACL: ACCEPT ├──condition: def:sender_ident ├─────result: true ╭considering: from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) - }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { for $received_for}} ╎╭considering: $sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) - ╎ }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + ╎ }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std ╎ }}(Exim $version_number) ╎ ${if def:sender_address {(envelope-from <$sender_address>) ╎ }}id $message_exim_id${if def:received_for { @@ -652,7 +672,7 @@ end of inline ACL: ACCEPT ├──condition: def:sender_helo_name ├─────result: true ╭considering: (helo=$sender_helo_name) - }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { @@ -669,13 +689,23 @@ end of inline ACL: ACCEPT ╰──(tainted) ├──condition: def:received_protocol ├─────result: true - ╭considering: with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + ╭considering: with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { for $received_for}} ├──expanding: with $received_protocol ╰─────result: with local-esmtp + ├──condition: def:tls_in_ver + ├─────result: false + ╭───scanning: ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}(Exim $version_number) + ${if def:sender_address {(envelope-from <$sender_address>) + }}id $message_exim_id${if def:received_for { + for $received_for}} + ├──expanding: ($tls_in_ver) + ├─────result: () + ╰───skipping: result is not used ├──condition: def:sender_address ├─────result: true ╭considering: (envelope-from <$sender_address>) @@ -696,7 +726,7 @@ end of inline ACL: ACCEPT ╰──(tainted) ├──expanding: Received: ${if def:sender_rcvhost {from $sender_rcvhost }{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name) - }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_cipher_std { tls $tls_in_cipher_std + }}}}by $primary_hostname ${if def:received_protocol {with $received_protocol }}${if def:tls_in_ver { ($tls_in_ver)}}${if def:tls_in_cipher_std { tls $tls_in_cipher_std }}(Exim $version_number) ${if def:sender_address {(envelope-from <$sender_address>) }}id $message_exim_id${if def:received_for { |