diff options
| author | Jeremy Harris <jgh146exb@wizmail.org> | 2021-05-28 17:33:13 +0100 |
|---|---|---|
| committer | Jeremy Harris <jgh146exb@wizmail.org> | 2021-06-03 23:44:12 +0100 |
| commit | 8af4fd7e0f697d9585f013b9664f88d32131b5df (patch) | |
| tree | a8cd800e375a0ca72798db4b8e2af192ce32cb93 /test | |
| parent | ef77ddc9239a2a96442b7708c825235823d6c9ce (diff) | |
Testsuite: use higher-spec certs, for more-recent GnuTLS versions which deprecate weaker ones
Needed for GnuTLS 3.6.15 (on Fedora 33)
Diffstat (limited to 'test')
| -rw-r--r-- | test/confs/1110 | 4 | ||||
| -rw-r--r-- | test/confs/1151 | 8 | ||||
| -rw-r--r-- | test/confs/2000 | 7 | ||||
| -rw-r--r-- | test/confs/2001 | 5 | ||||
| -rw-r--r-- | test/confs/2012 | 19 | ||||
| -rw-r--r-- | test/confs/2033 | 19 | ||||
| -rw-r--r-- | test/confs/3700 | 15 | ||||
| -rw-r--r-- | test/confs/3720 | 13 | ||||
| -rw-r--r-- | test/log/2012 | 8 | ||||
| -rw-r--r-- | test/log/2033 | 4 | ||||
| -rw-r--r-- | test/log/3700 | 4 | ||||
| -rw-r--r-- | test/log/3720 | 6 | ||||
| -rw-r--r-- | test/log/3721 | 6 | ||||
| -rw-r--r-- | test/mail/1110.userx | 2 | ||||
| -rw-r--r-- | test/mail/3700.smtps | 2 | ||||
| -rw-r--r-- | test/mail/3700.x | 2 | ||||
| -rw-r--r-- | test/scripts/1100-Basic-TLS/1110 | 2 | ||||
| -rw-r--r-- | test/scripts/3720-external-auth-GnuTLS/3720 | 4 | ||||
| -rw-r--r-- | test/scripts/3721-external-auth-OpenSSL/3721 | 4 | ||||
| -rw-r--r-- | test/stdout/1110 | 4 | ||||
| -rw-r--r-- | test/stdout/3720 | 6 | ||||
| -rw-r--r-- | test/stdout/3721 | 6 |
22 files changed, 59 insertions, 91 deletions
diff --git a/test/confs/1110 b/test/confs/1110 index b22360fe3..30d1c3a2d 100644 --- a/test/confs/1110 +++ b/test/confs/1110 @@ -1,4 +1,4 @@ -# Exim test configuration 2019 +# Exim test configuration 1110 .include DIR/aux-var/tls_conf_prefix @@ -17,7 +17,7 @@ tls_certificate = DIR/aux-fixed/cert1 tls_privatekey = DIR/aux-fixed/cert1 tls_verify_hosts = HOSTIPV4 -tls_verify_certificates = DIR/aux-fixed/cert2 +tls_verify_certificates = DIR/aux-fixed/exim-ca/example.org/server2.example.org/ca_chain.pem # ------ ACL ------ diff --git a/test/confs/1151 b/test/confs/1151 index 4729c9222..b041a9c8a 100644 --- a/test/confs/1151 +++ b/test/confs/1151 @@ -11,8 +11,8 @@ tls_advertise_hosts = * tls_certificate = DIR/tmp/certs/servercert tls_privatekey = DIR/tmp/certs/serverkey tls_try_verify_hosts = * -tls_verify_certificates = DIR/aux-fixed/cert2 -#tls_verify_certificates = system,cache + +tls_verify_certificates = DIR/aux-fixed/exim-ca/example.org/server2.example.org/ca_chain.pem queue_only log_selector = +millisec @@ -37,7 +37,9 @@ smtp: allow_localhost port = PORT_D hosts_try_fastopen = : - tls_certificate = DIR/aux-fixed/cert2 + tls_certificate = DIR/aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.pem + tls_privatekey = DIR/aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.unlocked.key + tls_verify_certificates = DIR/aux-fixed/cert1 tls_verify_cert_hostnames = : diff --git a/test/confs/2000 b/test/confs/2000 index 11104b09d..c81c80d59 100644 --- a/test/confs/2000 +++ b/test/confs/2000 @@ -25,7 +25,7 @@ tls_certificate = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail} tls_privatekey = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail} tls_verify_hosts = * -tls_verify_certificates = ${if eq {SERVER}{server}{DIR/aux-fixed/cert2}fail} +tls_verify_certificates = DIR/aux-fixed/exim-ca/example.org/server2.example.org/ca_chain.pem # ----- Routers ----- @@ -49,8 +49,9 @@ send_to_server: hosts = 127.0.0.1 port = PORT_D hosts_try_fastopen = : - tls_certificate = DIR/aux-fixed/cert2 - tls_privatekey = DIR/aux-fixed/cert2 + tls_certificate = DIR/aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.pem + tls_privatekey = DIR/aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.unlocked.key + tls_verify_certificates = DIR/aux-fixed/cert2 tls_try_verify_hosts = diff --git a/test/confs/2001 b/test/confs/2001 index d6525cae5..f8358cbd4 100644 --- a/test/confs/2001 +++ b/test/confs/2001 @@ -23,9 +23,6 @@ tls_advertise_hosts = * tls_certificate = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail} tls_privatekey = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail} -tls_verify_hosts = * -tls_verify_certificates = ${if eq {SERVER}{server}{DIR/aux-fixed/cert2}fail} - # so we can decode in wireshark tls_require_ciphers = NORMAL:-KX-ALL:+RSA @@ -52,8 +49,6 @@ send_to_server: hosts_try_fastopen = : OPTION port = PORT_D - tls_certificate = DIR/aux-fixed/cert2 - tls_privatekey = DIR/aux-fixed/cert2 tls_verify_certificates = DIR/aux-fixed/cert2 tls_try_verify_hosts = diff --git a/test/confs/2012 b/test/confs/2012 index c0ed029c5..8de185b64 100644 --- a/test/confs/2012 +++ b/test/confs/2012 @@ -33,9 +33,6 @@ tls_advertise_hosts = * tls_certificate = ${if eq {SERVER}{server}{CERT1}fail} tls_privatekey = ${if eq {SERVER}{server}{KEY1}fail} -tls_verify_hosts = * -tls_verify_certificates = ${if eq {SERVER}{server}{CERT2}fail} - # ----- Routers ----- @@ -108,8 +105,6 @@ send_to_server_failcert: port = PORT_D hosts_try_fastopen = : hosts_require_tls = HOSTIPV4 - tls_certificate = CERT2 - tls_privatekey = CERT2 tls_verify_certificates = CA2 tls_try_verify_hosts = @@ -123,8 +118,6 @@ send_to_server_retry: port = PORT_D hosts_try_fastopen = : hosts_require_tls = HOSTIPV4 - tls_certificate = CERT2 - tls_privatekey = CERT2 tls_verify_certificates = \ ${if eq{$host_address}{127.0.0.1}{CA1}{CA2}} @@ -139,8 +132,6 @@ send_to_server_crypt: port = PORT_D hosts_try_fastopen = : hosts_require_tls = HOSTIPV4 - tls_certificate = CERT2 - tls_privatekey = CERT2 tls_verify_certificates = CA2 tls_try_verify_hosts = * @@ -153,8 +144,6 @@ send_to_server_req_fail: hosts = HOSTIPV4 port = PORT_D hosts_try_fastopen = : - tls_certificate = CERT2 - tls_privatekey = CERT2 tls_verify_certificates = CA2 tls_verify_hosts = * @@ -167,8 +156,6 @@ send_to_server_req_fail: hosts = serverbadname.example.com port = PORT_D hosts_try_fastopen = : - tls_certificate = CERT2 - tls_privatekey = CERT2 tls_verify_certificates = CA1 tls_verify_cert_hostnames = HOSTIPV4 @@ -181,8 +168,6 @@ send_to_server_req_fail: hosts = server1.example.com port = PORT_D hosts_try_fastopen = : - tls_certificate = CERT2 - tls_privatekey = CERT2 tls_verify_certificates = CA1 tls_verify_cert_hostnames = HOSTIPV4 @@ -195,8 +180,6 @@ send_to_server_req_fail: hosts = serverchain1.example.com port = PORT_D hosts_try_fastopen = : - tls_certificate = CERT2 - tls_privatekey = CERT2 tls_verify_certificates = CA1 tls_verify_cert_hostnames = HOSTIPV4 @@ -209,8 +192,6 @@ send_to_server_req_fail: hosts = alternatename.server1.example.com port = PORT_D hosts_try_fastopen = : - tls_certificate = CERT2 - tls_privatekey = CERT2 tls_verify_certificates = CA1 tls_verify_cert_hostnames = HOSTIPV4 diff --git a/test/confs/2033 b/test/confs/2033 index 8fa51d0e9..44ebbc594 100644 --- a/test/confs/2033 +++ b/test/confs/2033 @@ -1,4 +1,4 @@ -# Exim test configuration 1162 +# Exim test configuration 2033 # TLS client: verify certificate from server - name-fails SERVER= @@ -35,9 +35,6 @@ tls_advertise_hosts = * tls_certificate = ${if eq {SERVER}{server}{CERT1}fail} tls_privatekey = ${if eq {SERVER}{server}{KEY1}fail} -tls_verify_hosts = * -tls_verify_certificates = ${if eq {SERVER}{server}{CERT2}fail} - # ----- Routers ----- @@ -103,8 +100,6 @@ send_to_server_failcert: port = PORT_D hosts_try_fastopen = : hosts_require_tls = HOSTIPV4 - tls_certificate = CERT2 - tls_privatekey = CERT2 tls_verify_certificates = CA2 @@ -116,8 +111,6 @@ send_to_server_retry: port = PORT_D hosts_try_fastopen = : hosts_require_tls = HOSTIPV4 - tls_certificate = CERT2 - tls_privatekey = CERT2 tls_verify_certificates = \ ${if eq{$host_address}{127.0.0.1}{CA1}{CA2}} @@ -130,8 +123,6 @@ send_to_server_crypt: port = PORT_D hosts_try_fastopen = : hosts_require_tls = HOSTIPV4 - tls_certificate = CERT2 - tls_privatekey = CERT2 tls_verify_certificates = CA2 tls_try_verify_hosts = * @@ -144,8 +135,6 @@ send_to_server_req_fail: hosts = HOSTNAME port = PORT_D hosts_try_fastopen = : - tls_certificate = CERT2 - tls_privatekey = CERT2 tls_verify_certificates = CA2 tls_verify_hosts = * @@ -158,8 +147,6 @@ send_to_server_req_failname: hosts = HOSTNAME port = PORT_D hosts_try_fastopen = : - tls_certificate = CERT2 - tls_privatekey = CERT2 tls_verify_certificates = CA1 tls_verify_cert_hostnames = * @@ -173,8 +160,6 @@ send_to_server_req_passname: hosts = server1.example.com port = PORT_D hosts_try_fastopen = : - tls_certificate = CERT2 - tls_privatekey = CERT2 tls_verify_certificates = CA1 tls_verify_cert_hostnames = * @@ -188,8 +173,6 @@ send_to_server_req_failcarryon: hosts = HOSTNAME port = PORT_D hosts_try_fastopen = : - tls_certificate = CERT2 - tls_privatekey = CERT2 tls_verify_certificates = CA1 tls_verify_cert_hostnames = * diff --git a/test/confs/3700 b/test/confs/3700 index 599f3e50d..598bc7f1a 100644 --- a/test/confs/3700 +++ b/test/confs/3700 @@ -20,10 +20,11 @@ trusted_users = CALLER tls_on_connect_ports = PORT_S tls_advertise_hosts = * -tls_certificate = DIR/aux-fixed/cert1 +tls_certificate = DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.pem +tls_privatekey = DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key tls_verify_hosts = * -tls_verify_certificates = DIR/aux-fixed/cert2 +tls_verify_certificates = DIR/aux-fixed/exim-ca/example.org/server2.example.org/ca_chain.pem # ----- ACL ----- @@ -78,8 +79,9 @@ t1: port = PORT_D hosts_try_fastopen = : allow_localhost - tls_certificate = DIR/aux-fixed/cert2 - tls_verify_certificates = DIR/aux-fixed/cert1 + tls_certificate = DIR/aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.pem + tls_privatekey = DIR/aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.unlocked.key + tls_verify_certificates = DIR/aux-fixed/exim-ca/example.com/server1.example.com/ca_chain.pem tls_verify_cert_hostnames = : t2: @@ -89,8 +91,9 @@ t2: hosts_try_fastopen = : protocol = smtps allow_localhost - tls_certificate = DIR/aux-fixed/cert2 - tls_verify_certificates = DIR/aux-fixed/cert1 + tls_certificate = DIR/aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.pem + tls_privatekey = DIR/aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.unlocked.key + tls_verify_certificates = DIR/aux-fixed/exim-ca/example.com/server1.example.com/ca_chain.pem tls_verify_cert_hostnames = : file: diff --git a/test/confs/3720 b/test/confs/3720 index 74faec2cf..e82c57f03 100644 --- a/test/confs/3720 +++ b/test/confs/3720 @@ -19,10 +19,11 @@ queue_run_in_order trusted_users = CALLER tls_advertise_hosts = * -tls_certificate = DIR/aux-fixed/cert1 +tls_certificate = DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.pem +tls_privatekey = DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key tls_verify_hosts = * -tls_verify_certificates = DIR/aux-fixed/cert2 +tls_verify_certificates = DIR/aux-fixed/exim-ca/example.org/server2.example.org/ca_chain.pem # ----- ACL ----- @@ -54,7 +55,7 @@ ext_ccert_cn: server_set_id = $auth1 server_debug_print = +++TLS \$auth1="$auth1" - client_send = "Phil Pennock" + client_send = "server2.example.org" # ----- Routers ----- @@ -81,8 +82,10 @@ t1: port = PORT_D hosts_try_fastopen = : allow_localhost - tls_certificate = DIR/aux-fixed/cert2 - tls_verify_certificates = DIR/aux-fixed/cert1 + tls_certificate = DIR/aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.pem + tls_privatekey = DIR/aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.unlocked.key + + tls_verify_certificates = DIR/aux-fixed/exim-ca/example.com/server1.example.com/ca_chain.pem tls_verify_cert_hostnames = : hosts_try_auth = * diff --git a/test/log/2012 b/test/log/2012 index 294ad4d03..696c07a92 100644 --- a/test/log/2012 +++ b/test/log/2012 @@ -34,13 +34,13 @@ 1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D 1999-03-02 09:44:33 TLS error on connection from the.local.host.name [ip4.ip4.ip4.ip4] (recv): A TLS fatal alert has been received: Certificate is bad 1999-03-02 09:44:33 TLS error on connection from the.local.host.name [ip4.ip4.ip4.ip4] (recv): A TLS fatal alert has been received: Certificate is bad -1999-03-02 09:44:33 10HmbF-0005vi-00 <= CALLER@myhost.test.ex H=localhost (myhost.test.ex) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="C=UK,O=The Exim Maintainers,OU=Test Suite,CN=Phil Pennock" S=sss id=E10HmaY-0005vi-00@myhost.test.ex -1999-03-02 09:44:33 10HmbG-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="C=UK,O=The Exim Maintainers,OU=Test Suite,CN=Phil Pennock" S=sss id=E10HmaZ-0005vi-00@myhost.test.ex +1999-03-02 09:44:33 10HmbF-0005vi-00 <= CALLER@myhost.test.ex H=localhost (myhost.test.ex) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaY-0005vi-00@myhost.test.ex +1999-03-02 09:44:33 10HmbG-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaZ-0005vi-00@myhost.test.ex 1999-03-02 09:44:33 TLS error on connection from the.local.host.name [ip4.ip4.ip4.ip4] (recv): A TLS fatal alert has been received: Certificate is bad 1999-03-02 09:44:33 10HmbH-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmbA-0005vi-00@myhost.test.ex 1999-03-02 09:44:33 TLS error on connection from the.local.host.name [ip4.ip4.ip4.ip4] (recv): A TLS fatal alert has been received: Certificate is bad 1999-03-02 09:44:33 10HmbI-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmbB-0005vi-00@myhost.test.ex -1999-03-02 09:44:33 10HmbJ-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="C=UK,O=The Exim Maintainers,OU=Test Suite,CN=Phil Pennock" S=sss id=E10HmbC-0005vi-00@myhost.test.ex +1999-03-02 09:44:33 10HmbJ-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbC-0005vi-00@myhost.test.ex 1999-03-02 09:44:33 TLS error on connection from the.local.host.name [ip4.ip4.ip4.ip4] (recv): A TLS fatal alert has been received: Certificate is bad 1999-03-02 09:44:33 10HmbK-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmbD-0005vi-00@myhost.test.ex -1999-03-02 09:44:33 10HmbL-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="C=UK,O=The Exim Maintainers,OU=Test Suite,CN=Phil Pennock" S=sss id=E10HmbE-0005vi-00@myhost.test.ex +1999-03-02 09:44:33 10HmbL-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbE-0005vi-00@myhost.test.ex diff --git a/test/log/2033 b/test/log/2033 index 8757949cb..2bbcd0068 100644 --- a/test/log/2033 +++ b/test/log/2033 @@ -21,5 +21,5 @@ 1999-03-02 09:44:33 10HmbB-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmaX-0005vi-00@myhost.test.ex 1999-03-02 09:44:33 TLS error on connection from the.local.host.name [ip4.ip4.ip4.ip4] (recv): A TLS fatal alert has been received: Certificate is bad 1999-03-02 09:44:33 10HmbC-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtp S=sss id=E10HmaY-0005vi-00@myhost.test.ex -1999-03-02 09:44:33 10HmbD-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="C=UK,O=The Exim Maintainers,OU=Test Suite,CN=Phil Pennock" S=sss id=E10HmaZ-0005vi-00@myhost.test.ex -1999-03-02 09:44:33 10HmbE-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="C=UK,O=The Exim Maintainers,OU=Test Suite,CN=Phil Pennock" S=sss id=E10HmbA-0005vi-00@myhost.test.ex +1999-03-02 09:44:33 10HmbD-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaZ-0005vi-00@myhost.test.ex +1999-03-02 09:44:33 10HmbE-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbA-0005vi-00@myhost.test.ex diff --git a/test/log/3700 b/test/log/3700 index 2ef1502cb..bb5d88f56 100644 --- a/test/log/3700 +++ b/test/log/3700 @@ -10,9 +10,9 @@ ******** SERVER ******** 1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D and for SMTPS on port PORT_S 1999-03-02 09:44:33 Auth ACL called, after smtp cmd "STARTTLS" -1999-03-02 09:44:33 10HmaZ-0005vi-00 <= ok@test.ex H=localhost (myhost.test.ex) [127.0.0.1] P=esmtpsa X=TLS_proto_and_cipher CV=yes A=tls:"Phil Pennock" S=sss id=E10HmaX-0005vi-00@myhost.test.ex for x@y +1999-03-02 09:44:33 10HmaZ-0005vi-00 <= ok@test.ex H=localhost (myhost.test.ex) [127.0.0.1] P=esmtpsa X=TLS_proto_and_cipher CV=yes A=tls:server2.example.org S=sss id=E10HmaX-0005vi-00@myhost.test.ex for x@y 1999-03-02 09:44:33 Auth ACL called, after smtp cmd "" -1999-03-02 09:44:33 10HmbA-0005vi-00 <= ok@test.ex H=localhost (myhost.test.ex) [127.0.0.1] P=esmtpsa X=TLS_proto_and_cipher CV=yes A=tls:"Phil Pennock" S=sss id=E10HmaY-0005vi-00@myhost.test.ex for smtps@y +1999-03-02 09:44:33 10HmbA-0005vi-00 <= ok@test.ex H=localhost (myhost.test.ex) [127.0.0.1] P=esmtpsa X=TLS_proto_and_cipher CV=yes A=tls:server2.example.org S=sss id=E10HmaY-0005vi-00@myhost.test.ex for smtps@y 1999-03-02 09:44:33 Start queue run: pid=pppp 1999-03-02 09:44:33 10HmaZ-0005vi-00 => x <x@y> R=server_r T=file 1999-03-02 09:44:33 10HmaZ-0005vi-00 Completed diff --git a/test/log/3720 b/test/log/3720 index bc759fdb1..7757bf0ba 100644 --- a/test/log/3720 +++ b/test/log/3720 @@ -6,6 +6,6 @@ ******** SERVER ******** 1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D -1999-03-02 09:44:33 Auth ACL called, after smtp cmd "AUTH EXTERNAL UGhpbCBQZW5ub2Nr" -1999-03-02 09:44:33 Auth ACL called, after smtp cmd "AUTH EXTERNAL UGhpbCBQZW5ub2Nr" -1999-03-02 09:44:33 10HmaY-0005vi-00 <= ok@test.ex H=localhost (myhost.test.ex) [127.0.0.1] P=esmtpsa X=TLS_proto_and_cipher CV=yes A=ext_ccert_cn:Phil Pennock S=sss id=E10HmaX-0005vi-00@myhost.test.ex for x@y +1999-03-02 09:44:33 Auth ACL called, after smtp cmd "AUTH EXTERNAL c2VydmVyMi5leGFtcGxlLm9yZw==" +1999-03-02 09:44:33 Auth ACL called, after smtp cmd "AUTH EXTERNAL c2VydmVyMi5leGFtcGxlLm9yZw==" +1999-03-02 09:44:33 10HmaY-0005vi-00 <= ok@test.ex H=localhost (myhost.test.ex) [127.0.0.1] P=esmtpsa X=TLS_proto_and_cipher CV=yes A=ext_ccert_cn:server2.example.org S=sss id=E10HmaX-0005vi-00@myhost.test.ex for x@y diff --git a/test/log/3721 b/test/log/3721 index bc759fdb1..7757bf0ba 100644 --- a/test/log/3721 +++ b/test/log/3721 @@ -6,6 +6,6 @@ ******** SERVER ******** 1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D -1999-03-02 09:44:33 Auth ACL called, after smtp cmd "AUTH EXTERNAL UGhpbCBQZW5ub2Nr" -1999-03-02 09:44:33 Auth ACL called, after smtp cmd "AUTH EXTERNAL UGhpbCBQZW5ub2Nr" -1999-03-02 09:44:33 10HmaY-0005vi-00 <= ok@test.ex H=localhost (myhost.test.ex) [127.0.0.1] P=esmtpsa X=TLS_proto_and_cipher CV=yes A=ext_ccert_cn:Phil Pennock S=sss id=E10HmaX-0005vi-00@myhost.test.ex for x@y +1999-03-02 09:44:33 Auth ACL called, after smtp cmd "AUTH EXTERNAL c2VydmVyMi5leGFtcGxlLm9yZw==" +1999-03-02 09:44:33 Auth ACL called, after smtp cmd "AUTH EXTERNAL c2VydmVyMi5leGFtcGxlLm9yZw==" +1999-03-02 09:44:33 10HmaY-0005vi-00 <= ok@test.ex H=localhost (myhost.test.ex) [127.0.0.1] P=esmtpsa X=TLS_proto_and_cipher CV=yes A=ext_ccert_cn:server2.example.org S=sss id=E10HmaX-0005vi-00@myhost.test.ex for x@y diff --git a/test/mail/1110.userx b/test/mail/1110.userx index ad6260fcc..cfc50295f 100644 --- a/test/mail/1110.userx +++ b/test/mail/1110.userx @@ -18,7 +18,7 @@ Received: from [ip4.ip4.ip4.ip4] id 10HmaY-0005vi-00 for userx@test.ex; Tue, 2 Mar 1999 09:44:33 +0000 -TLS: cipher=TLS1.x:ke-RSA-AES256-SHAnnn:xxx peerdn/cn 'CN=Phil Pennock' +TLS: cipher=TLS1.x:ke-RSA-AES256-SHAnnn:xxx peerdn/cn 'CN=server2.example.org' This is a test encrypted message from a verified host. diff --git a/test/mail/3700.smtps b/test/mail/3700.smtps index f844cf206..99fcfc408 100644 --- a/test/mail/3700.smtps +++ b/test/mail/3700.smtps @@ -1,7 +1,7 @@ From ok@test.ex Tue Mar 02 09:44:33 1999 Authentication-Results: myhost.test.ex; iprev=pass (localhost) smtp.remote-ip=127.0.0.1; - auth=pass (tls) x509.auth="Phil Pennock" + auth=pass (tls) x509.auth=server2.example.org Received: from localhost ([127.0.0.1] helo=myhost.test.ex) by myhost.test.ex with esmtpsa (TLS1.x:ke-RSA-AES256-SHAnnn:xxx) (Exim x.yz) diff --git a/test/mail/3700.x b/test/mail/3700.x index 8e8250815..89ef396dc 100644 --- a/test/mail/3700.x +++ b/test/mail/3700.x @@ -1,7 +1,7 @@ From ok@test.ex Tue Mar 02 09:44:33 1999 Authentication-Results: myhost.test.ex; iprev=pass (localhost) smtp.remote-ip=127.0.0.1; - auth=pass (tls) x509.auth="Phil Pennock" + auth=pass (tls) x509.auth=server2.example.org Received: from localhost ([127.0.0.1] helo=myhost.test.ex) by myhost.test.ex with esmtpsa (TLS1.x:ke-RSA-AES256-SHAnnn:xxx) (Exim x.yz) diff --git a/test/scripts/1100-Basic-TLS/1110 b/test/scripts/1100-Basic-TLS/1110 index 865b2202f..effc75006 100644 --- a/test/scripts/1100-Basic-TLS/1110 +++ b/test/scripts/1100-Basic-TLS/1110 @@ -22,7 +22,7 @@ This is a test encrypted message. quit ??? 221 **** -client-anytls -tls-on-connect HOSTIPV4 PORT_D aux-fixed/cert2 aux-fixed/cert2 +client-anytls -tls-on-connect HOSTIPV4 PORT_D aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.pem aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.unlocked.key ??? 220 mail from:<userx@test.ex> ??? 250 diff --git a/test/scripts/3720-external-auth-GnuTLS/3720 b/test/scripts/3720-external-auth-GnuTLS/3720 index 49d95205e..1b932e69b 100644 --- a/test/scripts/3720-external-auth-GnuTLS/3720 +++ b/test/scripts/3720-external-auth-GnuTLS/3720 @@ -5,7 +5,7 @@ exim -DSERVER=server -bd -oX PORT_D **** # # -client-gnutls 127.0.0.1 PORT_D 127.0.0.1 DIR/aux-fixed/cert2 DIR/aux-fixed/cert2 +client-gnutls 127.0.0.1 PORT_D 127.0.0.1 DIR/aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.pem DIR/aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.unlocked.key ??? 220 EHLO tester ??? 250- @@ -23,7 +23,7 @@ EHLO tester ??? 250- ??? 250-AUTH EXTERNAL ??? 250 HELP -AUTH EXTERNAL UGhpbCBQZW5ub2Nr +AUTH EXTERNAL c2VydmVyMi5leGFtcGxlLm9yZw== ??? 235 quit ??? 221 diff --git a/test/scripts/3721-external-auth-OpenSSL/3721 b/test/scripts/3721-external-auth-OpenSSL/3721 index 310b8d2ae..35cc11bd4 100644 --- a/test/scripts/3721-external-auth-OpenSSL/3721 +++ b/test/scripts/3721-external-auth-OpenSSL/3721 @@ -5,7 +5,7 @@ exim -DSERVER=server -bd -oX PORT_D **** # # -client-ssl 127.0.0.1 PORT_D 127.0.0.1 DIR/aux-fixed/cert2 DIR/aux-fixed/cert2 +client-ssl 127.0.0.1 PORT_D 127.0.0.1 DIR/aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.pem DIR/aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.unlocked.key ??? 220 EHLO tester ??? 250- @@ -23,7 +23,7 @@ EHLO tester ??? 250- ??? 250-AUTH EXTERNAL ??? 250 HELP -AUTH EXTERNAL UGhpbCBQZW5ub2Nr +AUTH EXTERNAL c2VydmVyMi5leGFtcGxlLm9yZw== ??? 235 quit ??? 221 diff --git a/test/stdout/1110 b/test/stdout/1110 index b885461ed..27f78bd48 100644 --- a/test/stdout/1110 +++ b/test/stdout/1110 @@ -32,8 +32,8 @@ Succeeded in starting TLS <<< 221 myhost.test.ex closing connection End of script Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected -Certificate file = aux-fixed/cert2 -Key file = aux-fixed/cert2 +Certificate file = aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.pem +Key file = aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.unlocked.key Attempting to start TLS Succeeded in starting TLS ??? 220 diff --git a/test/stdout/3720 b/test/stdout/3720 index 049c87d36..0351cdfd2 100644 --- a/test/stdout/3720 +++ b/test/stdout/3720 @@ -1,6 +1,6 @@ Connecting to 127.0.0.1 port 1225 ... connected -Certificate file = TESTSUITE/aux-fixed/cert2 -Key file = TESTSUITE/aux-fixed/cert2 +Certificate file = aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.pem +Key file = aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.unlocked.key ??? 220 <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 >>> EHLO tester @@ -34,7 +34,7 @@ Succeeded in starting TLS <<< 250-AUTH EXTERNAL ??? 250 HELP <<< 250 HELP ->>> AUTH EXTERNAL UGhpbCBQZW5ub2Nr +>>> AUTH EXTERNAL c2VydmVyMi5leGFtcGxlLm9yZw== ??? 235 <<< 235 Authentication succeeded >>> quit diff --git a/test/stdout/3721 b/test/stdout/3721 index 049c87d36..854382ee5 100644 --- a/test/stdout/3721 +++ b/test/stdout/3721 @@ -1,6 +1,6 @@ Connecting to 127.0.0.1 port 1225 ... connected -Certificate file = TESTSUITE/aux-fixed/cert2 -Key file = TESTSUITE/aux-fixed/cert2 +Certificate file = TESTSUITE/aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.pem +Key file = TESTSUITE/aux-fixed/exim-ca/example.org/server2.example.org/server2.example.org.unlocked.key ??? 220 <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 >>> EHLO tester @@ -34,7 +34,7 @@ Succeeded in starting TLS <<< 250-AUTH EXTERNAL ??? 250 HELP <<< 250 HELP ->>> AUTH EXTERNAL UGhpbCBQZW5ub2Nr +>>> AUTH EXTERNAL c2VydmVyMi5leGFtcGxlLm9yZw== ??? 235 <<< 235 Authentication succeeded >>> quit |