diff options
Diffstat (limited to 'test/confs')
| -rw-r--r-- | test/confs/1102 | 27 | ||||
| -rw-r--r-- | test/confs/1103 | 43 | ||||
| -rw-r--r-- | test/confs/2025 | 7 | ||||
| -rw-r--r-- | test/confs/2100 | 8 | ||||
| -rw-r--r-- | test/confs/2113 | 1 | ||||
| -rw-r--r-- | test/confs/4060 | 6 |
6 files changed, 81 insertions, 11 deletions
diff --git a/test/confs/1102 b/test/confs/1102 new file mode 100644 index 000000000..2bab6e804 --- /dev/null +++ b/test/confs/1102 @@ -0,0 +1,27 @@ +# Exim test configuration 1102 + +.include DIR/aux-var/tls_conf_prefix + +primary_hostname = myhost.test.ex + +# ----- Main settings ----- + +tls_advertise_hosts = * + +tls_certificate = DIR/tmp/certs/servercert +tls_privatekey = DIR/tmp/certs/serverkey +#tls_verify_certificates = DIR/aux-fixed/cert2 +tls_verify_certificates = system,cache + +queue_only +log_selector = +millisec + +# --- ACL --- + +acl_smtp_rcpt = acl_check_rcpt + +begin acl +acl_check_rcpt: + accept logwrite = server cert: CN=${certextract{subject,CN}{$tls_in_ourcert}} + +# End diff --git a/test/confs/1103 b/test/confs/1103 new file mode 100644 index 000000000..b937ee99c --- /dev/null +++ b/test/confs/1103 @@ -0,0 +1,43 @@ +# Exim test configuration 1103 + +.include DIR/aux-var/tls_conf_prefix + +primary_hostname = myhost.test.ex + +# ----- Main settings ----- + +tls_advertise_hosts = * + +tls_certificate = DIR/tmp/certs/servercert +tls_privatekey = DIR/tmp/certs/serverkey +tls_try_verify_hosts = * +tls_verify_certificates = DIR/aux-fixed/cert2 +#tls_verify_certificates = system,cache + +queue_only +log_selector = +millisec + +# --- ACL --- + +acl_smtp_rcpt = accept + +# ---- + +begin routers + +all: + driver = accept + transport = smtp + +begin transports + +smtp: + driver = smtp + hosts = 127.0.0.1 + allow_localhost + port = PORT_D + tls_certificate = DIR/aux-fixed/cert2 + tls_verify_certificates = DIR/aux-fixed/cert1 + tls_verify_cert_hostnames = : + +# End diff --git a/test/confs/2025 b/test/confs/2025 index 8c08abebe..5ddeb7573 100644 --- a/test/confs/2025 +++ b/test/confs/2025 @@ -16,13 +16,8 @@ queue_only queue_run_in_order tls_advertise_hosts = * - tls_require_ciphers = NORMAL:-VERS-ALL:+VERS-TLS1.2:-MAC-ALL:+SHA256 - -# Set certificate only if server - -tls_certificate = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail} -tls_privatekey = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail} +tls_certificate = DIR/aux-fixed/cert1 # ----- Routers ----- diff --git a/test/confs/2100 b/test/confs/2100 index 827d93811..63a2f255a 100644 --- a/test/confs/2100 +++ b/test/confs/2100 @@ -22,11 +22,13 @@ tls_advertise_hosts = * # Set certificate only if server -tls_certificate = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail} -tls_privatekey = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail} +#tls_certificate = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail} +tls_certificate = DIR/aux-fixed/cert1 +#tls_privatekey = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail} tls_verify_hosts = * -tls_verify_certificates = ${if eq {SERVER}{server}{DIR/aux-fixed/cert2}fail} +#tls_verify_certificates = ${if eq {SERVER}{server}{DIR/aux-fixed/cert2}fail} +tls_verify_certificates = DIR/aux-fixed/cert2 # ----- Routers ----- diff --git a/test/confs/2113 b/test/confs/2113 index fc2c72215..b992747e2 100644 --- a/test/confs/2113 +++ b/test/confs/2113 @@ -66,7 +66,6 @@ send_to_server: port = PORT_D hosts_try_fastopen = : hosts_noproxy_tls = PEX - tls_try_verify_hosts = : tls_verify_certificates = DIR/aux-fixed/cert1 tls_verify_cert_hostnames = : diff --git a/test/confs/4060 b/test/confs/4060 index f3aa84d66..b6e071202 100644 --- a/test/confs/4060 +++ b/test/confs/4060 @@ -21,7 +21,11 @@ gecos_name = CALLER_NAME dns_cname_loops = 9 chunking_advertise_hosts = OPT tls_advertise_hosts = * -tls_certificate = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail} +tls_certificate = DIR/aux-fixed/cert1 + +.ifdef _HAVE_TLS_CA_CACHE +tls_verify_certificates = system,cache +.endif .ifdef _HAVE_DMARC dmarc_tld_file = |