diff options
Diffstat (limited to 'test/confs')
| -rw-r--r-- | test/confs/0900 | 7 | ||||
| -rw-r--r-- | test/confs/1150 (renamed from test/confs/2008) | 12 | ||||
| -rw-r--r-- | test/confs/1151 (renamed from test/confs/1103) | 2 | ||||
| -rw-r--r-- | test/confs/1152 (renamed from test/confs/2007) | 15 | ||||
| -rw-r--r-- | test/confs/1153 (renamed from test/confs/2109) | 2 | ||||
| -rw-r--r-- | test/confs/1157 (renamed from test/confs/2113) | 4 | ||||
| -rw-r--r-- | test/confs/1158 (renamed from test/confs/2016) | 2 | ||||
| -rw-r--r-- | test/confs/1159 (renamed from test/confs/2117) | 4 | ||||
| -rw-r--r-- | test/confs/1161 (renamed from test/confs/2021) | 2 | ||||
| -rw-r--r-- | test/confs/1163 (renamed from test/confs/2138) | 4 | ||||
| -rw-r--r-- | test/confs/1164 (renamed from test/confs/2151) | 2 | ||||
| l--------- | test/confs/1165 (renamed from test/confs/2091) | 0 | ||||
| -rw-r--r-- | test/confs/2009 | 61 | ||||
| -rw-r--r-- | test/confs/2013 | 74 | ||||
| -rw-r--r-- | test/confs/2017 | 69 | ||||
| -rw-r--r-- | test/confs/2033 | 4 | ||||
| -rw-r--r-- | test/confs/2038 | 64 | ||||
| l--------- | test/confs/2051 | 1 | ||||
| -rw-r--r-- | test/confs/2107 | 66 | ||||
| -rw-r--r-- | test/confs/2108 | 84 | ||||
| -rw-r--r-- | test/confs/2116 | 43 | ||||
| -rw-r--r-- | test/confs/2121 | 44 | ||||
| -rw-r--r-- | test/confs/2133 | 5 | ||||
| l--------- | test/confs/2191 | 1 |
24 files changed, 35 insertions, 537 deletions
diff --git a/test/confs/0900 b/test/confs/0900 index df1540cfb..ffce9e886 100644 --- a/test/confs/0900 +++ b/test/confs/0900 @@ -43,8 +43,7 @@ log_selector = +received_recipients .endif .ifdef _OPT_MAIN_TLS_CERTIFICATE -tls_certificate = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail} -tls_privatekey = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail} +tls_certificate = DIR/aux-fixed/cert1 .endif ALLOW @@ -107,6 +106,8 @@ remote_smtp: hosts = 127.0.0.1 port = PORT_S hosts_try_fastopen = : + tls_verify_certificates = DIR/aux-fixed/cert1 + tls_verify_cert_hostnames = allow_localhost command_timeout = 2s final_timeout = 2s @@ -116,6 +117,8 @@ remote_smtp_dkim: hosts = 127.0.0.1 port = PORT_S hosts_try_fastopen = : + tls_verify_certificates = DIR/aux-fixed/cert1 + tls_verify_cert_hostnames = allow_localhost command_timeout = 2s final_timeout = 2s diff --git a/test/confs/2008 b/test/confs/1150 index 0fd5186ac..b98c8dc45 100644 --- a/test/confs/2008 +++ b/test/confs/1150 @@ -1,4 +1,4 @@ -# Exim test configuration 2008 +# Exim test configuration 1150 SERVER = @@ -12,16 +12,12 @@ primary_hostname = myhost.test.ex domainlist local_domains = test.ex : *.test.ex acl_smtp_rcpt = check_recipient -log_selector = +tls_peerdn queue_only queue_run_in_order remote_max_parallel = 1 tls_advertise_hosts = * - -# Set certificate only if server - -tls_certificate = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail} +tls_certificate = DIR/aux-fixed/cert1 # ------ ACL ------ @@ -66,6 +62,8 @@ send_to_server1: port = PORT_D hosts_try_fastopen = : helo_data = helo.data.changed + tls_verify_certificates = DIR/aux-fixed/cert1 + tls_verify_cert_hostnames = send_to_server2: driver = smtp @@ -73,6 +71,8 @@ send_to_server2: hosts = HOSTIPV4 port = PORT_D hosts_try_fastopen = : + tls_verify_certificates = DIR/aux-fixed/cert1 + tls_verify_cert_hostnames = # ----- Retry ----- diff --git a/test/confs/1103 b/test/confs/1151 index 52f471b79..4729c9222 100644 --- a/test/confs/1103 +++ b/test/confs/1151 @@ -1,4 +1,4 @@ -# Exim test configuration 1103 +# Exim test configuration 1151 .include DIR/aux-var/tls_conf_prefix diff --git a/test/confs/2007 b/test/confs/1152 index db46a6c6f..eadea0a8a 100644 --- a/test/confs/2007 +++ b/test/confs/1152 @@ -1,4 +1,4 @@ -# Exim test configuration 2007 +# Exim test configuration 1152 SERVER = @@ -10,18 +10,17 @@ primary_hostname = myhost.test.ex acl_smtp_rcpt = accept -log_selector = +smtp_confirmation+tls_peerdn +log_selector = +smtp_confirmation queue_only queue_run_in_order tls_advertise_hosts = * +.ifdef _HAVE_GNUTLS tls_require_ciphers = NORMAL:!DHE-RSA:!DHE-DSS:!ECDHE-RSA:!ECDHE-ECDSA:!ECDHE-PSK +.endif -# Set certificate only if server - -tls_certificate = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail} -tls_privatekey = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail} +tls_certificate = DIR/aux-fixed/cert1 # ----- Routers ----- @@ -56,6 +55,8 @@ send_to_server1: hosts = 127.0.0.1 port = PORT_D hosts_try_fastopen = : + tls_verify_certificates = DIR/aux-fixed/cert1 + tls_verify_cert_hostnames = send_to_server2: driver = smtp @@ -63,5 +64,7 @@ send_to_server2: hosts = HOSTIPV4 port = PORT_D hosts_try_fastopen = : + tls_verify_certificates = DIR/aux-fixed/cert1 + tls_verify_cert_hostnames = # End diff --git a/test/confs/2109 b/test/confs/1153 index 3f1465fa2..13e2c4097 100644 --- a/test/confs/2109 +++ b/test/confs/1153 @@ -1,4 +1,4 @@ -# Exim test configuration 2109 +# Exim test configuration 1153 SERVER = diff --git a/test/confs/2113 b/test/confs/1157 index b992747e2..1b12a5ff5 100644 --- a/test/confs/2113 +++ b/test/confs/1157 @@ -1,4 +1,4 @@ -# Exim test configuration 2113 +# Exim test configuration 1157 SERVER = PEX = : @@ -11,7 +11,7 @@ primary_hostname = myhost.test.ex acl_smtp_rcpt = accept -log_selector = +tls_peerdn+smtp_connection+incoming_port+received_recipients +log_selector = +smtp_connection+incoming_port+received_recipients queue_only queue_run_in_order diff --git a/test/confs/2016 b/test/confs/1158 index ead3a903b..b4a5f9703 100644 --- a/test/confs/2016 +++ b/test/confs/1158 @@ -1,4 +1,4 @@ -# Exim test configuration 2016 +# Exim test configuration 1158 .include DIR/aux-var/std_conf_prefix diff --git a/test/confs/2117 b/test/confs/1159 index 16429f1a4..a549a9f77 100644 --- a/test/confs/2117 +++ b/test/confs/1159 @@ -1,4 +1,4 @@ -# Exim test configuration 2117 +# Exim test configuration 1159 SERVER = @@ -10,8 +10,6 @@ primary_hostname = myhost.test.ex acl_smtp_rcpt = accept -log_selector = +tls_peerdn - queue_only queue_run_in_order diff --git a/test/confs/2021 b/test/confs/1161 index a7e89f8da..ae7c16181 100644 --- a/test/confs/2021 +++ b/test/confs/1161 @@ -1,4 +1,4 @@ -# Exim test configuration 2021 +# Exim test configuration 1161 REQUIRE=# TRYCLEAR=# diff --git a/test/confs/2138 b/test/confs/1163 index c255373b5..f9d1ab1bf 100644 --- a/test/confs/2138 +++ b/test/confs/1163 @@ -1,4 +1,4 @@ -# Exim test configuration 2135 +# Exim test configuration 1163 SERVER = @@ -10,7 +10,7 @@ primary_hostname = myhost.test.ex acl_smtp_rcpt = accept -log_selector = +tls_peerdn+smtp_connection+incoming_port+received_recipients +log_selector = +smtp_connection+incoming_port+received_recipients queue_only queue_run_in_order diff --git a/test/confs/2151 b/test/confs/1164 index 1e40a83ae..9c13ad58c 100644 --- a/test/confs/2151 +++ b/test/confs/1164 @@ -1,4 +1,4 @@ -# Exim test configuration 2151 +# Exim test configuration 1164 .include DIR/aux-var/tls_conf_prefix diff --git a/test/confs/2091 b/test/confs/1165 index 1bb987150..1bb987150 120000 --- a/test/confs/2091 +++ b/test/confs/1165 diff --git a/test/confs/2009 b/test/confs/2009 deleted file mode 100644 index 21f9f2673..000000000 --- a/test/confs/2009 +++ /dev/null @@ -1,61 +0,0 @@ -# Exim test configuration 2009 - -SERVER = - -.include DIR/aux-var/tls_conf_prefix - -primary_hostname = myhost.test.ex - -# ----- Main settings ----- - -acl_smtp_rcpt = check_recipient -hostlist tls_hosts = 127.0.0.1 - -queue_only -queue_run_in_order - -tls_advertise_hosts = * - -# Set certificate only if server - -tls_certificate = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail} -tls_privatekey = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail} - - - -# ----- ACL ----- - -begin acl - -check_recipient: - deny hosts = +tls_hosts - message = encryption required - !encrypted = * - accept domains = +local_domains - deny message = relay not permitted - - -# ----- Routers ----- - -begin routers - -client: - driver = accept - condition = ${if eq {SERVER}{server}{no}{yes}} - retry_use_local_part - transport = send_to_server - - -# ----- Transports ----- - -begin transports - -send_to_server: - driver = smtp - allow_localhost - hosts = 127.0.0.1 - port = PORT_D - hosts_try_fastopen = : - hosts_avoid_tls = 127.0.0.1 - -# End diff --git a/test/confs/2013 b/test/confs/2013 deleted file mode 100644 index d81f160de..000000000 --- a/test/confs/2013 +++ /dev/null @@ -1,74 +0,0 @@ -# Exim test configuration 2013 - -SERVER = -PEX = : - -.include DIR/aux-var/tls_conf_prefix - -primary_hostname = myhost.test.ex - -# ----- Main settings ----- - -acl_smtp_rcpt = accept - -log_selector = +tls_peerdn+smtp_connection+incoming_port+received_recipients - -queue_only -queue_run_in_order - -smtp_accept_max_nonmail = 0 - -tls_advertise_hosts = * - -# Set certificate only if server - -tls_certificate = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail} -tls_privatekey = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail} - - -# ----- Routers ----- - -begin routers - -.ifdef REQUIRE -cl_override: - driver = manualroute - route_data = HOSTIPV4 - retry_use_local_part - transport = send_to_server - self = send -.endif - -client: - driver = accept - condition = ${if eq {SERVER}{server}{no}{yes}} - retry_use_local_part - transport = send_to_server - -server: - driver = accept - retry_use_local_part - transport = local_delivery - - -# ----- Transports ----- - -begin transports - -local_delivery: - driver = appendfile - file = DIR/test-mail/${bless:$local_part} - headers_add = TLS: cipher=$tls_cipher peerdn=$tls_peerdn - user = CALLER - -send_to_server: - driver = smtp - allow_localhost - hosts_override - hosts = 127.0.0.1 - port = PORT_D - hosts_try_fastopen = : - hosts_noproxy_tls = PEX - tls_try_verify_hosts = : - -# End diff --git a/test/confs/2017 b/test/confs/2017 deleted file mode 100644 index 01612ef72..000000000 --- a/test/confs/2017 +++ /dev/null @@ -1,69 +0,0 @@ -# Exim test configuration 2017 - -SERVER = - -.include DIR/aux-var/tls_conf_prefix - -primary_hostname = myhost.test.ex - -# ----- Main settings ----- - -acl_smtp_rcpt = accept - -log_selector = +tls_peerdn - -queue_only -queue_run_in_order - -tls_advertise_hosts = * - -# Set certificate only if server - -tls_certificate = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail} -tls_privatekey = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail} - - -# ----- Routers ----- - -begin routers - -client: - driver = accept - condition = ${if eq {SERVER}{server}{no}{yes}} - retry_use_local_part - transport = send_to_server - -server: - driver = accept - retry_use_local_part - transport = local_delivery - - -# ----- Transports ----- - -begin transports - -local_delivery: - driver = appendfile - file = DIR/test-mail/${bless:$local_part} - headers_add = TLS: cipher=$tls_cipher peerdn=$tls_peerdn - user = CALLER - -send_to_server: - driver = smtp - allow_localhost - hosts = 127.0.0.1 - port = PORT_D - hosts_try_fastopen = : - hosts_nopass_tls = * - - -# ----- Retry ----- - - -begin retry - -* * F,5d,10s - - -# End diff --git a/test/confs/2033 b/test/confs/2033 index 15e632a57..8fa51d0e9 100644 --- a/test/confs/2033 +++ b/test/confs/2033 @@ -1,4 +1,4 @@ -# Exim test configuration 2033 +# Exim test configuration 1162 # TLS client: verify certificate from server - name-fails SERVER= @@ -81,7 +81,7 @@ client_r: client_s: driver = accept - local_parts = users + local_parts = user_s retry_use_local_part transport = send_to_server_req_passname diff --git a/test/confs/2038 b/test/confs/2038 deleted file mode 100644 index 677bc9ee3..000000000 --- a/test/confs/2038 +++ /dev/null @@ -1,64 +0,0 @@ -# Exim test configuration 2035 - -SERVER = - -.include DIR/aux-var/tls_conf_prefix - -primary_hostname = myhost.test.ex - -# ----- Main settings ----- - -acl_smtp_rcpt = accept - -log_selector = +tls_peerdn+smtp_connection+incoming_port+received_recipients - -queue_only -queue_run_in_order -remote_max_parallel = 1 - -smtp_accept_max_nonmail = 0 - -tls_advertise_hosts = * - -# Set certificate only if server - -tls_certificate = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail} -tls_privatekey = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail} - - -# ----- Routers ----- - -begin routers - -client: - driver = manualroute - condition = ${if eq {SERVER}{server}{no}{yes}} - route_data = 127.0.0.1 - self = send - retry_use_local_part - transport = send_to_server - -server: - driver = accept - retry_use_local_part - transport = local_delivery - - -# ----- Transports ----- - -begin transports - -local_delivery: - driver = appendfile - file = DIR/test-mail/${bless:$local_part} - headers_add = TLS: cipher=$tls_cipher peerdn=$tls_peerdn - user = CALLER - -send_to_server: - driver = smtp - allow_localhost - hosts_noproxy_tls = : - port = PORT_D - max_rcpt = 1 - -# End diff --git a/test/confs/2051 b/test/confs/2051 deleted file mode 120000 index cde0a73c4..000000000 --- a/test/confs/2051 +++ /dev/null @@ -1 +0,0 @@ -2151
\ No newline at end of file diff --git a/test/confs/2107 b/test/confs/2107 deleted file mode 100644 index 1f96800e3..000000000 --- a/test/confs/2107 +++ /dev/null @@ -1,66 +0,0 @@ -# Exim test configuration 2107 - -SERVER = - -.include DIR/aux-var/tls_conf_prefix - -primary_hostname = myhost.test.ex - -# ----- Main settings ----- - -acl_smtp_rcpt = accept - -log_selector = +smtp_confirmation+tls_peerdn - -queue_only -queue_run_in_order - -tls_advertise_hosts = * - -# Set certificate only if server - -tls_certificate = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail} -tls_privatekey = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail} - - -# ----- Routers ----- - -begin routers - -client: - driver = accept - condition = ${if eq {SERVER}{server}{no}{yes}} - retry_use_local_part - transport = send_to_server${if eq{$local_part}{abcd}{2}{1}} - -server: - driver = accept - retry_use_local_part - transport = local_delivery - - -# ----- Transports ----- - -begin transports - -local_delivery: - driver = appendfile - file = DIR/test-mail/${bless:$local_part} - headers_add = TLS: cipher=$tls_cipher peerdn=$tls_peerdn - user = CALLER - -send_to_server1: - driver = smtp - allow_localhost - hosts = 127.0.0.1 - port = PORT_D - hosts_try_fastopen = : - -send_to_server2: - driver = smtp - allow_localhost - hosts = HOSTIPV4 - port = PORT_D - hosts_try_fastopen = : - -# End diff --git a/test/confs/2108 b/test/confs/2108 deleted file mode 100644 index c9720e46a..000000000 --- a/test/confs/2108 +++ /dev/null @@ -1,84 +0,0 @@ -# Exim test configuration 2108 - -SERVER = - -.include DIR/aux-var/tls_conf_prefix - -primary_hostname = myhost.test.ex - -# ----- Main settings ----- - -domainlist local_domains = test.ex : *.test.ex - -acl_smtp_rcpt = check_recipient -log_selector = +tls_peerdn -queue_only -queue_run_in_order -remote_max_parallel = 1 - -tls_advertise_hosts = * - -# Set certificate only if server - -tls_certificate = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail} - -# ------ ACL ------ - -begin acl - -check_recipient: - accept domains = +local_domains - deny message = relay not permitted - - -# ----- Routers ----- - -begin routers - -client: - driver = accept - condition = ${if eq {SERVER}{server}{no}{yes}} - retry_use_local_part - transport = send_to_server${if eq{$local_part}{abcd}{2}{1}} - -server: - driver = accept - retry_use_local_part - transport = local_delivery - - -# ----- Transports ----- - -begin transports - -local_delivery: - driver = appendfile - file = DIR/test-mail/${bless:$local_part} - headers_add = TLS: cipher=$tls_cipher peerdn=$tls_peerdn - user = CALLER - -send_to_server1: - driver = smtp - allow_localhost - hosts = 127.0.0.1 - port = PORT_D - hosts_try_fastopen = : - helo_data = helo.data.changed - -send_to_server2: - driver = smtp - allow_localhost - hosts = HOSTIPV4 - port = PORT_D - hosts_try_fastopen = : - - -# ----- Retry ----- - - -begin retry - -* * F,5d,10s - - -# End diff --git a/test/confs/2116 b/test/confs/2116 deleted file mode 100644 index 77a671261..000000000 --- a/test/confs/2116 +++ /dev/null @@ -1,43 +0,0 @@ -# Exim test configuration 2116 - -.include DIR/aux-var/std_conf_prefix - - -# ----- Main settings ----- - -qualify_domain = test.ex - - -# ----- Routers ----- - -begin routers - -others: - driver = manualroute - route_list = * 127.0.0.1 byname - self = send - transport = smtp - no_more - - -# ----- Transports ----- - -begin transports - -smtp: - driver = smtp - command_timeout = 1s - port = PORT_S - hosts_try_fastopen = : - hosts_require_tls = 127.0.0.1 - - -# ----- Retry ----- - - -begin retry - -* * F,5d,1d - - -# End diff --git a/test/confs/2121 b/test/confs/2121 deleted file mode 100644 index 6dcaa0577..000000000 --- a/test/confs/2121 +++ /dev/null @@ -1,44 +0,0 @@ -# Exim test configuration 2121 - -REQUIRE=# -TRYCLEAR=# - -.include DIR/aux-var/std_conf_prefix - -primary_hostname = myhost.test.ex - -# ----- Main settings ----- - - -# ----- Routers ----- - -begin routers - -client: - driver = accept - transport = send_to_server - - -# ----- Transports ----- - -begin transports - -send_to_server: - driver = smtp - allow_localhost - hosts = 127.0.0.1 - port = PORT_S - hosts_try_fastopen = : - REQUIRE - TRYCLEAR - - -# ----- Retry ----- - - -begin retry - -* * F,5d,10s - - -# End diff --git a/test/confs/2133 b/test/confs/2133 index 463e614ca..8fa51d0e9 100644 --- a/test/confs/2133 +++ b/test/confs/2133 @@ -1,4 +1,4 @@ -# Exim test configuration 2133 +# Exim test configuration 1162 # TLS client: verify certificate from server - name-fails SERVER= @@ -91,7 +91,6 @@ client_t: retry_use_local_part transport = send_to_server_req_failcarryon - # ----- Transports ----- begin transports @@ -181,6 +180,8 @@ send_to_server_req_passname: tls_verify_cert_hostnames = * tls_verify_hosts = * +# this will fail to verify the cert name but carry on (try-verify mode) +# fail because the cert is "server1.example.com" and the test system is something else send_to_server_req_failcarryon: driver = smtp allow_localhost diff --git a/test/confs/2191 b/test/confs/2191 deleted file mode 120000 index 1bb987150..000000000 --- a/test/confs/2191 +++ /dev/null @@ -1 +0,0 @@ -0900
\ No newline at end of file |