22 files changed, 26 insertions, 0 deletions

diff --git a/test/confs/2000 b/test/confs/2000
index 06e5a153c..bc4fff2a4 100644
--- a/test/confs/2000
+++ b/test/confs/2000
@@ -56,6 +56,7 @@ send_to_server:
   tls_certificate = DIR/aux-fixed/cert2
   tls_privatekey = DIR/aux-fixed/cert2
   tls_verify_certificates = DIR/aux-fixed/cert2
+  tls_try_verify_hosts =
 
 
 # ----- Retry -----
diff --git a/test/confs/2001 b/test/confs/2001
index 741796b67..7e49aeda2 100644
--- a/test/confs/2001
+++ b/test/confs/2001
@@ -56,6 +56,7 @@ send_to_server:
   tls_certificate = DIR/aux-fixed/cert2
   tls_privatekey = DIR/aux-fixed/cert2
   tls_verify_certificates = DIR/aux-fixed/cert2
+  tls_try_verify_hosts =
 
 
 # ----- Retry -----
diff --git a/test/confs/2012 b/test/confs/2012
index 6bc5487ff..023a594a8 100644
--- a/test/confs/2012
+++ b/test/confs/2012
@@ -104,6 +104,7 @@ send_to_server_failcert:
   tls_privatekey = CERT2
 
   tls_verify_certificates = CA2
+  tls_try_verify_hosts =
   tls_verify_cert_hostnames =
 
 # this will fail to verify the cert at HOSTIPV4 so fail the crypt, then retry on 127.1; ok
@@ -118,6 +119,7 @@ send_to_server_retry:
 
   tls_verify_certificates = \
     ${if eq{$host_address}{127.0.0.1}{CA1}{CA2}}
+  tls_try_verify_hosts =
   tls_verify_cert_hostnames =
 
 # this will fail to verify the cert but continue unverified though crypted
diff --git a/test/confs/2100 b/test/confs/2100
index 791c6bd43..c6a7e698e 100644
--- a/test/confs/2100
+++ b/test/confs/2100
@@ -54,6 +54,7 @@ send_to_server:
   tls_certificate = DIR/aux-fixed/cert2
   tls_privatekey = DIR/aux-fixed/cert2
   tls_verify_certificates = DIR/aux-fixed/cert2
+  tls_try_verify_hosts = :
 
 
 # ----- Retry -----
diff --git a/test/confs/2101 b/test/confs/2101
index 73e0bdd7d..99fad1a48 100644
--- a/test/confs/2101
+++ b/test/confs/2101
@@ -56,6 +56,7 @@ send_to_server:
   tls_certificate = DIR/aux-fixed/cert2
   tls_privatekey = DIR/aux-fixed/cert2
   tls_verify_certificates = DIR/aux-fixed/cert2
+  tls_try_verify_hosts =
 
 
 # ----- Retry -----
diff --git a/test/confs/2112 b/test/confs/2112
index 2c81e0cf3..d21fee064 100644
--- a/test/confs/2112
+++ b/test/confs/2112
@@ -104,6 +104,7 @@ send_to_server_failcert:
   tls_privatekey = CERT2
 
   tls_verify_certificates = CA2
+  tls_try_verify_hosts =
   tls_verify_cert_hostnames =
 
 # this will fail to verify the cert at HOSTIPV4 so fail the crypt, then retry on 127.1; ok
@@ -118,6 +119,7 @@ send_to_server_retry:
 
   tls_verify_certificates = \
     ${if eq{$host_address}{127.0.0.1}{CA1}{CA2}}
+  tls_try_verify_hosts =
   tls_verify_cert_hostnames =
 
 # this will fail to verify the cert but continue unverified though crypted
diff --git a/test/confs/2113 b/test/confs/2113
index bff43ff57..d5be24861 100644
--- a/test/confs/2113
+++ b/test/confs/2113
@@ -61,5 +61,6 @@ send_to_server:
   allow_localhost
   hosts = 127.0.0.1
   port = PORT_D
+  tls_try_verify_hosts = :
 
 # End
diff --git a/test/confs/2117 b/test/confs/2117
index 16cc0c39e..ab809d081 100644
--- a/test/confs/2117
+++ b/test/confs/2117
@@ -60,6 +60,7 @@ send_to_server:
   hosts = 127.0.0.1
   hosts_nopass_tls = *
   port = PORT_D
+  tls_try_verify_hosts = :
 
 
 # ----- Retry -----
diff --git a/test/confs/2125 b/test/confs/2125
index 70736be88..767bb1c4f 100644
--- a/test/confs/2125
+++ b/test/confs/2125
@@ -53,6 +53,7 @@ send_to_server:
   hosts_require_tls = HOSTIPV4
   tls_require_ciphers = DES-CBC3-SHA
   port = PORT_D
+  tls_try_verify_hosts = :
 
 
 # ----- Retry -----
diff --git a/test/confs/2126 b/test/confs/2126
index e2b790168..704346e56 100644
--- a/test/confs/2126
+++ b/test/confs/2126
@@ -57,6 +57,7 @@ t1:
   hosts = 127.0.0.1 : HOSTIPV4
   port = PORT_D
   allow_localhost
+  tls_try_verify_hosts = :
 
 t2:
   driver = appendfile
diff --git a/test/confs/2127 b/test/confs/2127
index 3639c5bbf..862ad710d 100644
--- a/test/confs/2127
+++ b/test/confs/2127
@@ -56,5 +56,6 @@ send_to_server:
   allow_localhost
   hosts = ${if eq{$local_part}{userx}{127.0.0.1}{HOSTIPV4}}
   port = PORT_D
+  tls_try_verify_hosts = :
 
 # End
diff --git a/test/confs/2130 b/test/confs/2130
index 4143fc8ca..9f6de76b4 100644
--- a/test/confs/2130
+++ b/test/confs/2130
@@ -60,12 +60,14 @@ send_to_server1:
   hosts = HOSTIPV4
   port = PORT_D
   tls_sni = fred
+  tls_try_verify_hosts = :
 
 send_to_server2:
   driver = smtp
   allow_localhost
   hosts = HOSTIPV4
   port = PORT_D
+  tls_try_verify_hosts = :
 
 
 # ----- Retry -----
diff --git a/test/confs/2131 b/test/confs/2131
index 8566c24ba..53c06f1f7 100644
--- a/test/confs/2131
+++ b/test/confs/2131
@@ -73,6 +73,7 @@ send_to_server1:
   port = PORT_D
   tls_sni = fred
   hosts_require_tls = *
+  tls_try_verify_hosts = :
 
 send_to_server2:
   driver = smtp
@@ -81,6 +82,7 @@ send_to_server2:
   port = PORT_D
   tls_sni = bill
   hosts_require_tls = *
+  tls_try_verify_hosts = :
 
 
 # ----- Retry -----
diff --git a/test/confs/2149 b/test/confs/2149
index 1684f11c6..cf67f8cbc 100644
--- a/test/confs/2149
+++ b/test/confs/2149
@@ -55,5 +55,6 @@ send_to_server:
   allow_localhost
   hosts = 127.0.0.1
   port = PORT_D
+  tls_try_verify_hosts = :
 
 # End
diff --git a/test/confs/3461 b/test/confs/3461
index 48fe4da3e..93ab8d8d8 100644
--- a/test/confs/3461
+++ b/test/confs/3461
@@ -75,5 +75,6 @@ send_to_server:
   hosts = 127.0.0.1
   hosts_try_auth = *
   port = PORT_D
+  tls_try_verify_hosts = :
 
 # End
diff --git a/test/confs/3462 b/test/confs/3462
index ec155bfdd..3907aecef 100644
--- a/test/confs/3462
+++ b/test/confs/3462
@@ -74,6 +74,7 @@ send_to_server:
   hosts = 127.0.0.1
   hosts_try_auth = *
   port = PORT_D
+  tls_try_verify_hosts = :
 
 
 # ----- Retry -----
diff --git a/test/confs/3465 b/test/confs/3465
index 83592a678..2f2061be0 100644
--- a/test/confs/3465
+++ b/test/confs/3465
@@ -67,6 +67,7 @@ t1:
   hosts = 127.0.0.1
   port = PORT_D
   hosts_avoid_tls = HOSTS_AVOID_TLS
+  tls_try_verify_hosts = :
   hosts_require_auth = *
   allow_localhost
 
diff --git a/test/confs/5410 b/test/confs/5410
index 576967cac..bea8e10ba 100644
--- a/test/confs/5410
+++ b/test/confs/5410
@@ -54,6 +54,7 @@ smtp:
   port = PORT_D
   hosts_avoid_tls =        ${if eq {$address_data}{usery}{*}{:}}
   hosts_verify_avoid_tls = ${if eq {$address_data}{userz}{*}{:}}
+  tls_try_verify_hosts = :
 
 
 # End
diff --git a/test/confs/5651 b/test/confs/5651
index 19f16d03d..f09df575b 100644
--- a/test/confs/5651
+++ b/test/confs/5651
@@ -116,6 +116,7 @@ send_to_server3:
   helo_data = helo.data.changed
   #tls_verify_certificates = DIR/aux-fixed/exim-ca/example.com/server1.example.com/ca_chain.pem
   tls_verify_certificates = DIR/aux-fixed/exim-ca/example.com/CA/CA.pem
+  tls_try_verify_hosts =
   tls_verify_cert_hostnames =
   hosts_require_tls =  *
   hosts_require_ocsp = *
diff --git a/test/confs/5658 b/test/confs/5658
index de486e083..6a75b8c67 100644
--- a/test/confs/5658
+++ b/test/confs/5658
@@ -125,6 +125,7 @@ send_to_server3:
   helo_data = helo.data.changed
   #tls_verify_certificates = DIR/aux-fixed/exim-ca/example.com/server1.example.com/ca_chain.pem
   tls_verify_certificates = DIR/aux-fixed/exim-ca/example.com/CA/CA.pem
+  tls_try_verify_hosts =
   tls_verify_cert_hostnames =
   hosts_require_tls =  *
   hosts_require_ocsp = *
diff --git a/test/confs/5750 b/test/confs/5750
index d1e2e7ce0..98fd46f7d 100644
--- a/test/confs/5750
+++ b/test/confs/5750
@@ -104,6 +104,7 @@ send_to_server:
        ${if eq {$local_part}{good}\
 {example.com/server1.example.com/ca_chain.pem}\
 {example.net/server1.example.net/ca_chain.pem}}
+  tls_try_verify_hosts =
   tls_verify_cert_hostnames =
 
   event_action =   ${acl {logger} {$event_name} {$domain} }
diff --git a/test/confs/5760 b/test/confs/5760
index 80dde3e15..03d1a6b0a 100644
--- a/test/confs/5760
+++ b/test/confs/5760
@@ -105,6 +105,7 @@ send_to_server:
 {example.com/server1.example.com/ca_chain.pem}\
 {example.net/server1.example.net/ca_chain.pem}}
   tls_verify_cert_hostnames =
+  tls_try_verify_hosts =
 
   event_action =   ${acl {logger} {$event_name} {$domain} }