summaryrefslogtreecommitdiff
path: root/test
diff options
context:
space:
mode:
Diffstat (limited to 'test')
-rw-r--r--test/confs/203079
-rw-r--r--test/confs/203192
-rw-r--r--test/confs/213079
-rw-r--r--test/confs/213194
-rw-r--r--test/log/203010
-rw-r--r--test/log/203117
-rw-r--r--test/log/213010
-rw-r--r--test/log/213117
-rw-r--r--test/scripts/2000-GnuTLS/203010
-rw-r--r--test/scripts/2000-GnuTLS/203119
-rw-r--r--test/scripts/2100-OpenSSL/213010
-rw-r--r--test/scripts/2100-OpenSSL/213119
12 files changed, 456 insertions, 0 deletions
diff --git a/test/confs/2030 b/test/confs/2030
new file mode 100644
index 000000000..4ad1463b3
--- /dev/null
+++ b/test/confs/2030
@@ -0,0 +1,79 @@
+# Exim test configuration 2030
+# SNI
+
+SERVER =
+
+exim_path = EXIM_PATH
+host_lookup_order = bydns
+primary_hostname = myhost.test.ex
+rfc1413_query_timeout = 0s
+spool_directory = DIR/spool
+log_file_path = DIR/spool/log/SERVER%slog
+gecos_pattern = ""
+gecos_name = CALLER_NAME
+
+
+# ----- Main settings -----
+
+domainlist local_domains = test.ex : *.test.ex
+
+acl_smtp_rcpt = acl_log_sni
+log_selector = +tls_peerdn +tls_sni
+remote_max_parallel = 1
+
+tls_advertise_hosts = *
+
+# Set certificate only if server
+
+tls_certificate = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail}
+
+
+# ------ ACL ------
+
+begin acl
+
+acl_log_sni:
+ accept
+ logwrite = SNI <$tls_in_sni>
+
+# ----- Routers -----
+
+begin routers
+
+client:
+ driver = accept
+ condition = ${if !eq {SERVER}{server}}
+ transport = send_to_server${if eq{$local_part}{abcd}{2}{1}}
+
+server:
+ driver = redirect
+ data = :blackhole:
+
+
+# ----- Transports -----
+
+begin transports
+
+send_to_server1:
+ driver = smtp
+ allow_localhost
+ hosts = HOSTIPV4
+ port = PORT_D
+ tls_sni = fred
+
+send_to_server2:
+ driver = smtp
+ allow_localhost
+ hosts = HOSTIPV4
+ port = PORT_D
+
+
+# ----- Retry -----
+
+
+begin retry
+
+* * F,5d,10s
+
+
+# End
diff --git a/test/confs/2031 b/test/confs/2031
new file mode 100644
index 000000000..a52b21eff
--- /dev/null
+++ b/test/confs/2031
@@ -0,0 +1,92 @@
+# Exim test configuration 2030
+# SNI
+
+SERVER =
+
+exim_path = EXIM_PATH
+host_lookup_order = bydns
+primary_hostname = myhost.test.ex
+rfc1413_query_timeout = 0s
+spool_directory = DIR/spool
+log_file_path = DIR/spool/log/SERVER%slog
+gecos_pattern = ""
+gecos_name = CALLER_NAME
+
+
+# ----- Main settings -----
+
+domainlist local_domains = test.ex : *.test.ex
+
+acl_smtp_rcpt = acl_log_sni
+log_selector = +tls_peerdn +tls_sni
+remote_max_parallel = 1
+
+tls_advertise_hosts = *
+
+# Set certificate only if server
+
+tls_certificate = ${if eq {SERVER}{server} \
+ {DIR/aux-fixed/${if eq {$tls_in_sni}{bill} \
+ {exim-ca/example.com/server1.example.com/server1.example.com.pem} \
+ {cert1} \
+ }\
+ }fail}
+
+tls_privatekey = ${if eq {SERVER}{server} \
+ {DIR/aux-fixed/${if eq {$tls_in_sni}{bill} \
+ {exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key} \
+ {cert1} \
+ }\
+ }fail}
+
+
+# ------ ACL ------
+
+begin acl
+
+acl_log_sni:
+ accept
+ logwrite = SNI <$tls_in_sni>
+
+# ----- Routers -----
+
+begin routers
+
+client:
+ driver = accept
+ condition = ${if !eq {SERVER}{server}}
+ transport = send_to_server${if eq{$local_part}{abcd}{2}{1}}
+
+server:
+ driver = redirect
+ data = :blackhole:
+
+
+# ----- Transports -----
+
+begin transports
+
+send_to_server1:
+ driver = smtp
+ allow_localhost
+ hosts = HOSTIPV4
+ port = PORT_D
+ tls_sni = fred
+
+send_to_server2:
+ driver = smtp
+ allow_localhost
+ hosts = HOSTIPV4
+ port = PORT_D
+ tls_sni = bill
+
+
+# ----- Retry -----
+
+
+begin retry
+
+* * F,5d,10s
+
+
+# End
diff --git a/test/confs/2130 b/test/confs/2130
new file mode 100644
index 000000000..4143fc8ca
--- /dev/null
+++ b/test/confs/2130
@@ -0,0 +1,79 @@
+# Exim test configuration 2130
+# SNI
+
+SERVER =
+
+exim_path = EXIM_PATH
+host_lookup_order = bydns
+primary_hostname = myhost.test.ex
+rfc1413_query_timeout = 0s
+spool_directory = DIR/spool
+log_file_path = DIR/spool/log/SERVER%slog
+gecos_pattern = ""
+gecos_name = CALLER_NAME
+
+
+# ----- Main settings -----
+
+domainlist local_domains = test.ex : *.test.ex
+
+acl_smtp_rcpt = acl_log_sni
+log_selector = +tls_peerdn +tls_sni
+remote_max_parallel = 1
+
+tls_advertise_hosts = *
+
+# Set certificate only if server
+
+tls_certificate = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail}
+
+
+# ------ ACL ------
+
+begin acl
+
+acl_log_sni:
+ accept
+ logwrite = SNI <$tls_in_sni>
+
+# ----- Routers -----
+
+begin routers
+
+client:
+ driver = accept
+ condition = ${if !eq {SERVER}{server}}
+ transport = send_to_server${if eq{$local_part}{abcd}{2}{1}}
+
+server:
+ driver = redirect
+ data = :blackhole:
+
+
+# ----- Transports -----
+
+begin transports
+
+send_to_server1:
+ driver = smtp
+ allow_localhost
+ hosts = HOSTIPV4
+ port = PORT_D
+ tls_sni = fred
+
+send_to_server2:
+ driver = smtp
+ allow_localhost
+ hosts = HOSTIPV4
+ port = PORT_D
+
+
+# ----- Retry -----
+
+
+begin retry
+
+* * F,5d,10s
+
+
+# End
diff --git a/test/confs/2131 b/test/confs/2131
new file mode 100644
index 000000000..c52ceed0c
--- /dev/null
+++ b/test/confs/2131
@@ -0,0 +1,94 @@
+# Exim test configuration 2130
+# SNI
+
+SERVER =
+
+exim_path = EXIM_PATH
+host_lookup_order = bydns
+primary_hostname = myhost.test.ex
+rfc1413_query_timeout = 0s
+spool_directory = DIR/spool
+log_file_path = DIR/spool/log/SERVER%slog
+gecos_pattern = ""
+gecos_name = CALLER_NAME
+
+
+# ----- Main settings -----
+
+domainlist local_domains = test.ex : *.test.ex
+
+acl_smtp_rcpt = acl_log_sni
+log_selector = +tls_peerdn +tls_sni
+remote_max_parallel = 1
+
+tls_advertise_hosts = *
+
+# Set certificate only if server
+
+tls_certificate = ${if eq {SERVER}{server} \
+ {DIR/aux-fixed/${if eq {$tls_in_sni}{bill} \
+ {exim-ca/example.com/server1.example.com/server1.example.com.pem} \
+ {cert1} \
+ }\
+ }fail}
+
+tls_privatekey = ${if eq {SERVER}{server} \
+ {DIR/aux-fixed/${if eq {$tls_in_sni}{bill} \
+ {exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key} \
+ {cert1} \
+ }\
+ }fail}
+
+
+# ------ ACL ------
+
+begin acl
+
+acl_log_sni:
+ accept
+ logwrite = SNI <$tls_in_sni>
+
+# ----- Routers -----
+
+begin routers
+
+client:
+ driver = accept
+ condition = ${if !eq {SERVER}{server}}
+ transport = send_to_server${if eq{$local_part}{abcd}{2}{1}}
+
+server:
+ driver = redirect
+ data = :blackhole:
+
+
+# ----- Transports -----
+
+begin transports
+
+send_to_server1:
+ driver = smtp
+ allow_localhost
+ hosts = HOSTIPV4
+ port = PORT_D
+ tls_sni = fred
+ hosts_require_tls = *
+
+send_to_server2:
+ driver = smtp
+ allow_localhost
+ hosts = HOSTIPV4
+ port = PORT_D
+ tls_sni = bill
+ hosts_require_tls = *
+
+
+# ----- Retry -----
+
+
+begin retry
+
+* * F,5d,10s
+
+
+# End
diff --git a/test/log/2030 b/test/log/2030
new file mode 100644
index 000000000..820b84f87
--- /dev/null
+++ b/test/log/2030
@@ -0,0 +1,10 @@
+1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss
+1999-03-02 09:44:33 10HmaX-0005vi-00 => CALLER@test.ex R=client T=send_to_server1 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 DN="C=UK,O=The Exim Maintainers,OU=Test Suite,CN=Phil Pennock" C="250 OK id=10HmaY-0005vi-00"
+1999-03-02 09:44:33 10HmaX-0005vi-00 Completed
+
+******** SERVER ********
+1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225
+1999-03-02 09:44:33 SNI <fred>
+1999-03-02 09:44:33 10HmaY-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 SNI="fred" S=sss id=E10HmaX-0005vi-00@myhost.test.ex
+1999-03-02 09:44:33 10HmaY-0005vi-00 => :blackhole: <CALLER@test.ex> R=server
+1999-03-02 09:44:33 10HmaY-0005vi-00 Completed
diff --git a/test/log/2031 b/test/log/2031
new file mode 100644
index 000000000..6d6b4f729
--- /dev/null
+++ b/test/log/2031
@@ -0,0 +1,17 @@
+1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss
+1999-03-02 09:44:33 10HmaX-0005vi-00 => CALLER@test.ex R=client T=send_to_server1 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 DN="C=UK,O=The Exim Maintainers,OU=Test Suite,CN=Phil Pennock" C="250 OK id=10HmaY-0005vi-00"
+1999-03-02 09:44:33 10HmaX-0005vi-00 Completed
+1999-03-02 09:44:33 10HmaZ-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss
+1999-03-02 09:44:33 10HmaZ-0005vi-00 => abcd@test.ex R=client T=send_to_server2 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 DN="CN=server1.example.com" C="250 OK id=10HmbA-0005vi-00"
+1999-03-02 09:44:33 10HmaZ-0005vi-00 Completed
+
+******** SERVER ********
+1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225
+1999-03-02 09:44:33 SNI <fred>
+1999-03-02 09:44:33 10HmaY-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 SNI="fred" S=sss id=E10HmaX-0005vi-00@myhost.test.ex
+1999-03-02 09:44:33 10HmaY-0005vi-00 => :blackhole: <CALLER@test.ex> R=server
+1999-03-02 09:44:33 10HmaY-0005vi-00 Completed
+1999-03-02 09:44:33 SNI <bill>
+1999-03-02 09:44:33 10HmbA-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 SNI="bill" S=sss id=E10HmaZ-0005vi-00@myhost.test.ex
+1999-03-02 09:44:33 10HmbA-0005vi-00 => :blackhole: <abcd@test.ex> R=server
+1999-03-02 09:44:33 10HmbA-0005vi-00 Completed
diff --git a/test/log/2130 b/test/log/2130
new file mode 100644
index 000000000..5b5b568bd
--- /dev/null
+++ b/test/log/2130
@@ -0,0 +1,10 @@
+1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss
+1999-03-02 09:44:33 10HmaX-0005vi-00 => CALLER@test.ex R=client T=send_to_server1 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLSv1:AES256-SHA:256 DN="/C=UK/O=The Exim Maintainers/OU=Test Suite/CN=Phil Pennock" C="250 OK id=10HmaY-0005vi-00"
+1999-03-02 09:44:33 10HmaX-0005vi-00 Completed
+
+******** SERVER ********
+1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225
+1999-03-02 09:44:33 SNI <fred>
+1999-03-02 09:44:33 10HmaY-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLSv1:AES256-SHA:256 SNI="fred" S=sss id=E10HmaX-0005vi-00@myhost.test.ex
+1999-03-02 09:44:33 10HmaY-0005vi-00 => :blackhole: <CALLER@test.ex> R=server
+1999-03-02 09:44:33 10HmaY-0005vi-00 Completed
diff --git a/test/log/2131 b/test/log/2131
new file mode 100644
index 000000000..1fbd246f0
--- /dev/null
+++ b/test/log/2131
@@ -0,0 +1,17 @@
+1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss
+1999-03-02 09:44:33 10HmaX-0005vi-00 => CALLER@test.ex R=client T=send_to_server1 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLSv1:AES256-SHA:256 DN="/C=UK/O=The Exim Maintainers/OU=Test Suite/CN=Phil Pennock" C="250 OK id=10HmaY-0005vi-00"
+1999-03-02 09:44:33 10HmaX-0005vi-00 Completed
+1999-03-02 09:44:33 10HmaZ-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss
+1999-03-02 09:44:33 10HmaZ-0005vi-00 => abcd@test.ex R=client T=send_to_server2 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLSv1:AES256-SHA:256 DN="/CN=server1.example.com" C="250 OK id=10HmbA-0005vi-00"
+1999-03-02 09:44:33 10HmaZ-0005vi-00 Completed
+
+******** SERVER ********
+1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225
+1999-03-02 09:44:33 SNI <fred>
+1999-03-02 09:44:33 10HmaY-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLSv1:AES256-SHA:256 SNI="fred" S=sss id=E10HmaX-0005vi-00@myhost.test.ex
+1999-03-02 09:44:33 10HmaY-0005vi-00 => :blackhole: <CALLER@test.ex> R=server
+1999-03-02 09:44:33 10HmaY-0005vi-00 Completed
+1999-03-02 09:44:33 SNI <bill>
+1999-03-02 09:44:33 10HmbA-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLSv1:AES256-SHA:256 SNI="bill" S=sss id=E10HmaZ-0005vi-00@myhost.test.ex
+1999-03-02 09:44:33 10HmbA-0005vi-00 => :blackhole: <abcd@test.ex> R=server
+1999-03-02 09:44:33 10HmbA-0005vi-00 Completed
diff --git a/test/scripts/2000-GnuTLS/2030 b/test/scripts/2000-GnuTLS/2030
new file mode 100644
index 000000000..ef7a8dea2
--- /dev/null
+++ b/test/scripts/2000-GnuTLS/2030
@@ -0,0 +1,10 @@
+# TLS: SNI
+gnutls
+exim -DSERVER=server -bd -oX PORT_D
+****
+# Basic: is SNI set on tpt seen by server
+exim CALLER@test.ex
+Test message.
+****
+millisleep 500
+killdaemon
diff --git a/test/scripts/2000-GnuTLS/2031 b/test/scripts/2000-GnuTLS/2031
new file mode 100644
index 000000000..65b529093
--- /dev/null
+++ b/test/scripts/2000-GnuTLS/2031
@@ -0,0 +1,19 @@
+# TLS server: SNI used to select certificate
+gnutls
+exim -DSERVER=server -bd -oX PORT_D
+****
+# Extended: certificate choice is unchanged by received SNI
+exim CALLER@test.ex
+Test message.
+****
+millisleep 500
+#
+#
+# Extended: server uses SNI to choose certificate
+exim abcd@test.ex
+Test message.
+****
+millisleep 500
+#
+#
+killdaemon
diff --git a/test/scripts/2100-OpenSSL/2130 b/test/scripts/2100-OpenSSL/2130
new file mode 100644
index 000000000..43695f648
--- /dev/null
+++ b/test/scripts/2100-OpenSSL/2130
@@ -0,0 +1,10 @@
+# TLS: SNI
+#
+exim -DSERVER=server -bd -oX PORT_D
+****
+# Basic: is SNI set on tpt seen by server
+exim CALLER@test.ex
+Test message.
+****
+millisleep 500
+killdaemon
diff --git a/test/scripts/2100-OpenSSL/2131 b/test/scripts/2100-OpenSSL/2131
new file mode 100644
index 000000000..74d3dbb49
--- /dev/null
+++ b/test/scripts/2100-OpenSSL/2131
@@ -0,0 +1,19 @@
+# TLS server: SNI used to select certificate
+#
+exim -DSERVER=server -bd -oX PORT_D
+****
+# Extended: certificate choice is unchanged by received SNI
+exim CALLER@test.ex
+Test message.
+****
+millisleep 500
+#
+#
+# Extended: server uses SNI to change certificate
+exim abcd@test.ex
+Test message.
+****
+millisleep 500
+#
+#
+killdaemon
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-26 15:28:24 +0000