From 927a335fbd3d51e29a216efd034b61f0a169f6aa Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Sat, 19 Jun 2021 19:11:43 +0100 Subject: Testsuite: split out OpenSSL TLS1.3 resume tests Older library versions do not support 1.3 so a separate numbered testcase is needed --- test/confs/5892 | 4 + test/confs/5893 | 4 + test/confs/5894 | 113 +++++++++++++++ test/confs/5895 | 116 +++++++++++++++ test/log/5892 | 141 ------------------ test/log/5893 | 155 -------------------- test/log/5894 | 143 +++++++++++++++++++ test/log/5895 | 157 +++++++++++++++++++++ test/scripts/5892-Resume-OpenSSL/5892 | 31 +--- test/scripts/5893-Resume-OpenSSL-OCSP/5893 | 31 +--- test/scripts/5894-Resume-OpenSSL-TLS1.3/5894 | 28 ++++ test/scripts/5894-Resume-OpenSSL-TLS1.3/REQUIRES | 4 + test/scripts/5895-Resume-OpenSSL-TLS1.3-OCSP/5895 | 28 ++++ .../5895-Resume-OpenSSL-TLS1.3-OCSP/REQUIRES | 5 + test/stderr/5892 | 2 - test/stderr/5893 | 2 - test/stderr/5894 | 4 + test/stderr/5895 | 4 + test/stdout/5892 | 2 - test/stdout/5893 | 2 - test/stdout/5894 | 4 + test/stdout/5895 | 4 + 22 files changed, 620 insertions(+), 364 deletions(-) create mode 100644 test/confs/5894 create mode 100644 test/confs/5895 create mode 100644 test/log/5894 create mode 100644 test/log/5895 create mode 100644 test/scripts/5894-Resume-OpenSSL-TLS1.3/5894 create mode 100644 test/scripts/5894-Resume-OpenSSL-TLS1.3/REQUIRES create mode 100644 test/scripts/5895-Resume-OpenSSL-TLS1.3-OCSP/5895 create mode 100644 test/scripts/5895-Resume-OpenSSL-TLS1.3-OCSP/REQUIRES create mode 100644 test/stderr/5894 create mode 100644 test/stderr/5895 create mode 100644 test/stdout/5894 create mode 100644 test/stdout/5895 diff --git a/test/confs/5892 b/test/confs/5892 index 4e6883fc2..a7738468f 100644 --- a/test/confs/5892 +++ b/test/confs/5892 @@ -15,7 +15,11 @@ acl_smtp_helo = check_helo acl_smtp_rcpt = check_recipient log_selector = +received_recipients +tls_resumption +tls_peerdn +.ifdef _OPT_OPENSSL_NO_TLSV1_3_X openssl_options = +no_sslv2 +no_sslv3 +single_dh_use OPTION +.else +openssl_options = +no_sslv2 +no_sslv3 +single_dh_use +.endif tls_advertise_hosts = * # Set certificate only if server diff --git a/test/confs/5893 b/test/confs/5893 index 74b61b70b..a7f73a98c 100644 --- a/test/confs/5893 +++ b/test/confs/5893 @@ -15,7 +15,11 @@ acl_smtp_helo = check_helo acl_smtp_rcpt = check_recipient log_selector = +received_recipients +tls_resumption +tls_peerdn +.ifdef _OPT_OPENSSL_NO_TLSV1_3_X openssl_options = +no_sslv2 +no_sslv3 +single_dh_use OPTION +.else +openssl_options = +no_sslv2 +no_sslv3 +single_dh_use +.endif tls_advertise_hosts = * # Set certificate only if server diff --git a/test/confs/5894 b/test/confs/5894 new file mode 100644 index 000000000..da347178e --- /dev/null +++ b/test/confs/5894 @@ -0,0 +1,113 @@ +# Exim test configuration 5894 + +SERVER = + +.include DIR/aux-var/tls_conf_prefix + +primary_hostname = myhost.test.ex + +# ----- Main settings ----- + +domainlist local_domains = test.ex : *.test.ex + +acl_smtp_helo = check_helo +acl_smtp_rcpt = check_recipient +log_selector = +received_recipients +tls_resumption +tls_peerdn + +openssl_options = +no_sslv2 +no_sslv3 +single_dh_use +tls_advertise_hosts = * + +# Set certificate only if server + +CDIR=DIR/aux-fixed/exim-ca/example.com + +tls_certificate = CDIR/server1.example.com/server1.example.com.chain.pem +tls_privatekey = CDIR/server1.example.com/server1.example.com.unlocked.key + +tls_resumption_hosts = 127.0.0.1 + + +# ------ ACL ------ + +begin acl + +check_helo: + accept condition = ${if def:tls_in_cipher} + logwrite = tls_in_resumption\t${listextract {$tls_in_resumption} {_RESUME_DECODE}} + logwrite = our cert subject\t${certextract {subject}{$tls_in_ourcert}} + logwrite = peer cert subject\t${certextract {subject}{$tls_in_peercert}} + logwrite = peer cert verified\t${tls_in_certificate_verified} + logwrite = peer dn\t${tls_in_peerdn} + logwrite = cipher\t${tls_in_cipher} + logwrite = bits\t${tls_in_bits} + accept + +check_recipient: + accept domains = +local_domains + deny message = relay not permitted + +log_resumption: + accept condition = ${if def:tls_out_cipher} + condition = ${if eq {$event_name}{tcp:close}} + logwrite = tls_out_resumption ${listextract {$tls_out_resumption} {_RESUME_DECODE}} + logwrite = our cert subject\t${certextract {subject}{$tls_out_ourcert}} + logwrite = peer cert subject\t${certextract {subject}{$tls_out_peercert}} + logwrite = peer cert verified\t${tls_out_certificate_verified} + logwrite = peer dn\t${tls_out_peerdn} + logwrite = cipher\t${tls_out_cipher} + logwrite = bits\t${tls_out_bits} + + +# ----- Routers ----- + +begin routers + +client: + driver = accept + condition = ${if eq {SERVER}{server}{no}{yes}} + transport = send_to_server${if eq{$local_part}{abcd}{2}{1}} + +server: + driver = redirect + data = :blackhole: + +# ----- Transports ----- + +begin transports + +send_to_server1: + driver = smtp + allow_localhost + hosts = 127.0.0.1 + port = PORT_D + helo_data = helo.data.changed +.ifdef VALUE + tls_resumption_hosts = * +.else + tls_resumption_hosts = : +.endif + tls_verify_certificates = CDIR/CA/CA.pem + tls_verify_cert_hostnames = ${if match {$local_part}{^noverify} {*}{:}} + tls_try_verify_hosts = * + event_action = ${acl {log_resumption}} + +send_to_server2: + driver = smtp + allow_localhost + hosts = HOSTIPV4 + port = PORT_D + hosts_try_fastopen = : + tls_verify_certificates = CDIR/CA/CA.pem + tls_verify_cert_hostnames = : + event_action = ${acl {log_resumption}} + + +# ----- Retry ----- + + +begin retry + +* * F,5d,10s + + +# End diff --git a/test/confs/5895 b/test/confs/5895 new file mode 100644 index 000000000..d279b1e3e --- /dev/null +++ b/test/confs/5895 @@ -0,0 +1,116 @@ +# Exim test configuration 5895 + +SERVER = + +.include DIR/aux-var/tls_conf_prefix + +primary_hostname = myhost.test.ex + +# ----- Main settings ----- + +domainlist local_domains = test.ex : *.test.ex + +acl_smtp_helo = check_helo +acl_smtp_rcpt = check_recipient +log_selector = +received_recipients +tls_resumption +tls_peerdn + +openssl_options = +no_sslv2 +no_sslv3 +single_dh_use +tls_advertise_hosts = * + +# Set certificate only if server + +CDIR=DIR/aux-fixed/exim-ca/example.com + +tls_certificate = CDIR/server1.example.com/server1.example.com.chain.pem +tls_privatekey = CDIR/server1.example.com/server1.example.com.unlocked.key +tls_ocsp_file = CDIR/server1.example.com/server1.example.com.ocsp.good.resp + +tls_resumption_hosts = 127.0.0.1 + + +# ------ ACL ------ + +begin acl + +check_helo: + accept condition = ${if def:tls_in_cipher} + logwrite = tls_in_resumption\t${listextract {$tls_in_resumption} {_RESUME_DECODE}} + logwrite = our cert subject\t${certextract {subject}{$tls_in_ourcert}} + logwrite = peer cert subject\t${certextract {subject}{$tls_in_peercert}} + logwrite = peer cert verified\t${tls_in_certificate_verified} + logwrite = peer dn\t${tls_in_peerdn} + logwrite = ocsp\t${tls_in_ocsp} + logwrite = cipher\t${tls_in_cipher} + logwrite = bits\t${tls_in_bits} + accept + +check_recipient: + accept domains = +local_domains + deny message = relay not permitted + +log_resumption: + accept condition = ${if def:tls_out_cipher} + condition = ${if eq {$event_name}{tcp:close}} + logwrite = tls_out_resumption ${listextract {$tls_out_resumption} {_RESUME_DECODE}} + logwrite = our cert subject\t${certextract {subject}{$tls_out_ourcert}} + logwrite = peer cert subject\t${certextract {subject}{$tls_out_peercert}} + logwrite = peer cert verified\t${tls_out_certificate_verified} + logwrite = peer dn\t${tls_out_peerdn} + logwrite = ocsp\t${tls_out_ocsp} + logwrite = cipher\t${tls_out_cipher} + logwrite = bits\t${tls_out_bits} + + +# ----- Routers ----- + +begin routers + +client: + driver = accept + condition = ${if eq {SERVER}{server}{no}{yes}} + transport = send_to_server${if eq{$local_part}{abcd}{2}{1}} + +server: + driver = redirect + data = :blackhole: + +# ----- Transports ----- + +begin transports + +send_to_server1: + driver = smtp + allow_localhost + hosts = 127.0.0.1 + port = PORT_D + helo_data = helo.data.changed +.ifdef VALUE + tls_resumption_hosts = * +.else + tls_resumption_hosts = : +.endif + tls_verify_certificates = CDIR/CA/CA.pem + tls_verify_cert_hostnames = ${if match {$local_part}{^noverify} {*}{:}} + tls_try_verify_hosts = * + event_action = ${acl {log_resumption}} + +send_to_server2: + driver = smtp + allow_localhost + hosts = HOSTIPV4 + port = PORT_D + hosts_try_fastopen = : + tls_verify_certificates = CDIR/CA/CA.pem + tls_verify_cert_hostnames = : + event_action = ${acl {log_resumption}} + + +# ----- Retry ----- + + +begin retry + +* * F,5d,10s + + +# End diff --git a/test/log/5892 b/test/log/5892 index 61450a7a9..b3d395f5e 100644 --- a/test/log/5892 +++ b/test/log/5892 @@ -88,75 +88,6 @@ 1999-03-02 09:44:33 10HmbM-0005vi-00 bits 256 1999-03-02 09:44:33 10HmbM-0005vi-00 => noverify_resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no DN="/CN=server1.example.com" C="250 OK id=10HmbN-0005vi-00" 1999-03-02 09:44:33 10HmbM-0005vi-00 Completed -1999-03-02 09:44:33 10HmbO-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for getticket@test.ex -1999-03-02 09:44:33 10HmbO-0005vi-00 tls_out_resumption client requested new ticket, server provided -1999-03-02 09:44:33 10HmbO-0005vi-00 our cert subject -1999-03-02 09:44:33 10HmbO-0005vi-00 peer cert subject CN=server1.example.com -1999-03-02 09:44:33 10HmbO-0005vi-00 peer cert verified 1 -1999-03-02 09:44:33 10HmbO-0005vi-00 peer dn /CN=server1.example.com -1999-03-02 09:44:33 10HmbO-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx -1999-03-02 09:44:33 10HmbO-0005vi-00 bits 256 -1999-03-02 09:44:33 10HmbO-0005vi-00 => getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbP-0005vi-00" -1999-03-02 09:44:33 10HmbO-0005vi-00 Completed -1999-03-02 09:44:33 10HmbQ-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for resume@test.ex abcd@test.ex xyz@test.ex -1999-03-02 09:44:33 10HmbQ-0005vi-00 tls_out_resumption session resumed -1999-03-02 09:44:33 10HmbQ-0005vi-00 our cert subject -1999-03-02 09:44:33 10HmbQ-0005vi-00 peer cert subject CN=server1.example.com -1999-03-02 09:44:33 10HmbQ-0005vi-00 peer cert verified 1 -1999-03-02 09:44:33 10HmbQ-0005vi-00 peer dn /CN=server1.example.com -1999-03-02 09:44:33 10HmbQ-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx -1999-03-02 09:44:33 10HmbQ-0005vi-00 bits 256 -1999-03-02 09:44:33 10HmbQ-0005vi-00 tls_out_resumption not requested or offered -1999-03-02 09:44:33 10HmbQ-0005vi-00 our cert subject -1999-03-02 09:44:33 10HmbQ-0005vi-00 peer cert subject CN=server1.example.com -1999-03-02 09:44:33 10HmbQ-0005vi-00 peer cert verified 1 -1999-03-02 09:44:33 10HmbQ-0005vi-00 peer dn /CN=server1.example.com -1999-03-02 09:44:33 10HmbQ-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx -1999-03-02 09:44:33 10HmbQ-0005vi-00 bits 256 -1999-03-02 09:44:33 10HmbQ-0005vi-00 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbR-0005vi-00" -1999-03-02 09:44:33 10HmbQ-0005vi-00 -> xyz@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbR-0005vi-00" -1999-03-02 09:44:33 10HmbQ-0005vi-00 => abcd@test.ex R=client T=send_to_server2 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbS-0005vi-00" -1999-03-02 09:44:33 10HmbQ-0005vi-00 Completed -1999-03-02 09:44:33 10HmbT-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for renewal@test.ex -1999-03-02 09:44:33 10HmbT-0005vi-00 tls_out_resumption session resumed, also new ticket -1999-03-02 09:44:33 10HmbT-0005vi-00 our cert subject -1999-03-02 09:44:33 10HmbT-0005vi-00 peer cert subject CN=server1.example.com -1999-03-02 09:44:33 10HmbT-0005vi-00 peer cert verified 1 -1999-03-02 09:44:33 10HmbT-0005vi-00 peer dn /CN=server1.example.com -1999-03-02 09:44:33 10HmbT-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx -1999-03-02 09:44:33 10HmbT-0005vi-00 bits 256 -1999-03-02 09:44:33 10HmbT-0005vi-00 => renewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbU-0005vi-00" -1999-03-02 09:44:33 10HmbT-0005vi-00 Completed -1999-03-02 09:44:33 10HmbV-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for postrenewal@test.ex -1999-03-02 09:44:33 10HmbV-0005vi-00 tls_out_resumption session resumed -1999-03-02 09:44:33 10HmbV-0005vi-00 our cert subject -1999-03-02 09:44:33 10HmbV-0005vi-00 peer cert subject CN=server1.example.com -1999-03-02 09:44:33 10HmbV-0005vi-00 peer cert verified 1 -1999-03-02 09:44:33 10HmbV-0005vi-00 peer dn /CN=server1.example.com -1999-03-02 09:44:33 10HmbV-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx -1999-03-02 09:44:33 10HmbV-0005vi-00 bits 256 -1999-03-02 09:44:33 10HmbV-0005vi-00 => postrenewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbW-0005vi-00" -1999-03-02 09:44:33 10HmbV-0005vi-00 Completed -1999-03-02 09:44:33 10HmbX-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for timeout@test.ex -1999-03-02 09:44:33 10HmbX-0005vi-00 tls_out_resumption session resumed, also new ticket -1999-03-02 09:44:33 10HmbX-0005vi-00 our cert subject -1999-03-02 09:44:33 10HmbX-0005vi-00 peer cert subject CN=server1.example.com -1999-03-02 09:44:33 10HmbX-0005vi-00 peer cert verified 1 -1999-03-02 09:44:33 10HmbX-0005vi-00 peer dn /CN=server1.example.com -1999-03-02 09:44:33 10HmbX-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx -1999-03-02 09:44:33 10HmbX-0005vi-00 bits 256 -1999-03-02 09:44:33 10HmbX-0005vi-00 => timeout@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbY-0005vi-00" -1999-03-02 09:44:33 10HmbX-0005vi-00 Completed -1999-03-02 09:44:33 10HmbZ-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for notreq@test.ex -1999-03-02 09:44:33 10HmbZ-0005vi-00 tls_out_resumption not requested or offered -1999-03-02 09:44:33 10HmbZ-0005vi-00 our cert subject -1999-03-02 09:44:33 10HmbZ-0005vi-00 peer cert subject CN=server1.example.com -1999-03-02 09:44:33 10HmbZ-0005vi-00 peer cert verified 1 -1999-03-02 09:44:33 10HmbZ-0005vi-00 peer dn /CN=server1.example.com -1999-03-02 09:44:33 10HmbZ-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx -1999-03-02 09:44:33 10HmbZ-0005vi-00 bits 256 -1999-03-02 09:44:33 10HmbZ-0005vi-00 => notreq@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmcA-0005vi-00" -1999-03-02 09:44:33 10HmbZ-0005vi-00 Completed ******** SERVER ******** 1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D @@ -251,75 +182,3 @@ 1999-03-02 09:44:33 10HmbN-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbM-0005vi-00@myhost.test.ex for noverify_resume@test.ex 1999-03-02 09:44:33 10HmbN-0005vi-00 => :blackhole: R=server 1999-03-02 09:44:33 10HmbN-0005vi-00 Completed -1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D -1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided -1999-03-02 09:44:33 our cert subject CN=server1.example.com -1999-03-02 09:44:33 peer cert subject -1999-03-02 09:44:33 peer cert verified 0 -1999-03-02 09:44:33 peer dn -1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx -1999-03-02 09:44:33 bits 256 -1999-03-02 09:44:33 10HmbP-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbO-0005vi-00@myhost.test.ex for getticket@test.ex -1999-03-02 09:44:33 10HmbP-0005vi-00 => :blackhole: R=server -1999-03-02 09:44:33 10HmbP-0005vi-00 Completed -1999-03-02 09:44:33 tls_in_resumption session resumed -1999-03-02 09:44:33 our cert subject CN=server1.example.com -1999-03-02 09:44:33 peer cert subject -1999-03-02 09:44:33 peer cert verified 0 -1999-03-02 09:44:33 peer dn -1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx -1999-03-02 09:44:33 bits 256 -1999-03-02 09:44:33 10HmbR-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbQ-0005vi-00@myhost.test.ex for resume@test.ex xyz@test.ex -1999-03-02 09:44:33 10HmbR-0005vi-00 => :blackhole: R=server -1999-03-02 09:44:33 10HmbR-0005vi-00 => :blackhole: R=server -1999-03-02 09:44:33 10HmbR-0005vi-00 Completed -1999-03-02 09:44:33 tls_in_resumption not requested or offered -1999-03-02 09:44:33 our cert subject CN=server1.example.com -1999-03-02 09:44:33 peer cert subject -1999-03-02 09:44:33 peer cert verified 0 -1999-03-02 09:44:33 peer dn -1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx -1999-03-02 09:44:33 bits 256 -1999-03-02 09:44:33 10HmbS-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbQ-0005vi-00@myhost.test.ex for abcd@test.ex -1999-03-02 09:44:33 10HmbS-0005vi-00 => :blackhole: R=server -1999-03-02 09:44:33 10HmbS-0005vi-00 Completed -1999-03-02 09:44:33 tls_in_resumption session resumed, also new ticket -1999-03-02 09:44:33 our cert subject CN=server1.example.com -1999-03-02 09:44:33 peer cert subject -1999-03-02 09:44:33 peer cert verified 0 -1999-03-02 09:44:33 peer dn -1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx -1999-03-02 09:44:33 bits 256 -1999-03-02 09:44:33 10HmbU-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbT-0005vi-00@myhost.test.ex for renewal@test.ex -1999-03-02 09:44:33 10HmbU-0005vi-00 => :blackhole: R=server -1999-03-02 09:44:33 10HmbU-0005vi-00 Completed -1999-03-02 09:44:33 tls_in_resumption session resumed -1999-03-02 09:44:33 our cert subject CN=server1.example.com -1999-03-02 09:44:33 peer cert subject -1999-03-02 09:44:33 peer cert verified 0 -1999-03-02 09:44:33 peer dn -1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx -1999-03-02 09:44:33 bits 256 -1999-03-02 09:44:33 10HmbW-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbV-0005vi-00@myhost.test.ex for postrenewal@test.ex -1999-03-02 09:44:33 10HmbW-0005vi-00 => :blackhole: R=server -1999-03-02 09:44:33 10HmbW-0005vi-00 Completed -1999-03-02 09:44:33 tls_in_resumption session resumed, also new ticket -1999-03-02 09:44:33 our cert subject CN=server1.example.com -1999-03-02 09:44:33 peer cert subject -1999-03-02 09:44:33 peer cert verified 0 -1999-03-02 09:44:33 peer dn -1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx -1999-03-02 09:44:33 bits 256 -1999-03-02 09:44:33 10HmbY-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbX-0005vi-00@myhost.test.ex for timeout@test.ex -1999-03-02 09:44:33 10HmbY-0005vi-00 => :blackhole: R=server -1999-03-02 09:44:33 10HmbY-0005vi-00 Completed -1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided -1999-03-02 09:44:33 our cert subject CN=server1.example.com -1999-03-02 09:44:33 peer cert subject -1999-03-02 09:44:33 peer cert verified 0 -1999-03-02 09:44:33 peer dn -1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx -1999-03-02 09:44:33 bits 256 -1999-03-02 09:44:33 10HmcA-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbZ-0005vi-00@myhost.test.ex for notreq@test.ex -1999-03-02 09:44:33 10HmcA-0005vi-00 => :blackhole: R=server -1999-03-02 09:44:33 10HmcA-0005vi-00 Completed diff --git a/test/log/5893 b/test/log/5893 index 6b0405704..8c535f72f 100644 --- a/test/log/5893 +++ b/test/log/5893 @@ -97,82 +97,6 @@ 1999-03-02 09:44:33 10HmbM-0005vi-00 bits 256 1999-03-02 09:44:33 10HmbM-0005vi-00 => noverify_resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no DN="/CN=server1.example.com" C="250 OK id=10HmbN-0005vi-00" 1999-03-02 09:44:33 10HmbM-0005vi-00 Completed -1999-03-02 09:44:33 10HmbO-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for getticket@test.ex -1999-03-02 09:44:33 10HmbO-0005vi-00 tls_out_resumption client requested new ticket, server provided -1999-03-02 09:44:33 10HmbO-0005vi-00 our cert subject -1999-03-02 09:44:33 10HmbO-0005vi-00 peer cert subject CN=server1.example.com -1999-03-02 09:44:33 10HmbO-0005vi-00 peer cert verified 1 -1999-03-02 09:44:33 10HmbO-0005vi-00 peer dn /CN=server1.example.com -1999-03-02 09:44:33 10HmbO-0005vi-00 ocsp 4 -1999-03-02 09:44:33 10HmbO-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx -1999-03-02 09:44:33 10HmbO-0005vi-00 bits 256 -1999-03-02 09:44:33 10HmbO-0005vi-00 => getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbP-0005vi-00" -1999-03-02 09:44:33 10HmbO-0005vi-00 Completed -1999-03-02 09:44:33 10HmbQ-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for resume@test.ex abcd@test.ex xyz@test.ex -1999-03-02 09:44:33 10HmbQ-0005vi-00 tls_out_resumption session resumed -1999-03-02 09:44:33 10HmbQ-0005vi-00 our cert subject -1999-03-02 09:44:33 10HmbQ-0005vi-00 peer cert subject CN=server1.example.com -1999-03-02 09:44:33 10HmbQ-0005vi-00 peer cert verified 1 -1999-03-02 09:44:33 10HmbQ-0005vi-00 peer dn /CN=server1.example.com -1999-03-02 09:44:33 10HmbQ-0005vi-00 ocsp 4 -1999-03-02 09:44:33 10HmbQ-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx -1999-03-02 09:44:33 10HmbQ-0005vi-00 bits 256 -1999-03-02 09:44:33 10HmbQ-0005vi-00 tls_out_resumption not requested or offered -1999-03-02 09:44:33 10HmbQ-0005vi-00 our cert subject -1999-03-02 09:44:33 10HmbQ-0005vi-00 peer cert subject CN=server1.example.com -1999-03-02 09:44:33 10HmbQ-0005vi-00 peer cert verified 1 -1999-03-02 09:44:33 10HmbQ-0005vi-00 peer dn /CN=server1.example.com -1999-03-02 09:44:33 10HmbQ-0005vi-00 ocsp 4 -1999-03-02 09:44:33 10HmbQ-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx -1999-03-02 09:44:33 10HmbQ-0005vi-00 bits 256 -1999-03-02 09:44:33 10HmbQ-0005vi-00 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbR-0005vi-00" -1999-03-02 09:44:33 10HmbQ-0005vi-00 -> xyz@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbR-0005vi-00" -1999-03-02 09:44:33 10HmbQ-0005vi-00 => abcd@test.ex R=client T=send_to_server2 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbS-0005vi-00" -1999-03-02 09:44:33 10HmbQ-0005vi-00 Completed -1999-03-02 09:44:33 10HmbT-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for renewal@test.ex -1999-03-02 09:44:33 10HmbT-0005vi-00 tls_out_resumption session resumed, also new ticket -1999-03-02 09:44:33 10HmbT-0005vi-00 our cert subject -1999-03-02 09:44:33 10HmbT-0005vi-00 peer cert subject CN=server1.example.com -1999-03-02 09:44:33 10HmbT-0005vi-00 peer cert verified 1 -1999-03-02 09:44:33 10HmbT-0005vi-00 peer dn /CN=server1.example.com -1999-03-02 09:44:33 10HmbT-0005vi-00 ocsp 4 -1999-03-02 09:44:33 10HmbT-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx -1999-03-02 09:44:33 10HmbT-0005vi-00 bits 256 -1999-03-02 09:44:33 10HmbT-0005vi-00 => renewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbU-0005vi-00" -1999-03-02 09:44:33 10HmbT-0005vi-00 Completed -1999-03-02 09:44:33 10HmbV-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for postrenewal@test.ex -1999-03-02 09:44:33 10HmbV-0005vi-00 tls_out_resumption session resumed -1999-03-02 09:44:33 10HmbV-0005vi-00 our cert subject -1999-03-02 09:44:33 10HmbV-0005vi-00 peer cert subject CN=server1.example.com -1999-03-02 09:44:33 10HmbV-0005vi-00 peer cert verified 1 -1999-03-02 09:44:33 10HmbV-0005vi-00 peer dn /CN=server1.example.com -1999-03-02 09:44:33 10HmbV-0005vi-00 ocsp 4 -1999-03-02 09:44:33 10HmbV-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx -1999-03-02 09:44:33 10HmbV-0005vi-00 bits 256 -1999-03-02 09:44:33 10HmbV-0005vi-00 => postrenewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbW-0005vi-00" -1999-03-02 09:44:33 10HmbV-0005vi-00 Completed -1999-03-02 09:44:33 10HmbX-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for timeout@test.ex -1999-03-02 09:44:33 10HmbX-0005vi-00 tls_out_resumption session resumed, also new ticket -1999-03-02 09:44:33 10HmbX-0005vi-00 our cert subject -1999-03-02 09:44:33 10HmbX-0005vi-00 peer cert subject CN=server1.example.com -1999-03-02 09:44:33 10HmbX-0005vi-00 peer cert verified 1 -1999-03-02 09:44:33 10HmbX-0005vi-00 peer dn /CN=server1.example.com -1999-03-02 09:44:33 10HmbX-0005vi-00 ocsp 4 -1999-03-02 09:44:33 10HmbX-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx -1999-03-02 09:44:33 10HmbX-0005vi-00 bits 256 -1999-03-02 09:44:33 10HmbX-0005vi-00 => timeout@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbY-0005vi-00" -1999-03-02 09:44:33 10HmbX-0005vi-00 Completed -1999-03-02 09:44:33 10HmbZ-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for notreq@test.ex -1999-03-02 09:44:33 10HmbZ-0005vi-00 tls_out_resumption not requested or offered -1999-03-02 09:44:33 10HmbZ-0005vi-00 our cert subject -1999-03-02 09:44:33 10HmbZ-0005vi-00 peer cert subject CN=server1.example.com -1999-03-02 09:44:33 10HmbZ-0005vi-00 peer cert verified 1 -1999-03-02 09:44:33 10HmbZ-0005vi-00 peer dn /CN=server1.example.com -1999-03-02 09:44:33 10HmbZ-0005vi-00 ocsp 4 -1999-03-02 09:44:33 10HmbZ-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx -1999-03-02 09:44:33 10HmbZ-0005vi-00 bits 256 -1999-03-02 09:44:33 10HmbZ-0005vi-00 => notreq@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmcA-0005vi-00" -1999-03-02 09:44:33 10HmbZ-0005vi-00 Completed ******** SERVER ******** 1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D @@ -276,82 +200,3 @@ 1999-03-02 09:44:33 10HmbN-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbM-0005vi-00@myhost.test.ex for noverify_resume@test.ex 1999-03-02 09:44:33 10HmbN-0005vi-00 => :blackhole: R=server 1999-03-02 09:44:33 10HmbN-0005vi-00 Completed -1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D -1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided -1999-03-02 09:44:33 our cert subject CN=server1.example.com -1999-03-02 09:44:33 peer cert subject -1999-03-02 09:44:33 peer cert verified 0 -1999-03-02 09:44:33 peer dn -1999-03-02 09:44:33 ocsp 4 -1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx -1999-03-02 09:44:33 bits 256 -1999-03-02 09:44:33 10HmbP-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbO-0005vi-00@myhost.test.ex for getticket@test.ex -1999-03-02 09:44:33 10HmbP-0005vi-00 => :blackhole: R=server -1999-03-02 09:44:33 10HmbP-0005vi-00 Completed -1999-03-02 09:44:33 tls_in_resumption session resumed -1999-03-02 09:44:33 our cert subject CN=server1.example.com -1999-03-02 09:44:33 peer cert subject -1999-03-02 09:44:33 peer cert verified 0 -1999-03-02 09:44:33 peer dn -1999-03-02 09:44:33 ocsp 0 -1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx -1999-03-02 09:44:33 bits 256 -1999-03-02 09:44:33 10HmbR-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbQ-0005vi-00@myhost.test.ex for resume@test.ex xyz@test.ex -1999-03-02 09:44:33 10HmbR-0005vi-00 => :blackhole: R=server -1999-03-02 09:44:33 10HmbR-0005vi-00 => :blackhole: R=server -1999-03-02 09:44:33 10HmbR-0005vi-00 Completed -1999-03-02 09:44:33 tls_in_resumption not requested or offered -1999-03-02 09:44:33 our cert subject CN=server1.example.com -1999-03-02 09:44:33 peer cert subject -1999-03-02 09:44:33 peer cert verified 0 -1999-03-02 09:44:33 peer dn -1999-03-02 09:44:33 ocsp 4 -1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx -1999-03-02 09:44:33 bits 256 -1999-03-02 09:44:33 10HmbS-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbQ-0005vi-00@myhost.test.ex for abcd@test.ex -1999-03-02 09:44:33 10HmbS-0005vi-00 => :blackhole: R=server -1999-03-02 09:44:33 10HmbS-0005vi-00 Completed -1999-03-02 09:44:33 tls_in_resumption session resumed, also new ticket -1999-03-02 09:44:33 our cert subject CN=server1.example.com -1999-03-02 09:44:33 peer cert subject -1999-03-02 09:44:33 peer cert verified 0 -1999-03-02 09:44:33 peer dn -1999-03-02 09:44:33 ocsp 0 -1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx -1999-03-02 09:44:33 bits 256 -1999-03-02 09:44:33 10HmbU-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbT-0005vi-00@myhost.test.ex for renewal@test.ex -1999-03-02 09:44:33 10HmbU-0005vi-00 => :blackhole: R=server -1999-03-02 09:44:33 10HmbU-0005vi-00 Completed -1999-03-02 09:44:33 tls_in_resumption session resumed -1999-03-02 09:44:33 our cert subject CN=server1.example.com -1999-03-02 09:44:33 peer cert subject -1999-03-02 09:44:33 peer cert verified 0 -1999-03-02 09:44:33 peer dn -1999-03-02 09:44:33 ocsp 0 -1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx -1999-03-02 09:44:33 bits 256 -1999-03-02 09:44:33 10HmbW-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbV-0005vi-00@myhost.test.ex for postrenewal@test.ex -1999-03-02 09:44:33 10HmbW-0005vi-00 => :blackhole: R=server -1999-03-02 09:44:33 10HmbW-0005vi-00 Completed -1999-03-02 09:44:33 tls_in_resumption session resumed, also new ticket -1999-03-02 09:44:33 our cert subject CN=server1.example.com -1999-03-02 09:44:33 peer cert subject -1999-03-02 09:44:33 peer cert verified 0 -1999-03-02 09:44:33 peer dn -1999-03-02 09:44:33 ocsp 0 -1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx -1999-03-02 09:44:33 bits 256 -1999-03-02 09:44:33 10HmbY-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbX-0005vi-00@myhost.test.ex for timeout@test.ex -1999-03-02 09:44:33 10HmbY-0005vi-00 => :blackhole: R=server -1999-03-02 09:44:33 10HmbY-0005vi-00 Completed -1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided -1999-03-02 09:44:33 our cert subject CN=server1.example.com -1999-03-02 09:44:33 peer cert subject -1999-03-02 09:44:33 peer cert verified 0 -1999-03-02 09:44:33 peer dn -1999-03-02 09:44:33 ocsp 4 -1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx -1999-03-02 09:44:33 bits 256 -1999-03-02 09:44:33 10HmcA-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbZ-0005vi-00@myhost.test.ex for notreq@test.ex -1999-03-02 09:44:33 10HmcA-0005vi-00 => :blackhole: R=server -1999-03-02 09:44:33 10HmcA-0005vi-00 Completed diff --git a/test/log/5894 b/test/log/5894 new file mode 100644 index 000000000..429c34568 --- /dev/null +++ b/test/log/5894 @@ -0,0 +1,143 @@ +1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for getticket@test.ex +1999-03-02 09:44:33 10HmaX-0005vi-00 tls_out_resumption client requested new ticket, server provided +1999-03-02 09:44:33 10HmaX-0005vi-00 our cert subject +1999-03-02 09:44:33 10HmaX-0005vi-00 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmaX-0005vi-00 peer cert verified 1 +1999-03-02 09:44:33 10HmaX-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmaX-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmaX-0005vi-00 bits 256 +1999-03-02 09:44:33 10HmaX-0005vi-00 => getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmaY-0005vi-00" +1999-03-02 09:44:33 10HmaX-0005vi-00 Completed +1999-03-02 09:44:33 10HmaZ-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for resume@test.ex abcd@test.ex xyz@test.ex +1999-03-02 09:44:33 10HmaZ-0005vi-00 tls_out_resumption session resumed +1999-03-02 09:44:33 10HmaZ-0005vi-00 our cert subject +1999-03-02 09:44:33 10HmaZ-0005vi-00 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmaZ-0005vi-00 peer cert verified 1 +1999-03-02 09:44:33 10HmaZ-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmaZ-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmaZ-0005vi-00 bits 256 +1999-03-02 09:44:33 10HmaZ-0005vi-00 tls_out_resumption not requested or offered +1999-03-02 09:44:33 10HmaZ-0005vi-00 our cert subject +1999-03-02 09:44:33 10HmaZ-0005vi-00 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmaZ-0005vi-00 peer cert verified 1 +1999-03-02 09:44:33 10HmaZ-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmaZ-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmaZ-0005vi-00 bits 256 +1999-03-02 09:44:33 10HmaZ-0005vi-00 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbA-0005vi-00" +1999-03-02 09:44:33 10HmaZ-0005vi-00 -> xyz@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbA-0005vi-00" +1999-03-02 09:44:33 10HmaZ-0005vi-00 => abcd@test.ex R=client T=send_to_server2 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbB-0005vi-00" +1999-03-02 09:44:33 10HmaZ-0005vi-00 Completed +1999-03-02 09:44:33 10HmbC-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for renewal@test.ex +1999-03-02 09:44:33 10HmbC-0005vi-00 tls_out_resumption session resumed, also new ticket +1999-03-02 09:44:33 10HmbC-0005vi-00 our cert subject +1999-03-02 09:44:33 10HmbC-0005vi-00 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmbC-0005vi-00 peer cert verified 1 +1999-03-02 09:44:33 10HmbC-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbC-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbC-0005vi-00 bits 256 +1999-03-02 09:44:33 10HmbC-0005vi-00 => renewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbD-0005vi-00" +1999-03-02 09:44:33 10HmbC-0005vi-00 Completed +1999-03-02 09:44:33 10HmbE-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for postrenewal@test.ex +1999-03-02 09:44:33 10HmbE-0005vi-00 tls_out_resumption session resumed +1999-03-02 09:44:33 10HmbE-0005vi-00 our cert subject +1999-03-02 09:44:33 10HmbE-0005vi-00 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmbE-0005vi-00 peer cert verified 1 +1999-03-02 09:44:33 10HmbE-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbE-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbE-0005vi-00 bits 256 +1999-03-02 09:44:33 10HmbE-0005vi-00 => postrenewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbF-0005vi-00" +1999-03-02 09:44:33 10HmbE-0005vi-00 Completed +1999-03-02 09:44:33 10HmbG-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for timeout@test.ex +1999-03-02 09:44:33 10HmbG-0005vi-00 tls_out_resumption session resumed, also new ticket +1999-03-02 09:44:33 10HmbG-0005vi-00 our cert subject +1999-03-02 09:44:33 10HmbG-0005vi-00 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmbG-0005vi-00 peer cert verified 1 +1999-03-02 09:44:33 10HmbG-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbG-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbG-0005vi-00 bits 256 +1999-03-02 09:44:33 10HmbG-0005vi-00 => timeout@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbH-0005vi-00" +1999-03-02 09:44:33 10HmbG-0005vi-00 Completed +1999-03-02 09:44:33 10HmbI-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for notreq@test.ex +1999-03-02 09:44:33 10HmbI-0005vi-00 tls_out_resumption not requested or offered +1999-03-02 09:44:33 10HmbI-0005vi-00 our cert subject +1999-03-02 09:44:33 10HmbI-0005vi-00 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmbI-0005vi-00 peer cert verified 1 +1999-03-02 09:44:33 10HmbI-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbI-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbI-0005vi-00 bits 256 +1999-03-02 09:44:33 10HmbI-0005vi-00 => notreq@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbJ-0005vi-00" +1999-03-02 09:44:33 10HmbI-0005vi-00 Completed + +******** SERVER ******** +1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D +1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmaY-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaX-0005vi-00@myhost.test.ex for getticket@test.ex +1999-03-02 09:44:33 10HmaY-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmaY-0005vi-00 Completed +1999-03-02 09:44:33 tls_in_resumption session resumed +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmbA-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmaZ-0005vi-00@myhost.test.ex for resume@test.ex xyz@test.ex +1999-03-02 09:44:33 10HmbA-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbA-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbA-0005vi-00 Completed +1999-03-02 09:44:33 tls_in_resumption not requested or offered +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmbB-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaZ-0005vi-00@myhost.test.ex for abcd@test.ex +1999-03-02 09:44:33 10HmbB-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbB-0005vi-00 Completed +1999-03-02 09:44:33 tls_in_resumption session resumed, also new ticket +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmbD-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbC-0005vi-00@myhost.test.ex for renewal@test.ex +1999-03-02 09:44:33 10HmbD-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbD-0005vi-00 Completed +1999-03-02 09:44:33 tls_in_resumption session resumed +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmbF-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbE-0005vi-00@myhost.test.ex for postrenewal@test.ex +1999-03-02 09:44:33 10HmbF-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbF-0005vi-00 Completed +1999-03-02 09:44:33 tls_in_resumption session resumed, also new ticket +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmbH-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbG-0005vi-00@myhost.test.ex for timeout@test.ex +1999-03-02 09:44:33 10HmbH-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbH-0005vi-00 Completed +1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmbJ-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbI-0005vi-00@myhost.test.ex for notreq@test.ex +1999-03-02 09:44:33 10HmbJ-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbJ-0005vi-00 Completed diff --git a/test/log/5895 b/test/log/5895 new file mode 100644 index 000000000..fa15df27f --- /dev/null +++ b/test/log/5895 @@ -0,0 +1,157 @@ +1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for getticket@test.ex +1999-03-02 09:44:33 10HmaX-0005vi-00 tls_out_resumption client requested new ticket, server provided +1999-03-02 09:44:33 10HmaX-0005vi-00 our cert subject +1999-03-02 09:44:33 10HmaX-0005vi-00 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmaX-0005vi-00 peer cert verified 1 +1999-03-02 09:44:33 10HmaX-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmaX-0005vi-00 ocsp 4 +1999-03-02 09:44:33 10HmaX-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmaX-0005vi-00 bits 256 +1999-03-02 09:44:33 10HmaX-0005vi-00 => getticket@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmaY-0005vi-00" +1999-03-02 09:44:33 10HmaX-0005vi-00 Completed +1999-03-02 09:44:33 10HmaZ-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for resume@test.ex abcd@test.ex xyz@test.ex +1999-03-02 09:44:33 10HmaZ-0005vi-00 tls_out_resumption session resumed +1999-03-02 09:44:33 10HmaZ-0005vi-00 our cert subject +1999-03-02 09:44:33 10HmaZ-0005vi-00 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmaZ-0005vi-00 peer cert verified 1 +1999-03-02 09:44:33 10HmaZ-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmaZ-0005vi-00 ocsp 4 +1999-03-02 09:44:33 10HmaZ-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmaZ-0005vi-00 bits 256 +1999-03-02 09:44:33 10HmaZ-0005vi-00 tls_out_resumption not requested or offered +1999-03-02 09:44:33 10HmaZ-0005vi-00 our cert subject +1999-03-02 09:44:33 10HmaZ-0005vi-00 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmaZ-0005vi-00 peer cert verified 1 +1999-03-02 09:44:33 10HmaZ-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmaZ-0005vi-00 ocsp 4 +1999-03-02 09:44:33 10HmaZ-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmaZ-0005vi-00 bits 256 +1999-03-02 09:44:33 10HmaZ-0005vi-00 => resume@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbA-0005vi-00" +1999-03-02 09:44:33 10HmaZ-0005vi-00 -> xyz@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbA-0005vi-00" +1999-03-02 09:44:33 10HmaZ-0005vi-00 => abcd@test.ex R=client T=send_to_server2 H=ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbB-0005vi-00" +1999-03-02 09:44:33 10HmaZ-0005vi-00 Completed +1999-03-02 09:44:33 10HmbC-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for renewal@test.ex +1999-03-02 09:44:33 10HmbC-0005vi-00 tls_out_resumption session resumed, also new ticket +1999-03-02 09:44:33 10HmbC-0005vi-00 our cert subject +1999-03-02 09:44:33 10HmbC-0005vi-00 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmbC-0005vi-00 peer cert verified 1 +1999-03-02 09:44:33 10HmbC-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbC-0005vi-00 ocsp 4 +1999-03-02 09:44:33 10HmbC-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbC-0005vi-00 bits 256 +1999-03-02 09:44:33 10HmbC-0005vi-00 => renewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbD-0005vi-00" +1999-03-02 09:44:33 10HmbC-0005vi-00 Completed +1999-03-02 09:44:33 10HmbE-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for postrenewal@test.ex +1999-03-02 09:44:33 10HmbE-0005vi-00 tls_out_resumption session resumed +1999-03-02 09:44:33 10HmbE-0005vi-00 our cert subject +1999-03-02 09:44:33 10HmbE-0005vi-00 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmbE-0005vi-00 peer cert verified 1 +1999-03-02 09:44:33 10HmbE-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbE-0005vi-00 ocsp 4 +1999-03-02 09:44:33 10HmbE-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbE-0005vi-00 bits 256 +1999-03-02 09:44:33 10HmbE-0005vi-00 => postrenewal@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbF-0005vi-00" +1999-03-02 09:44:33 10HmbE-0005vi-00 Completed +1999-03-02 09:44:33 10HmbG-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for timeout@test.ex +1999-03-02 09:44:33 10HmbG-0005vi-00 tls_out_resumption session resumed, also new ticket +1999-03-02 09:44:33 10HmbG-0005vi-00 our cert subject +1999-03-02 09:44:33 10HmbG-0005vi-00 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmbG-0005vi-00 peer cert verified 1 +1999-03-02 09:44:33 10HmbG-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbG-0005vi-00 ocsp 4 +1999-03-02 09:44:33 10HmbG-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbG-0005vi-00 bits 256 +1999-03-02 09:44:33 10HmbG-0005vi-00 => timeout@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbH-0005vi-00" +1999-03-02 09:44:33 10HmbG-0005vi-00 Completed +1999-03-02 09:44:33 10HmbI-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss for notreq@test.ex +1999-03-02 09:44:33 10HmbI-0005vi-00 tls_out_resumption not requested or offered +1999-03-02 09:44:33 10HmbI-0005vi-00 our cert subject +1999-03-02 09:44:33 10HmbI-0005vi-00 peer cert subject CN=server1.example.com +1999-03-02 09:44:33 10HmbI-0005vi-00 peer cert verified 1 +1999-03-02 09:44:33 10HmbI-0005vi-00 peer dn /CN=server1.example.com +1999-03-02 09:44:33 10HmbI-0005vi-00 ocsp 4 +1999-03-02 09:44:33 10HmbI-0005vi-00 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 10HmbI-0005vi-00 bits 256 +1999-03-02 09:44:33 10HmbI-0005vi-00 => notreq@test.ex R=client T=send_to_server1 H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes DN="/CN=server1.example.com" C="250 OK id=10HmbJ-0005vi-00" +1999-03-02 09:44:33 10HmbI-0005vi-00 Completed + +******** SERVER ******** +1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D +1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 ocsp 4 +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmaY-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaX-0005vi-00@myhost.test.ex for getticket@test.ex +1999-03-02 09:44:33 10HmaY-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmaY-0005vi-00 Completed +1999-03-02 09:44:33 tls_in_resumption session resumed +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 ocsp 0 +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmbA-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmaZ-0005vi-00@myhost.test.ex for resume@test.ex xyz@test.ex +1999-03-02 09:44:33 10HmbA-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbA-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbA-0005vi-00 Completed +1999-03-02 09:44:33 tls_in_resumption not requested or offered +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 ocsp 4 +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmbB-0005vi-00 <= CALLER@myhost.test.ex H=the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaZ-0005vi-00@myhost.test.ex for abcd@test.ex +1999-03-02 09:44:33 10HmbB-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbB-0005vi-00 Completed +1999-03-02 09:44:33 tls_in_resumption session resumed, also new ticket +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 ocsp 0 +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmbD-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbC-0005vi-00@myhost.test.ex for renewal@test.ex +1999-03-02 09:44:33 10HmbD-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbD-0005vi-00 Completed +1999-03-02 09:44:33 tls_in_resumption session resumed +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 ocsp 0 +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmbF-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbE-0005vi-00@myhost.test.ex for postrenewal@test.ex +1999-03-02 09:44:33 10HmbF-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbF-0005vi-00 Completed +1999-03-02 09:44:33 tls_in_resumption session resumed, also new ticket +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 ocsp 0 +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmbH-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx* CV=no S=sss id=E10HmbG-0005vi-00@myhost.test.ex for timeout@test.ex +1999-03-02 09:44:33 10HmbH-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbH-0005vi-00 Completed +1999-03-02 09:44:33 tls_in_resumption client requested new ticket, server provided +1999-03-02 09:44:33 our cert subject CN=server1.example.com +1999-03-02 09:44:33 peer cert subject +1999-03-02 09:44:33 peer cert verified 0 +1999-03-02 09:44:33 peer dn +1999-03-02 09:44:33 ocsp 4 +1999-03-02 09:44:33 cipher TLS1.x:ke-RSA-AES256-SHAnnn:xxx +1999-03-02 09:44:33 bits 256 +1999-03-02 09:44:33 10HmbJ-0005vi-00 <= CALLER@myhost.test.ex H=(helo.data.changed) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbI-0005vi-00@myhost.test.ex for notreq@test.ex +1999-03-02 09:44:33 10HmbJ-0005vi-00 => :blackhole: R=server +1999-03-02 09:44:33 10HmbJ-0005vi-00 Completed diff --git a/test/scripts/5892-Resume-OpenSSL/5892 b/test/scripts/5892-Resume-OpenSSL/5892 index 6c04424ce..5a8dd3ef2 100644 --- a/test/scripts/5892-Resume-OpenSSL/5892 +++ b/test/scripts/5892-Resume-OpenSSL/5892 @@ -1,4 +1,4 @@ -# TLS session resumption +# TLSv1.2 session resumption # ### TLS1.2 exim -DSERVER=server -DOPTION=+no_tlsv1_3 -bd -oX PORT_D @@ -32,33 +32,4 @@ exim -odf -DVALUE=resume noverify_resume@test.ex Dest on this means the server cert will not verify (but try_verify will permit it) **** killdaemon -sleep 1 -sudo rm -f DIR/spool/db/tls -# -# -### TLS1.3 -exim -DSERVER=server -bd -oX PORT_D -**** -exim -DVALUE=resume -odf getticket@test.ex -Test message. Contains FF: ÿ -**** -exim -DVALUE=resume -odf resume@test.ex abcd@test.ex xyz@test.ex -Test message to two different hosts, one does not support resume -**** -# allow time for ticket to hit renewal time -sleep 3 -exim -DVALUE=resume -odf renewal@test.ex -Test message. -**** -exim -DVALUE=resume -odf postrenewal@test.ex -Test message. -**** -sleep 3 -exim -DVALUE=resume -odf timeout@test.ex -Test message. -**** -exim -odf notreq@test.ex -Test message, not requesting resumption. -**** -killdaemon no_msglog_check diff --git a/test/scripts/5893-Resume-OpenSSL-OCSP/5893 b/test/scripts/5893-Resume-OpenSSL-OCSP/5893 index 18bce1f27..a85c3edda 100644 --- a/test/scripts/5893-Resume-OpenSSL-OCSP/5893 +++ b/test/scripts/5893-Resume-OpenSSL-OCSP/5893 @@ -1,4 +1,4 @@ -# TLS session resumption with OCSP +# TLSv1.2 session resumption with OCSP # ### TLS1.2 exim -DSERVER=server -DOPTION=+no_tlsv1_3 -bd -oX PORT_D @@ -32,33 +32,4 @@ exim -odf -DVALUE=resume noverify_resume@test.ex Dest on this means the server cert will not verify (but try_verify will permit it) **** killdaemon -sleep 1 -sudo rm -f DIR/spool/db/tls -# -# -### TLS1.3 -exim -DSERVER=server -bd -oX PORT_D -**** -exim -DVALUE=resume -odf getticket@test.ex -Test message. Contains FF: ÿ -**** -exim -DVALUE=resume -odf resume@test.ex abcd@test.ex xyz@test.ex -Test message to two different hosts, one does not support resume -**** -# allow time for ticket to hit renewal time -sleep 3 -exim -DVALUE=resume -odf renewal@test.ex -Test message. -**** -exim -DVALUE=resume -odf postrenewal@test.ex -Test message. -**** -sleep 3 -exim -DVALUE=resume -odf timeout@test.ex -Test message. -**** -exim -odf notreq@test.ex -Test message, not requesting resumption. -**** -killdaemon no_msglog_check diff --git a/test/scripts/5894-Resume-OpenSSL-TLS1.3/5894 b/test/scripts/5894-Resume-OpenSSL-TLS1.3/5894 new file mode 100644 index 000000000..722bc9b08 --- /dev/null +++ b/test/scripts/5894-Resume-OpenSSL-TLS1.3/5894 @@ -0,0 +1,28 @@ +# TLSv1.3 session resumption +# +### TLS1.3 +exim -DSERVER=server -bd -oX PORT_D +**** +exim -DVALUE=resume -odf getticket@test.ex +Test message. Contains FF: ÿ +**** +exim -DVALUE=resume -odf resume@test.ex abcd@test.ex xyz@test.ex +Test message to two different hosts, one does not support resume +**** +# allow time for ticket to hit renewal time +sleep 3 +exim -DVALUE=resume -odf renewal@test.ex +Test message. +**** +exim -DVALUE=resume -odf postrenewal@test.ex +Test message. +**** +sleep 3 +exim -DVALUE=resume -odf timeout@test.ex +Test message. +**** +exim -odf notreq@test.ex +Test message, not requesting resumption. +**** +killdaemon +no_msglog_check diff --git a/test/scripts/5894-Resume-OpenSSL-TLS1.3/REQUIRES b/test/scripts/5894-Resume-OpenSSL-TLS1.3/REQUIRES new file mode 100644 index 000000000..6b79369fc --- /dev/null +++ b/test/scripts/5894-Resume-OpenSSL-TLS1.3/REQUIRES @@ -0,0 +1,4 @@ +support OpenSSL +running IPv4 +support TLS_resume +feature _OPT_OPENSSL_NO_TLSV1_3_X diff --git a/test/scripts/5895-Resume-OpenSSL-TLS1.3-OCSP/5895 b/test/scripts/5895-Resume-OpenSSL-TLS1.3-OCSP/5895 new file mode 100644 index 000000000..5709b4a78 --- /dev/null +++ b/test/scripts/5895-Resume-OpenSSL-TLS1.3-OCSP/5895 @@ -0,0 +1,28 @@ +# TLSv1.3 session resumption with OCSP +# +### TLS1.3 +exim -DSERVER=server -bd -oX PORT_D +**** +exim -DVALUE=resume -odf getticket@test.ex +Test message. Contains FF: ÿ +**** +exim -DVALUE=resume -odf resume@test.ex abcd@test.ex xyz@test.ex +Test message to two different hosts, one does not support resume +**** +# allow time for ticket to hit renewal time +sleep 3 +exim -DVALUE=resume -odf renewal@test.ex +Test message. +**** +exim -DVALUE=resume -odf postrenewal@test.ex +Test message. +**** +sleep 3 +exim -DVALUE=resume -odf timeout@test.ex +Test message. +**** +exim -odf notreq@test.ex +Test message, not requesting resumption. +**** +killdaemon +no_msglog_check diff --git a/test/scripts/5895-Resume-OpenSSL-TLS1.3-OCSP/REQUIRES b/test/scripts/5895-Resume-OpenSSL-TLS1.3-OCSP/REQUIRES new file mode 100644 index 000000000..1ba7fa74f --- /dev/null +++ b/test/scripts/5895-Resume-OpenSSL-TLS1.3-OCSP/REQUIRES @@ -0,0 +1,5 @@ +support OpenSSL +running IPv4 +support TLS_resume +support OCSP +feature _OPT_OPENSSL_NO_TLSV1_3_X diff --git a/test/stderr/5892 b/test/stderr/5892 index 6b5c4341e..6f9aa1388 100644 --- a/test/stderr/5892 +++ b/test/stderr/5892 @@ -1,6 +1,4 @@ ### TLS1.2 -### TLS1.3 ******** SERVER ******** ### TLS1.2 -### TLS1.3 diff --git a/test/stderr/5893 b/test/stderr/5893 index 6b5c4341e..6f9aa1388 100644 --- a/test/stderr/5893 +++ b/test/stderr/5893 @@ -1,6 +1,4 @@ ### TLS1.2 -### TLS1.3 ******** SERVER ******** ### TLS1.2 -### TLS1.3 diff --git a/test/stderr/5894 b/test/stderr/5894 new file mode 100644 index 000000000..28e3af081 --- /dev/null +++ b/test/stderr/5894 @@ -0,0 +1,4 @@ +### TLS1.3 + +******** SERVER ******** +### TLS1.3 diff --git a/test/stderr/5895 b/test/stderr/5895 new file mode 100644 index 000000000..28e3af081 --- /dev/null +++ b/test/stderr/5895 @@ -0,0 +1,4 @@ +### TLS1.3 + +******** SERVER ******** +### TLS1.3 diff --git a/test/stdout/5892 b/test/stdout/5892 index 6b5c4341e..6f9aa1388 100644 --- a/test/stdout/5892 +++ b/test/stdout/5892 @@ -1,6 +1,4 @@ ### TLS1.2 -### TLS1.3 ******** SERVER ******** ### TLS1.2 -### TLS1.3 diff --git a/test/stdout/5893 b/test/stdout/5893 index 6b5c4341e..6f9aa1388 100644 --- a/test/stdout/5893 +++ b/test/stdout/5893 @@ -1,6 +1,4 @@ ### TLS1.2 -### TLS1.3 ******** SERVER ******** ### TLS1.2 -### TLS1.3 diff --git a/test/stdout/5894 b/test/stdout/5894 new file mode 100644 index 000000000..28e3af081 --- /dev/null +++ b/test/stdout/5894 @@ -0,0 +1,4 @@ +### TLS1.3 + +******** SERVER ******** +### TLS1.3 diff --git a/test/stdout/5895 b/test/stdout/5895 new file mode 100644 index 000000000..28e3af081 --- /dev/null +++ b/test/stdout/5895 @@ -0,0 +1,4 @@ +### TLS1.3 + +******** SERVER ******** +### TLS1.3 -- cgit v1.2.3