From 4cfb21b860882e76c3d3147b01708b347d0f9a0d Mon Sep 17 00:00:00 2001
From: Jeremy Harris <jgh146exb@wizmail.org>
Date: Sat, 26 Sep 2020 15:35:58 +0100
Subject: OpenSSL: Fix client-side tls_verify_cert_hostnames behaviour

---
 test/confs/2130 | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

(limited to 'test/confs/2130')

diff --git a/test/confs/2130 b/test/confs/2130
index 4afded1cf..0559bba53 100644
--- a/test/confs/2130
+++ b/test/confs/2130
@@ -16,10 +16,7 @@ log_selector = +tls_peerdn +tls_sni
 remote_max_parallel = 1
 
 tls_advertise_hosts = *
-
-# Set certificate only if server
-
-tls_certificate = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail}
+tls_certificate = DIR/aux-fixed/cert1
 
 
 # ------ ACL ------
@@ -55,7 +52,8 @@ send_to_server1:
   port = PORT_D
   hosts_try_fastopen =	:
   tls_sni = fred
-  tls_try_verify_hosts = :
+  tls_verify_certificates = DIR/aux-fixed/cert1
+  tls_verify_cert_hostnames = :
 
 send_to_server2:
   driver = smtp
@@ -63,7 +61,8 @@ send_to_server2:
   hosts = HOSTIPV4
   port = PORT_D
   hosts_try_fastopen =	:
-  tls_try_verify_hosts = :
+  tls_verify_certificates = DIR/aux-fixed/cert1
+  tls_verify_cert_hostnames = :
 
 
 # ----- Retry -----
-- 
cgit v1.2.3