test/scripts/2000-GnuTLS/2014


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146

# TLS server: mandatory, optional, and revoked certificates
gnutls
exim -DSERVER=server -bd -oX PORT_D
****
# No certificate, certificate required
client-gnutls HOSTIPV4 PORT_D
??? 220
ehlo rhu1.barb
??? 250-
??? 250-
??? 250-
??? 250-
??? 250-
??? 250
starttls
??? 220
****
# No certificate, certificate optional at TLS time, required by ACL
client-gnutls 127.0.0.1 PORT_D
??? 220
ehlo rhu2.barb
??? 250-
??? 250-
??? 250-
??? 250-
??? 250-
??? 250
starttls
??? 220
helo rhu2tls.barb
??? 250
mail from:<userx@test.ex>
??? 250
rcpt to:<userx@test.ex>
??? 550
quit
??? 221
****
# Good certificate, certificate required
client-gnutls HOSTIPV4 PORT_D aux-fixed/cert2 aux-fixed/cert2
??? 220
ehlo rhu3.barb
??? 250-
??? 250-
??? 250-
??? 250-
??? 250-
??? 250
starttls
??? 220
mail from:<userx@test.ex>
??? 250
rcpt to:<userx@test.ex>
??? 250
quit
??? 221
****
# Good certificate, certificate optional at TLS time, checked by ACL
client-gnutls 127.0.0.1 PORT_D aux-fixed/cert2 aux-fixed/cert2
??? 220
ehlo rhu4.barb
??? 250-
??? 250-
??? 250-
??? 250-
??? 250-
??? 250
starttls
??? 220
mail from:<userx@test.ex>
??? 250
rcpt to:<userx@test.ex>
??? 250
quit
??? 221
****
# Bad certificate, certificate required
client-gnutls HOSTIPV4 PORT_D aux-fixed/cert1 aux-fixed/cert1
??? 220
ehlo rhu5.barb
??? 250-
??? 250-
??? 250-
??? 250-
??? 250-
??? 250
starttls
??? 220
****
# Bad certificate, certificate optional at TLS time, reject at ACL time
client-gnutls 127.0.0.1 PORT_D aux-fixed/cert1 aux-fixed/cert1
??? 220
ehlo rhu6.barb
??? 250-
??? 250-
??? 250-
??? 250-
??? 250-
??? 250
starttls
??? 220
mail from:<userx@test.ex>
??? 250
rcpt to:<userx@test.ex>
??? 550-
??? 550
quit
??? 221
****
killdaemon
exim -DCRL=DIR/aux-fixed/crl.pem -DSERVER=server -bd -oX PORT_D
****
# Good but revoked certificate, certificate required
client-gnutls HOSTIPV4 PORT_D aux-fixed/cert2 aux-fixed/cert2
??? 220
ehlo rhu7.barb
??? 250-
??? 250-
??? 250-
??? 250-
??? 250-
??? 250
starttls
??? 220
****
# Revoked certificate, certificate optional at TLS time, reject at ACL time
client-gnutls 127.0.0.1 PORT_D aux-fixed/cert1 aux-fixed/cert1
??? 220
ehlo rhu8.barb
??? 250-
??? 250-
??? 250-
??? 250-
??? 250-
??? 250
starttls
??? 220
mail from:<userx@test.ex>
??? 250
rcpt to:<userx@test.ex>
??? 550-
??? 550
quit
??? 221
****
killdaemon