Commit | Line | Data |
---|---|---|
83da1223 | 1 | # TLS client & server: (gnu)tls_require_xxx |
59371ea7 | 2 | gnutls |
83da1223 | 3 | # Start up the server |
59371ea7 PH |
4 | exim -DSERVER=server -bd -oX PORT_D |
5 | **** | |
83da1223 | 6 | # This puts a message on the queue (queue_only is set). |
59371ea7 PH |
7 | exim userx@test.ex |
8 | Testing | |
9 | **** | |
83da1223 PH |
10 | # This will fail to deliver encrypted because there are no acceptable |
11 | # ciphers, so it will deliver in clear. | |
12 | exim -qf -DCREQCIP=tls_require_ciphers=IDEA-CBC-MD5 | |
13 | **** | |
14 | # This delivers the message to the server, where it will remain | |
15 | # on the queue because queue_only is set. | |
16 | exim -qf -DCREQCIP=tls_require_ciphers=IDEA-CBC-MD5:DES-CBC3-SHA:RSA_ARCFOUR_SHA | |
17 | **** | |
18 | # So we can deliver it again and again, with different parameters. | |
19 | exim -qf -DCREQMAC=gnutls_require_mac=MD5 | |
20 | **** | |
21 | exim -qf -DCREQMAC=gnutls_require_mac=!SHA1 | |
22 | **** | |
23 | exim -qf -DCREQMAC=gnutls_require_mac=MD5:SHA | |
24 | **** | |
25 | exim -qf -DCREQMAC=gnutls_require_kx=!DHE | |
26 | **** | |
27 | exim -qf -DCREQMAC=gnutls_require_protocols=SSL3 | |
28 | **** | |
29 | # Restart the server with a cipher restriction | |
30 | killdaemon | |
31 | exim -DSERVER=server \ | |
32 | -DSREQCIP=tls_require_ciphers=ARCFOUR \ | |
33 | -DSREQMAC=gnutls_require_mac=MD5 \ | |
34 | -bd -oX PORT_D | |
35 | **** | |
59371ea7 PH |
36 | exim -qf |
37 | **** | |
38 | killdaemon | |
39 | no_msglog_check |