Commit | Line | Data |
---|---|---|
59371ea7 PH |
1 | # TLS server: mandatory, optional, and revoked certificates |
2 | gnutls | |
c9a55f6a | 3 | munge gnutls_unexpected |
59371ea7 PH |
4 | exim -DSERVER=server -bd -oX PORT_D |
5 | **** | |
6 | # No certificate, certificate required | |
7 | client-gnutls HOSTIPV4 PORT_D | |
8 | ??? 220 | |
5c8cda3a | 9 | ehlo rhu1.barb |
59371ea7 PH |
10 | ??? 250- |
11 | ??? 250- | |
12 | ??? 250- | |
13 | ??? 250- | |
5b456975 | 14 | ??? 250- |
59371ea7 PH |
15 | ??? 250 |
16 | starttls | |
17 | ??? 220 | |
18 | **** | |
19 | # No certificate, certificate optional at TLS time, required by ACL | |
20 | client-gnutls 127.0.0.1 PORT_D | |
21 | ??? 220 | |
5c8cda3a | 22 | ehlo rhu2.barb |
59371ea7 PH |
23 | ??? 250- |
24 | ??? 250- | |
25 | ??? 250- | |
26 | ??? 250- | |
5b456975 | 27 | ??? 250- |
59371ea7 PH |
28 | ??? 250 |
29 | starttls | |
30 | ??? 220 | |
5c8cda3a | 31 | helo rhu2tls.barb |
59371ea7 PH |
32 | ??? 250 |
33 | mail from:<userx@test.ex> | |
34 | ??? 250 | |
35 | rcpt to:<userx@test.ex> | |
36 | ??? 550 | |
37 | quit | |
38 | ??? 221 | |
39 | **** | |
40 | # Good certificate, certificate required | |
41 | client-gnutls HOSTIPV4 PORT_D aux-fixed/cert2 aux-fixed/cert2 | |
42 | ??? 220 | |
5c8cda3a | 43 | ehlo rhu3.barb |
59371ea7 PH |
44 | ??? 250- |
45 | ??? 250- | |
46 | ??? 250- | |
47 | ??? 250- | |
5b456975 | 48 | ??? 250- |
59371ea7 PH |
49 | ??? 250 |
50 | starttls | |
51 | ??? 220 | |
52 | mail from:<userx@test.ex> | |
53 | ??? 250 | |
54 | rcpt to:<userx@test.ex> | |
55 | ??? 250 | |
56 | quit | |
57 | ??? 221 | |
58 | **** | |
59 | # Good certificate, certificate optional at TLS time, checked by ACL | |
60 | client-gnutls 127.0.0.1 PORT_D aux-fixed/cert2 aux-fixed/cert2 | |
61 | ??? 220 | |
5c8cda3a | 62 | ehlo rhu4.barb |
59371ea7 PH |
63 | ??? 250- |
64 | ??? 250- | |
65 | ??? 250- | |
66 | ??? 250- | |
5b456975 | 67 | ??? 250- |
59371ea7 PH |
68 | ??? 250 |
69 | starttls | |
70 | ??? 220 | |
71 | mail from:<userx@test.ex> | |
72 | ??? 250 | |
73 | rcpt to:<userx@test.ex> | |
74 | ??? 250 | |
75 | quit | |
76 | ??? 221 | |
77 | **** | |
78 | # Bad certificate, certificate required | |
79 | client-gnutls HOSTIPV4 PORT_D aux-fixed/cert1 aux-fixed/cert1 | |
80 | ??? 220 | |
5c8cda3a | 81 | ehlo rhu5.barb |
59371ea7 PH |
82 | ??? 250- |
83 | ??? 250- | |
84 | ??? 250- | |
85 | ??? 250- | |
5b456975 | 86 | ??? 250- |
59371ea7 PH |
87 | ??? 250 |
88 | starttls | |
89 | ??? 220 | |
90 | **** | |
91 | # Bad certificate, certificate optional at TLS time, reject at ACL time | |
92 | client-gnutls 127.0.0.1 PORT_D aux-fixed/cert1 aux-fixed/cert1 | |
93 | ??? 220 | |
5c8cda3a | 94 | ehlo rhu6.barb |
59371ea7 PH |
95 | ??? 250- |
96 | ??? 250- | |
97 | ??? 250- | |
98 | ??? 250- | |
5b456975 | 99 | ??? 250- |
59371ea7 PH |
100 | ??? 250 |
101 | starttls | |
102 | ??? 220 | |
103 | mail from:<userx@test.ex> | |
104 | ??? 250 | |
105 | rcpt to:<userx@test.ex> | |
106 | ??? 550- | |
107 | ??? 550 | |
108 | quit | |
109 | ??? 221 | |
110 | **** | |
111 | killdaemon | |
112 | exim -DCRL=DIR/aux-fixed/crl.pem -DSERVER=server -bd -oX PORT_D | |
113 | **** | |
114 | # Good but revoked certificate, certificate required | |
115 | client-gnutls HOSTIPV4 PORT_D aux-fixed/cert2 aux-fixed/cert2 | |
116 | ??? 220 | |
5c8cda3a | 117 | ehlo rhu7.barb |
59371ea7 PH |
118 | ??? 250- |
119 | ??? 250- | |
120 | ??? 250- | |
121 | ??? 250- | |
5b456975 | 122 | ??? 250- |
59371ea7 PH |
123 | ??? 250 |
124 | starttls | |
125 | ??? 220 | |
126 | **** | |
127 | # Revoked certificate, certificate optional at TLS time, reject at ACL time | |
128 | client-gnutls 127.0.0.1 PORT_D aux-fixed/cert1 aux-fixed/cert1 | |
129 | ??? 220 | |
5c8cda3a | 130 | ehlo rhu8.barb |
59371ea7 PH |
131 | ??? 250- |
132 | ??? 250- | |
133 | ??? 250- | |
134 | ??? 250- | |
5b456975 | 135 | ??? 250- |
59371ea7 PH |
136 | ??? 250 |
137 | starttls | |
138 | ??? 220 | |
139 | mail from:<userx@test.ex> | |
140 | ??? 250 | |
141 | rcpt to:<userx@test.ex> | |
142 | ??? 550- | |
143 | ??? 550 | |
144 | quit | |
145 | ??? 221 | |
146 | **** | |
147 | killdaemon |