projects / exim.git / blame
| Commit | Line | Data |
|---|---|---|
| 12ee8cf9 JH |
1 | # DANE client: general |
| 2 | # | |
| 82525c6f | 3 | exim -DSERVER=server -DDETAILS=ee -bd -oX PORT_D |
| 12ee8cf9 | 4 | **** |
| cfe93a95 | 5 | ### TLSA (3 1 1) |
| 281e72e4 | 6 | exim -odq CALLER@dane256ee.test.ex |
| 101de477 JH |
7 | Testing |
| 8 | **** | |
| cfe93a95 | 9 | ### TLSA (3 1 2) |
| 281e72e4 | 10 | exim -odq CALLER@mxdane512ee.test.ex |
| 12ee8cf9 JH |
11 | Testing |
| 12 | **** | |
| 401a8935 | 13 | exim -qf |
| 12ee8cf9 | 14 | **** |
| bf7aabb4 JH |
15 | # |
| 16 | # | |
| cfe93a95 | 17 | ### Recipient callout |
| bf7aabb4 JH |
18 | exim -DOPT=callout -bhc 127.0.0.1 |
| 19 | MAIL FROM: <CALLER@myhost.test.ex> | |
| cfe93a95 | 20 | RCPT TO: <rcptuser@dane256ee.test.ex> |
| bf7aabb4 | 21 | **** |
| 12ee8cf9 | 22 | killdaemon |
| 82525c6f JH |
23 | # |
| 24 | # | |
| 25 | exim -DSERVER=server -DDETAILS=ta -bd -oX PORT_D | |
| 26 | **** | |
| cfe93a95 | 27 | ### TLSA (2 0 1) |
| 281e72e4 | 28 | exim -odq CALLER@mxdane256ta.test.ex |
| 82525c6f JH |
29 | Testing |
| 30 | **** | |
| 31 | exim -qf | |
| 32 | **** | |
| 33 | killdaemon | |
| 281e72e4 | 34 | # |
| cfe93a95 | 35 | ### A server with a nonverifying cert and no TLSA |
| 281e72e4 JH |
36 | # Check we get a non-CV but TLS connection, with try_dane but no require_dane |
| 37 | exim -DSERVER=server -DDETAILS=no -bd -oX PORT_D | |
| 38 | **** | |
| 39 | exim -odq CALLER@thishost.test.ex | |
| 40 | Testing | |
| 12ee8cf9 | 41 | **** |
| 281e72e4 JH |
42 | exim -qf |
| 43 | **** | |
| 44 | killdaemon | |
| 45 | # | |
| cfe93a95 | 46 | ### A server with a verifying cert and no TLSA |
| 281e72e4 JH |
47 | # Check we get a CV and TLS connection, with try_dane but no require_dane |
| 48 | exim -DSERVER=server -DDETAILS=ca -bd -oX PORT_D | |
| 49 | **** | |
| 50 | exim -odq CALLER@thishost.test.ex | |
| 51 | Testing | |
| 52 | **** | |
| 01a4a5c5 | 53 | exim -DOPT=no_certname -qf |
| 281e72e4 JH |
54 | **** |
| 55 | killdaemon | |
| 56 | # | |
| 4cea764f | 57 | # |
| 4cea764f JH |
58 | exim -DSERVER=server -DDETAILS=ee -bd -oX PORT_D |
| 59 | **** | |
| cfe93a95 | 60 | ### A server with two MXs for which both TLSA lookups return defer |
| 4cea764f JH |
61 | exim -odq CALLER@mxdanelazy.test.ex |
| 62 | Testing | |
| 63 | **** | |
| b7e4352c | 64 | ### A server lacking a TLSA, dane required (should fail) |
| 6aa849d3 JH |
65 | exim -odq CALLER@dane.no.1.test.ex |
| 66 | Testing | |
| 67 | **** | |
| b7e4352c | 68 | ### A server lacking a TLSA, dane requested only (should fail, as the NXDOMAIN is not DNSSEC) |
| 6aa849d3 JH |
69 | exim -odq CALLER@dane.no.2.test.ex |
| 70 | Testing | |
| 71 | **** | |
| b7e4352c JH |
72 | ### A server where the A is dnssec and the TLSA _fails_ |
| 73 | exim -odq CALLER@danebroken1.test.ex | |
| 74 | Testing | |
| 75 | **** | |
| ce889807 JH |
76 | ### A server securely saying "no TLSA records here", dane required (should fail) |
| 77 | exim -odq CALLER@dane.no.3.test.ex | |
| 78 | Testing | |
| 79 | **** | |
| 80 | ### A server securely saying "no TLSA records here", dane requested only (should transmit) | |
| 81 | exim -odq CALLER@dane.no.4.test.ex | |
| 82 | Testing | |
| 83 | **** | |
| 4cea764f JH |
84 | exim -qf |
| 85 | **** | |
| 86 | killdaemon | |
| 87 | no_msglog_check |