X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=test%2Fstdout%2F2014;h=cb24d0561f2d4010200c479026508fa51b785ff9;hb=dc9c8f8b52cbf2e8424f5e98f63d29aa7fb81fe7;hp=40f342961922d6480e654f835bffa875605baca6;hpb=54c5ebb14ead7439af300e9d7d9d7d2ba29ff32e;p=exim.git

diff --git a/test/stdout/2014 b/test/stdout/2014
index 40f342961..cb24d0561 100644
--- a/test/stdout/2014
+++ b/test/stdout/2014
@@ -1,12 +1,15 @@
+### No certificate, certificate required
 Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected
 ??? 220
 <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
->>> ehlo rhu.barb
+>>> ehlo rhu1.barb
 ??? 250-
-<<< 250-myhost.test.ex Hello rhu.barb [ip4.ip4.ip4.ip4]
+<<< 250-myhost.test.ex Hello rhu1.barb [ip4.ip4.ip4.ip4]
 ??? 250-
 <<< 250-SIZE 52428800
 ??? 250-
+<<< 250-8BITMIME
+??? 250-
 <<< 250-PIPELINING
 ??? 250-
 <<< 250-STARTTLS
@@ -16,17 +19,21 @@ Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected
 ??? 220
 <<< 220 TLS go ahead
 Attempting to start TLS
+A TLS fatal alert has been received.
 Failed to start TLS
 End of script
+### No certificate, certificate optional at TLS time, required by ACL
 Connecting to 127.0.0.1 port 1225 ... connected
 ??? 220
 <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
->>> ehlo rhu.barb
+>>> ehlo rhu2.barb
 ??? 250-
-<<< 250-myhost.test.ex Hello rhu.barb [127.0.0.1]
+<<< 250-myhost.test.ex Hello rhu2.barb [127.0.0.1]
 ??? 250-
 <<< 250-SIZE 52428800
 ??? 250-
+<<< 250-8BITMIME
+??? 250-
 <<< 250-PIPELINING
 ??? 250-
 <<< 250-STARTTLS
@@ -37,9 +44,9 @@ Connecting to 127.0.0.1 port 1225 ... connected
 <<< 220 TLS go ahead
 Attempting to start TLS
 Succeeded in starting TLS
->>> helo rhu.barb
+>>> helo rhu2tls.barb
 ??? 250
-<<< 250 myhost.test.ex Hello rhu.barb [127.0.0.1]
+<<< 250 myhost.test.ex Hello rhu2tls.barb [127.0.0.1]
 >>> mail from:<userx@test.ex>
 ??? 250
 <<< 250 OK
@@ -50,17 +57,20 @@ Succeeded in starting TLS
 ??? 221
 <<< 221 myhost.test.ex closing connection
 End of script
+### Good certificate, certificate required
 Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected
-Certificate file = aux-fixed/cert2
-Key file = aux-fixed/cert2
+Certificate file = aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.chain.pem
+Key file = aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key
 ??? 220
 <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
->>> ehlo rhu.barb
+>>> ehlo rhu3.barb
 ??? 250-
-<<< 250-myhost.test.ex Hello rhu.barb [ip4.ip4.ip4.ip4]
+<<< 250-myhost.test.ex Hello rhu3.barb [ip4.ip4.ip4.ip4]
 ??? 250-
 <<< 250-SIZE 52428800
 ??? 250-
+<<< 250-8BITMIME
+??? 250-
 <<< 250-PIPELINING
 ??? 250-
 <<< 250-STARTTLS
@@ -81,17 +91,20 @@ Succeeded in starting TLS
 ??? 221
 <<< 221 myhost.test.ex closing connection
 End of script
+### Good certificate, certificate optional at TLS time, checked by ACL
 Connecting to 127.0.0.1 port 1225 ... connected
-Certificate file = aux-fixed/cert2
-Key file = aux-fixed/cert2
+Certificate file = aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.chain.pem
+Key file = aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key
 ??? 220
 <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
->>> ehlo rhu.barb
+>>> ehlo rhu4.barb
 ??? 250-
-<<< 250-myhost.test.ex Hello rhu.barb [127.0.0.1]
+<<< 250-myhost.test.ex Hello rhu4.barb [127.0.0.1]
 ??? 250-
 <<< 250-SIZE 52428800
 ??? 250-
+<<< 250-8BITMIME
+??? 250-
 <<< 250-PIPELINING
 ??? 250-
 <<< 250-STARTTLS
@@ -112,17 +125,20 @@ Succeeded in starting TLS
 ??? 221
 <<< 221 myhost.test.ex closing connection
 End of script
+### Bad certificate, certificate required
 Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected
-Certificate file = aux-fixed/cert1
-Key file = aux-fixed/cert1
+Certificate file = aux-fixed/exim-ca/example.net/server1.example.net/server1.example.net.chain.pem
+Key file = aux-fixed/exim-ca/example.net/server1.example.net/server1.example.net.unlocked.key
 ??? 220
 <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
->>> ehlo rhu.barb
+>>> ehlo rhu5.barb
 ??? 250-
-<<< 250-myhost.test.ex Hello rhu.barb [ip4.ip4.ip4.ip4]
+<<< 250-myhost.test.ex Hello rhu5.barb [ip4.ip4.ip4.ip4]
 ??? 250-
 <<< 250-SIZE 52428800
 ??? 250-
+<<< 250-8BITMIME
+??? 250-
 <<< 250-PIPELINING
 ??? 250-
 <<< 250-STARTTLS
@@ -132,19 +148,23 @@ Key file = aux-fixed/cert1
 ??? 220
 <<< 220 TLS go ahead
 Attempting to start TLS
-Succeeded in starting TLS
+A TLS fatal alert has been received.
+Failed to start TLS
 End of script
+### Bad certificate, certificate optional at TLS time, reject at ACL time
 Connecting to 127.0.0.1 port 1225 ... connected
-Certificate file = aux-fixed/cert1
-Key file = aux-fixed/cert1
+Certificate file = aux-fixed/exim-ca/example.net/server1.example.net/server1.example.net.chain.pem
+Key file = aux-fixed/exim-ca/example.net/server1.example.net/server1.example.net.unlocked.key
 ??? 220
 <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
->>> ehlo rhu.barb
+>>> ehlo rhu6.barb
 ??? 250-
-<<< 250-myhost.test.ex Hello rhu.barb [127.0.0.1]
+<<< 250-myhost.test.ex Hello rhu6.barb [127.0.0.1]
 ??? 250-
 <<< 250-SIZE 52428800
 ??? 250-
+<<< 250-8BITMIME
+??? 250-
 <<< 250-PIPELINING
 ??? 250-
 <<< 250-STARTTLS
@@ -159,25 +179,26 @@ Succeeded in starting TLS
 ??? 250
 <<< 250 OK
 >>> rcpt to:<userx@test.ex>
-??? 550-
-<<< 550-certificate not verified: peerdn=C=UK,L=Cambridge,O=University of
 ??? 550
-<<< 550 Cambridge,OU=Computing Service,CN=Philip Hazel
+<<< 550 certificate not verified: peerdn=
 >>> quit
 ??? 221
 <<< 221 myhost.test.ex closing connection
 End of script
+### Otherwise good but revoked certificate, certificate required
 Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected
-Certificate file = aux-fixed/cert2
-Key file = aux-fixed/cert2
+Certificate file = aux-fixed/exim-ca/example.com/revoked1.example.com/revoked1.example.com.chain.pem
+Key file = aux-fixed/exim-ca/example.com/revoked1.example.com/revoked1.example.com.unlocked.key
 ??? 220
 <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
->>> ehlo rhu.barb
+>>> ehlo rhu7.barb
 ??? 250-
-<<< 250-myhost.test.ex Hello rhu.barb [ip4.ip4.ip4.ip4]
+<<< 250-myhost.test.ex Hello rhu7.barb [ip4.ip4.ip4.ip4]
 ??? 250-
 <<< 250-SIZE 52428800
 ??? 250-
+<<< 250-8BITMIME
+??? 250-
 <<< 250-PIPELINING
 ??? 250-
 <<< 250-STARTTLS
@@ -189,17 +210,20 @@ Key file = aux-fixed/cert2
 Attempting to start TLS
 Succeeded in starting TLS
 End of script
+### Revoked certificate, certificate optional at TLS time, reject at ACL time
 Connecting to 127.0.0.1 port 1225 ... connected
-Certificate file = aux-fixed/cert1
-Key file = aux-fixed/cert1
+Certificate file = aux-fixed/exim-ca/example.com/revoked1.example.com/revoked1.example.com.chain.pem
+Key file = aux-fixed/exim-ca/example.com/revoked1.example.com/revoked1.example.com.unlocked.key
 ??? 220
 <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
->>> ehlo rhu.barb
+>>> ehlo rhu8.barb
 ??? 250-
-<<< 250-myhost.test.ex Hello rhu.barb [127.0.0.1]
+<<< 250-myhost.test.ex Hello rhu8.barb [127.0.0.1]
 ??? 250-
 <<< 250-SIZE 52428800
 ??? 250-
+<<< 250-8BITMIME
+??? 250-
 <<< 250-PIPELINING
 ??? 250-
 <<< 250-STARTTLS
@@ -214,11 +238,54 @@ Succeeded in starting TLS
 ??? 250
 <<< 250 OK
 >>> rcpt to:<userx@test.ex>
-??? 550-
-<<< 550-certificate not verified: peerdn=C=UK,L=Cambridge,O=University of
 ??? 550
-<<< 550 Cambridge,OU=Computing Service,CN=Philip Hazel
+<<< 550 certificate not verified: peerdn=CN=revoked1.example.com
+>>> quit
+??? 221
+<<< 221 myhost.test.ex closing connection
+End of script
+### Good certificate, certificate required - but nonmatching CRL also present
+Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected
+Certificate file = aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.chain.pem
+Key file = aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key
+??? 220
+<<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
+>>> ehlo rhu.barb
+??? 250-
+<<< 250-myhost.test.ex Hello rhu.barb [ip4.ip4.ip4.ip4]
+??? 250-
+<<< 250-SIZE 52428800
+??? 250-
+<<< 250-8BITMIME
+??? 250-
+<<< 250-PIPELINING
+??? 250-
+<<< 250-STARTTLS
+??? 250
+<<< 250 HELP
+>>> starttls
+??? 220
+<<< 220 TLS go ahead
+Attempting to start TLS
+Succeeded in starting TLS
+>>> mail from:<userx@test.ex>
+??? 250
+<<< 250 OK
+>>> rcpt to:<userx@test.ex>
+??? 250
+<<< 250 Accepted
 >>> quit
 ??? 221
 <<< 221 myhost.test.ex closing connection
 End of script
+
+******** SERVER ********
+### No certificate, certificate required
+### No certificate, certificate optional at TLS time, required by ACL
+### Good certificate, certificate required
+### Good certificate, certificate optional at TLS time, checked by ACL
+### Bad certificate, certificate required
+### Bad certificate, certificate optional at TLS time, reject at ACL time
+### Otherwise good but revoked certificate, certificate required
+### Revoked certificate, certificate optional at TLS time, reject at ACL time
+### Good certificate, certificate required - but nonmatching CRL also present