[exim.git] / test / scripts / 5650-OCSP-GnuTLS / 5650

# OCSP stapling, server
#
#
#
# 1: Server sends good staple on request
exim -bd -oX PORT_D -DSERVER=server \
 -DOCSP=DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.ocsp.good.resp
****
client-gnutls \
 -ocsp aux-fixed/exim-ca/example.com/server1.example.com/ca_chain.pem \
 HOSTIPV4 PORT_D aux-fixed/cert2 aux-fixed/cert2
??? 220
ehlo rhu.barb
??? 250-
??? 250-
??? 250-
??? 250-
??? 250-
??? 250
starttls
??? 220
mail from:<userx@test.ex>
??? 250
rcpt to:<userx@test.ex>
??? 250
quit
??? 221
****
killdaemon
#
#
#
# 2: Server does not staple an outdated response
exim -bd -oX PORT_D -DSERVER=server \
 -DOCSP=DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.ocsp.dated.resp
****
# XXX test sequence might not be quite right; this is for a server refusal
# and we're expecting a client refusal.
client-gnutls -ocsp aux-fixed/exim-ca/expired1.example.com/CA.pem HOSTIPV4 PORT_D aux-fixed/cert2 aux-fixed/cert2
??? 220
ehlo rhu.barb
??? 250-
??? 250-
??? 250-
??? 250-
??? 250-
??? 250
starttls
??? 220
****
killdaemon
#
#
#
#
#
# 3: Server does not staple a response for a revoked cert
exim -bd -oX PORT_D -DSERVER=server \
 -DOCSP=DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.ocsp.revoked.resp
****
client-gnutls \
 -ocsp aux-fixed/exim-ca/example.com/server1.example.com/ca_chain.pem \
 HOSTIPV4 PORT_D aux-fixed/cert2 aux-fixed/cert2
??? 220
ehlo rhu.barb
??? 250-
??? 250-
??? 250-
??? 250-
??? 250-
??? 250
starttls
??? 220
****
killdaemon
#
#
#
#
#
Commit	Line	Data
2b4a568d JH	1	# OCSP stapling, server
	2	#
	3	#
	4	#
	5	# 1: Server sends good staple on request
	6	exim -bd -oX PORT_D -DSERVER=server \
	7	-DOCSP=DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.ocsp.good.resp
	8	****
	9	client-gnutls \
	10	-ocsp aux-fixed/exim-ca/example.com/server1.example.com/ca_chain.pem \
	11	HOSTIPV4 PORT_D aux-fixed/cert2 aux-fixed/cert2
	12	??? 220
	13	ehlo rhu.barb
	14	??? 250-
	15	??? 250-
	16	??? 250-
	17	??? 250-
	18	??? 250-
	19	??? 250
	20	starttls
	21	??? 220
	22	mail from:<userx@test.ex>
	23	??? 250
	24	rcpt to:<userx@test.ex>
	25	??? 250
	26	quit
	27	??? 221
	28	****
	29	killdaemon
	30	#
	31	#
	32	#
	33	# 2: Server does not staple an outdated response
	34	exim -bd -oX PORT_D -DSERVER=server \
	35	-DOCSP=DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.ocsp.dated.resp
	36	****
	37	# XXX test sequence might not be quite right; this is for a server refusal
	38	# and we're expecting a client refusal.
	39	client-gnutls -ocsp aux-fixed/exim-ca/expired1.example.com/CA.pem HOSTIPV4 PORT_D aux-fixed/cert2 aux-fixed/cert2
	40	??? 220
	41	ehlo rhu.barb
	42	??? 250-
	43	??? 250-
	44	??? 250-
	45	??? 250-
	46	??? 250-
	47	??? 250
	48	starttls
	49	??? 220
	50	****
	51	killdaemon
	52	#
	53	#
	54	#
	55	#
	56	#
	57	# 3: Server does not staple a response for a revoked cert
	58	exim -bd -oX PORT_D -DSERVER=server \
	59	-DOCSP=DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.ocsp.revoked.resp
	60	****
	61	client-gnutls \
	62	-ocsp aux-fixed/exim-ca/example.com/server1.example.com/ca_chain.pem \
	63	HOSTIPV4 PORT_D aux-fixed/cert2 aux-fixed/cert2
	64	??? 220
65	ehlo rhu.barb
66	??? 250-
67	??? 250-
68	??? 250-
69	??? 250-
70	??? 250-
71	??? 250
72	starttls
73	??? 220
74	****
75	killdaemon
76	#
77	#
78	#
79	#
80	#