[exim.git] / test / scripts / 5655-OCSP-GnuTLS-1.3 / 5655

# OCSP stapling, server, multiple chain-element OCSP
#
#
#
mkdir -p DIR/tmp/ocsp
sudo chown -R EXIMUSER:EXIMGROUP tmp
sudo chmod -R a+rwx DIR/tmp/ocsp
perl
chdir 'aux-fixed/exim-ca/example.com';
system 'cat server1.example.com/server1.example.com.ocsp.signernocert.good.resp.pem CA/Signer.ocsp.signernocert.good.resp.pem CA/CA.ocsp.signernocert.good.resp.pem > DIR/tmp/ocsp/triple.ocsp.pem';
system 'cat server1.example.com/server1.example.com.ocsp.signernocert.good.resp.pem CA/Signer.ocsp.signernocert.revoked.resp.pem > DIR/tmp/ocsp/double_r.ocsp.pem';
****
#
#
exim -z '1: TLS1.2 Server sends good leaf-staple on request, to client requiring RSA auth'
****
#
exim -bd -oX PORT_D -DSERVER=server -DLIMIT=TLS1.2
****
#
exim -odf -DOPT=rsa -DLIMIT=TLS1.2 rsa.auth@test.ex
Subject: test

.
****
killdaemon
#
#
exim -z '2: TLS1.3 Server sends good 3-element staple on request, to client requiring RSA auth'
****
#
exim -bd -oX PORT_D -DSERVER=server -DLIMIT=TLS1.3
****
exim -odf -DOPT=rsa rsa.auth@test.ex
Subject: test

.
****
killdaemon
#
#
#
exim -z '3: TLS1.3 Server sends bad nonleaf staple, client detects it'
****
#
EXIM_TESTHARNESS_DISABLE_OCSPVALIDITYCHECK=y exim -bd -oX PORT_D -DSERVER=server -DLIMIT=TLS1.3 -DCONTROL=bad
****
exim -odf -DOPT=rsa rsa.auth@test.ex
Subject: test

.
****
killdaemon
#
#
#
#
sudo rm -fr tmp/
no_msglog_check
Commit	Line	Data
e326959e JH	1	# OCSP stapling, server, multiple chain-element OCSP
	2	#
	3	#
	4	#
	5	mkdir -p DIR/tmp/ocsp
	6	sudo chown -R EXIMUSER:EXIMGROUP tmp
	7	sudo chmod -R a+rwx DIR/tmp/ocsp
	8	perl
	9	chdir 'aux-fixed/exim-ca/example.com';
	10	system 'cat server1.example.com/server1.example.com.ocsp.signernocert.good.resp.pem CA/Signer.ocsp.signernocert.good.resp.pem CA/CA.ocsp.signernocert.good.resp.pem > DIR/tmp/ocsp/triple.ocsp.pem';
	11	system 'cat server1.example.com/server1.example.com.ocsp.signernocert.good.resp.pem CA/Signer.ocsp.signernocert.revoked.resp.pem > DIR/tmp/ocsp/double_r.ocsp.pem';
	12	****
	13	#
	14	#
	15	exim -z '1: TLS1.2 Server sends good leaf-staple on request, to client requiring RSA auth'
	16	****
	17	#
	18	exim -bd -oX PORT_D -DSERVER=server -DLIMIT=TLS1.2
	19	****
	20	#
	21	exim -odf -DOPT=rsa -DLIMIT=TLS1.2 rsa.auth@test.ex
	22	Subject: test
	23
	24	.
	25	****
	26	killdaemon
	27	#
	28	#
	29	exim -z '2: TLS1.3 Server sends good 3-element staple on request, to client requiring RSA auth'
	30	****
	31	#
	32	exim -bd -oX PORT_D -DSERVER=server -DLIMIT=TLS1.3
	33	****
	34	exim -odf -DOPT=rsa rsa.auth@test.ex
	35	Subject: test
	36
	37	.
	38	****
	39	killdaemon
	40	#
	41	#
	42	#
	43	exim -z '3: TLS1.3 Server sends bad nonleaf staple, client detects it'
	44	****
	45	#
	46	EXIM_TESTHARNESS_DISABLE_OCSPVALIDITYCHECK=y exim -bd -oX PORT_D -DSERVER=server -DLIMIT=TLS1.3 -DCONTROL=bad
	47	****
	48	exim -odf -DOPT=rsa rsa.auth@test.ex
	49	Subject: test
	50
	51	.
	52	****
	53	killdaemon
	54	#
	55	#
	56	#
	57	#
	58	sudo rm -fr tmp/
	59	no_msglog_check