Commit | Line | Data |
---|---|---|
12ee8cf9 JH |
1 | # DANE client: general |
2 | # | |
82525c6f | 3 | exim -DSERVER=server -DDETAILS=ee -bd -oX PORT_D |
12ee8cf9 | 4 | **** |
cfe93a95 | 5 | ### TLSA (3 1 1) |
281e72e4 | 6 | exim -odq CALLER@dane256ee.test.ex |
101de477 JH |
7 | Testing |
8 | **** | |
cfe93a95 | 9 | ### TLSA (3 1 2) |
281e72e4 | 10 | exim -odq CALLER@mxdane512ee.test.ex |
12ee8cf9 JH |
11 | Testing |
12 | **** | |
401a8935 | 13 | exim -qf |
12ee8cf9 | 14 | **** |
bf7aabb4 JH |
15 | # |
16 | # | |
cfe93a95 | 17 | ### Recipient callout |
bf7aabb4 JH |
18 | exim -DOPT=callout -bhc 127.0.0.1 |
19 | MAIL FROM: <CALLER@myhost.test.ex> | |
cfe93a95 | 20 | RCPT TO: <rcptuser@dane256ee.test.ex> |
bf7aabb4 | 21 | **** |
12ee8cf9 | 22 | killdaemon |
82525c6f JH |
23 | # |
24 | # | |
25 | exim -DSERVER=server -DDETAILS=ta -bd -oX PORT_D | |
26 | **** | |
cfe93a95 | 27 | ### TLSA (2 0 1) |
281e72e4 | 28 | exim -odq CALLER@mxdane256ta.test.ex |
82525c6f JH |
29 | Testing |
30 | **** | |
31 | exim -qf | |
32 | **** | |
33 | killdaemon | |
281e72e4 | 34 | # |
cfe93a95 | 35 | ### A server with a nonverifying cert and no TLSA |
281e72e4 JH |
36 | # Check we get a non-CV but TLS connection, with try_dane but no require_dane |
37 | exim -DSERVER=server -DDETAILS=no -bd -oX PORT_D | |
38 | **** | |
39 | exim -odq CALLER@thishost.test.ex | |
40 | Testing | |
12ee8cf9 | 41 | **** |
281e72e4 JH |
42 | exim -qf |
43 | **** | |
44 | killdaemon | |
45 | # | |
cfe93a95 | 46 | ### A server with a verifying cert and no TLSA |
281e72e4 JH |
47 | # Check we get a CV and TLS connection, with try_dane but no require_dane |
48 | exim -DSERVER=server -DDETAILS=ca -bd -oX PORT_D | |
49 | **** | |
50 | exim -odq CALLER@thishost.test.ex | |
51 | Testing | |
52 | **** | |
01a4a5c5 | 53 | exim -DOPT=no_certname -qf |
281e72e4 JH |
54 | **** |
55 | killdaemon | |
56 | # | |
4cea764f | 57 | # |
4cea764f JH |
58 | exim -DSERVER=server -DDETAILS=ee -bd -oX PORT_D |
59 | **** | |
cfe93a95 | 60 | ### A server with two MXs for which both TLSA lookups return defer |
4cea764f JH |
61 | exim -odq CALLER@mxdanelazy.test.ex |
62 | Testing | |
63 | **** | |
b7e4352c | 64 | ### A server lacking a TLSA, dane required (should fail) |
6aa849d3 JH |
65 | exim -odq CALLER@dane.no.1.test.ex |
66 | Testing | |
67 | **** | |
b7e4352c | 68 | ### A server lacking a TLSA, dane requested only (should fail, as the NXDOMAIN is not DNSSEC) |
6aa849d3 JH |
69 | exim -odq CALLER@dane.no.2.test.ex |
70 | Testing | |
71 | **** | |
b7e4352c JH |
72 | ### A server where the A is dnssec and the TLSA _fails_ |
73 | exim -odq CALLER@danebroken1.test.ex | |
74 | Testing | |
75 | **** | |
76 | # ### A server securely saying "no TLSA records here", dane required (should fail) | |
77 | # exim -odq CALLER@dane.no.3.test.ex | |
78 | # Testing | |
79 | # ### A server securely saying "no TLSA records here", dane requested only (should transmit) | |
80 | # exim -odq CALLER@dane.no.4.test.ex | |
81 | # Testing | |
82 | # **** | |
4cea764f JH |
83 | exim -qf |
84 | **** | |
85 | killdaemon | |
86 | no_msglog_check |