Commit | Line | Data |
---|---|---|
fd3cf789 JH |
1 | ### No certificate, certificate required |
2 | Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected | |
3 | ??? 220 | |
4 | <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 | |
5 | >>> ehlo rhu.barb | |
6 | ??? 250- | |
7 | <<< 250-myhost.test.ex Hello rhu.barb [ip4.ip4.ip4.ip4] | |
8 | ??? 250- | |
9 | <<< 250-SIZE 52428800 | |
10 | ??? 250- | |
11 | <<< 250-8BITMIME | |
12 | ??? 250- | |
13 | <<< 250-PIPELINING | |
14 | ??? 250- | |
15 | <<< 250-STARTTLS | |
16 | ??? 250 | |
17 | <<< 250 HELP | |
18 | >>> starttls | |
19 | ??? 220 | |
20 | <<< 220 TLS go ahead | |
21 | Attempting to start TLS | |
22 | SSL connection using ke-RSA-AES256-SHA | |
23 | Succeeded in starting TLS | |
24 | >>> noop | |
25 | ????554 Security failure | |
26 | error:dddddddd:SSL routines:ssl3_read_bytes:tlsv13 alert certificate required | |
27 | TLS terminated | |
28 | >>> noop | |
29 | ??? 554 Security failure | |
30 | <<< 554 Security failure | |
31 | >>> quit | |
32 | ????554 Security failure | |
33 | ????221 | |
34 | ???* | |
35 | Expected EOF read | |
36 | End of script | |
37 | ### No certificate, certificate optional at TLS time, required by ACL | |
38 | Connecting to 127.0.0.1 port 1225 ... connected | |
39 | ??? 220 | |
40 | <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 | |
41 | >>> ehlo rhu.barb | |
42 | ??? 250- | |
43 | <<< 250-myhost.test.ex Hello rhu.barb [127.0.0.1] | |
44 | ??? 250- | |
45 | <<< 250-SIZE 52428800 | |
46 | ??? 250- | |
47 | <<< 250-8BITMIME | |
48 | ??? 250- | |
49 | <<< 250-PIPELINING | |
50 | ??? 250- | |
51 | <<< 250-STARTTLS | |
52 | ??? 250 | |
53 | <<< 250 HELP | |
54 | >>> starttls | |
55 | ??? 220 | |
56 | <<< 220 TLS go ahead | |
57 | Attempting to start TLS | |
58 | SSL connection using ke-RSA-AES256-SHA | |
59 | Succeeded in starting TLS | |
60 | >>> helo rhu.barb | |
61 | ??? 250 | |
62 | <<< 250 myhost.test.ex Hello rhu.barb [127.0.0.1] | |
63 | >>> mail from:<userx@test.ex> | |
64 | ??? 250 | |
65 | <<< 250 OK | |
66 | >>> rcpt to:<userx@test.ex> | |
67 | ??? 550 | |
68 | <<< 550 certificate not verified: peerdn= | |
69 | >>> quit | |
70 | ??? 221 | |
71 | <<< 221 myhost.test.ex closing connection | |
72 | End of script | |
73 | ### Good certificate, certificate required | |
74 | Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected | |
75 | Certificate file = aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.chain.pem | |
76 | Key file = aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key | |
77 | ??? 220 | |
78 | <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 | |
79 | >>> ehlo rhu.barb | |
80 | ??? 250- | |
81 | <<< 250-myhost.test.ex Hello rhu.barb [ip4.ip4.ip4.ip4] | |
82 | ??? 250- | |
83 | <<< 250-SIZE 52428800 | |
84 | ??? 250- | |
85 | <<< 250-8BITMIME | |
86 | ??? 250- | |
87 | <<< 250-PIPELINING | |
88 | ??? 250- | |
89 | <<< 250-STARTTLS | |
90 | ??? 250 | |
91 | <<< 250 HELP | |
92 | >>> starttls | |
93 | ??? 220 | |
94 | <<< 220 TLS go ahead | |
95 | Attempting to start TLS | |
96 | SSL connection using ke-RSA-AES256-SHA | |
97 | Succeeded in starting TLS | |
98 | >>> mail from:<userx@test.ex> | |
99 | ??? 250 | |
100 | <<< 250 OK | |
101 | >>> rcpt to:<userx@test.ex> | |
102 | ??? 250 | |
103 | <<< 250 Accepted | |
104 | >>> quit | |
105 | ??? 221 | |
106 | <<< 221 myhost.test.ex closing connection | |
107 | End of script | |
108 | ### Good certificate, certificate optional at TLS time, checked by ACL | |
109 | Connecting to 127.0.0.1 port 1225 ... connected | |
110 | Certificate file = aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.chain.pem | |
111 | Key file = aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key | |
112 | ??? 220 | |
113 | <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 | |
114 | >>> ehlo rhu.barb | |
115 | ??? 250- | |
116 | <<< 250-myhost.test.ex Hello rhu.barb [127.0.0.1] | |
117 | ??? 250- | |
118 | <<< 250-SIZE 52428800 | |
119 | ??? 250- | |
120 | <<< 250-8BITMIME | |
121 | ??? 250- | |
122 | <<< 250-PIPELINING | |
123 | ??? 250- | |
124 | <<< 250-STARTTLS | |
125 | ??? 250 | |
126 | <<< 250 HELP | |
127 | >>> starttls | |
128 | ??? 220 | |
129 | <<< 220 TLS go ahead | |
130 | Attempting to start TLS | |
131 | SSL connection using ke-RSA-AES256-SHA | |
132 | Succeeded in starting TLS | |
133 | >>> mail from:<userx@test.ex> | |
134 | ??? 250 | |
135 | <<< 250 OK | |
136 | >>> rcpt to:<userx@test.ex> | |
137 | ??? 250 | |
138 | <<< 250 Accepted | |
139 | >>> quit | |
140 | ??? 221 | |
141 | <<< 221 myhost.test.ex closing connection | |
142 | End of script | |
143 | ### Bad certificate, certificate required | |
144 | Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected | |
145 | Certificate file = aux-fixed/exim-ca/example.net/server1.example.net/server1.example.net.chain.pem | |
146 | Key file = aux-fixed/exim-ca/example.net/server1.example.net/server1.example.net.unlocked.key | |
147 | ??? 220 | |
148 | <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 | |
149 | >>> ehlo rhu.barb | |
150 | ??? 250- | |
151 | <<< 250-myhost.test.ex Hello rhu.barb [ip4.ip4.ip4.ip4] | |
152 | ??? 250- | |
153 | <<< 250-SIZE 52428800 | |
154 | ??? 250- | |
155 | <<< 250-8BITMIME | |
156 | ??? 250- | |
157 | <<< 250-PIPELINING | |
158 | ??? 250- | |
159 | <<< 250-STARTTLS | |
160 | ??? 250 | |
161 | <<< 250 HELP | |
162 | >>> starttls | |
163 | ??? 220 | |
164 | <<< 220 TLS go ahead | |
165 | Attempting to start TLS | |
166 | SSL connection using ke-RSA-AES256-SHA | |
167 | Succeeded in starting TLS | |
168 | >>> noop | |
169 | ????554 Security failure | |
170 | error:dddddddd:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca | |
171 | TLS terminated | |
172 | >>> noop | |
173 | ??? 554 Security failure | |
174 | <<< 554 Security failure | |
175 | End of script | |
176 | ### Bad certificate, certificate optional at TLS time, reject at ACL time | |
177 | Connecting to 127.0.0.1 port 1225 ... connected | |
178 | Certificate file = aux-fixed/exim-ca/example.net/server1.example.net/server1.example.net.chain.pem | |
179 | Key file = aux-fixed/exim-ca/example.net/server1.example.net/server1.example.net.unlocked.key | |
180 | ??? 220 | |
181 | <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 | |
182 | >>> ehlo rhu.barb | |
183 | ??? 250- | |
184 | <<< 250-myhost.test.ex Hello rhu.barb [127.0.0.1] | |
185 | ??? 250- | |
186 | <<< 250-SIZE 52428800 | |
187 | ??? 250- | |
188 | <<< 250-8BITMIME | |
189 | ??? 250- | |
190 | <<< 250-PIPELINING | |
191 | ??? 250- | |
192 | <<< 250-STARTTLS | |
193 | ??? 250 | |
194 | <<< 250 HELP | |
195 | >>> starttls | |
196 | ??? 220 | |
197 | <<< 220 TLS go ahead | |
198 | Attempting to start TLS | |
199 | SSL connection using ke-RSA-AES256-SHA | |
200 | Succeeded in starting TLS | |
201 | >>> mail from:<userx@test.ex> | |
202 | ??? 250 | |
203 | <<< 250 OK | |
204 | >>> rcpt to:<userx@test.ex> | |
205 | ??? 550 | |
206 | <<< 550 certificate not verified: peerdn=/CN=server1.example.net | |
207 | >>> quit | |
208 | ??? 221 | |
209 | <<< 221 myhost.test.ex closing connection | |
210 | End of script | |
211 | ### Otherwise good but revoked certificate, certificate required | |
212 | Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected | |
213 | Certificate file = aux-fixed/exim-ca/example.com/revoked1.example.com/revoked1.example.com.chain.pem | |
214 | Key file = aux-fixed/exim-ca/example.com/revoked1.example.com/revoked1.example.com.unlocked.key | |
215 | ??? 220 | |
216 | <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 | |
217 | >>> ehlo rhu.barb | |
218 | ??? 250- | |
219 | <<< 250-myhost.test.ex Hello rhu.barb [ip4.ip4.ip4.ip4] | |
220 | ??? 250- | |
221 | <<< 250-SIZE 52428800 | |
222 | ??? 250- | |
223 | <<< 250-8BITMIME | |
224 | ??? 250- | |
225 | <<< 250-PIPELINING | |
226 | ??? 250- | |
227 | <<< 250-STARTTLS | |
228 | ??? 250 | |
229 | <<< 250 HELP | |
230 | >>> starttls | |
231 | ??? 220 | |
232 | <<< 220 TLS go ahead | |
233 | Attempting to start TLS | |
234 | SSL connection using ke-RSA-AES256-SHA | |
235 | Succeeded in starting TLS | |
236 | >>> noop | |
237 | ????554 Security failure | |
238 | error:dddddddd:SSL routines:ssl3_read_bytes:sslv3 alert certificate revoked | |
239 | TLS terminated | |
240 | >>> noop | |
241 | ??? 554 Security failure | |
242 | <<< 554 Security failure | |
243 | End of script | |
244 | ### Revoked certificate, certificate optional at TLS time, reject at ACL time | |
245 | Connecting to 127.0.0.1 port 1225 ... connected | |
246 | Certificate file = aux-fixed/exim-ca/example.com/revoked1.example.com/revoked1.example.com.chain.pem | |
247 | Key file = aux-fixed/exim-ca/example.com/revoked1.example.com/revoked1.example.com.unlocked.key | |
248 | ??? 220 | |
249 | <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 | |
250 | >>> ehlo rhu.barb | |
251 | ??? 250- | |
252 | <<< 250-myhost.test.ex Hello rhu.barb [127.0.0.1] | |
253 | ??? 250- | |
254 | <<< 250-SIZE 52428800 | |
255 | ??? 250- | |
256 | <<< 250-8BITMIME | |
257 | ??? 250- | |
258 | <<< 250-PIPELINING | |
259 | ??? 250- | |
260 | <<< 250-STARTTLS | |
261 | ??? 250 | |
262 | <<< 250 HELP | |
263 | >>> starttls | |
264 | ??? 220 | |
265 | <<< 220 TLS go ahead | |
266 | Attempting to start TLS | |
267 | SSL connection using ke-RSA-AES256-SHA | |
268 | Succeeded in starting TLS | |
269 | >>> mail from:<userx@test.ex> | |
270 | ??? 250 | |
271 | <<< 250 OK | |
272 | >>> rcpt to:<userx@test.ex> | |
273 | ??? 550 | |
274 | <<< 550 certificate not verified: peerdn=/CN=revoked1.example.com | |
275 | >>> quit | |
276 | ??? 221 | |
277 | <<< 221 myhost.test.ex closing connection | |
278 | End of script | |
279 | ### Good certificate, certificate required - but nonmatching CRL also present | |
280 | Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected | |
281 | Certificate file = aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.chain.pem | |
282 | Key file = aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key | |
283 | ??? 220 | |
284 | <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 | |
285 | >>> ehlo rhu.barb | |
286 | ??? 250- | |
287 | <<< 250-myhost.test.ex Hello rhu.barb [ip4.ip4.ip4.ip4] | |
288 | ??? 250- | |
289 | <<< 250-SIZE 52428800 | |
290 | ??? 250- | |
291 | <<< 250-8BITMIME | |
292 | ??? 250- | |
293 | <<< 250-PIPELINING | |
294 | ??? 250- | |
295 | <<< 250-STARTTLS | |
296 | ??? 250 | |
297 | <<< 250 HELP | |
298 | >>> starttls | |
299 | ??? 220 | |
300 | <<< 220 TLS go ahead | |
301 | Attempting to start TLS | |
302 | SSL connection using ke-RSA-AES256-SHA | |
303 | Succeeded in starting TLS | |
304 | >>> mail from:<userx@test.ex> | |
305 | ??? 250 | |
306 | <<< 250 OK | |
307 | >>> rcpt to:<userx@test.ex> | |
308 | ??? 250 | |
309 | <<< 250 Accepted | |
310 | >>> quit | |
311 | ??? 221 | |
312 | <<< 221 myhost.test.ex closing connection | |
313 | End of script | |
314 | ||
315 | ******** SERVER ******** | |
316 | ### No certificate, certificate required | |
317 | ### No certificate, certificate optional at TLS time, required by ACL | |
318 | ### Good certificate, certificate required | |
319 | ### Good certificate, certificate optional at TLS time, checked by ACL | |
320 | ### Bad certificate, certificate required | |
321 | ### Bad certificate, certificate optional at TLS time, reject at ACL time | |
322 | ### Otherwise good but revoked certificate, certificate required | |
323 | ### Revoked certificate, certificate optional at TLS time, reject at ACL time | |
324 | ### Good certificate, certificate required - but nonmatching CRL also present |