@@ -161,14 +161,10 @@ def test_imap_tls_configuration(host):
# Test TLS protocol versions.
starttls_old_tls_versions_disabled = host.run("echo 'a0001 LOGOUT' | openssl s_client -quiet -starttls imap -no_tls1_2 -connect parameters-mandatory:143")
assert starttls_old_tls_versions_disabled.rc != 0
# First error message from OpenSSL in Debian 8 Jessie, second from
# OpenSSL in Debian 9 Stretch.
assert "write:errno=104" in starttls_old_tls_versions_disabled.stderr or 'SSL alert number 70' in starttls_old_tls_versions_disabled.stderr
tls_old_tls_versions_disabled = host.run("echo 'a0001 LOGOUT' | openssl s_client -quiet -no_tls1_2 -connect parameters-mandatory:993")
assert tls_old_tls_versions_disabled.rc != 0
assert "write:errno=104" in tls_old_tls_versions_disabled.stderr or 'SSL alert number 70' in tls_old_tls_versions_disabled.stderr
# Test at least one strong TLS cipher.
@@ -242,8 +238,6 @@ def test_postfix_tls_configuration(host):
starttls = host.run("echo 'QUIT' | openssl s_client -quiet -starttls smtp -no_tls1_2 -connect parameters-mandatory:587")
assert starttls.rc != 0
assert 'write:errno=104' in starttls.stderr or 'SSL alert number 70' in starttls.stderr
# Test ciphers for default port (less restrictive).