* [PATCH 6/6] xt/lei-auth-fail: test more failure cases
2021-04-03 2:24 6% [PATCH 0/6] lei auth-related fixes Eric Wong
@ 2021-04-03 2:24 7% ` Eric Wong
0 siblings, 0 replies; 2+ results
From: Eric Wong @ 2021-04-03 2:24 UTC (permalink / raw)
To: meta
Because failures are often overlooked, unfortunately.
---
xt/lei-auth-fail.t | 11 +++++++----
1 file changed, 7 insertions(+), 4 deletions(-)
diff --git a/xt/lei-auth-fail.t b/xt/lei-auth-fail.t
index e352aab3..06cb8533 100644
--- a/xt/lei-auth-fail.t
+++ b/xt/lei-auth-fail.t
@@ -2,17 +2,20 @@
# Copyright (C) 2021 all contributors <meta@public-inbox.org>
# License: AGPL-3.0+ <https://www.gnu.org/licenses/agpl-3.0.txt>
use strict; use v5.10.1; use PublicInbox::TestCommon;
-require_mods(qw(Mail::IMAPClient));
+require_mods(qw(Mail::IMAPClient lei));
# TODO: mock IMAP server which fails at authentication so we don't
# have to make external connections to test this:
my $imap_fail = $ENV{TEST_LEI_IMAP_FAIL_URL} //
'imaps://AzureDiamond:Hunter2@public-inbox.org:994/INBOX';
+my ($ro_home, $cfg_path) = setup_public_inboxes;
test_lei(sub {
- for my $pfx ([qw(convert -o mboxrd:/dev/stdout)], ['import'],
- [qw(tag +L:INBOX)]) {
+ for my $pfx ([qw(q z:0.. --only), "$ro_home/t1", '-o'],
+ [qw(convert -o mboxrd:/dev/stdout)],
+ [qw(convert t/utf8.eml -o), $imap_fail],
+ ['import'], [qw(tag +L:INBOX)]) {
ok(!lei(@$pfx, $imap_fail), "IMAP auth failure on @$pfx");
- like($lei_err, qr!\bE:.*?imaps://.*?!sm, 'error shown');
+ like($lei_err, qr!\bE:.*?imaps?://.*?!sm, 'error shown');
unlike($lei_err, qr!Hunter2!s, 'password not shown');
is($lei_out, '', 'nothing output');
}
^ permalink raw reply related [relevance 7%]
* [PATCH 0/6] lei auth-related fixes
@ 2021-04-03 2:24 6% Eric Wong
2021-04-03 2:24 7% ` [PATCH 6/6] xt/lei-auth-fail: test more failure cases Eric Wong
0 siblings, 1 reply; 2+ results
From: Eric Wong @ 2021-04-03 2:24 UTC (permalink / raw)
To: meta
Auth failure handling should be more complete, but it's still
horrifically slow to test because the dovecot instance I run has
rate-limits for auth failures.
Perhaps public-inbox-imapd should learn to reject certain
username + password combos, since the -imapd instance on
public-inbox.org sees a fair amount of automated traffic
looking to steal info off leaked credentials.
3/6 is me still learning to use APIs I invent :x
Eric Wong (6):
URInntps: add URI 5.08 release note
lei q: ensure wq workers shutdown on IMAP auth failures
lei tag: fix tagging of IMAP inputs
lei_auth: rename {net_merge} to {net_merge_continue}
net_reader: fix read-only "lei convert" auth failures
xt/lei-auth-fail: test more failure cases
lib/PublicInbox/LEI.pm | 24 ++++++++----------------
lib/PublicInbox/LeiAuth.pm | 17 ++++++++++-------
lib/PublicInbox/LeiTag.pm | 6 +++++-
lib/PublicInbox/NetReader.pm | 5 +++--
lib/PublicInbox/URInntps.pm | 1 +
t/lei-import-imap.t | 1 +
xt/lei-auth-fail.t | 11 +++++++----
7 files changed, 35 insertions(+), 30 deletions(-)
^ permalink raw reply [relevance 6%]
Results 1-2 of 2 | reverse | options above
-- pct% links below jump to the message on this page, permalinks otherwise --
2021-04-03 2:24 6% [PATCH 0/6] lei auth-related fixes Eric Wong
2021-04-03 2:24 7% ` [PATCH 6/6] xt/lei-auth-fail: test more failure cases Eric Wong
Code repositories for project(s) associated with this public inbox
https://80x24.org/public-inbox.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).