diff options
Diffstat (limited to 't/imapd-tls.t')
-rw-r--r-- | t/imapd-tls.t | 82 |
1 files changed, 39 insertions, 43 deletions
diff --git a/t/imapd-tls.t b/t/imapd-tls.t index df4ef85c..b95085a2 100644 --- a/t/imapd-tls.t +++ b/t/imapd-tls.t @@ -1,13 +1,11 @@ -# Copyright (C) 2020 all contributors <meta@public-inbox.org> +#!perl -w +# Copyright (C) all contributors <meta@public-inbox.org> # License: AGPL-3.0+ <https://www.gnu.org/licenses/agpl-3.0.txt> -use strict; -use warnings; -use Test::More; +use v5.12; use Socket qw(IPPROTO_TCP SOL_SOCKET); use PublicInbox::TestCommon; # IO::Poll is part of the standard library, but distros may split it off... -require_mods(qw(DBD::SQLite IO::Socket::SSL Mail::IMAPClient IO::Poll - Email::Address::XS||Mail::Address Parse::RecDescent)); +require_mods(qw(-imapd IO::Socket::SSL Mail::IMAPClient IO::Poll)); my $imap_client = 'Mail::IMAPClient'; $imap_client->can('starttls') or plan skip_all => 'Mail::IMAPClient does not support TLS'; @@ -25,53 +23,35 @@ unless (-r $key && -r $cert) { } use_ok 'PublicInbox::TLS'; use_ok 'IO::Socket::SSL'; -use PublicInbox::InboxWritable; -require PublicInbox::SearchIdx; my $version = 1; # v2 needs newer git require_git('2.6') if $version >= 2; my ($tmpdir, $for_destroy) = tmpdir(); my $err = "$tmpdir/stderr.log"; my $out = "$tmpdir/stdout.log"; -my $inboxdir = "$tmpdir"; -my $pi_config = "$tmpdir/pi_config"; +my $pi_config; my $group = 'test-imapd-tls'; my $addr = $group . '@example.com'; my $starttls = tcp_server(); my $imaps = tcp_server(); -my $ibx = PublicInbox::Inbox->new({ - inboxdir => $inboxdir, - name => 'imapd-tls', - version => $version, - -primary_address => $addr, - indexlevel => 'basic', -}); -$ibx = PublicInbox::InboxWritable->new($ibx, {nproc=>1}); -$ibx->init_inbox(0); -{ +my $ibx = create_inbox 'imapd-tls', version => $version, + -primary_address => $addr, indexlevel => 'basic', sub { + my ($im, $ibx) = @_; + $im->add(eml_load('t/data/0001.patch')) or BAIL_OUT '->add'; + $pi_config = "$ibx->{inboxdir}/pi_config"; open my $fh, '>', $pi_config or BAIL_OUT "open: $!"; - print $fh <<EOF + print $fh <<EOF or BAIL_OUT "print: $!"; [publicinbox "imapd-tls"] - inboxdir = $inboxdir + inboxdir = $ibx->{inboxdir} address = $addr indexlevel = basic newsgroup = $group EOF - ; close $fh or BAIL_OUT "close: $!\n"; -} +}; +$pi_config //= "$ibx->{inboxdir}/pi_config"; -{ - my $im = $ibx->importer(0); - ok($im->add(eml_load('t/data/0001.patch')), 'message added'); - $im->done; - if ($version == 1) { - my $s = PublicInbox::SearchIdx->new($ibx, 1); - $s->index_sync; - } -} - -my $imaps_addr = $imaps->sockhost . ':' . $imaps->sockport; -my $starttls_addr = $starttls->sockhost . ':' . $starttls->sockport; +my $imaps_addr = tcp_host_port($imaps); +my $starttls_addr = tcp_host_port($starttls); my $env = { PI_CONFIG => $pi_config }; my $td; @@ -174,6 +154,24 @@ for my $args ( ok(sysread($slow, my $end, 4096) > 0, 'got end'); is(sysread($slow, my $eof, 4096), 0, 'got EOF'); + test_lei(sub { + lei_ok qw(ls-mail-source), "imap://$starttls_addr", + \'STARTTLS not used by default'; + my $plain_out = $lei_out; + ok(!lei(qw(ls-mail-source -c imap.starttls), + "imap://$starttls_addr"), 'STARTTLS verify fails'); + unlike $lei_err, qr!W: imap\.starttls= .*? is not boolean!i, + 'no non-boolean warning'; + lei_ok qw(-c imap.starttls -c imap.sslVerify= ls-mail-source), + "imap://$starttls_addr", + \'disabling imap.sslVerify works w/ STARTTLS'; + is $lei_out, $plain_out, 'sslVerify=false w/ STARTTLS output'; + lei_ok qw(ls-mail-source -c imap.sslVerify=false), + "imaps://$imaps_addr", + \'disabling imap.sslVerify works w/ imaps://'; + is $lei_out, $plain_out, 'sslVerify=false w/ IMAPS output'; + }); + SKIP: { skip 'TCP_DEFER_ACCEPT is Linux-only', 2 if $^O ne 'linux'; my $var = eval { Socket::TCP_DEFER_ACCEPT() } // 9; @@ -183,15 +181,13 @@ for my $args ( is(unpack('i', $x), 0, 'TCP_DEFER_ACCEPT is 0 on plain IMAP'); }; SKIP: { - skip 'SO_ACCEPTFILTER is FreeBSD-only', 2 if $^O ne 'freebsd'; - if (system('kldstat -m accf_data >/dev/null')) { - skip 'accf_data not loaded? kldload accf_data', 2; - } + require_mods '+accf_data'; require PublicInbox::Daemon; - my $var = PublicInbox::Daemon::SO_ACCEPTFILTER(); - my $x = getsockopt($imaps, SOL_SOCKET, $var); + my $x = getsockopt($imaps, SOL_SOCKET, + $PublicInbox::Daemon::SO_ACCEPTFILTER); like($x, qr/\Adataready\0+\z/, 'got dataready accf for IMAPS'); - $x = getsockopt($starttls, IPPROTO_TCP, $var); + $x = getsockopt($starttls, IPPROTO_TCP, + $PublicInbox::Daemon::SO_ACCEPTFILTER); is($x, undef, 'no BSD accept filter for plain IMAP'); }; |