From 20c940a876728fe91892200dd874dd917cd677ac Mon Sep 17 00:00:00 2001 From: Eric Wong Date: Sun, 19 Sep 2021 12:50:32 +0000 Subject: net_reader: no STARTTLS for IMAP localhost or onions At least not by default, to match existing NNTP behavior. Tor .onions are already encrypted, and there's no point in encrypting traffic on localhost outside of testing. --- t/imapd-tls.t | 11 +++++++++-- t/nntpd-tls.t | 8 ++++++++ 2 files changed, 17 insertions(+), 2 deletions(-) (limited to 't') diff --git a/t/imapd-tls.t b/t/imapd-tls.t index 72ba8769..73f5112f 100644 --- a/t/imapd-tls.t +++ b/t/imapd-tls.t @@ -1,8 +1,8 @@ +#!perl -w # Copyright (C) 2020-2021 all contributors # License: AGPL-3.0+ use strict; -use warnings; -use Test::More; +use v5.10.1; use Socket qw(IPPROTO_TCP SOL_SOCKET); use PublicInbox::TestCommon; # IO::Poll is part of the standard library, but distros may split it off... @@ -155,6 +155,13 @@ for my $args ( ok(sysread($slow, my $end, 4096) > 0, 'got end'); is(sysread($slow, my $eof, 4096), 0, 'got EOF'); + test_lei(sub { + lei_ok qw(ls-mail-source), "imap://$starttls_addr", + \'STARTTLS not used by default'; + ok(!lei(qw(ls-mail-source -c imap.starttls=true), + "imap://$starttls_addr"), 'STARTTLS verify fails'); + }); + SKIP: { skip 'TCP_DEFER_ACCEPT is Linux-only', 2 if $^O ne 'linux'; my $var = eval { Socket::TCP_DEFER_ACCEPT() } // 9; diff --git a/t/nntpd-tls.t b/t/nntpd-tls.t index 2c09d34e..9af6c254 100644 --- a/t/nntpd-tls.t +++ b/t/nntpd-tls.t @@ -146,6 +146,14 @@ for my $args ( is(sysread($slow, my $eof, 4096), 0, 'got EOF'); $slow = undef; + test_lei(sub { + lei_ok qw(ls-mail-source), "nntp://$starttls_addr", + \'STARTTLS not used by default'; + ok(!lei(qw(ls-mail-source -c nntp.starttls=true), + "nntp://$starttls_addr"), 'STARTTLS verify fails'); + diag $lei_err; + }); + SKIP: { skip 'TCP_DEFER_ACCEPT is Linux-only', 2 if $^O ne 'linux'; my $var = eval { Socket::TCP_DEFER_ACCEPT() } // 9; -- cgit v1.2.3-24-ge0c7