renames

rename chatctl to doveauth
rename hpk to c1 inv
2026-05-11 16:34:39 +00:00 · 2023-10-13 11:02:57 +02:00 · 2023-10-13 10:43:07 +02:00 · 2023-10-13 09:36:59 +02:00 · 2023-10-13 09:36:27 +02:00 · 2023-10-12 19:32:49 +02:00
11 changed files with 246 additions and 72 deletions
--- a/hpk-inv.py
+++ b/hpk-inv.py
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -8,3 +8,23 @@ version = "0.1"
 dependencies = [
  "pyinfra",
 ]
 [tool.pytest.ini_options]
 addopts = "-v -ra --strict-markers"
 [tool.tox]
 legacy_tox_ini = """
 [tox]
 isolated_build = true
 envlist = lint
 [testenv:lint]
 skipdist = True
 skip_install = True
 deps =
  ruff
  black
 commands =
  black --quiet --check --diff src/
  ruff src/
 """
--- a/src/chatmail/init.py
+++ b/src/chatmail/init.py
@@ -2,7 +2,6 @@
 Chat Mail pyinfra deploy.
 """
 import importlib.resources
 from io import StringIO
 from pyinfra import host, logger
 from pyinfra.operations import apt, files, server, systemd, python
@@ -14,7 +13,7 @@ def _install_chatctl() -> None:
    """Setup chatctl."""
    files.put(
        src=importlib.resources.files(__package__)
-        .joinpath("chatctl/chatctl.py")
+        .joinpath("dovecot/doveauth.py")
        .open("rb"),
        dest="/home/vmail/chatctl",
        user="vmail",
@@ -104,8 +103,8 @@ def _configure_dovecot(mail_server: str) -> bool:
    # luarocks install http lpeg_patterns fifo
    auth_script = files.put(
-        src=importlib.resources.files(__package__).joinpath("dovecot/auth.lua"),
+        src=importlib.resources.files(__package__).joinpath("dovecot/doveauth.lua"),
-        dest="/etc/dovecot/auth.lua",
+        dest="/etc/dovecot/doveauth.lua",
        user="root",
        group="root",
        mode="644",
@@ -118,7 +117,7 @@ def _configure_dovecot(mail_server: str) -> bool:
 def deploy_chatmail(mail_domain: str, mail_server: str, dkim_selector: str) -> None:
    """Deploy a chat-mail instance.
-    :param mail_domain: the domain part of your future email addresses, so "example.org" in user@example.org
+    :param mail_domain: domain part of your future email addresses
    :param mail_server: the DNS name under which your mail server is reachable
    :param dkim_selector:
    """
--- a/src/chatmail/chatctl/chatctl.py
+++ b/src/chatmail/chatctl/chatctl.py
@@ -1,17 +0,0 @@
 #!/usr/bin/env python3
 import base64
 import sys
 if sys.argv[1] == "hexauth":
    login = base64.b16decode(sys.argv[2])
    password = base64.b16decode(sys.argv[3])
    if login == b"link2xt@instant2.testrun.org" and password == b"Ahyei6ie":
        sys.exit(0)
    else:
        sys.exit(1)
 elif sys.argv[1] == "hexlookup":
    login = base64.b16decode(sys.argv[2])
    if login == b"link2xt@instant2.testrun.org":
        sys.exit(0)
    else:
        sys.exit(1)
--- a/src/chatmail/dovecot/auth.lua
+++ b/src/chatmail/dovecot/auth.lua
@@ -1,35 +0,0 @@
 -- Lua based authentication script for Dovecot.
 --
 -- It calls external chatctl command to answer requests.
 -- Hexadecimal aka base16 encoding.
 function hex(data)
   return (data:gsub(".", function(char) return string.format("%2X", char:byte()) end))
 end
 -- Escape shell argument by hex encoding it and wrapping in quotes.
 function escape(data)
   return ("'"..hex(data).."'")
 end
 function auth_password_verify(request, password)
  if os.execute("/home/vmail/chatctl hexauth "..escape(request.user).." "..escape(password)) then
    return dovecot.auth.PASSDB_RESULT_OK, {}
  end
  return dovecot.auth.PASSDB_RESULT_PASSWORD_MISMATCH, ""
 end
 function auth_passdb_lookup(request)
  if os.execute("/home/vmail/chatctl hexlookup "..escape(request.user)) then
    return dovecot.auth.PASSDB_RESULT_OK, {}
  end
  return dovecot.auth.PASSDB_RESULT_USER_UNKNOWN, "no such user"
 end
 function auth_userdb_lookup(request)
  if os.execute("/home/vmail/chatctl hexlookup "..escape(request.user)) then
    return dovecot.auth.USERDB_RESULT_OK, "uid=vmail gid=vmail"
  end
  return dovecot.auth.USERDB_RESULT_USER_UNKNOWN, "no such user"
 end
--- a/src/chatmail/dovecot/doveauth.lua
+++ b/src/chatmail/dovecot/doveauth.lua
@@ -0,0 +1,60 @@
 -- Escape shell argument by hex encoding it and wrapping in quotes.
 function escape(data)
   b16 = data:gsub(".", function(char) return string.format("%2X", char:byte()) end)
   return ("'"..b16.."'")
 end
 -- call out to python program to actually manage authentication for dovecot
 function chatctl_verify(user, password)
    local handle = io.popen("python doveauth.py hexauth "..escape(user).." "..escape(password))
    local result = handle:read("*a")
    handle:close()
    return split_chatctl(result)
 end
 function chatctl_lookup(user) 
    assert(user)
    local handle = io.popen("python doveauth.py hexlookup "..escape(user))
    local result = handle:read("*a")
    handle:close()
    return split_chatctl(result)
 end
 function get_extra_dovecot_output(res)
    return {homedir=res.homedir, uid=res.uid, gid=res.gid}
 end
 function auth_passdb_verify(request, password)
    local res = chatctl_verify(request.user, password)
    if res.status == "ok" then 
        return dovecot.auth.PASSDB_RESULT_OK, get_extra_dovecot_output(res)
    end
    return dovecot.auth.PASSDB_RESULT_PASSWORD_MISMATCH, ""
 end
 function auth_passdb_lookup(request)
    local res = chatctl_lookup(request.user) 
    if res.status == "ok" then 
        return dovecot.auth.PASSDB_RESULT_OK, get_extra_dovecot_output(res)
    end
    return dovecot.auth.PASSDB_RESULT_USER_UNKNOWN, "no such user"
 end
 function auth_userdb_lookup(request)
    local res = chatctl_lookup(request.user) 
    if res.status == "ok" then
        return dovecot.auth.USERDB_RESULT_OK, get_extra_dovecot_output(res)
    end
    return dovecot.auth.USERDB_RESULT_USER_UNKNOWN, "no such user"
 end
 function split_chatctl(output) 
    local ret = {}
    for key, value in output:gmatch "(%w+)%s*=%s*(%w+)" do
        ret[key] = value
    end
    return ret
 end
--- a/src/chatmail/dovecot/doveauth.py
+++ b/src/chatmail/dovecot/doveauth.py
@@ -0,0 +1,61 @@
 #!/usr/bin/env python3
 import base64
 import sys
 def get_user_data(user):
    if user == b"link2xt@instant2.testrun.org":
        return dict(
            homedir="/home/vmail/link2xt",
            uid="vmail",
            gid="vmail",
            password=b"Ahyei6ie",
        )
    return {}
 def create_user(user, password):
    assert isinstance(password, bytes)
    return dict(
        homedir=f"/home/vmail/{user}", uid="vmail", gid="vmail", password=password
    )
 def verify_user(user, password):
    userdata = get_user_data(user)
    if userdata:
        if userdata.get("password") == password:
            userdata["status"] = "ok"
        else:
            userdata["status"] = "fail"
    else:
        userdata = create_user(user, password)
        userdata["status"] = "ok"
    return userdata
 def lookup_user(user):
    userdata = get_user_data(user)
    if userdata:
        userdata["status"] = "ok"
    else:
        userdata["status"] = "fail"
    return userdata
 def dump_result(res):
    for key, value in res.items():
        print(f"{key}={value}")
 if __name__ == "__main__":
    if sys.argv[1] == "hexauth":
        login = base64.b16decode(sys.argv[2])
        password = base64.b16decode(sys.argv[3])
        res = verify_user(login, password)
        dump_result(res)
    elif sys.argv[1] == "hexlookup":
        login = base64.b16decode(sys.argv[2])
        res = lookup_user(login)
        dump_result(res)
--- a/src/chatmail/dovecot/dovecot.conf.j2
+++ b/src/chatmail/dovecot/dovecot.conf.j2
@@ -7,11 +7,11 @@ auth_mechanisms = plain
 # Authentication for system users.
 passdb {
  driver = lua
-  args = file=/etc/dovecot/auth.lua
+  args = file=/etc/dovecot/doveauth.lua
 }
 userdb {
  driver = lua
-  args = file=/etc/dovecot/auth.lua
+  args = file=/etc/dovecot/doveauth.lua
 }
 ##
--- a/src/chatmail/dovecot/test_doveauth.lua
+++ b/src/chatmail/dovecot/test_doveauth.lua
@@ -0,0 +1,76 @@
 require "doveauth"
 -- simulate dovecot defined result codes 
 dovecot = {
    auth = {
        PASSDB_RESULT_OK="PASSWORD-OK",
        PASSDB_RESULT_PASSWORD_MISMATCH="PASSWORD-MISMATCH",
        USERDB_RESULT_OK="USERDB-OK",
        USERDB_RESULT_USER_UNKNOWN="USERDB-UNKNOWN"
    }
 }
 -- Tests for testing the lua<->python interaction 
 function test_passdb_verify_ok(user, password) 
    local res, extra = auth_passdb_verify({user=user}, password)
    assert(res==dovecot.auth.PASSDB_RESULT_OK)
    assert(extra.uid == "vmail")
    assert(extra.gid == "vmail")
    -- assert(extra.homedir == "/home/vmail/link2xt")
    print("OK test_passdb_verify_ok "..user.." "..password)
 end
 function test_passdb_verify_mismatch(user, password) 
    local res = auth_passdb_verify({user=user}, password)
    assert(res == dovecot.auth.PASSDB_RESULT_PASSWORD_MISMATCH)
    print("OK test_passdb_verify_mismatch "..user.." "..password)
 end
 function test_userdb_lookup_ok(user)
    local res, extra = auth_userdb_lookup({user=user})
    assert(extra.uid == "vmail")
    assert(extra.gid == "vmail")
    assert(res == dovecot.auth.USERDB_RESULT_OK)
    print("OK test_userdb_lookup_ok "..user)
 end
 function test_userdb_lookup_mismatch(user)
    local res, extra = auth_userdb_lookup({user=user})
    assert(res == dovecot.auth.USERDB_RESULT_USER_UNKNOWN)
    print("OK test_userdb_lookup_mismatch "..user)
 end
 function test_passdb_lookup_ok(user)
    local res, extra = auth_passdb_lookup({user=user})
    assert(extra.uid == "vmail")
    assert(extra.gid == "vmail")
    assert(res == dovecot.auth.PASSDB_RESULT_OK)
    print("OK test_passdb_lookup_ok "..user)
 end
 function test_passdb_lookup_mismatch(user)
    local res, extra = auth_passdb_lookup({user=user})
    assert(res == dovecot.auth.PASSDB_RESULT_USER_UNKNOWN)
    print("OK test_passdb_lookup_mismatch "..user)
 end
 function test_split_chatctl()
    local res = split_chatctl("a=3 b=4\nc=5")
    assert(res["a"] == "3")
    assert(res["b"] == "4")
    assert(res["c"] == "5")
    print("OK test_split_chatctl")
 end 
 test_split_chatctl()
 test_passdb_verify_ok("link2xt@instant2.testrun.org", "Ahyei6ie")
 test_passdb_verify_mismatch("link2xt@instant2.testrun.org", "Aqwlek")
 test_userdb_lookup_ok("link2xt@instant2.testrun.org")
 test_userdb_lookup_mismatch("wlekqjlew@xyz.org")
 test_passdb_lookup_ok("link2xt@instant2.testrun.org")
 test_passdb_lookup_mismatch("llqkwjelqwe@xyz.org")
--- a/src/chatmail/dovecot/test_doveauth.py
+++ b/src/chatmail/dovecot/test_doveauth.py
@@ -0,0 +1,23 @@
 import subprocess
 import pytest
 from doveauth import get_user_data, verify_user
 def test_basic():
    data = get_user_data(b"link2xt@instant2.testrun.org")
    assert data
@pytest.mark.xfail(reason="no persistence yet")
 def test_verify_or_create():
    res = verify_user(b"newuser1@something.org", b"kajdlkajsldk12l3kj1983")
    assert res["status"] == "ok"
    res = verify_user(b"newuser1@something.org", b"kajdlqweqwe")
    assert res["status"] == "fail"
 def test_lua_integration(request):
    p = request.fspath.dirpath("test_doveauth.lua")
    proc = subprocess.run(["lua", str(p)])
    assert proc.returncode == 0
--- a/tox.ini
+++ b/tox.ini
@@ -1,13 +0,0 @@
 [tox]
 isolated_build = true
 envlist = lint
 [testenv:lint]
 skipdist = True
 skip_install = True
 deps =
  ruff
  black
 commands =
  black --quiet --check --diff src/
  ruff src/
Author	SHA1	Message	Date
holger krekel	47091db28c	renames	2023-10-13 11:02:57 +02:00
holger krekel	f013ff434e	rename chatctl to doveauth	2023-10-13 10:43:07 +02:00
holger krekel	4ba5b49d19	rename hpk to c1 inv	2023-10-13 09:36:59 +02:00
holger krekel	15d650dc83	move tox.ini into pyproject.toml	2023-10-13 09:36:27 +02:00
holger krekel	5f5cc99567	first test for python chatctl part and applying black	2023-10-12 19:32:49 +02:00
holger krekel	a1f0854f33	refactor python part a little (thanks missytake)	2023-10-12 19:18:16 +02:00
holger krekel	f2a26bc5fe	added more tests	2023-10-12 19:01:47 +02:00
holger krekel	940b39bce7	more tests, better interface between lua and chatctl, also passing dovecot extras	2023-10-12 18:50:40 +02:00
holger krekel	067252703f	another test	2023-10-12 17:55:46 +02:00
holger krekel	77d800b13f	write a bit of tests for a lua script that calls into chatctl.py (#1 ) * add a lua test script running directly against chatctl.py	2023-10-12 17:41:57 +02:00