Allow to send securejoin

Co-Authored-By: holger krekel <holger@merlinux.eu>

README.md

@@ -52,6 +52,7 @@ scripts/
     init.sh  # create venv/other perequires
     deploy.sh  # run pyinfra based deploy of everything
     test.sh # run all local and online tests 
+    bench.sh # run performance benchmark tests
 
 ```
 

chatmaild/src/chatmaild/dictproxy.py

@@ -95,7 +95,7 @@ def main():
             while True:
                 msg = self.rfile.readline().strip().decode()
                 if not msg:
-                    continue
+                    break
                 res = handle_dovecot_request(msg, db)
                 if res:
                     print(f"sending result: {res!r}", file=sys.stderr)

chatmaild/src/chatmaild/filtermail.py

@@ -9,9 +9,8 @@ from aiosmtpd.controller import UnixSocketController
 from smtplib import SMTP as SMTPClient
 
 
-def check_encrypted(content):
+def check_encrypted(message):
     """Check that the message is an OpenPGP-encrypted message."""
-    message = BytesParser(policy=policy.default).parsebytes(content)
     if not message.is_multipart():
         return False
     if message.get("subject") != "...":
@@ -47,7 +46,8 @@ class ExampleHandler:
 
         valid_recipients = []
 
-        mail_encrypted = check_encrypted(envelope.content)
+        message = BytesParser(policy=policy.default).parsebytes(envelope.content)
+        mail_encrypted = check_encrypted(message)
 
         res = []
         for recipient in envelope.rcpt_tos:
@@ -68,7 +68,13 @@ class ExampleHandler:
                 continue
 
             is_outgoing = recipient_local_domain[1] != my_local_domain[1]
-            if is_outgoing and not mail_encrypted:
+
+            if (
+                is_outgoing
+                and not mail_encrypted
+                and message.get("secure-join") != "vc-request"
+                and message.get("secure-join") != "vg-request"
+            ):
                 res += ["500 Outgoing mail must be encrypted"]
                 continue
 

chatmaild/src/chatmaild/test_filtermail.py

@@ -1,12 +1,16 @@
-import pytest
-
 from .filtermail import check_encrypted
+from email.parser import BytesParser
+from email import policy
 
 
 def test_filtermail():
-    assert not check_encrypted(b"foo")
+    def check_encrypted_bstr(content):
+        message = BytesParser(policy=policy.default).parsebytes(content)
+        return check_encrypted(message)
 
-    assert not check_encrypted(
+    assert not check_encrypted_bstr(b"foo")
+
+    assert not check_encrypted_bstr(
         "\r\n".join(
             [
                 "Subject: =?utf-8?q?Message_from_foobar=40c2=2Etestrun=2Eorg?=",
@@ -36,7 +40,7 @@ def test_filtermail():
         ).encode()
     )
 
-    assert not check_encrypted(
+    assert not check_encrypted_bstr(
         "\r\n".join(
             [
                 "Subject: =?utf-8?q?Message_from_foobar=40c2=2Etestrun=2Eorg?=",
@@ -67,7 +71,7 @@ def test_filtermail():
     )
 
     # https://xkcd.com/1181/
-    assert not check_encrypted(
+    assert not check_encrypted_bstr(
         "\r\n".join(
             [
                 "Subject: =?utf-8?q?Message_from_foobar=40c2=2Etestrun=2Eorg?=",
@@ -99,7 +103,7 @@ def test_filtermail():
         ).encode()
     )
 
-    assert check_encrypted(
+    assert check_encrypted_bstr(
         "\r\n".join(
             [
                 "Subject: ...",
@@ -172,7 +176,7 @@ def test_filtermail():
         ).encode()
     )
 
-    assert not check_encrypted(
+    assert not check_encrypted_bstr(
         "\r\n".join(
             [
                 "Subject: Buy Penis Enlargement at www.malicious-domain.com",
@@ -245,7 +249,7 @@ def test_filtermail():
         ).encode()
     )
 
-    assert not check_encrypted(
+    assert not check_encrypted_bstr(
         "\r\n".join(
             [
                 "Subject: Message opened",

deploy-chatmail/src/deploy_chatmail/__init__.py

@@ -160,6 +160,16 @@ def _configure_dovecot(mail_server: str) -> bool:
     )
     need_restart |= auth_config.changed
 
+    files.put(
+        src=importlib.resources.files(__package__)
+        .joinpath("dovecot/expunge.cron")
+        .open("rb"),
+        dest="/etc/cron.d/expunge",
+        user="root",
+        group="root",
+        mode="644",
+    )
+
     return need_restart
 
 

deploy-chatmail/src/deploy_chatmail/dovecot/expunge.cron

@@ -0,0 +1,4 @@
+2 0 * * * dovecot doveadm expunge -A SEEN BEFORE 40d INBOX
+2 0 * * * dovecot doveadm expunge -A SEEN BEFORE 40d Deltachat
+2 0 * * * dovecot doveadm expunge -A SEEN BEFORE 40d Trash
+2 30 * * * dovecot doveadm purge -A

online-tests/benchmark.py

@@ -0,0 +1,34 @@
+def test_tls_serialized_connect(benchmark, imap_or_smtp):
+    def connect():
+        imap_or_smtp.connect()
+
+    benchmark(connect)
+
+
+def test_login(benchmark, imap_or_smtp, gencreds):
+    cls = imap_or_smtp.__class__
+    conns = []
+    for i in range(20):
+        conn = cls(imap_or_smtp.host)
+        conn.connect()
+        conns.append(conn)
+
+    def login():
+        conn = conns.pop()
+        conn.login(*gencreds())
+
+    benchmark(login)
+
+
+def test_send_and_receive_10(benchmark, cmfactory, lp):
+    """send many messages between two accounts"""
+    ac1, ac2 = cmfactory.get_online_accounts(2)
+    chat = cmfactory.get_accepted_chat(ac1, ac2)
+
+    def send_10_receive_all():
+        for i in range(10):
+            chat.send_text(f"hello {i}")
+        for i in range(10):
+            ac2.wait_next_incoming_message()
+
+    benchmark(send_10_receive_all)

online-tests/conftest.py

@@ -30,13 +30,23 @@ def maildomain():
 
 
 @pytest.fixture
-def chatmail_ssh(maildomain):
-    domain = os.environ.get("CHATMAIL_SSH")
+def sshdomain(maildomain):
+    return os.environ.get("CHATMAIL_SSH", maildomain)
+
+
+@pytest.fixture
+def maildomain2():
+    domain = os.environ.get("CHATMAIL_DOMAIN2")
     if not domain:
-        domain = maildomain
+        pytest.skip("set CHATMAIL_DOMAIN2 to a ssh-reachable chatmail instance")
     return domain
 
 
+@pytest.fixture
+def sshdomain2(maildomain2):
+    return os.environ.get("CHATMAIL_SSH2", maildomain2)
+
+
 def pytest_report_header():
     domain = os.environ.get("CHATMAIL_DOMAIN")
     if domain:
@@ -51,6 +61,8 @@ def imap(maildomain):
 
 class ImapConn:
     AuthError = imaplib.IMAP4.error
+    logcmd = "journalctl -f -u dovecot"
+    name = "dovecot"
 
     def __init__(self, host):
         self.host = host
@@ -71,6 +83,8 @@ def smtp(maildomain):
 
 class SmtpConn:
     AuthError = smtplib.SMTPAuthenticationError
+    logcmd = "journalctl -f -t postfix/smtpd -t postfix/smtp -t postfix/lmtp"
+    name = "postfix"
 
     def __init__(self, host):
         self.host = host
@@ -94,16 +108,17 @@ def gencreds(maildomain):
     count = itertools.count()
     next(count)
 
-    def gen():
+    def gen(domain=None):
+        domain = domain if domain else maildomain
         while 1:
             num = next(count)
             alphanumeric = "abcdefghijklmnopqrstuvwxyz1234567890"
             user = "".join(random.choices(alphanumeric, k=10))
             user = f"ac{num}_{user}"
             password = "".join(random.choices(alphanumeric, k=10))
-            yield f"{user}@{maildomain}", f"{password}"
+            yield f"{user}@{domain}", f"{password}"
 
-    return lambda: next(gen())
+    return lambda domain=None: next(gen(domain))
 
 
 #
@@ -118,12 +133,13 @@ class ChatmailTestProcess:
     def __init__(self, pytestconfig, maildomain, gencreds):
         self.pytestconfig = pytestconfig
         self.maildomain = maildomain
+        assert "." in self.maildomain, maildomain
         self.gencreds = gencreds
         self._addr2files = {}
 
     def get_liveconfig_producer(self):
         while 1:
-            user, password = self.gencreds()
+            user, password = self.gencreds(self.maildomain)
             config = {
                 "addr": user,
                 "mail_pw": password,
@@ -141,13 +157,21 @@ class ChatmailTestProcess:
 
 
 @pytest.fixture
-def cmfactory(request, maildomain, gencreds, tmpdir, data):
+def cmfactory(request, gencreds, tmpdir, data, maildomain):
     # cloned from deltachat.testplugin.amfactory
     pytest.importorskip("deltachat")
     from deltachat.testplugin import ACFactory
 
     testproc = ChatmailTestProcess(request.config, maildomain, gencreds)
     am = ACFactory(request=request, tmpdir=tmpdir, testprocess=testproc, data=data)
+
+    # nb. a bit hacky
+    # would probably be better if deltachat's test machinery grows native support
+    def switch_maildomain(maildomain2):
+        am.testprocess.maildomain = maildomain2
+
+    am.switch_maildomain = switch_maildomain
+
     yield am
     if hasattr(request.node, "rep_call") and request.node.rep_call.failed:
         if testproc.pytestconfig.getoption("--extra-info"):
@@ -158,13 +182,20 @@ def cmfactory(request, maildomain, gencreds, tmpdir, data):
 
 
 @pytest.fixture
-def dovelogreader(chatmail_ssh):
-    def remote_reader():
-        popen = subprocess.Popen(
-            ["ssh", f"root@{chatmail_ssh}", "journalctl -f -u dovecot"],
+def remote(sshdomain):
+    return Remote(sshdomain)
+
+
+class Remote:
+    def __init__(self, sshdomain):
+        self.sshdomain = sshdomain
+
+    def iter_output(self, logcmd=""):
+        getjournal = f"journalctl -f" if not logcmd else logcmd
+        self.popen = subprocess.Popen(
+            ["ssh", f"root@{self.sshdomain}", getjournal],
             stdout=subprocess.PIPE,
         )
         while 1:
-            yield popen.stdout.readline()
-
-    return remote_reader
+            line = self.popen.stdout.readline()
+            yield line.decode().strip().lower()

online-tests/test_0_basic.py

@@ -0,0 +1,15 @@
+def test_remote(remote, imap_or_smtp):
+    lineproducer = remote.iter_output(imap_or_smtp.logcmd)
+    imap_or_smtp.connect()
+    assert imap_or_smtp.name in next(lineproducer)
+
+
+def test_use_two_chatmailservers(cmfactory, maildomain2):
+    ac1 = cmfactory.new_online_configuring_account(cache=False)
+    cmfactory.switch_maildomain(maildomain2)
+    ac2 = cmfactory.new_online_configuring_account(cache=False)
+    cmfactory.bring_accounts_online()
+    cmfactory.get_accepted_chat(ac1, ac2)
+    domain1 = ac1.get_config("addr").split("@")[1]
+    domain2 = ac2.get_config("addr").split("@")[1]
+    assert domain1 != domain2

online-tests/test_0_login.py

@@ -17,7 +17,7 @@ def test_login_basic_functioning(imap_or_smtp, gencreds, lp):
     imap_or_smtp.connect()
     lp.sec("success")
 
-    lp.sec("reconnect and verify wrong password fails {user} ")
+    lp.sec(f"reconnect and verify wrong password fails {user} ")
     imap_or_smtp.connect()
     with pytest.raises(imap_or_smtp.AuthError):
         imap_or_smtp.login(user, password + "wrong")

online-tests/test_1_deltachat.py

@@ -19,7 +19,7 @@ class TestEndToEndDeltaChat:
         assert msg2.text == "message0"
 
     @pytest.mark.slow
-    def test_exceed_quota(self, cmfactory, lp, tmpdir, dovelogreader):
+    def test_exceed_quota(self, cmfactory, lp, tmpdir, remote):
         """This is a very slow test as it needs to upload >100MB of mail data
         before quota is exceeded, and thus depends on the speed of the upload.
         """
@@ -48,8 +48,7 @@ class TestEndToEndDeltaChat:
 
         addr = ac2.get_config("addr").lower()
         saved_ok = 0
-        for line in dovelogreader():
-            line = line.decode().lower().strip()
+        for line in remote.iter_output("journalctl -f -u dovecot"):
             if addr not in line:
                 # print(line)
                 continue
@@ -68,3 +67,17 @@ class TestEndToEndDeltaChat:
                     break
 
         pytest.fail("sending succeeded although messages should exceed quota")
+
+    def test_securejoin(self, cmfactory, lp, maildomain2):
+        ac1 = cmfactory.new_online_configuring_account(cache=False)
+        cmfactory.switch_maildomain(maildomain2)
+        ac2 = cmfactory.new_online_configuring_account(cache=False)
+        cmfactory.bring_accounts_online()
+
+        lp.sec("ac1: create QR code and let ac2 scan it, starting the securejoin")
+        qr = ac1.get_setup_contact_qr()
+
+        lp.sec("ac2: start QR-code based setup contact protocol")
+        ch = ac2.qr_setup_contact(qr)
+        assert ch.id >= 10
+        ac1._evtracker.wait_securejoin_inviter_progress(1000)

plan.txt

@@ -3,17 +3,11 @@
 ## Dovecot goals/steps
 
 - automatic expiry of messages older than M days
-   - delete unconditionally messages older than 40 days
+   - also expunge unread messages
 
 - limit: configure max-connections per account
 
 
-## Filtermail
-
-- (alex, Only allow (outgoing) mails if secure-join or autocrypt-pgp-encrypted format.
-  TODO: mime-parse mails and check/add tests
-
-
 ## nami: send out rate limit / rspamd
 
 - basic outgoing send rate/limits (depending on "account-rating")

scripts/bench.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+set -e
+
+online-tests/venv/bin/pytest online-tests/benchmark.py -vrx 

scripts/init.sh

@@ -10,7 +10,7 @@ chatmaild/venv/bin/pip install pytest
 chatmaild/venv/bin/pip install -e chatmaild
 
 python3 -m venv online-tests/venv
-online-tests/venv/bin/pip install pytest pytest-timeout pdbpp deltachat
+online-tests/venv/bin/pip install pytest pytest-timeout pdbpp deltachat pytest-benchmark
 
 python3 -m venv venv
 venv/bin/pip install build

scripts/test.sh

@@ -4,4 +4,4 @@ pushd chatmaild/src/chatmaild
 ../../venv/bin/pytest
 popd
 
-online-tests/venv/bin/pytest online-tests/ -vrx --durations=5 --slow
+online-tests/venv/bin/pytest online-tests/ -vrx --durations=5