mirror of
https://github.com/chatmail/relay.git
synced 2026-05-11 00:14:36 +00:00
Compare commits
20 Commits
postfix-ra
...
chatmaild
| Author | SHA1 | Date | |
|---|---|---|---|
|
31e08832a6 | ||
|
|
9d175316ff | ||
|
|
fdd528841f | ||
|
|
00b4c484ff | ||
|
|
0950d7ea8f | ||
|
|
7dd2d0b9b4 | ||
|
|
dd232689a7 | ||
|
|
c613ca24af | ||
|
|
848b25c790 | ||
|
|
107d10ace4 | ||
|
|
83e6a42252 | ||
|
eb69dd58f7 | ||
|
|
31c45f951d | ||
|
|
3012bfb79d | ||
|
|
03442bc115 | ||
|
|
1ae6291d06 | ||
|
|
1b347f97a0 | ||
|
|
902f98c9ba | ||
|
|
89311063f8 | ||
|
|
329b845c79 |
18
.github/workflows/ci.yaml
vendored
Normal file
18
.github/workflows/ci.yaml
vendored
Normal file
@@ -0,0 +1,18 @@
|
||||
name: CI
|
||||
|
||||
on:
|
||||
pull_request:
|
||||
push:
|
||||
|
||||
jobs:
|
||||
lint:
|
||||
name: Lint
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- name: Lint chatmaild
|
||||
working-directory: chatmaild
|
||||
run: pipx run tox
|
||||
- name: Lint deploy-chatmail
|
||||
working-directory: deploy-chatmail
|
||||
run: pipx run tox
|
||||
@@ -2,13 +2,13 @@ import logging
|
||||
import os
|
||||
import sys
|
||||
import json
|
||||
import crypt
|
||||
from socketserver import (
|
||||
UnixStreamServer,
|
||||
StreamRequestHandler,
|
||||
ThreadingMixIn,
|
||||
)
|
||||
import pwd
|
||||
import subprocess
|
||||
|
||||
from .database import Database
|
||||
|
||||
@@ -16,79 +16,73 @@ NOCREATE_FILE = "/etc/chatmail-nocreate"
|
||||
|
||||
|
||||
def encrypt_password(password: str):
|
||||
password = password.encode("ascii")
|
||||
# https://doc.dovecot.org/configuration_manual/authentication/password_schemes/
|
||||
process = subprocess.Popen(
|
||||
["doveadm", "pw", "-s", "SHA512-CRYPT"],
|
||||
stdin=subprocess.PIPE,
|
||||
stdout=subprocess.PIPE,
|
||||
)
|
||||
stdout_data, _stderr_data = process.communicate(
|
||||
input=password + b"\n" + password + b"\n"
|
||||
)
|
||||
return stdout_data.decode("ascii").strip()
|
||||
passhash = crypt.crypt(password, crypt.METHOD_SHA512)
|
||||
return "{SHA512-CRYPT}" + passhash
|
||||
|
||||
|
||||
def create_user(db, user, password):
|
||||
if os.path.exists(NOCREATE_FILE):
|
||||
logging.warning(
|
||||
f"Didn't create account: {NOCREATE_FILE} exists. Delete the file to enable account creation."
|
||||
)
|
||||
return
|
||||
with db.write_transaction() as conn:
|
||||
conn.create_user(user, password)
|
||||
return dict(home=f"/home/vmail/{user}", uid="vmail", gid="vmail", password=password)
|
||||
class DictProxy:
|
||||
def __init__(self, db, mail_domain):
|
||||
self.db = db
|
||||
self.mail_domain = mail_domain
|
||||
|
||||
def create_user(self, user, password):
|
||||
if os.path.exists(NOCREATE_FILE):
|
||||
logging.warning(f"Didn't create account: {NOCREATE_FILE} exists.")
|
||||
return
|
||||
with self.db.write_transaction() as conn:
|
||||
conn.create_user(user, password)
|
||||
return dict(home=f"/home/vmail/{user}", uid="vmail", gid="vmail", password=password)
|
||||
|
||||
def get_user_data(self, user):
|
||||
with self.db.read_connection() as conn:
|
||||
result = conn.get_user(user)
|
||||
if result:
|
||||
result["uid"] = "vmail"
|
||||
result["gid"] = "vmail"
|
||||
return result
|
||||
|
||||
|
||||
def get_user_data(db, user):
|
||||
with db.read_connection() as conn:
|
||||
result = conn.get_user(user)
|
||||
if result:
|
||||
result["uid"] = "vmail"
|
||||
result["gid"] = "vmail"
|
||||
return result
|
||||
def lookup_userdb(self, user):
|
||||
return self.get_user_data(user)
|
||||
|
||||
|
||||
def lookup_userdb(db, user):
|
||||
return get_user_data(db, user)
|
||||
def lookup_passdb(self, user, password):
|
||||
userdata = self.get_user_data(user)
|
||||
if not userdata:
|
||||
return self.create_user(user, encrypt_password(password))
|
||||
userdata["password"] = userdata["password"].strip()
|
||||
return userdata
|
||||
|
||||
|
||||
def lookup_passdb(db, user, password):
|
||||
userdata = get_user_data(db, user)
|
||||
if not userdata:
|
||||
return create_user(db, user, encrypt_password(password))
|
||||
userdata["password"] = userdata["password"].strip()
|
||||
return userdata
|
||||
|
||||
|
||||
def handle_dovecot_request(msg, db, mail_domain):
|
||||
print(f"received msg: {msg!r}", file=sys.stderr)
|
||||
short_command = msg[0]
|
||||
if short_command == "L": # LOOKUP
|
||||
parts = msg[1:].split("\t")
|
||||
keyname, user = parts[:2]
|
||||
namespace, type, *args = keyname.split("/")
|
||||
reply_command = "F"
|
||||
res = ""
|
||||
if namespace == "shared":
|
||||
if type == "userdb":
|
||||
if user.endswith(f"@{mail_domain}"):
|
||||
res = lookup_userdb(db, user)
|
||||
if res:
|
||||
reply_command = "O"
|
||||
else:
|
||||
reply_command = "N"
|
||||
elif type == "passdb":
|
||||
if user.endswith(f"@{mail_domain}"):
|
||||
res = lookup_passdb(db, user, password=args[0])
|
||||
if res:
|
||||
reply_command = "O"
|
||||
else:
|
||||
reply_command = "N"
|
||||
print(f"res: {res!r}", file=sys.stderr)
|
||||
json_res = json.dumps(res) if res else ""
|
||||
return f"{reply_command}{json_res}\n"
|
||||
return None
|
||||
def handle_dovecot_request(self, msg):
|
||||
print(f"received msg: {msg!r}", file=sys.stderr)
|
||||
short_command = msg[0]
|
||||
if short_command == "L": # LOOKUP
|
||||
parts = msg[1:].split("\t")
|
||||
keyname, user = parts[:2]
|
||||
namespace, type, *args = keyname.split("/")
|
||||
reply_command = "F"
|
||||
res = ""
|
||||
if namespace == "shared":
|
||||
if type == "userdb":
|
||||
if user.endswith(f"@{self.mail_domain}"):
|
||||
res = lookup_userdb(db, user)
|
||||
if res:
|
||||
reply_command = "O"
|
||||
else:
|
||||
reply_command = "N"
|
||||
elif type == "passdb":
|
||||
if user.endswith(f"@{self.mail_domain}"):
|
||||
res = lookup_passdb(db, user, password=args[0])
|
||||
if res:
|
||||
reply_command = "O"
|
||||
else:
|
||||
reply_command = "N"
|
||||
print(f"res: {res!r}", file=sys.stderr)
|
||||
json_res = json.dumps(res) if res else ""
|
||||
return f"{reply_command}{json_res}\n"
|
||||
return None
|
||||
|
||||
|
||||
class ThreadedUnixStreamServer(ThreadingMixIn, UnixStreamServer):
|
||||
@@ -98,17 +92,18 @@ class ThreadedUnixStreamServer(ThreadingMixIn, UnixStreamServer):
|
||||
def main():
|
||||
socket = sys.argv[1]
|
||||
passwd_entry = pwd.getpwnam(sys.argv[2])
|
||||
db = Database(sys.argv[3])
|
||||
with open("/etc/mailname", "r") as fp:
|
||||
mail_domain = fp.read().strip()
|
||||
|
||||
db = Database(sys.argv[3])
|
||||
dictproxy = DictProxy(db, mail_domain)
|
||||
class Handler(StreamRequestHandler):
|
||||
def handle(self):
|
||||
while True:
|
||||
msg = self.rfile.readline().strip().decode()
|
||||
if not msg:
|
||||
break
|
||||
res = handle_dovecot_request(msg, db, mail_domain)
|
||||
res = dictproxy.handle_dovecot_request(msg)
|
||||
if res:
|
||||
print(f"sending result: {res!r}", file=sys.stderr)
|
||||
self.wfile.write(res.encode("ascii"))
|
||||
|
||||
@@ -1,53 +0,0 @@
|
||||
import os
|
||||
|
||||
import pytest
|
||||
|
||||
import chatmaild.dictproxy
|
||||
from .dictproxy import get_user_data, lookup_passdb
|
||||
from .database import Database, DBError
|
||||
|
||||
|
||||
@pytest.fixture()
|
||||
def db(tmpdir):
|
||||
db_path = tmpdir / "passdb.sqlite"
|
||||
print("database path:", db_path)
|
||||
return Database(db_path)
|
||||
|
||||
|
||||
def test_basic(db):
|
||||
chatmaild.dictproxy.NOCREATE_FILE = "/tmp/nocreate"
|
||||
if os.path.exists(chatmaild.dictproxy.NOCREATE_FILE):
|
||||
os.remove(chatmaild.dictproxy.NOCREATE_FILE)
|
||||
lookup_passdb(db, "link2xt@c1.testrun.org", "asdf")
|
||||
data = get_user_data(db, "link2xt@c1.testrun.org")
|
||||
assert data
|
||||
|
||||
|
||||
def test_dont_overwrite_password_on_wrong_login(db):
|
||||
"""Test that logging in with a different password doesn't create a new user"""
|
||||
res = lookup_passdb(db, "newuser1@something.org", "kajdlkajsldk12l3kj1983")
|
||||
assert res["password"]
|
||||
res2 = lookup_passdb(db, "newuser1@something.org", "kajdlqweqwe")
|
||||
# this function always returns a password hash, which is actually compared by dovecot.
|
||||
assert res["password"] == res2["password"]
|
||||
|
||||
|
||||
def test_nocreate_file(db):
|
||||
chatmaild.dictproxy.NOCREATE_FILE = "/tmp/nocreate"
|
||||
with open(chatmaild.dictproxy.NOCREATE_FILE, "w+") as f:
|
||||
f.write("")
|
||||
assert os.path.exists(chatmaild.dictproxy.NOCREATE_FILE)
|
||||
lookup_passdb(db, "newuser1@something.org", "kajdlqweqwe")
|
||||
assert not get_user_data(db, "newuser1@something.org")
|
||||
os.remove(chatmaild.dictproxy.NOCREATE_FILE)
|
||||
|
||||
|
||||
def test_db_version(db):
|
||||
assert db.get_schema_version() == 1
|
||||
|
||||
|
||||
def test_too_high_db_version(db):
|
||||
with db.write_transaction() as conn:
|
||||
conn.execute("PRAGMA user_version=%s;" % (999,))
|
||||
with pytest.raises(DBError):
|
||||
db.ensure_tables()
|
||||
@@ -1,338 +0,0 @@
|
||||
from .filtermail import check_encrypted, check_DATA, SendRateLimiter
|
||||
from email.parser import BytesParser
|
||||
from email import policy
|
||||
import pytest
|
||||
|
||||
|
||||
def test_reject_forged_from():
|
||||
def makemail(from_addr):
|
||||
return BytesParser(policy=policy.default).parsebytes(
|
||||
"\r\n".join(
|
||||
[
|
||||
f"From: <{from_addr}",
|
||||
"To: <barbaz@c3.testrun.org>",
|
||||
"Date: Sun, 15 Oct 2023 16:41:44 +0000",
|
||||
"Message-ID: <Mr.3gckbNy5bch.uK3Hd2Ws6-w@c2.testrun.org>",
|
||||
"References: <Mr.3gckbNy5bch.uK3Hd2Ws6-w@c2.testrun.org>",
|
||||
"Chat-Version: 1.0",
|
||||
"MIME-Version: 1.0",
|
||||
"Content-Type: text/plain; charset=utf-8; format=flowed; delsp=no",
|
||||
"",
|
||||
"Hi!",
|
||||
"",
|
||||
"",
|
||||
]
|
||||
).encode()
|
||||
)
|
||||
|
||||
class envelope:
|
||||
mail_from = "bob@c3.testrun.org"
|
||||
rcpt_tos = ["somebody@c3.testrun.org"]
|
||||
|
||||
# test that the filter lets good mail through
|
||||
envelope.content = makemail(envelope.mail_from).as_bytes()
|
||||
assert not check_DATA(envelope=envelope)
|
||||
|
||||
# test that the filter rejects forged mail
|
||||
envelope.content = makemail("forged@c3.testrun.org").as_bytes()
|
||||
error = check_DATA(envelope=envelope)
|
||||
assert "500" in error
|
||||
|
||||
|
||||
def test_filtermail():
|
||||
def check_encrypted_bstr(content):
|
||||
message = BytesParser(policy=policy.default).parsebytes(content)
|
||||
return check_encrypted(message)
|
||||
|
||||
assert not check_encrypted_bstr(b"foo")
|
||||
|
||||
assert not check_encrypted_bstr(
|
||||
"\r\n".join(
|
||||
[
|
||||
"Subject: =?utf-8?q?Message_from_foobar=40c2=2Etestrun=2Eorg?=",
|
||||
"Chat-Disposition-Notification-To: foobar@c2.testrun.org",
|
||||
"Chat-User-Avatar: 0",
|
||||
"From: <foobar@c2.testrun.org>",
|
||||
"To: <barbaz@c2.testrun.org>",
|
||||
"Date: Sun, 15 Oct 2023 16:41:44 +0000",
|
||||
"Message-ID: <Mr.3gckbNy5bch.uK3Hd2Ws6-w@c2.testrun.org>",
|
||||
"References: <Mr.3gckbNy5bch.uK3Hd2Ws6-w@c2.testrun.org>",
|
||||
"Chat-Version: 1.0",
|
||||
"Autocrypt: addr=foobar@c2.testrun.org; prefer-encrypt=mutual;",
|
||||
"\tkeydata=xjMEZSrw3hYJKwYBBAHaRw8BAQdAiEKNQFU28c6qsx4vo/JHdt73RXdjMOmByf/XsGiJ7m",
|
||||
"\tnNFzxmb29iYXJAYzIudGVzdHJ1bi5vcmc+wosEEBYIADMCGQEFAmUq8N4CGwMECwkIBwYVCAkKCwID",
|
||||
"\tFgIBFiEEGil0OvTIa6RngmCLUYNnEa9leJAACgkQUYNnEa9leJCX3gEAhm0MehE5byBBU1avPczr/I",
|
||||
"\tHjNLht7Qf6++mAhlJmtDcA/0C8VYJhsUpmiDjuZaMDWNv4FO2BJG6LH7gSm6n7ClMJzjgEZSrw3hIK",
|
||||
"\tKwYBBAGXVQEFAQEHQAxGG/QW0owCfMp1A+vXEMwgzWcBpNFr58kX2eXuPpM6AwEIB8J4BBgWCAAgBQ",
|
||||
"\tJlKvDeAhsMFiEEGil0OvTIa6RngmCLUYNnEa9leJAACgkQUYNnEa9leJDg1gEAwLf8KDoAAKyYgjyI",
|
||||
"\tvYvO9VEgBni1C4Xx1VjcaEmlDK8BALoFuUCK+enw76TtDcAUKhlhUiM6SDRExkS4Nskp/BcK",
|
||||
"MIME-Version: 1.0",
|
||||
"Content-Type: text/plain; charset=utf-8; format=flowed; delsp=no",
|
||||
"",
|
||||
"Hi!",
|
||||
"",
|
||||
"",
|
||||
]
|
||||
).encode()
|
||||
)
|
||||
|
||||
assert not check_encrypted_bstr(
|
||||
"\r\n".join(
|
||||
[
|
||||
"Subject: =?utf-8?q?Message_from_foobar=40c2=2Etestrun=2Eorg?=",
|
||||
"Chat-Disposition-Notification-To: foobar@c2.testrun.org",
|
||||
"Chat-User-Avatar: 0",
|
||||
"From: <foobar@c2.testrun.org>",
|
||||
"To: <barbaz@c2.testrun.org>",
|
||||
"Date: Sun, 15 Oct 2023 16:41:44 +0000",
|
||||
"Message-ID: <Mr.3gckbNy5bch.uK3Hd2Ws6-w@c2.testrun.org>",
|
||||
"References: <Mr.3gckbNy5bch.uK3Hd2Ws6-w@c2.testrun.org>",
|
||||
"Chat-Version: 1.0",
|
||||
"Autocrypt: addr=foobar@c2.testrun.org; prefer-encrypt=mutual;",
|
||||
"\tkeydata=xjMEZSrw3hYJKwYBBAHaRw8BAQdAiEKNQFU28c6qsx4vo/JHdt73RXdjMOmByf/XsGiJ7m",
|
||||
"\tnNFzxmb29iYXJAYzIudGVzdHJ1bi5vcmc+wosEEBYIADMCGQEFAmUq8N4CGwMECwkIBwYVCAkKCwID",
|
||||
"\tFgIBFiEEGil0OvTIa6RngmCLUYNnEa9leJAACgkQUYNnEa9leJCX3gEAhm0MehE5byBBU1avPczr/I",
|
||||
"\tHjNLht7Qf6++mAhlJmtDcA/0C8VYJhsUpmiDjuZaMDWNv4FO2BJG6LH7gSm6n7ClMJzjgEZSrw3hIK",
|
||||
"\tKwYBBAGXVQEFAQEHQAxGG/QW0owCfMp1A+vXEMwgzWcBpNFr58kX2eXuPpM6AwEIB8J4BBgWCAAgBQ",
|
||||
"\tJlKvDeAhsMFiEEGil0OvTIa6RngmCLUYNnEa9leJAACgkQUYNnEa9leJDg1gEAwLf8KDoAAKyYgjyI",
|
||||
"\tvYvO9VEgBni1C4Xx1VjcaEmlDK8BALoFuUCK+enw76TtDcAUKhlhUiM6SDRExkS4Nskp/BcK",
|
||||
"MIME-Version: 1.0",
|
||||
"Content-Type: text/plain; charset=utf-8; format=flowed; delsp=no",
|
||||
"",
|
||||
"Hi!",
|
||||
"",
|
||||
"",
|
||||
]
|
||||
).encode()
|
||||
)
|
||||
|
||||
# https://xkcd.com/1181/
|
||||
assert not check_encrypted_bstr(
|
||||
"\r\n".join(
|
||||
[
|
||||
"Subject: =?utf-8?q?Message_from_foobar=40c2=2Etestrun=2Eorg?=",
|
||||
"Chat-Disposition-Notification-To: foobar@c2.testrun.org",
|
||||
"Chat-User-Avatar: 0",
|
||||
"From: <foobar@c2.testrun.org>",
|
||||
"To: <barbaz@c2.testrun.org>",
|
||||
"Date: Sun, 15 Oct 2023 16:41:44 +0000",
|
||||
"Message-ID: <Mr.3gckbNy5bch.uK3Hd2Ws6-w@c2.testrun.org>",
|
||||
"References: <Mr.3gckbNy5bch.uK3Hd2Ws6-w@c2.testrun.org>",
|
||||
"Chat-Version: 1.0",
|
||||
"Autocrypt: addr=foobar@c2.testrun.org; prefer-encrypt=mutual;",
|
||||
"\tkeydata=xjMEZSrw3hYJKwYBBAHaRw8BAQdAiEKNQFU28c6qsx4vo/JHdt73RXdjMOmByf/XsGiJ7m",
|
||||
"\tnNFzxmb29iYXJAYzIudGVzdHJ1bi5vcmc+wosEEBYIADMCGQEFAmUq8N4CGwMECwkIBwYVCAkKCwID",
|
||||
"\tFgIBFiEEGil0OvTIa6RngmCLUYNnEa9leJAACgkQUYNnEa9leJCX3gEAhm0MehE5byBBU1avPczr/I",
|
||||
"\tHjNLht7Qf6++mAhlJmtDcA/0C8VYJhsUpmiDjuZaMDWNv4FO2BJG6LH7gSm6n7ClMJzjgEZSrw3hIK",
|
||||
"\tKwYBBAGXVQEFAQEHQAxGG/QW0owCfMp1A+vXEMwgzWcBpNFr58kX2eXuPpM6AwEIB8J4BBgWCAAgBQ",
|
||||
"\tJlKvDeAhsMFiEEGil0OvTIa6RngmCLUYNnEa9leJAACgkQUYNnEa9leJDg1gEAwLf8KDoAAKyYgjyI",
|
||||
"\tvYvO9VEgBni1C4Xx1VjcaEmlDK8BALoFuUCK+enw76TtDcAUKhlhUiM6SDRExkS4Nskp/BcK",
|
||||
"MIME-Version: 1.0",
|
||||
"Content-Type: text/plain; charset=utf-8; format=flowed; delsp=no",
|
||||
"",
|
||||
"-----BEGIN PGP MESSAGE-----",
|
||||
"Hi!",
|
||||
"-----END PGP MESSAGE-----",
|
||||
"",
|
||||
"",
|
||||
]
|
||||
).encode()
|
||||
)
|
||||
|
||||
assert check_encrypted_bstr(
|
||||
"\r\n".join(
|
||||
[
|
||||
"Subject: ...",
|
||||
"From: <barbaz@c2.testrun.org>",
|
||||
"To: <foobar@c2.testrun.org>",
|
||||
"Date: Sun, 15 Oct 2023 16:43:21 +0000",
|
||||
"Message-ID: <Mr.UVyJWZmkCKM.hGzNc6glBE_@c2.testrun.org>",
|
||||
"In-Reply-To: <Mr.MvmCz-GQbi_.6FGRkhDf05c@c2.testrun.org>",
|
||||
"References: <Mr.3gckbNy5bch.uK3Hd2Ws6-w@c2.testrun.org>",
|
||||
"\t<Mr.MvmCz-GQbi_.6FGRkhDf05c@c2.testrun.org>",
|
||||
"Chat-Version: 1.0",
|
||||
"Autocrypt: addr=barbaz@c2.testrun.org; prefer-encrypt=mutual;",
|
||||
"\tkeydata=xjMEZSwWjhYJKwYBBAHaRw8BAQdAQBEhqeJh0GueHB6kF/DUQqYCxARNBVokg/AzT+7LqH",
|
||||
"\trNFzxiYXJiYXpAYzIudGVzdHJ1bi5vcmc+wosEEBYIADMCGQEFAmUsFo4CGwMECwkIBwYVCAkKCwID",
|
||||
"\tFgIBFiEEFTfUNvVnY3b9F7yHnmme1PfUhX8ACgkQnmme1PfUhX9A4AEAnHWHp49eBCMHK5t66gYPiW",
|
||||
"\tXQuB1mwUjzGfYWB+0RXUoA/0xcQ3FbUNlGKW7Blp6eMFfViv6Mv2d3kNSXACB6nmcMzjgEZSwWjhIK",
|
||||
"\tKwYBBAGXVQEFAQEHQBpY5L2M1XHo0uxf8SX1wNLBp/OVvidoWHQF2Jz+kJsUAwEIB8J4BBgWCAAgBQ",
|
||||
"\tJlLBaOAhsMFiEEFTfUNvVnY3b9F7yHnmme1PfUhX8ACgkQnmme1PfUhX/INgEA37AJaNvruYsJVanP",
|
||||
"\tIXnYw4CKd55UAwl8Zcy+M2diAbkA/0fHHcGV4r78hpbbL1Os52DPOdqYQRauIeJUeG+G6bQO",
|
||||
"MIME-Version: 1.0",
|
||||
'Content-Type: multipart/encrypted; protocol="application/pgp-encrypted";',
|
||||
'\tboundary="YFrteb74qSXmggbOxZL9dRnhymywAi"',
|
||||
"",
|
||||
"",
|
||||
"--YFrteb74qSXmggbOxZL9dRnhymywAi",
|
||||
"Content-Description: PGP/MIME version identification",
|
||||
"Content-Type: application/pgp-encrypted",
|
||||
"",
|
||||
"Version: 1",
|
||||
"",
|
||||
"",
|
||||
"--YFrteb74qSXmggbOxZL9dRnhymywAi",
|
||||
"Content-Description: OpenPGP encrypted message",
|
||||
'Content-Disposition: inline; filename="encrypted.asc";',
|
||||
'Content-Type: application/octet-stream; name="encrypted.asc"',
|
||||
"",
|
||||
"-----BEGIN PGP MESSAGE-----",
|
||||
"",
|
||||
"wU4DhW3gBZ/VvCYSAQdA8bMs2spwbKdGjVsL1ByPkNrqD7frpB73maeL6I6SzDYg",
|
||||
"O5G53tv339RdKq3WRcCtEEvxjHlUx2XNwXzC04BpmfvBTgNfPUyLDzjXnxIBB0Ae",
|
||||
"8ymwGvXMCCimHXN0Dg8Ui62KOi03h0UgheoHWovJSCDF4CKre/xtFr3nL7lq/PKI",
|
||||
"JsjVNz7/RK9FSXF6WwfONtLCyQGEuVAsB/KXfCBEyfKhaMwGHvhujRidGW5uV1no",
|
||||
"lMGl3ODmo29Lgeu2uSE7EpJRZoe6hU6ddmBkqxax61ZtkaFlGFFpdo2K8balNNdz",
|
||||
"ZsJ/9mmI9x3oOJ4/l1nhQbUO9ADbs7gJhFdV5Qkp30b5fCI7bU+aoe1ccBbLe/WM",
|
||||
"YUty1PqcuQT7XjA+XmYuL261tvW8pBetT+i33/E2d8PzzYt2IuK9qeevyS+yxdwA",
|
||||
"kfwejFWzzsUlJaDxs1x4XOxkMgSj+jo+g12dFOb7fyClsAnq23iDb8AuaT/BScAI",
|
||||
"+lO+gher69+6LmM7VGHLG5k762J1jTaQCaKt1s8TAWV99Eo4491vL6fyvk3l/Cfg",
|
||||
"RXSwiWFgj19Pn0Rq7CD9v22UE2vdUMBTcV4aw79mClk1YQ23jbF0y5DCjPdJ62Zo",
|
||||
"tskBgFt3NoWV80jZ76zIBLrrjLwCCll8JjJtFwSkt2GX5RFBsVa4A8IDht9RtEk7",
|
||||
"rrHgbSZQfkauEi/mH3/6CDZoLqSHudUZ7d4MaJwun1TkFYGe2ORwGJd4OBj3oGJp",
|
||||
"H8YBwCpk///L/fKjX0Gg3M8nrpM4wrRFhPKidAgO/kcm25X4+ZHlVkWBTCt5RWKI",
|
||||
"fHh6oLDZCqCfcgMkE1KKmwfIHaUkhq5BPRigwy6i5dh1DM4+1UCLh3dxzVbqE9b9",
|
||||
"61NB19nXdRtDA2sOUnj9ve6m/wEPyCb6/zBQZqvCBYb1/AjdXpUrFT+DbpfyxaXN",
|
||||
"XfhDVb5mNqNM/IVj0V5fvTc6vOfYbzQtPm10H+FdWWfb+rJRfyC3MA2w2IqstFe3",
|
||||
"w3bu2iE6CQvSqRvge+ZqLKt/NqYwOURiUmpuklbl3kPJ97+mfKWoiqk8Iz1VY+bb",
|
||||
"NMUC7aoGv+jcoj+WS6PYO8N6BeRVUUB3ZJSf8nzjgxm1/BcM+UD3BPrlhT11ODRs",
|
||||
"baifGbprMWwt3dhb8cQgRT8GPdpO1OsDkzL6iikMjLHWWiA99GV6ruiHsIPw6boW",
|
||||
"A6/uSOskbDHOROotKmddGTBd0iiHXAoQsJFt1ZjUkt6EHrgWs+GAvrvKpXs1mrz8",
|
||||
"uj3GwEFrHS+Xuf2UDgpszYT3hI2cL/kUtGakVR7m7vVMZqXBUbZdGAEb1PZNPwsI",
|
||||
"E4aMK02+EVB+tSN4Fzj99N2YD0inVYt+oPjr2tHhUS6aSGBNS/48Ki47DOg4Sxkn",
|
||||
"lkOWnEbCD+XTnbDd",
|
||||
"=agR5",
|
||||
"-----END PGP MESSAGE-----",
|
||||
"",
|
||||
"",
|
||||
"--YFrteb74qSXmggbOxZL9dRnhymywAi--",
|
||||
"",
|
||||
"",
|
||||
]
|
||||
).encode()
|
||||
)
|
||||
|
||||
assert not check_encrypted_bstr(
|
||||
"\r\n".join(
|
||||
[
|
||||
"Subject: Buy Penis Enlargement at www.malicious-domain.com",
|
||||
"From: <barbaz@c2.testrun.org>",
|
||||
"To: <foobar@c2.testrun.org>",
|
||||
"Date: Sun, 15 Oct 2023 16:43:21 +0000",
|
||||
"Message-ID: <Mr.UVyJWZmkCKM.hGzNc6glBE_@c2.testrun.org>",
|
||||
"In-Reply-To: <Mr.MvmCz-GQbi_.6FGRkhDf05c@c2.testrun.org>",
|
||||
"References: <Mr.3gckbNy5bch.uK3Hd2Ws6-w@c2.testrun.org>",
|
||||
"\t<Mr.MvmCz-GQbi_.6FGRkhDf05c@c2.testrun.org>",
|
||||
"Chat-Version: 1.0",
|
||||
"Autocrypt: addr=barbaz@c2.testrun.org; prefer-encrypt=mutual;",
|
||||
"\tkeydata=xjMEZSwWjhYJKwYBBAHaRw8BAQdAQBEhqeJh0GueHB6kF/DUQqYCxARNBVokg/AzT+7LqH",
|
||||
"\trNFzxiYXJiYXpAYzIudGVzdHJ1bi5vcmc+wosEEBYIADMCGQEFAmUsFo4CGwMECwkIBwYVCAkKCwID",
|
||||
"\tFgIBFiEEFTfUNvVnY3b9F7yHnmme1PfUhX8ACgkQnmme1PfUhX9A4AEAnHWHp49eBCMHK5t66gYPiW",
|
||||
"\tXQuB1mwUjzGfYWB+0RXUoA/0xcQ3FbUNlGKW7Blp6eMFfViv6Mv2d3kNSXACB6nmcMzjgEZSwWjhIK",
|
||||
"\tKwYBBAGXVQEFAQEHQBpY5L2M1XHo0uxf8SX1wNLBp/OVvidoWHQF2Jz+kJsUAwEIB8J4BBgWCAAgBQ",
|
||||
"\tJlLBaOAhsMFiEEFTfUNvVnY3b9F7yHnmme1PfUhX8ACgkQnmme1PfUhX/INgEA37AJaNvruYsJVanP",
|
||||
"\tIXnYw4CKd55UAwl8Zcy+M2diAbkA/0fHHcGV4r78hpbbL1Os52DPOdqYQRauIeJUeG+G6bQO",
|
||||
"MIME-Version: 1.0",
|
||||
'Content-Type: multipart/encrypted; protocol="application/pgp-encrypted";',
|
||||
'\tboundary="YFrteb74qSXmggbOxZL9dRnhymywAi"',
|
||||
"",
|
||||
"",
|
||||
"--YFrteb74qSXmggbOxZL9dRnhymywAi",
|
||||
"Content-Description: PGP/MIME version identification",
|
||||
"Content-Type: application/pgp-encrypted",
|
||||
"",
|
||||
"Version: 1",
|
||||
"",
|
||||
"",
|
||||
"--YFrteb74qSXmggbOxZL9dRnhymywAi",
|
||||
"Content-Description: OpenPGP encrypted message",
|
||||
'Content-Disposition: inline; filename="encrypted.asc";',
|
||||
'Content-Type: application/octet-stream; name="encrypted.asc"',
|
||||
"",
|
||||
"-----BEGIN PGP MESSAGE-----",
|
||||
"",
|
||||
"wU4DhW3gBZ/VvCYSAQdA8bMs2spwbKdGjVsL1ByPkNrqD7frpB73maeL6I6SzDYg",
|
||||
"O5G53tv339RdKq3WRcCtEEvxjHlUx2XNwXzC04BpmfvBTgNfPUyLDzjXnxIBB0Ae",
|
||||
"8ymwGvXMCCimHXN0Dg8Ui62KOi03h0UgheoHWovJSCDF4CKre/xtFr3nL7lq/PKI",
|
||||
"JsjVNz7/RK9FSXF6WwfONtLCyQGEuVAsB/KXfCBEyfKhaMwGHvhujRidGW5uV1no",
|
||||
"lMGl3ODmo29Lgeu2uSE7EpJRZoe6hU6ddmBkqxax61ZtkaFlGFFpdo2K8balNNdz",
|
||||
"ZsJ/9mmI9x3oOJ4/l1nhQbUO9ADbs7gJhFdV5Qkp30b5fCI7bU+aoe1ccBbLe/WM",
|
||||
"YUty1PqcuQT7XjA+XmYuL261tvW8pBetT+i33/E2d8PzzYt2IuK9qeevyS+yxdwA",
|
||||
"kfwejFWzzsUlJaDxs1x4XOxkMgSj+jo+g12dFOb7fyClsAnq23iDb8AuaT/BScAI",
|
||||
"+lO+gher69+6LmM7VGHLG5k762J1jTaQCaKt1s8TAWV99Eo4491vL6fyvk3l/Cfg",
|
||||
"RXSwiWFgj19Pn0Rq7CD9v22UE2vdUMBTcV4aw79mClk1YQ23jbF0y5DCjPdJ62Zo",
|
||||
"tskBgFt3NoWV80jZ76zIBLrrjLwCCll8JjJtFwSkt2GX5RFBsVa4A8IDht9RtEk7",
|
||||
"rrHgbSZQfkauEi/mH3/6CDZoLqSHudUZ7d4MaJwun1TkFYGe2ORwGJd4OBj3oGJp",
|
||||
"H8YBwCpk///L/fKjX0Gg3M8nrpM4wrRFhPKidAgO/kcm25X4+ZHlVkWBTCt5RWKI",
|
||||
"fHh6oLDZCqCfcgMkE1KKmwfIHaUkhq5BPRigwy6i5dh1DM4+1UCLh3dxzVbqE9b9",
|
||||
"61NB19nXdRtDA2sOUnj9ve6m/wEPyCb6/zBQZqvCBYb1/AjdXpUrFT+DbpfyxaXN",
|
||||
"XfhDVb5mNqNM/IVj0V5fvTc6vOfYbzQtPm10H+FdWWfb+rJRfyC3MA2w2IqstFe3",
|
||||
"w3bu2iE6CQvSqRvge+ZqLKt/NqYwOURiUmpuklbl3kPJ97+mfKWoiqk8Iz1VY+bb",
|
||||
"NMUC7aoGv+jcoj+WS6PYO8N6BeRVUUB3ZJSf8nzjgxm1/BcM+UD3BPrlhT11ODRs",
|
||||
"baifGbprMWwt3dhb8cQgRT8GPdpO1OsDkzL6iikMjLHWWiA99GV6ruiHsIPw6boW",
|
||||
"A6/uSOskbDHOROotKmddGTBd0iiHXAoQsJFt1ZjUkt6EHrgWs+GAvrvKpXs1mrz8",
|
||||
"uj3GwEFrHS+Xuf2UDgpszYT3hI2cL/kUtGakVR7m7vVMZqXBUbZdGAEb1PZNPwsI",
|
||||
"E4aMK02+EVB+tSN4Fzj99N2YD0inVYt+oPjr2tHhUS6aSGBNS/48Ki47DOg4Sxkn",
|
||||
"lkOWnEbCD+XTnbDd",
|
||||
"=agR5",
|
||||
"-----END PGP MESSAGE-----",
|
||||
"",
|
||||
"",
|
||||
"--YFrteb74qSXmggbOxZL9dRnhymywAi--",
|
||||
"",
|
||||
"",
|
||||
]
|
||||
).encode()
|
||||
)
|
||||
|
||||
assert not check_encrypted_bstr(
|
||||
"\r\n".join(
|
||||
[
|
||||
"Subject: Message opened",
|
||||
"From: <barbaz@c2.testrun.org>",
|
||||
"To: <foobar@c2.testrun.org>",
|
||||
"Date: Sun, 15 Oct 2023 16:43:25 +0000",
|
||||
"Message-ID: <Mr.78MWtlV7RAi.goCFzBhCYfy@c2.testrun.org>",
|
||||
"Auto-Submitted: auto-replied",
|
||||
"Chat-Version: 1.0",
|
||||
"MIME-Version: 1.0",
|
||||
"Content-Type: multipart/report; report-type=disposition-notification;",
|
||||
'\tboundary="Gl92xgZjOShJ5PGHntqYkoo2OK2Dvi"',
|
||||
"",
|
||||
"",
|
||||
"--Gl92xgZjOShJ5PGHntqYkoo2OK2Dvi",
|
||||
"Content-Type: text/plain; charset=utf-8; format=flowed; delsp=no",
|
||||
"",
|
||||
'The "Hi!" message you sent was displayed on the screen of the recipient.',
|
||||
"",
|
||||
"This is no guarantee the content was read.",
|
||||
"",
|
||||
"",
|
||||
"--Gl92xgZjOShJ5PGHntqYkoo2OK2Dvi",
|
||||
"Content-Type: message/disposition-notification",
|
||||
"",
|
||||
"Reporting-UA: Delta Chat 1.124.1",
|
||||
"Original-Recipient: rfc822;barbaz@c2.testrun.org",
|
||||
"Final-Recipient: rfc822;barbaz@c2.testrun.org",
|
||||
"Original-Message-ID: <Mr.MvmCz-GQbi_.6FGRkhDf05c@c2.testrun.org>",
|
||||
"Disposition: manual-action/MDN-sent-automatically; displayed",
|
||||
"",
|
||||
"",
|
||||
"--Gl92xgZjOShJ5PGHntqYkoo2OK2Dvi--",
|
||||
"",
|
||||
"",
|
||||
]
|
||||
).encode()
|
||||
)
|
||||
|
||||
|
||||
def test_send_rate_limiter():
|
||||
limiter = SendRateLimiter()
|
||||
for i in range(100):
|
||||
if limiter.is_sending_allowed("some@example.org"):
|
||||
if i <= SendRateLimiter.MAX_USER_SEND_PER_MINUTE:
|
||||
continue
|
||||
pytest.fail("limiter didn't work")
|
||||
else:
|
||||
assert i == SendRateLimiter.MAX_USER_SEND_PER_MINUTE + 1
|
||||
break
|
||||
@@ -277,6 +277,22 @@ def deploy_chatmail(mail_domain: str, mail_server: str, dkim_selector: str) -> N
|
||||
commands=[f"echo {mail_domain} >/etc/mailname; chmod 644 /etc/mailname"],
|
||||
)
|
||||
|
||||
journald_conf = files.put(
|
||||
name="Configure journald",
|
||||
src=importlib.resources.files(__package__).joinpath("journald.conf"),
|
||||
dest="/etc/systemd/journald.conf",
|
||||
user="root",
|
||||
group="root",
|
||||
mode="644",
|
||||
)
|
||||
systemd.service(
|
||||
name="Start and enable journald",
|
||||
service="systemd-journald.service",
|
||||
running=True,
|
||||
enabled=True,
|
||||
restarted=journald_conf,
|
||||
)
|
||||
|
||||
def callback():
|
||||
result = server.shell(
|
||||
commands=[
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
import importlib.resources
|
||||
|
||||
from pyinfra.operations import apt, files, systemd, server
|
||||
from pyinfra.operations import apt, files, server
|
||||
|
||||
|
||||
def deploy_acmetool(nginx_hook=False, email="", domains=[]):
|
||||
|
||||
2
deploy-chatmail/src/deploy_chatmail/journald.conf
Normal file
2
deploy-chatmail/src/deploy_chatmail/journald.conf
Normal file
@@ -0,0 +1,2 @@
|
||||
[Journal]
|
||||
MaxRetentionSec=3d
|
||||
@@ -77,4 +77,4 @@ postlog unix-dgram n - n - 1 postlogd
|
||||
filter unix - n n - - lmtp
|
||||
# Local SMTP server for reinjecting filered mail.
|
||||
localhost:10025 inet n - n - 10 smtpd
|
||||
-o content_filter=
|
||||
-o syslog_name=postfix/reinject
|
||||
|
||||
@@ -1,34 +0,0 @@
|
||||
def test_tls_serialized_connect(benchmark, imap_or_smtp):
|
||||
def connect():
|
||||
imap_or_smtp.connect()
|
||||
|
||||
benchmark(connect)
|
||||
|
||||
|
||||
def test_login(benchmark, imap_or_smtp, gencreds):
|
||||
cls = imap_or_smtp.__class__
|
||||
conns = []
|
||||
for i in range(20):
|
||||
conn = cls(imap_or_smtp.host)
|
||||
conn.connect()
|
||||
conns.append(conn)
|
||||
|
||||
def login():
|
||||
conn = conns.pop()
|
||||
conn.login(*gencreds())
|
||||
|
||||
benchmark(login)
|
||||
|
||||
|
||||
def test_send_and_receive_10(benchmark, cmfactory, lp):
|
||||
"""send many messages between two accounts"""
|
||||
ac1, ac2 = cmfactory.get_online_accounts(2)
|
||||
chat = cmfactory.get_accepted_chat(ac1, ac2)
|
||||
|
||||
def send_10_receive_all():
|
||||
for i in range(10):
|
||||
chat.send_text(f"hello {i}")
|
||||
for i in range(10):
|
||||
ac2.wait_next_incoming_message()
|
||||
|
||||
benchmark(send_10_receive_all)
|
||||
@@ -1,3 +0,0 @@
|
||||
[pytest]
|
||||
addopts = -vrsx --strict-markers
|
||||
markers = slow: mark test as slow (requires --slow option to run)
|
||||
@@ -11,4 +11,3 @@ conn.login(f"imapcapa", "pass")
|
||||
status, res = conn.capability()
|
||||
for capa in sorted(res[0].decode().split()):
|
||||
print(capa)
|
||||
|
||||
|
||||
@@ -6,9 +6,8 @@ deploy-chatmail/venv/bin/pip install -e deploy-chatmail
|
||||
deploy-chatmail/venv/bin/pip install -e chatmaild
|
||||
|
||||
python3 -m venv chatmaild/venv
|
||||
sudo apt install -y dovecot-core && sudo systemctl disable --now dovecot
|
||||
chatmaild/venv/bin/pip install --upgrade pytest build 'setuptools>=68'
|
||||
chatmaild/venv/bin/pip install -e chatmaild
|
||||
|
||||
python3 -m venv online-tests/venv
|
||||
online-tests/venv/bin/pip install pytest pytest-timeout pdbpp deltachat pytest-benchmark
|
||||
online-tests/venv/bin/pip install pytest pytest-timeout pdbpp deltachat
|
||||
|
||||
@@ -5,7 +5,7 @@ import imaplib
|
||||
|
||||
domain = os.environ.get("CHATMAIL_DOMAIN", "c3.testrun.org")
|
||||
|
||||
NUM_CONNECTIONS=10
|
||||
NUM_CONNECTIONS = 10
|
||||
|
||||
conns = []
|
||||
|
||||
@@ -16,7 +16,7 @@ for i in range(NUM_CONNECTIONS):
|
||||
conns.append(conn)
|
||||
|
||||
tlsdone = time.time()
|
||||
duration = tlsdone-start
|
||||
duration = tlsdone - start
|
||||
print(f"{duration}: TLS connections opening TLS connections")
|
||||
|
||||
for i, conn in enumerate(conns):
|
||||
|
||||
9
tests/chatmaild/conftest.py
Normal file
9
tests/chatmaild/conftest.py
Normal file
@@ -0,0 +1,9 @@
|
||||
import pytest
|
||||
from chatmaild.database import Database
|
||||
|
||||
|
||||
@pytest.fixture()
|
||||
def db(tmpdir):
|
||||
db_path = tmpdir / "passdb.sqlite"
|
||||
print("database path:", db_path)
|
||||
return Database(db_path)
|
||||
48
tests/chatmaild/test_dictproxy.py
Normal file
48
tests/chatmaild/test_dictproxy.py
Normal file
@@ -0,0 +1,48 @@
|
||||
import os
|
||||
|
||||
import pytest
|
||||
|
||||
import chatmaild.dictproxy
|
||||
from chatmaild.dictproxy import DictProxy
|
||||
from chatmaild.database import DBError
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
def dictproxy(db, maildomain):
|
||||
return DictProxy(db, maildomain)
|
||||
|
||||
|
||||
def test_basic(dictproxy, tmpdir, monkeypatch):
|
||||
monkeypatch.setattr(
|
||||
chatmaild.dictproxy, "NOCREATE_FILE", tmpdir.join("nocreate").strpath
|
||||
)
|
||||
dictproxy.lookup_passdb("link2xt@c1.testrun.org", "asdf")
|
||||
assert dictproxy.get_user_data("link2xt@c1.testrun.org")
|
||||
|
||||
|
||||
def test_dont_overwrite_password_on_wrong_login(dictproxy):
|
||||
"""Test that logging in with a different password doesn't create a new user"""
|
||||
res = dictproxy.lookup_passdb("newuser1@something.org", "kajdlkajsldk12l3kj1983")
|
||||
assert res["password"]
|
||||
res2 = dictproxy.lookup_passdb("newuser1@something.org", "kajdlqweqwe")
|
||||
# this function always returns a password hash, which is actually compared by dovecot.
|
||||
assert res["password"] == res2["password"]
|
||||
|
||||
|
||||
def test_nocreate_file(dictproxy, tmpdir, monkeypatch):
|
||||
nocreate = tmpdir.join("nocreate")
|
||||
monkeypatch.setattr(chatmaild.dictproxy, "NOCREATE_FILE", str(nocreate))
|
||||
nocreate.write("")
|
||||
dictproxy.lookup_passdb("newuser1@something.org", "kajdlqweqwe")
|
||||
assert not dictproxy.get_user_data("newuser1@something.org")
|
||||
|
||||
|
||||
def test_db_version(db):
|
||||
assert db.get_schema_version() == 1
|
||||
|
||||
|
||||
def test_too_high_db_version(db):
|
||||
with db.write_transaction() as conn:
|
||||
conn.execute("PRAGMA user_version=%s;" % (999,))
|
||||
with pytest.raises(DBError):
|
||||
db.ensure_tables()
|
||||
51
tests/chatmaild/test_filtermail.py
Normal file
51
tests/chatmaild/test_filtermail.py
Normal file
@@ -0,0 +1,51 @@
|
||||
from chatmaild.filtermail import check_encrypted, check_DATA, SendRateLimiter
|
||||
import pytest
|
||||
|
||||
|
||||
def test_reject_forged_from(maildata, gencreds):
|
||||
class env:
|
||||
mail_from = gencreds()[0]
|
||||
rcpt_tos = [gencreds()[0]]
|
||||
|
||||
# test that the filter lets good mail through
|
||||
env.content = maildata("plain.eml", from_addr=env.mail_from).as_bytes()
|
||||
assert not check_DATA(envelope=env)
|
||||
|
||||
# test that the filter rejects forged mail
|
||||
env.content = maildata("plain.eml", from_addr="forged@c3.testrun.org").as_bytes()
|
||||
error = check_DATA(envelope=env)
|
||||
assert "500" in error
|
||||
|
||||
|
||||
def test_filtermail_no_encryption_detection(maildata):
|
||||
msg = maildata("plain.eml")
|
||||
assert not check_encrypted(msg)
|
||||
|
||||
# https://xkcd.com/1181/
|
||||
msg = maildata("fake-encrypted.eml")
|
||||
assert not check_encrypted(msg)
|
||||
|
||||
|
||||
def test_filtermail_encryption_detection(maildata):
|
||||
msg = maildata("encrypted.eml")
|
||||
assert check_encrypted(msg)
|
||||
|
||||
# if the subject is not "..." it is not considered ac-encrypted
|
||||
msg.replace_header("Subject", "Click this link")
|
||||
assert not check_encrypted(msg)
|
||||
|
||||
|
||||
def test_filtermail_mdn_is_not_encrypted(maildata):
|
||||
assert not check_encrypted(maildata("mdn.eml"))
|
||||
|
||||
|
||||
def test_send_rate_limiter():
|
||||
limiter = SendRateLimiter()
|
||||
for i in range(100):
|
||||
if limiter.is_sending_allowed("some@example.org"):
|
||||
if i <= SendRateLimiter.MAX_USER_SEND_PER_MINUTE:
|
||||
continue
|
||||
pytest.fail("limiter didn't work")
|
||||
else:
|
||||
assert i == SendRateLimiter.MAX_USER_SEND_PER_MINUTE + 1
|
||||
break
|
||||
@@ -1,19 +1,34 @@
|
||||
import os
|
||||
import io
|
||||
import time
|
||||
import random
|
||||
import subprocess
|
||||
import imaplib
|
||||
import smtplib
|
||||
import itertools
|
||||
from email.parser import BytesParser
|
||||
from email import policy
|
||||
from pathlib import Path
|
||||
from math import ceil
|
||||
import pytest
|
||||
|
||||
|
||||
conftestdir = Path(__file__).parent
|
||||
|
||||
|
||||
def pytest_addoption(parser):
|
||||
parser.addoption(
|
||||
"--slow", action="store_true", default=False, help="also run slow tests"
|
||||
)
|
||||
|
||||
|
||||
def pytest_configure(config):
|
||||
config._benchresults = {}
|
||||
config.addinivalue_line(
|
||||
"markers", "slow: mark test to require --slow option to run"
|
||||
)
|
||||
|
||||
|
||||
def pytest_runtest_setup(item):
|
||||
markers = list(item.iter_markers(name="slow"))
|
||||
if markers:
|
||||
@@ -54,6 +69,49 @@ def pytest_report_header():
|
||||
return ["-" * len(text), text, "-" * len(text)]
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
def benchmark(request):
|
||||
def bench(func, num, name=None):
|
||||
if name is None:
|
||||
name = func.__name__
|
||||
durations = []
|
||||
for i in range(num):
|
||||
now = time.time()
|
||||
func()
|
||||
durations.append(time.time() - now)
|
||||
durations.sort()
|
||||
request.config._benchresults[name] = durations
|
||||
|
||||
return bench
|
||||
|
||||
|
||||
def pytest_terminal_summary(terminalreporter):
|
||||
tr = terminalreporter
|
||||
results = tr.config._benchresults
|
||||
if not results:
|
||||
return
|
||||
|
||||
tr.section("benchmark results")
|
||||
float_names = "median min max".split()
|
||||
width = max(map(len, float_names))
|
||||
|
||||
def fcol(parts):
|
||||
return " ".join(part.rjust(width) for part in parts)
|
||||
|
||||
headers = f"{'benchmark name': <30} " + fcol(float_names)
|
||||
tr.write_line(headers)
|
||||
tr.write_line("-" * len(headers))
|
||||
for name, durations in results.items():
|
||||
measures = [
|
||||
sorted(durations)[len(durations) // 2],
|
||||
min(durations),
|
||||
max(durations),
|
||||
]
|
||||
line = f"{name: <30} "
|
||||
line += fcol(f"{float: 2.2f}" for float in measures)
|
||||
tr.write_line(line)
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
def imap(maildomain):
|
||||
return ImapConn(maildomain)
|
||||
@@ -229,13 +287,19 @@ class Remote:
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
def mailgen(request):
|
||||
class Mailgen:
|
||||
def get_encrypted(self, from_addr, to_addr):
|
||||
data = request.fspath.dirpath("mailgen/encrypted.eml").read()
|
||||
return data.format(from_addr=from_addr, to_addr=to_addr)
|
||||
def maildata(request, gencreds):
|
||||
datadir = conftestdir.joinpath("mail-data")
|
||||
|
||||
return Mailgen()
|
||||
def maildata(name, parsed=True, from_addr=None, to_addr=None):
|
||||
if from_addr is None:
|
||||
from_addr = gencreds()[0]
|
||||
if to_addr is None:
|
||||
to_addr = gencreds()[0]
|
||||
data = datadir.joinpath(name).read_text()
|
||||
text = data.format(from_addr=from_addr, to_addr=to_addr)
|
||||
return BytesParser(policy=policy.default).parsebytes(text.encode())
|
||||
|
||||
return maildata
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
25
tests/mail-data/fake-encrypted.eml
Normal file
25
tests/mail-data/fake-encrypted.eml
Normal file
@@ -0,0 +1,25 @@
|
||||
Subject: =?utf-8?q?Message_from_foobar=40c2=2Etestrun=2Eorg?=
|
||||
Chat-Disposition-Notification-To: foobar@c2.testrun.org
|
||||
Chat-User-Avatar: 0
|
||||
From: <{from_addr}>
|
||||
To: <{to_addr}>
|
||||
Date: Sun, 15 Oct 2023 16:41:44 +0000
|
||||
Message-ID: <Mr.3gckbNy5bch.uK3Hd2Ws6-w@c2.testrun.org>
|
||||
References: <Mr.3gckbNy5bch.uK3Hd2Ws6-w@c2.testrun.org>
|
||||
Chat-Version: 1.0
|
||||
Autocrypt: addr={from_addr}; prefer-encrypt=mutual;
|
||||
keydata=xjMEZSrw3hYJKwYBBAHaRw8BAQdAiEKNQFU28c6qsx4vo/JHdt73RXdjMOmByf/XsGiJ7m
|
||||
nNFzxmb29iYXJAYzIudGVzdHJ1bi5vcmc+wosEEBYIADMCGQEFAmUq8N4CGwMECwkIBwYVCAkKCwID
|
||||
FgIBFiEEGil0OvTIa6RngmCLUYNnEa9leJAACgkQUYNnEa9leJCX3gEAhm0MehE5byBBU1avPczr/I
|
||||
HjNLht7Qf6++mAhlJmtDcA/0C8VYJhsUpmiDjuZaMDWNv4FO2BJG6LH7gSm6n7ClMJzjgEZSrw3hIK
|
||||
KwYBBAGXVQEFAQEHQAxGG/QW0owCfMp1A+vXEMwgzWcBpNFr58kX2eXuPpM6AwEIB8J4BBgWCAAgBQ
|
||||
JlKvDeAhsMFiEEGil0OvTIa6RngmCLUYNnEa9leJAACgkQUYNnEa9leJDg1gEAwLf8KDoAAKyYgjyI
|
||||
vYvO9VEgBni1C4Xx1VjcaEmlDK8BALoFuUCK+enw76TtDcAUKhlhUiM6SDRExkS4Nskp/BcK
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=utf-8; format=flowed; delsp=no
|
||||
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
Hi!
|
||||
-----END PGP MESSAGE-----
|
||||
|
||||
|
||||
33
tests/mail-data/mdn.eml
Normal file
33
tests/mail-data/mdn.eml
Normal file
@@ -0,0 +1,33 @@
|
||||
Subject: Message opened
|
||||
From: <barbaz@c2.testrun.org>
|
||||
To: <foobar@c2.testrun.org>
|
||||
Date: Sun, 15 Oct 2023 16:43:25 +0000
|
||||
Message-ID: <Mr.78MWtlV7RAi.goCFzBhCYfy@c2.testrun.org>
|
||||
Auto-Submitted: auto-replied
|
||||
Chat-Version: 1.0
|
||||
MIME-Version: 1.0
|
||||
Content-Type: multipart/report; report-type=disposition-notification;
|
||||
boundary="Gl92xgZjOShJ5PGHntqYkoo2OK2Dvi"
|
||||
|
||||
|
||||
--Gl92xgZjOShJ5PGHntqYkoo2OK2Dvi
|
||||
Content-Type: text/plain; charset=utf-8; format=flowed; delsp=no
|
||||
|
||||
The "Hi!" message you sent was displayed on the screen of the recipient.
|
||||
|
||||
This is no guarantee the content was read.
|
||||
|
||||
|
||||
--Gl92xgZjOShJ5PGHntqYkoo2OK2Dvi
|
||||
Content-Type: message/disposition-notification
|
||||
|
||||
Reporting-UA: Delta Chat 1.124.1
|
||||
Original-Recipient: rfc822;barbaz@c2.testrun.org
|
||||
Final-Recipient: rfc822;barbaz@c2.testrun.org
|
||||
Original-Message-ID: <Mr.MvmCz-GQbi_.6FGRkhDf05c@c2.testrun.org>
|
||||
Disposition: manual-action/MDN-sent-automatically; displayed
|
||||
|
||||
|
||||
--Gl92xgZjOShJ5PGHntqYkoo2OK2Dvi--
|
||||
|
||||
|
||||
23
tests/mail-data/plain.eml
Normal file
23
tests/mail-data/plain.eml
Normal file
@@ -0,0 +1,23 @@
|
||||
Subject: =?utf-8?q?Message_from_foobar=40c2=2Etestrun=2Eorg?=
|
||||
Chat-Disposition-Notification-To: foobar@c2.testrun.org
|
||||
Chat-User-Avatar: 0
|
||||
From: <{from_addr}>
|
||||
To: <{to_addr}>
|
||||
Date: Sun, 15 Oct 2023 16:41:44 +0000
|
||||
Message-ID: <Mr.3gckbNy5bch.uK3Hd2Ws6-w@c2.testrun.org>
|
||||
References: <Mr.3gckbNy5bch.uK3Hd2Ws6-w@c2.testrun.org>
|
||||
Chat-Version: 1.0
|
||||
Autocrypt: addr=foobar@c2.testrun.org; prefer-encrypt=mutual;
|
||||
keydata=xjMEZSrw3hYJKwYBBAHaRw8BAQdAiEKNQFU28c6qsx4vo/JHdt73RXdjMOmByf/XsGiJ7m
|
||||
nNFzxmb29iYXJAYzIudGVzdHJ1bi5vcmc+wosEEBYIADMCGQEFAmUq8N4CGwMECwkIBwYVCAkKCwID
|
||||
FgIBFiEEGil0OvTIa6RngmCLUYNnEa9leJAACgkQUYNnEa9leJCX3gEAhm0MehE5byBBU1avPczr/I
|
||||
HjNLht7Qf6++mAhlJmtDcA/0C8VYJhsUpmiDjuZaMDWNv4FO2BJG6LH7gSm6n7ClMJzjgEZSrw3hIK
|
||||
KwYBBAGXVQEFAQEHQAxGG/QW0owCfMp1A+vXEMwgzWcBpNFr58kX2eXuPpM6AwEIB8J4BBgWCAAgBQ
|
||||
JlKvDeAhsMFiEEGil0OvTIa6RngmCLUYNnEa9leJAACgkQUYNnEa9leJDg1gEAwLf8KDoAAKyYgjyI
|
||||
vYvO9VEgBni1C4Xx1VjcaEmlDK8BALoFuUCK+enw76TtDcAUKhlhUiM6SDRExkS4Nskp/BcK
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=utf-8; format=flowed; delsp=no
|
||||
|
||||
Hi!
|
||||
|
||||
|
||||
60
tests/online/benchmark.py
Normal file
60
tests/online/benchmark.py
Normal file
@@ -0,0 +1,60 @@
|
||||
def test_tls_imap(benchmark, imap):
|
||||
def imap_connect():
|
||||
imap.connect()
|
||||
|
||||
benchmark(imap_connect, 10)
|
||||
|
||||
|
||||
def test_login_imap(benchmark, imap, gencreds):
|
||||
def imap_connect_and_login():
|
||||
imap.connect()
|
||||
imap.login(*gencreds())
|
||||
|
||||
benchmark(imap_connect_and_login, 10)
|
||||
|
||||
|
||||
def test_tls_smtp(benchmark, smtp):
|
||||
def smtp_connect():
|
||||
smtp.connect()
|
||||
|
||||
benchmark(smtp_connect, 10)
|
||||
|
||||
|
||||
def test_login_smtp(benchmark, smtp, gencreds):
|
||||
def smtp_connect_and_login():
|
||||
smtp.connect()
|
||||
smtp.login(*gencreds())
|
||||
|
||||
benchmark(smtp_connect_and_login, 10)
|
||||
|
||||
|
||||
class TestDC:
|
||||
def test_autoconfigure(self, benchmark, cmfactory):
|
||||
def autoconfig_and_idle_ready():
|
||||
cmfactory.get_online_accounts(1)
|
||||
|
||||
benchmark(autoconfig_and_idle_ready, 5)
|
||||
|
||||
def test_ping_pong(self, benchmark, cmfactory):
|
||||
ac1, ac2 = cmfactory.get_online_accounts(2)
|
||||
chat = cmfactory.get_accepted_chat(ac1, ac2)
|
||||
|
||||
def ping_pong():
|
||||
chat.send_text("ping")
|
||||
msg = ac2.wait_next_incoming_message()
|
||||
msg.chat.send_text("pong")
|
||||
ac1.wait_next_incoming_message()
|
||||
|
||||
benchmark(ping_pong, 5)
|
||||
|
||||
def test_send_10_receive_10(self, benchmark, cmfactory, lp):
|
||||
ac1, ac2 = cmfactory.get_online_accounts(2)
|
||||
chat = cmfactory.get_accepted_chat(ac1, ac2)
|
||||
|
||||
def send_10_receive_10():
|
||||
for i in range(10):
|
||||
chat.send_text(f"hello {i}")
|
||||
for i in range(10):
|
||||
ac2.wait_next_incoming_message()
|
||||
|
||||
benchmark(send_10_receive_10, 5)
|
||||
@@ -20,7 +20,7 @@ def test_use_two_chatmailservers(cmfactory, maildomain2):
|
||||
|
||||
|
||||
@pytest.mark.parametrize("forgeaddr", ["internal", "someone@example.org"])
|
||||
def test_reject_forged_from(cmsetup, mailgen, lp, forgeaddr):
|
||||
def test_reject_forged_from(cmsetup, maildata, lp, forgeaddr):
|
||||
user1, user3 = cmsetup.gen_users(2)
|
||||
|
||||
lp.sec("send encrypted message with forged from")
|
||||
@@ -31,7 +31,8 @@ def test_reject_forged_from(cmsetup, mailgen, lp, forgeaddr):
|
||||
addr_to_forge = "someone@example.org"
|
||||
|
||||
print("message to inject:")
|
||||
msg = mailgen.get_encrypted(from_addr=addr_to_forge, to_addr=user3.addr)
|
||||
msg = maildata("encrypted.eml", from_addr=addr_to_forge, to_addr=user3.addr)
|
||||
msg = msg.as_string()
|
||||
for line in msg.split("\n")[:4]:
|
||||
print(f" {line}")
|
||||
|
||||
@@ -42,10 +43,12 @@ def test_reject_forged_from(cmsetup, mailgen, lp, forgeaddr):
|
||||
|
||||
|
||||
@pytest.mark.slow
|
||||
def test_exceed_rate_limit(cmsetup, gencreds, mailgen):
|
||||
def test_exceed_rate_limit(cmsetup, gencreds, maildata):
|
||||
"""Test that the per-account send-mail limit is exceeded."""
|
||||
user1, user2 = cmsetup.gen_users(2)
|
||||
mail = mailgen.get_encrypted(user1.addr, user2.addr)
|
||||
mail = maildata(
|
||||
"encrypted.eml", from_addr=user1.addr, to_addr=user2.addr
|
||||
).as_string()
|
||||
for i in range(100):
|
||||
print("Sending mail", str(i))
|
||||
try:
|
||||
@@ -55,6 +58,6 @@ def test_exceed_rate_limit(cmsetup, gencreds, mailgen):
|
||||
pytest.fail(f"rate limit was exceeded too early with msg {i}")
|
||||
outcome = e.recipients[user2.addr]
|
||||
assert outcome[0] == 450
|
||||
assert b'4.7.1: Too much mail from' in outcome[1]
|
||||
assert b"4.7.1: Too much mail from" in outcome[1]
|
||||
return
|
||||
pytest.fail("Rate limit was not exceeded")
|
||||
2
tests/pytest.ini
Normal file
2
tests/pytest.ini
Normal file
@@ -0,0 +1,2 @@
|
||||
[pytest]
|
||||
addopts = -vrsx --strict-markers
|
||||
Reference in New Issue
Block a user