From: Nick Porter Date: Tue, 7 Mar 2023 14:59:39 +0000 (+0000) Subject: Improve rlm_imap tests X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6e22d3058bd48b0637d05a6c5bce39dcd1221dfd;p=thirdparty%2Ffreeradius-server.git Improve rlm_imap tests --- diff --git a/.github/actions/ci-tests/action.yml b/.github/actions/ci-tests/action.yml index adc0d18db9b..13f2ce32684 100644 --- a/.github/actions/ci-tests/action.yml +++ b/.github/actions/ci-tests/action.yml @@ -48,7 +48,7 @@ inputs: default: 1430 imap_test_server_ssl_port: description: IMAP server IMAPS port - default: 1431 + default: 1432 use_docker: desription: True if running in a Docker container diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 54a224704c8..761074e6229 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -176,7 +176,7 @@ jobs: rest_test_ssl_port: 8443 imap_test_server: 127.0.0.1 imap_test_server_port: 1430 - imap_test_server_ssl_port: 1431 + imap_test_server_ssl_port: 1432 - name: Run fuzzer uses: ./.github/actions/fuzzer diff --git a/scripts/ci/imap-setup.sh b/scripts/ci/imap-setup.sh index f78a5864969..b3f39dcc38b 100755 --- a/scripts/ci/imap-setup.sh +++ b/scripts/ci/imap-setup.sh @@ -1,4 +1,4 @@ -#!/bin/sh -e +#!/bin/bash # # ### This is a script to setup a dovecot imap server for testing rlm_imap @@ -32,9 +32,6 @@ LOGINFOPATH="${LOGDIR}/dovecot-info.log" # Used for creating `imap-stop.sh` CIDIR="${BASEDIR}/scripts/ci" -# When running on Docker, USER is not set -USER=${USER:-root} - # # Create all the necessary files # @@ -72,24 +69,12 @@ openssl rsa -in "${BASEDIR}/raddb/certs/rsa/server.key" -passin 'pass:whatever' # # Add users to the password file # - -# Generate passwords for the users -USER1P=$(doveadm -o stats_writer_socket_path= pw -p test1 -s CRYPT) -USER2P=$(doveadm -o stats_writer_socket_path= pw -p test2 -s CRYPT) -USER3P=$(doveadm -o stats_writer_socket_path= pw -p test3 -s CRYPT) - -# Add user password combinations -echo "\ -user1:${USER1P}:::::: -" >"${PASSPATH}" - -echo "\ -user2:${USER2P}:::::: -" >>"${PASSPATH}" - -echo "\ -user3:${USER3P}:::::: -" >>"${PASSPATH}" +rm -f ${PASSPATH} +for i in {1..3}; do + PASS=$(doveadm -o stats_writer_socket_path= pw -p test${i} -s CRYPT) + echo "user${i}:${PASS}:::::: +" >> "${PASSPATH}" +done # # Configure instance specific dovecot information diff --git a/src/tests/modules/imap/auth_plaintext.unlang b/src/tests/modules/imap/auth_plaintext.unlang index d881c68ca50..30317273f19 100644 --- a/src/tests/modules/imap/auth_plaintext.unlang +++ b/src/tests/modules/imap/auth_plaintext.unlang @@ -6,12 +6,113 @@ imap.authenticate { # Module failure is likely a timeout # Avoid false negatives by aborting test # -if (fail) { - test_pass - handled +if !(ok) { + if (&Module-Failure-Message[*] == "imap: curl request failed: Timeout was reached (28)") { + test_pass + handled + } + test_fail +} + +# +# Check for module failing with missing attributes +# +&request -= &User-Password[*] + +imap.authenticate { + fail = 1 + invalid = 2 +} + +if !(invalid) { + test_fail +} + +&User-Password := 'test2' +&request -= &User-Name[*] + +imap.authenticate { + fail = 1 + invalid = 2 +} + +if !(invalid) { + test_fail +} + +# +# Now do multiple authentications of different users +# + +&User-Name := 'user2' +imap.authenticate { + fail = 1 +} + +if !(ok) { + if (&Module-Failure-Message[*] == "imap: curl request failed: Timeout was reached (28)") { + test_pass + handled + } + test_fail +} + +&User-Name := 'user3' +&User-Password := 'test3' +imap.authenticate { + fail = 1 +} + +if !(ok) { + if (&Module-Failure-Message[*] == "imap: curl request failed: Timeout was reached (28)") { + test_pass + handled + } + test_fail +} + +# +# And repeat all three +# +&User-Name := 'user1' +&User-Password := 'test1' +imap.authenticate { + fail = 1 +} + +if !(ok) { + if (&Module-Failure-Message[*] == "imap: curl request failed: Timeout was reached (28)") { + test_pass + handled + } + test_fail +} + +&User-Name := 'user2' +&User-Password := 'test2' +imap.authenticate { + fail = 1 +} + +if !(ok) { + if (&Module-Failure-Message[*] == "imap: curl request failed: Timeout was reached (28)") { + test_pass + handled + } + test_fail +} + +&User-Name := 'user3' +&User-Password := 'test3' +imap.authenticate { + fail = 1 } if !(ok) { + if (&Module-Failure-Message[*] == "imap: curl request failed: Timeout was reached (28)") { + test_pass + handled + } test_fail } diff --git a/src/tests/modules/imap/imap_bad_tls/module.conf b/src/tests/modules/imap/imap_bad_tls/module.conf index 229e5941cb5..d3c99d474b0 100644 --- a/src/tests/modules/imap/imap_bad_tls/module.conf +++ b/src/tests/modules/imap/imap_bad_tls/module.conf @@ -1,7 +1,7 @@ #IMAP unit test config imap imap_bad_tls { - uri = "$ENV{IMAP_TEST_SERVER}:$ENV{IMAP_TEST_SERVER_SSL_PORT}" + uri = "imaps://$ENV{IMAP_TEST_SERVER}:$ENV{IMAP_TEST_SERVER_SSL_PORT}" timeout = 5 tls { diff --git a/src/tests/modules/imap/imap_opt_tls/module.conf b/src/tests/modules/imap/imap_opt_tls/module.conf index 05ff3f7e2a0..3c756e52c40 100644 --- a/src/tests/modules/imap/imap_opt_tls/module.conf +++ b/src/tests/modules/imap/imap_opt_tls/module.conf @@ -1,7 +1,7 @@ #IMAP unit test config imap imap_try_tls { - uri = "$ENV{IMAP_TEST_SERVER}:$ENV{IMAP_TEST_SERVER_SSL_PORT}" + uri = "imaps://$ENV{IMAP_TEST_SERVER}:$ENV{IMAP_TEST_SERVER_SSL_PORT}" timeout = 10s tls { diff --git a/src/tests/modules/imap/imap_tls/auth_tls.unlang b/src/tests/modules/imap/imap_tls/auth_tls.unlang index 1ae11f57d0d..e970125fbb0 100644 --- a/src/tests/modules/imap/imap_tls/auth_tls.unlang +++ b/src/tests/modules/imap/imap_tls/auth_tls.unlang @@ -7,12 +7,11 @@ imap_tls.authenticate { # Module failure is likely a timeout # Avoid false negatives by aborting test # -if (fail) { - test_pass - handled -} - if !(ok) { + if (&Module-Failure-Message[*] == "imap: curl request failed: Timeout was reached (28)") { + test_pass + handled + } test_fail } diff --git a/src/tests/modules/imap/imap_tls/module.conf b/src/tests/modules/imap/imap_tls/module.conf index 9182da1bec4..f501f91652c 100644 --- a/src/tests/modules/imap/imap_tls/module.conf +++ b/src/tests/modules/imap/imap_tls/module.conf @@ -1,7 +1,7 @@ #IMAP unit test config imap imap_tls { - uri = "$ENV{IMAP_TEST_SERVER}:$ENV{IMAP_TEST_SERVER_SSL_PORT}" + uri = "imaps://$ENV{IMAP_TEST_SERVER}:$ENV{IMAP_TEST_SERVER_SSL_PORT}" timeout = 5s tls {