Files
@ 770551dc8c6f
Branch filter:
Location: majic-ansible-roles/roles/mail_forwarder/molecule/default/tests/test_connectivity_from_relay.py - annotation
770551dc8c6f
2.1 KiB
text/x-python
MAR-148: Improve the SSH connectivity tests in backup_server role to be more reliable:
- Introduce a session-level fixture for setting permissions for client
SSH private keys (fixes errors related to SSH requesting tighter
permissions).
- Add assertions for the tests that verify the backup clients cannot
connect to the regular SSH server in case the SSH private keys do
not have correct permissions (just in case).
- Introduce a session-level fixture for setting permissions for client
SSH private keys (fixes errors related to SSH requesting tighter
permissions).
- Add assertions for the tests that verify the backup clients cannot
connect to the regular SSH server in case the SSH private keys do
not have correct permissions (just in case).
13982172ed2e 13982172ed2e fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 d62b3adec462 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 fb5e4e372902 | import os
import testinfra.utils.ansible_runner
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('mail-server')
def test_connectivity_from_relay(host):
"""
Tests connectivity towards mail forwarder servers from relay. Connection
towards parameters-mandatory should fail.
"""
with host.sudo():
ping = host.run('hping3 -S -p 25 -c 1 parameters-mandatory-jessie64')
assert ping.rc != 0
assert "100% packet loss" in ping.stderr
ping = host.run('hping3 -S -p 25 -c 1 parameters-optional-jessie64')
assert ping.rc == 0
ping = host.run('hping3 -S -p 25 -c 1 parameters-no-incoming-jessie64')
assert "100% packet loss" in ping.stderr
assert ping.rc != 0
ping = host.run('hping3 -S -p 25 -c 1 parameters-mandatory-stretch64')
assert ping.rc != 0
assert "100% packet loss" in ping.stderr
ping = host.run('hping3 -S -p 25 -c 1 parameters-optional-stretch64')
assert ping.rc == 0
ping = host.run('hping3 -S -p 25 -c 1 parameters-no-incoming-stretch64')
assert "100% packet loss" in ping.stderr
assert ping.rc != 0
def test_mail_reception_from_relay(host):
"""
Tests if mails can be sent from relay to servers configured to use the
relay.
"""
send = host.run('swaks --suppress-data --to root@parameters-optional-jessie64 --server parameters-optional-jessie64')
assert send.rc == 0
send = host.run('swaks --suppress-data --to root@parameters-optional-stretch64 --server parameters-optional-stretch64')
assert send.rc == 0
def test_open_relay(host):
"""
Tests if mail forwarder behaves as open relay.
"""
no_recipients_accepted = 24
send = host.run('swaks --suppress-data --to root@client1 --server parameters-optional-jessie64')
assert send.rc == no_recipients_accepted
assert "Relay access denied" in send.stdout
send = host.run('swaks --suppress-data --to root@client1 --server parameters-optional-stretch64')
assert send.rc == no_recipients_accepted
assert "Relay access denied" in send.stdout
|