Files
@ 8d272d91d3d2
Branch filter:
Location: majic-ansible-roles/roles/mail_forwarder/molecule/default/tests/test_mandatory.py - annotation
8d272d91d3d2
2.4 KiB
text/x-python
MAR-165: Deploy Diffie-Helman parameters for LDAP server in the ldap_server role:
- Not relevant for Debian Strech because of a bug in the OpenLDAP
version it ships with.
- This should allow use of DHE ciphers with LDAP server.
- Generated DH parameters only help pick one of the parameters from
RFC-7919 (based on the size of generated ones).
- Make the cipher test lists distro-specific due to differences
between supported algorithms in respective GnuTLS versions.
- Not relevant for Debian Strech because of a bug in the OpenLDAP
version it ships with.
- This should allow use of DHE ciphers with LDAP server.
- Generated DH parameters only help pick one of the parameters from
RFC-7919 (based on the size of generated ones).
- Make the cipher test lists distro-specific due to differences
between supported algorithms in respective GnuTLS versions.
13982172ed2e f774e938a4ed 01f4b619cfa6 f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed d62b3adec462 f774e938a4ed f774e938a4ed fb5e4e372902 f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed 8927efb4fb61 f774e938a4ed fb5e4e372902 f774e938a4ed d752715bb533 f774e938a4ed fb5e4e372902 fb5e4e372902 f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed 8927efb4fb61 fb5e4e372902 d752715bb533 f774e938a4ed fb5e4e372902 fb5e4e372902 f774e938a4ed f774e938a4ed d752715bb533 d752715bb533 f774e938a4ed f774e938a4ed f774e938a4ed fb5e4e372902 f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed f774e938a4ed fb5e4e372902 f774e938a4ed f774e938a4ed f774e938a4ed 01f4b619cfa6 01f4b619cfa6 01f4b619cfa6 fb5e4e372902 fb5e4e372902 23a9ea4219dc 6c1d08d39449 f774e938a4ed d752715bb533 90bda8fea4aa 90bda8fea4aa 90bda8fea4aa 90bda8fea4aa 90bda8fea4aa 90bda8fea4aa 90bda8fea4aa 90bda8fea4aa 90bda8fea4aa 90bda8fea4aa 90bda8fea4aa 90bda8fea4aa 90bda8fea4aa 90bda8fea4aa | import os
import re
import time
import testinfra.utils.ansible_runner
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('parameters-mandatory')
def test_smtp_mailname(host):
"""
Tests if SMTP mailname configuration file has correct content.
"""
hostname = host.run('hostname').stdout.strip()
mailname = host.file('/etc/mailname')
assert mailname.content_string == hostname
def test_postfix_main_cf_file_content(host):
"""
Tests if the Postfix main configuration file content is correct.
"""
hostname = host.run('hostname').stdout.strip()
config = host.file('/etc/postfix/main.cf')
config_lines = config.content_string.split("\n")
assert "myhostname = %s" % hostname in config_lines
assert "mydestination = %s, %s, localhost.localdomain, localhost" % (hostname, hostname) in config_lines
assert "relayhost = " in config_lines
assert "mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128" in config_lines
assert "smtp_tls_security_level" not in config.content_string
assert "smtp_tls_CAfile" not in config.content_string
assert "smtp_host_lookup = dns, native" in config_lines
def test_direct_mail_sending(host):
"""
Tests if mails are sent correctly directly without relay if relay has not
been configured.
"""
send = host.run('swaks --suppress-data --to root@domain1 --server localhost')
assert send.rc == 0
message_id = re.search('Ok: queued as (.*)', send.stdout).group(1)
# Wait for a little while for message to be processed.
time.sleep(5)
with host.sudo():
mail_log = host.file('/var/log/mail.log')
# Pattern used to verify the mail was sent directly on default port.
pattern = r"%s: to=<root@domain1>, relay=domain1\[[^]]*\]:25.*status=sent" % message_id
assert re.search(pattern, mail_log.content_string) is not None
def test_mail_message_size_limit(host):
"""
Tests if the mail message size limit advertised by the SMTP server
is correct.
"""
capabilities = host.run("(echo 'ehlo localhost' && sleep 2) | telnet localhost 25")
begin = capabilities.stdout.find("250-SIZE")
end = capabilities.stdout.find("\n", begin)
mail_message_size_limit = capabilities.stdout[begin:end]
assert mail_message_size_limit == "250-SIZE 10240000"
|