Changeset - 9254a5c167c6
Parent rev.
Child rev.
[Not reviewed]
0 3 0
Branko Majic (branko) - 4 years ago 2020-09-23 19:54:18
branko@majic.rs
MAR-158: Deduplicate SMTP/IMAP TLS connectivity tests in mail_server role.
3 files changed with 35 insertions and 58 deletions:
roles/mail_server/molecule/default/tests/test_default.py
35
roles/mail_server/molecule/default/tests/test_mandatory.py
29
roles/mail_server/molecule/default/tests/test_optional.py
29
0 comments (0 inline, 0 general)
roles/mail_server/molecule/default/tests/test_default.py
Show inline comments
 
@@ -444,6 +444,41 @@ def test_imap_and_smtp_tls_files(host):
 
        tls_file = host.file('/etc/ssl/certs/%s_imap.pem' % hostname)
 
        assert tls_file.is_file
 
        assert tls_file.user == 'root'
 
        assert tls_file.group == 'root'
 
        assert tls_file.mode == 0o644
 
        assert tls_file.content_string == open("tests/data/x509/server/%s_imap.cert.pem" % hostname, "r").read().rstrip()
 

			




	
	
	
		
 

			




	
	
	
		
 
def test_imap_tls_connectivity(host):

			




	
	
	
		
 
    """

			




	
	
	
		
 
    Tests connectivity over STARTTLS/TLS towards IMAP server.

			




	
	
	
		
 
    """

			




	
	
	
		
 

			




	
	
	
		
 
    hostname = host.run('hostname').stdout.strip()

			




	
	
	
		
 
    fqdn = hostname[:hostname.rfind("-")]

			




	
	
	
		
 

			




	
	
	
		
 
    starttls = host.run('echo "a0001 LOGOUT" | openssl s_client -quiet -starttls imap -connect %s:143', fqdn)

			




	
	
	
		
 
    assert starttls.rc == 0

			




	
	
	
		
 
    assert '* BYE Logging out' in starttls.stdout

			




	
	
	
		
 

			




	
	
	
		
 
    tls = host.run('echo "a0001 LOGOUT" | openssl s_client -quiet -connect %s:993', fqdn)

			




	
	
	
		
 
    assert tls.rc == 0

			




	
	
	
		
 
    assert '* BYE Logging out' in starttls.stdout

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
def test_smtp_tls_connectivity(host):

			




	
	
	
		
 
    """

			




	
	
	
		
 
    Tests connectivity over default/submission port towards SMTP

			




	
	
	
		
 
    server.

			




	
	
	
		
 
    """

			




	
	
	
		
 

			




	
	
	
		
 
    hostname = host.run('hostname').stdout.strip()

			




	
	
	
		
 
    fqdn = hostname[:hostname.rfind("-")]

			




	
	
	
		
 

			




	
	
	
		
 
    starttls = host.run('echo "QUIT" | openssl s_client -quiet -starttls smtp -connect %s:25', fqdn)

			




	
	
	
		
 
    assert starttls.rc == 0

			




	
	
	
		
 
    assert '221 2.0.0 Bye' in starttls.stdout

			




	
	
	
		
 

			




	
	
	
		
 
    tls = host.run('echo "QUIT" | openssl s_client -quiet -starttls smtp -connect %s:587', fqdn)

			




	
	
	
		
 
    assert tls.rc == 0

			




	
	
	
		
 
    assert '221 2.0.0 Bye' in starttls.stdout

			




        

    


    
    

    

        

                

                    roles/mail_server/molecule/default/tests/test_mandatory.py
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
		
 
@@ -107,26 +107,12 @@ def test_mail_owner(host):

			




	
	
	
		
 
    assert user.uid == 1002

			




	
	
	
		
 
    assert user.home == "/var/vmail"

			




	
	
	
		
 
    assert user.group == "vmail"

			




	
	
	
		
 
    assert user.groups == ["vmail"]

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
def test_imap_tls_connectivity(host):

			




	
	
	
		
 
    """

			




	
	
	
		
 
    Tests connectivity over STARTTLS/TLS towards IMAP server.

			




	
	
	
		
 
    """

			




	
	
	
		
 

			




	
	
	
		
 
    starttls = host.run('echo "a0001 LOGOUT" | openssl s_client -quiet -starttls imap -connect parameters-mandatory:143')

			




	
	
	
		
 
    assert starttls.rc == 0

			




	
	
	
		
 
    assert '* BYE Logging out' in starttls.stdout

			




	
	
	
		
 

			




	
	
	
		
 
    tls = host.run('echo "a0001 LOGOUT" | openssl s_client -quiet -connect parameters-mandatory:993')

			




	
	
	
		
 
    assert tls.rc == 0

			




	
	
	
		
 
    assert '* BYE Logging out' in starttls.stdout

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
@pytest.mark.parametrize("port", [

			




	
	
	
		
 
    143,

			




	
	
	
		
 
    993,

			




	
	
	
		
 
    587,

			




	
	
	
		
 
])

			




	
	
	
		
 
def test_imap_and_smtp_submission_tls_version_and_ciphers(host, port):

			




	
	
		
 
@@ -191,27 +177,12 @@ def test_imap_max_user_connections_per_ip(host):

			




	
	
	
		
 
        config = host.run("doveadm config")

			




	
	
	
		
 

			




	
	
	
		
 
        assert config.rc == 0

			




	
	
	
		
 
        assert "  mail_max_userip_connections = 10" in config.stdout

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
def test_smtp_tls_connectivity(host):

			




	
	
	
		
 
    """

			




	
	
	
		
 
    Tests connectivity over default/submission port towards SMTP

			




	
	
	
		
 
    server.

			




	
	
	
		
 
    """

			




	
	
	
		
 

			




	
	
	
		
 
    starttls = host.run('echo "QUIT" | openssl s_client -quiet -starttls smtp -connect parameters-mandatory:25')

			




	
	
	
		
 
    assert starttls.rc == 0

			




	
	
	
		
 
    assert '221 2.0.0 Bye' in starttls.stdout

			




	
	
	
		
 

			




	
	
	
		
 
    tls = host.run('echo "QUIT" | openssl s_client -quiet -starttls smtp -connect parameters-mandatory:587')

			




	
	
	
		
 
    assert tls.rc == 0

			




	
	
	
		
 
    assert '221 2.0.0 Bye' in starttls.stdout

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
def test_smtp_default_port_tls_version_and_ciphers(host):

			




	
	
	
		
 
    """

			




	
	
	
		
 
    Tests TLS configuration for SMTP default port (needs to be less

			




	
	
	
		
 
    restrictive for interoperability purposes).

			




	
	
	
		
 
    """

			




	
	
	
		
 

			




        

    


    
    

    

        

                

                    roles/mail_server/molecule/default/tests/test_optional.py
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
		
 
@@ -130,26 +130,12 @@ def test_mail_owner(host):

			




	
	
	
		
 
    assert user.uid == 5000

			




	
	
	
		
 
    assert user.home == "/var/virtmail"

			




	
	
	
		
 
    assert user.group == "virtmail"

			




	
	
	
		
 
    assert user.groups == ["virtmail"]

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
def test_imap_tls_connectivity(host):

			




	
	
	
		
 
    """

			




	
	
	
		
 
    Tests connectivity over STARTTLS/TLS towards IMAP server.

			




	
	
	
		
 
    """

			




	
	
	
		
 

			




	
	
	
		
 
    starttls = host.run('echo "a0001 LOGOUT" | openssl s_client -quiet -starttls imap -connect parameters-optional:143')

			




	
	
	
		
 
    assert starttls.rc == 0

			




	
	
	
		
 
    assert '* BYE Logging out' in starttls.stdout

			




	
	
	
		
 

			




	
	
	
		
 
    tls = host.run('echo "a0001 LOGOUT" | openssl s_client -quiet -connect parameters-optional:993')

			




	
	
	
		
 
    assert tls.rc == 0

			




	
	
	
		
 
    assert '* BYE Logging out' in starttls.stdout

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
@pytest.mark.parametrize("port", [

			




	
	
	
		
 
    143,

			




	
	
	
		
 
    993,

			




	
	
	
		
 
    587,

			




	
	
	
		
 
])

			




	
	
	
		
 
def test_imap_and_smtp_submission_tls_version_and_ciphers(host, port):

			




	
	
		
 
@@ -218,27 +204,12 @@ def test_imap_max_user_connections_per_ip(host):

			




	
	
	
		
 
        config = host.run("doveadm config")

			




	
	
	
		
 

			




	
	
	
		
 
        assert config.rc == 0

			




	
	
	
		
 
        assert "  mail_max_userip_connections = 2" in config.stdout

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
def test_smtp_tls_connectivity(host):

			




	
	
	
		
 
    """

			




	
	
	
		
 
    Tests connectivity over default/submission port towards SMTP

			




	
	
	
		
 
    server.

			




	
	
	
		
 
    """

			




	
	
	
		
 

			




	
	
	
		
 
    starttls = host.run('echo "QUIT" | openssl s_client -quiet -starttls smtp -connect parameters-optional:25')

			




	
	
	
		
 
    assert starttls.rc == 0

			




	
	
	
		
 
    assert '221 2.0.0 Bye' in starttls.stdout

			




	
	
	
		
 

			




	
	
	
		
 
    tls = host.run('echo "QUIT" | openssl s_client -quiet -starttls smtp -connect parameters-optional:587')

			




	
	
	
		
 
    assert tls.rc == 0

			




	
	
	
		
 
    assert '221 2.0.0 Bye' in starttls.stdout

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
def test_smtp_default_port_tls_version_and_ciphers(host):

			




	
	
	
		
 
    """

			




	
	
	
		
 
    Tests TLS configuration for SMTP default port (needs to be less

			




	
	
	
		
 
    restrictive for interoperability purposes).

			




	
	
	
		
 
    """

			




	
	
	
		
 

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2023 by various authors & licensed under GPLv3.