From d39d3aaff4df7655b9a1434b3f1d8ce83121903f Mon Sep 17 00:00:00 2001 From: Alberto Bertogli Date: Tue, 6 Feb 2018 10:59:58 +0000 Subject: [PATCH] chasquid: Dovecot support (experimental) This patch adds dovecot support to the chasquid daemon, using the internal dovecot library added in previous patches. Dovecot support is still considered EXPERIMENTAL and may be reverted, or changed in backwards-incompatible ways. The patch also adds the corresponding integration test, which brings up a dovecot server with a custom configuration, and tests chasquid's authentication against it. If dovecot is not installed, the test is skipped. --- README.md | 4 +- chasquid.go | 21 +++++++ docs/dovecot.md | 56 +++++++++++++++++ internal/config/config.go | 2 + internal/config/config.pb.go | 62 +++++++++++------- internal/config/config.proto | 16 ++++- test/t-11-dovecot/config/chasquid.conf | 14 +++++ test/t-11-dovecot/config/domains/srv/.keep | 0 test/t-11-dovecot/config/dovecot.conf.in | 45 +++++++++++++ test/t-11-dovecot/config/passwd | 1 + test/t-11-dovecot/content | 4 ++ test/t-11-dovecot/hosts | 1 + test/t-11-dovecot/msmtprc | 28 +++++++++ test/t-11-dovecot/run.sh | 73 ++++++++++++++++++++++ test/util/lib.sh | 4 ++ 15 files changed, 304 insertions(+), 27 deletions(-) create mode 100644 docs/dovecot.md create mode 100644 test/t-11-dovecot/config/chasquid.conf create mode 100644 test/t-11-dovecot/config/domains/srv/.keep create mode 100644 test/t-11-dovecot/config/dovecot.conf.in create mode 100644 test/t-11-dovecot/config/passwd create mode 100644 test/t-11-dovecot/content create mode 100644 test/t-11-dovecot/hosts create mode 100644 test/t-11-dovecot/msmtprc create mode 100755 test/t-11-dovecot/run.sh diff --git a/README.md b/README.md index 70bdcb6..cb1fd50 100644 --- a/README.md +++ b/README.md @@ -24,14 +24,12 @@ It's written in [Go](https://golang.org). * SPF checking. * Monitoring HTTP server, with exported variables and tracing to help debugging. - +* Using dovecot for authentication (experimental). The following are intentionally *not* implemented: * Custom email routing and transport. * DKIM/DMARC checking (although the post-data hook can be used for it). -* Different backends for domain and user configuration (Dovecot authentication - may be implemented in the future). ## Status diff --git a/chasquid.go b/chasquid.go index 9004487..c39e416 100644 --- a/chasquid.go +++ b/chasquid.go @@ -21,6 +21,7 @@ import ( "blitiri.com.ar/go/chasquid/internal/config" "blitiri.com.ar/go/chasquid/internal/courier" + "blitiri.com.ar/go/chasquid/internal/dovecot" "blitiri.com.ar/go/chasquid/internal/maillog" "blitiri.com.ar/go/chasquid/internal/normalize" "blitiri.com.ar/go/chasquid/internal/smtpsrv" @@ -95,6 +96,10 @@ func main() { s.SetAliasesConfig(conf.SuffixSeparators, conf.DropCharacters) + if conf.DovecotAuth { + loadDovecot(s, conf.DovecotUserdbPath, conf.DovecotClientPath) + } + // Load certificates from "certs//{fullchain,privkey}.pem". // The structure matches letsencrypt's, to make it easier for that case. log.Infof("Loading certificates") @@ -228,6 +233,22 @@ func loadDomain(name, dir string, s *smtpsrv.Server) { } } +func loadDovecot(s *smtpsrv.Server, userdb, client string) { + a := dovecot.Autodetect(userdb, client) + if a == nil { + log.Errorf("Dovecot autodetection failed, no dovecot fallback") + return + } + + if a != nil { + s.SetAuthFallback(a) + log.Infof("Fallback authenticator: %v", a) + if err := a.Check(); err != nil { + log.Errorf("Failed dovecot authenticator check: %v", err) + } + } +} + // Read a directory, which must have at least some entries. func mustReadDir(path string) []os.FileInfo { dirs, err := ioutil.ReadDir(path) diff --git a/docs/dovecot.md b/docs/dovecot.md new file mode 100644 index 0000000..af9577c --- /dev/null +++ b/docs/dovecot.md @@ -0,0 +1,56 @@ + +# Dovecot integration + +As of version 0.04 (2018-02), [chasquid] has _experimental_ integration with +[dovecot] for authenticating users. + +This means that chasquid can ask dovecot to authenticate users, instead/in +addition to having its own per-domain user databases. + +It is experimental because it was added recently, and the semantics and +options are prone to be changed in the future. If you use this feature, please +let the authors know, at chasquid@googlegroups.com. + + +## Configuring dovecot + +The following needs to be added to the Dovecot configuration, usually in +`/etc/dovecot/conf.d/10-master.conf`: + +``` +service auth { + unix_listener auth-chasquid-userdb { + mode = 0660 + user = chasquid + } + unix_listener auth-chasquid-client { + mode = 0660 + user = chasquid + } +} +``` + +If chasquid is running under a different user, adjust the `user = ` lines +accordingly. + +This lets chasquid issue authentication requests to dovecot. + + +## Configuring chasquid + +Add the following line to `/etc/chasquid/chasquid.conf`: + +``` +dovecot_auth: true +``` + +That should be it, because chasquid will "autodetect" the full path to the +dovecot sockets, by looking in the usual places (tested in Debian, Ubuntu, and +CentOS). + +If chasquid can't find them, the paths can be set with the +`dovecot_userdb_path` and `dovecot_client_path` options. + + +[dovecot]: https://dovecot.org +[chasquid]: https://blitiri.com.ar/p/chasquid diff --git a/internal/config/config.go b/internal/config/config.go index 5c70b0c..5bf4abd 100644 --- a/internal/config/config.go +++ b/internal/config/config.go @@ -93,4 +93,6 @@ func LogConfig(c *Config) { log.Infof(" Suffix separators: %s", c.SuffixSeparators) log.Infof(" Drop characters: %s", c.DropCharacters) log.Infof(" Mail log: %s", c.MailLogPath) + log.Infof(" Dovecot auth: %v (%q, %q)", + c.DovecotAuth, c.DovecotUserdbPath, c.DovecotClientPath) } diff --git a/internal/config/config.pb.go b/internal/config/config.pb.go index ef42025..6f6b241 100644 --- a/internal/config/config.pb.go +++ b/internal/config/config.pb.go @@ -90,6 +90,18 @@ type Config struct { // If "", log using the syslog (at MAIL|INFO priority). // Default: MailLogPath string `protobuf:"bytes,12,opt,name=mail_log_path,json=mailLogPath" json:"mail_log_path,omitempty"` + // EXPERIMENTAL - Enable dovecot authentication. + // Domains that don't have an user database will be authenticated via + // dovecot. + DovecotAuth bool `protobuf:"varint,13,opt,name=dovecot_auth,json=dovecotAuth" json:"dovecot_auth,omitempty"` + // EXPERIMENTAL - Dovecot userdb path. If dovecot_auth is set and this + // is not, we will try to autodetect it. + // Example: /var/run/dovecot/auth-userdb + DovecotUserdbPath string `protobuf:"bytes,14,opt,name=dovecot_userdb_path,json=dovecotUserdbPath" json:"dovecot_userdb_path,omitempty"` + // EXPERIMENTAL - Dovecot client path. If dovecot_auth is set and this + // is not, we will try to autodetect it. + // Example: /var/run/dovecot/auth-client + DovecotClientPath string `protobuf:"bytes,15,opt,name=dovecot_client_path,json=dovecotClientPath" json:"dovecot_client_path,omitempty"` } func (m *Config) Reset() { *m = Config{} } @@ -104,27 +116,31 @@ func init() { func init() { proto.RegisterFile("config.proto", fileDescriptor0) } var fileDescriptor0 = []byte{ - // 351 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x09, 0x6e, 0x88, 0x02, 0xff, 0x6c, 0x92, 0x4d, 0x4f, 0x22, 0x41, - 0x10, 0x86, 0xc3, 0xc2, 0xf2, 0xd1, 0xc0, 0x2e, 0x74, 0x76, 0xb3, 0xbd, 0x7a, 0x41, 0x2e, 0x90, - 0x18, 0xbd, 0x18, 0xe3, 0xc9, 0x03, 0xc2, 0x51, 0xa3, 0x01, 0xef, 0x9d, 0x1a, 0xa6, 0x99, 0xe9, - 0x64, 0xba, 0x7b, 0x52, 0xd5, 0x10, 0xe4, 0x67, 0xf8, 0x8b, 0xcd, 0x34, 0x32, 0x90, 0xe8, 0xb1, - 0x9e, 0xf7, 0x79, 0x53, 0x35, 0x93, 0x66, 0x9d, 0xa5, 0xb3, 0x2b, 0x9d, 0x5c, 0xe7, 0xe8, 0xbc, - 0x1b, 0xbe, 0xd7, 0x58, 0x7d, 0x1a, 0x00, 0x3f, 0x63, 0xcd, 0xd4, 0x91, 0xb7, 0x60, 0x94, 0xa8, - 0x0c, 0x2a, 0xe3, 0xd6, 0xbc, 0x9c, 0xf9, 0x88, 0xf5, 0x0c, 0x6c, 0x65, 0x0c, 0x1e, 0x24, 0xe9, - 0x9d, 0x92, 0x26, 0x12, 0x3f, 0x06, 0x95, 0x71, 0x75, 0xde, 0x35, 0xb0, 0x9d, 0x81, 0x87, 0x85, - 0xde, 0xa9, 0xa7, 0x88, 0x5f, 0xb0, 0x0e, 0x19, 0x9f, 0x4b, 0x88, 0x63, 0x54, 0x44, 0xa2, 0x3a, - 0xa8, 0x8e, 0x5b, 0xf3, 0x76, 0xc1, 0x26, 0x7b, 0xc4, 0xaf, 0x18, 0xa7, 0x75, 0x64, 0x34, 0x91, - 0x76, 0xb6, 0x14, 0x6b, 0x41, 0xec, 0x1f, 0x93, 0x83, 0x7e, 0xcf, 0xce, 0x4f, 0x74, 0xb7, 0x51, - 0x28, 0x7d, 0x46, 0x65, 0xef, 0x67, 0xe8, 0x89, 0xa3, 0xf2, 0xbc, 0x51, 0xf8, 0x9a, 0xd1, 0xc9, - 0x36, 0xe3, 0xac, 0xf6, 0x0e, 0xb5, 0x4d, 0xca, 0x56, 0x3d, 0x7c, 0x5f, 0xff, 0x98, 0x1c, 0xf4, - 0x5b, 0xf6, 0xcf, 0x80, 0xce, 0x64, 0xac, 0x32, 0xbd, 0x51, 0xf8, 0x26, 0x21, 0x51, 0xd6, 0xcb, - 0x48, 0x5b, 0xd1, 0x08, 0x9d, 0x3f, 0x45, 0x3c, 0xfb, 0x4c, 0x27, 0x45, 0xf8, 0xa0, 0x2d, 0xbf, - 0x63, 0xe2, 0xbb, 0x1a, 0x60, 0x42, 0xa2, 0x19, 0x2e, 0xfc, 0xfb, 0xa5, 0x37, 0xc1, 0x84, 0xf8, - 0x7f, 0xd6, 0x0c, 0x3f, 0x35, 0xd6, 0x28, 0x5a, 0x61, 0x41, 0xa3, 0x98, 0x67, 0x1a, 0xf9, 0x25, - 0xeb, 0xd3, 0x7a, 0xb5, 0xd2, 0x5b, 0x49, 0x2a, 0x07, 0x04, 0xef, 0x90, 0x04, 0x0b, 0x4e, 0x6f, - 0x1f, 0x2c, 0x4a, 0xce, 0x47, 0xec, 0x77, 0x8c, 0x2e, 0x97, 0xcb, 0x14, 0x10, 0x96, 0x5e, 0x21, - 0x89, 0x76, 0x50, 0x7f, 0x15, 0x78, 0x5a, 0x52, 0x3e, 0x64, 0xdd, 0x70, 0x69, 0xe6, 0x12, 0x99, - 0x83, 0x4f, 0x45, 0x27, 0x68, 0xed, 0x02, 0x3e, 0xba, 0xe4, 0x05, 0x7c, 0x1a, 0xd5, 0xc3, 0xdb, - 0xb8, 0xf9, 0x08, 0x00, 0x00, 0xff, 0xff, 0xfb, 0x6f, 0x6c, 0xff, 0x2b, 0x02, 0x00, 0x00, + // 409 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x09, 0x6e, 0x88, 0x02, 0xff, 0x6c, 0x92, 0x41, 0x8f, 0x12, 0x31, + 0x14, 0xc7, 0x83, 0xb8, 0x2c, 0x14, 0xd8, 0x5d, 0xaa, 0xc6, 0xaa, 0x17, 0xdc, 0xcb, 0x92, 0x18, + 0xf7, 0x62, 0x8c, 0x27, 0x0f, 0x08, 0x47, 0x8d, 0x86, 0xd5, 0x73, 0xf3, 0x66, 0xa6, 0xcc, 0x34, + 0x99, 0x69, 0x27, 0xef, 0x75, 0x08, 0xf2, 0x3d, 0xfc, 0xbe, 0xa6, 0x0f, 0x18, 0x30, 0xee, 0xb1, + 0xff, 0xdf, 0xef, 0xdf, 0x76, 0xde, 0x54, 0x8c, 0x52, 0xef, 0xd6, 0x36, 0xbf, 0xaf, 0xd1, 0x07, + 0x7f, 0xfb, 0xe7, 0x42, 0xf4, 0x16, 0x1c, 0xc8, 0xd7, 0xa2, 0x5f, 0x78, 0x0a, 0x0e, 0x2a, 0xa3, + 0x3a, 0xd3, 0xce, 0x6c, 0xb0, 0x6a, 0xd7, 0xf2, 0x4e, 0xdc, 0x54, 0xb0, 0xd5, 0x19, 0x04, 0xd0, + 0x64, 0x77, 0x46, 0x57, 0x89, 0x7a, 0x32, 0xed, 0xcc, 0xba, 0xab, 0x71, 0x05, 0xdb, 0x25, 0x04, + 0x78, 0xb0, 0x3b, 0xf3, 0x2d, 0x91, 0x6f, 0xc5, 0x88, 0xaa, 0x50, 0x6b, 0xc8, 0x32, 0x34, 0x44, + 0xaa, 0x3b, 0xed, 0xce, 0x06, 0xab, 0x61, 0xcc, 0xe6, 0xfb, 0x48, 0xbe, 0x17, 0x92, 0x9a, 0xa4, + 0xb2, 0x44, 0xd6, 0xbb, 0x56, 0x7c, 0xca, 0xe2, 0xe4, 0x44, 0x8e, 0xfa, 0x67, 0xf1, 0xe6, 0x4c, + 0xf7, 0x1b, 0x83, 0x3a, 0x94, 0xd4, 0xf6, 0x2e, 0xb8, 0xa7, 0x4e, 0xca, 0xf7, 0x8d, 0xc1, 0x9f, + 0x25, 0x9d, 0x9d, 0x56, 0x79, 0x67, 0x83, 0x47, 0xeb, 0xf2, 0xb6, 0xd5, 0xe3, 0xef, 0x9b, 0x9c, + 0xc8, 0x51, 0xff, 0x28, 0x5e, 0x56, 0x60, 0x4b, 0x9d, 0x99, 0xd2, 0x6e, 0x0c, 0xfe, 0xd6, 0x90, + 0x1b, 0x17, 0x74, 0x62, 0x9d, 0xba, 0xe4, 0xce, 0xf3, 0x88, 0x97, 0x07, 0x3a, 0x8f, 0xf0, 0x8b, + 0x75, 0xf2, 0x93, 0x50, 0x8f, 0xd5, 0x00, 0x73, 0x52, 0x7d, 0xbe, 0xe1, 0x8b, 0xff, 0x7a, 0x73, + 0xcc, 0x49, 0xbe, 0x12, 0x7d, 0x1e, 0x6a, 0x66, 0x51, 0x0d, 0xf8, 0x80, 0xcb, 0xb8, 0x5e, 0x5a, + 0x94, 0xef, 0xc4, 0x84, 0x9a, 0xf5, 0xda, 0x6e, 0x35, 0x99, 0x1a, 0x10, 0x82, 0x47, 0x52, 0x82, + 0x9d, 0x9b, 0x3d, 0x78, 0x68, 0x73, 0x79, 0x27, 0xae, 0x33, 0xf4, 0xb5, 0x4e, 0x0b, 0x40, 0x48, + 0x83, 0x41, 0x52, 0x43, 0x56, 0xaf, 0x62, 0xbc, 0x68, 0x53, 0x79, 0x2b, 0xc6, 0x7c, 0xd3, 0xd2, + 0xe7, 0xba, 0x86, 0x50, 0xa8, 0x11, 0x6b, 0xc3, 0x18, 0x7e, 0xf5, 0xf9, 0x0f, 0x08, 0x45, 0xfc, + 0x89, 0x99, 0xdf, 0x98, 0xd4, 0x07, 0x0d, 0x4d, 0x28, 0xd4, 0x78, 0xda, 0x99, 0xf5, 0x57, 0xc3, + 0x43, 0x36, 0x6f, 0x42, 0x21, 0xef, 0xc5, 0xb3, 0xa3, 0xd2, 0x90, 0xc1, 0x2c, 0xd9, 0x6f, 0x76, + 0xb5, 0x9f, 0xeb, 0x01, 0xfd, 0x62, 0xc2, 0x5b, 0x9e, 0xf9, 0x69, 0x69, 0xe3, 0x6c, 0xd8, 0xbf, + 0xfe, 0xc7, 0x5f, 0x30, 0x89, 0x7e, 0xd2, 0xe3, 0xe7, 0xf9, 0xe1, 0x6f, 0x00, 0x00, 0x00, 0xff, + 0xff, 0x37, 0xa3, 0x19, 0x18, 0xae, 0x02, 0x00, 0x00, } diff --git a/internal/config/config.proto b/internal/config/config.proto index 298e496..e23427a 100644 --- a/internal/config/config.proto +++ b/internal/config/config.proto @@ -74,5 +74,19 @@ message Config { // If "", log using the syslog (at MAIL|INFO priority). // Default: string mail_log_path = 12; -} + // EXPERIMENTAL - Enable dovecot authentication. + // Domains that don't have an user database will be authenticated via + // dovecot. + bool dovecot_auth = 13; + + // EXPERIMENTAL - Dovecot userdb path. If dovecot_auth is set and this + // is not, we will try to autodetect it. + // Example: /var/run/dovecot/auth-userdb + string dovecot_userdb_path = 14; + + // EXPERIMENTAL - Dovecot client path. If dovecot_auth is set and this + // is not, we will try to autodetect it. + // Example: /var/run/dovecot/auth-client + string dovecot_client_path = 15; +} diff --git a/test/t-11-dovecot/config/chasquid.conf b/test/t-11-dovecot/config/chasquid.conf new file mode 100644 index 0000000..e5c50a4 --- /dev/null +++ b/test/t-11-dovecot/config/chasquid.conf @@ -0,0 +1,14 @@ +smtp_address: ":1025" +submission_address: ":1587" +submission_over_tls_address: ":1465" +monitoring_address: ":1099" + +mail_delivery_agent_bin: "test-mda" +mail_delivery_agent_args: "%to%" + +data_dir: "../.data" +mail_log_path: "../.logs/mail_log" + +dovecot_auth: true +dovecot_userdb_path: "/tmp/chasquid-dovecot-test/run/auth-userdb" +dovecot_client_path: "/tmp/chasquid-dovecot-test/run/auth-client" diff --git a/test/t-11-dovecot/config/domains/srv/.keep b/test/t-11-dovecot/config/domains/srv/.keep new file mode 100644 index 0000000..e69de29 diff --git a/test/t-11-dovecot/config/dovecot.conf.in b/test/t-11-dovecot/config/dovecot.conf.in new file mode 100644 index 0000000..d770287 --- /dev/null +++ b/test/t-11-dovecot/config/dovecot.conf.in @@ -0,0 +1,45 @@ +base_dir = $ROOT/run/ +log_path = $ROOT/dovecot.log +ssl = no + +default_internal_user = $USER +default_login_user = $USER + + +passdb { + driver = passwd-file + args = $ROOT/passwd +} + +userdb { + driver = passwd-file + args = $ROOT/passwd +} + +service auth { + unix_listener auth { + mode = 0666 + } +} + +# Dovecot refuses to start without protocols, so we need to give it one. +protocols = imap + +service imap-login { + chroot = + inet_listener imap { + address = 127.0.0.1 + port = 0 + } +} + +service anvil { + chroot = +} + +# Turn on debugging information, to help troubleshooting issues. +auth_verbose = yes +auth_debug = yes +auth_debug_passwords = yes +auth_verbose_passwords = yes +mail_debug = yes diff --git a/test/t-11-dovecot/config/passwd b/test/t-11-dovecot/config/passwd new file mode 100644 index 0000000..0182c1a --- /dev/null +++ b/test/t-11-dovecot/config/passwd @@ -0,0 +1 @@ +user@srv:{plain}password:1000:1000::/home/user diff --git a/test/t-11-dovecot/content b/test/t-11-dovecot/content new file mode 100644 index 0000000..76a8b16 --- /dev/null +++ b/test/t-11-dovecot/content @@ -0,0 +1,4 @@ +Subject: Prueba desde el test + +Crece desde el test el futuro +Crece desde el test diff --git a/test/t-11-dovecot/hosts b/test/t-11-dovecot/hosts new file mode 100644 index 0000000..3ab990d --- /dev/null +++ b/test/t-11-dovecot/hosts @@ -0,0 +1 @@ +srv localhost diff --git a/test/t-11-dovecot/msmtprc b/test/t-11-dovecot/msmtprc new file mode 100644 index 0000000..99c540d --- /dev/null +++ b/test/t-11-dovecot/msmtprc @@ -0,0 +1,28 @@ +account default + +host srv +port 1587 + +tls on +tls_trust_file config/certs/srv/fullchain.pem + +from user@srv + +auth on +user user@srv +password password + +account smtpport : default +port 1025 + +account subm_tls : default +port 1465 +tls_starttls off + +account baduser : default +user unknownuser@srv +password secretpassword + +account badpasswd : default +user user@srv +password badsecretpassword diff --git a/test/t-11-dovecot/run.sh b/test/t-11-dovecot/run.sh new file mode 100755 index 0000000..6403056 --- /dev/null +++ b/test/t-11-dovecot/run.sh @@ -0,0 +1,73 @@ +#!/bin/bash +# +# This test checks that we can use dovecot as an authentication mechanism. +# +# Setup: +# - chasquid listening on :1025. +# - dovecot listening on unix sockets in .dovecot/ + +set -e +. $(dirname ${0})/../util/lib.sh + +init + +if ! dovecot --version > /dev/null; then + skip "dovecot not installed" + exit 0 +fi + +# Create a temporary directory for dovecot to use, and generate the dovecot +# config based on the template. +# Note the lenght of the path must be < 100, because unix sockets have a low +# limitation, so we use a directory in /tmp, which is not ideal, as a +# workaround. +export ROOT="/tmp/chasquid-dovecot-test" +mkdir -p $ROOT $ROOT/run +rm -f $ROOT/dovecot.log + +envsubst < config/dovecot.conf.in > $ROOT/dovecot.conf +cp -f config/passwd $ROOT/passwd + +dovecot -F -c $ROOT/dovecot.conf & + +# Early tests: run dovecot-auth-cli for testing purposes. These fail early if +# there are obvious problems. +OUT=$(dovecot-auth-cli $ROOT/run/auth exists user@srv || true) +if [ "$OUT" != "yes" ]; then + fail "user does not exist: $OUT" +fi + +OUT=$(dovecot-auth-cli $ROOT/run/auth auth user@srv password || true) +if [ "$OUT" != "yes" ]; then + fail "auth failed: $OUT" +fi + + +# Set up chasquid, using dovecot as authentication backend. +generate_certs_for srv + +mkdir -p .logs +chasquid -v=2 --logfile=.logs/chasquid.log --config_dir=config & +wait_until_ready 1025 + +# Send an email as user@srv successfully. +run_msmtp user@srv < content +wait_for_file .mail/user@srv +mail_diff content .mail/user@srv + +# Fail to send to nobody@srv (user does not exist). +if run_msmtp nobody@srv < content 2> /dev/null; then + fail "successfuly sent an email to a non-existent user" +fi + +# Fail to send from baduser@srv (user does not exist). +if run_msmtp -a baduser user@srv < content 2> /dev/null; then + fail "successfully sent an email with a bad user" +fi + +# Fail to send with an incorrect password. +if run_msmtp -a badpasswd user@srv < content 2> /dev/null; then + fail "successfully sent an email with a bad password" +fi + +success diff --git a/test/util/lib.sh b/test/util/lib.sh index 145f02d..aed646d 100644 --- a/test/util/lib.sh +++ b/test/util/lib.sh @@ -49,6 +49,10 @@ function add_user() { >> .add_user_logs } +function dovecot-auth-cli() { + go run ${TBASE}/../../cmd/dovecot-auth-cli/dovecot-auth-cli.go "$@" +} + function run_msmtp() { # msmtp will check that the rc file is only user readable. chmod 600 msmtprc