mirror of
https://blitiri.com.ar/repos/chasquid
synced 2026-01-07 17:47:14 +00:00
e2fdcb3705
This patch adds checks that verify: - The envelope from must match the authenticated user. This prevents impersonation at the envelope level (while still allowing bounces, of course). - If the destination is remote, then the user must have completed authentication. This prevents unauthorized relaying. The patch ends up adjusting quite a few tests, as they were not written considering these restrictions so they have to be changed accordingly.
38 lines
851 B
Bash
Executable File
38 lines
851 B
Bash
Executable File
#!/bin/bash
|
|
|
|
set -e
|
|
. $(dirname ${0})/../util/lib.sh
|
|
|
|
init
|
|
|
|
generate_certs_for testserver
|
|
|
|
mkdir -p .logs
|
|
chasquid -v=2 --log_dir=.logs --config_dir=config &
|
|
wait_until_ready 1025
|
|
|
|
run_msmtp someone@testserver < content
|
|
|
|
wait_for_file .mail/someone@testserver
|
|
|
|
mail_diff content .mail/someone@testserver
|
|
|
|
# At least for now, we allow AUTH over the SMTP port to avoid unnecessary
|
|
# complexity, so we expect it to work.
|
|
if ! run_msmtp -a smtpport someone@testserver < content 2> /dev/null; then
|
|
echo "ERROR: failed auth on the SMTP port"
|
|
exit 1
|
|
fi
|
|
|
|
if run_msmtp -a baduser someone@testserver < content 2> /dev/null; then
|
|
echo "ERROR: successfully sent an email with a bad password"
|
|
exit 1
|
|
fi
|
|
|
|
if run_msmtp -a badpasswd someone@testserver < content 2> /dev/null; then
|
|
echo "ERROR: successfully sent an email with a bad password"
|
|
exit 1
|
|
fi
|
|
|
|
success
|