aboutsummaryrefslogtreecommitdiffstats
path: root/test
diff options
context:
space:
mode:
authorVsevolod Stakhov <vsevolod@highsecure.ru>2018-06-12 17:34:42 +0100
committerVsevolod Stakhov <vsevolod@highsecure.ru>2018-06-12 17:34:42 +0100
commitd34f545496a366d720b36ec4b116ba7db04517f2 (patch)
tree1a24ed7beb99d8f67f8348314d218c8f091eb9e8 /test
parent0eef5c63eee8a25c4059d4c0687a79e616a7b4ac (diff)
downloadrspamd-d34f545496a366d720b36ec4b116ba7db04517f2.tar.gz
rspamd-d34f545496a366d720b36ec4b116ba7db04517f2.zip
[Test] Add tests for strict pubkey checking
Diffstat (limited to 'test')
-rw-r--r--test/functional/cases/131_dkim_signing/001_simple.robot6
-rw-r--r--test/functional/configs/dkim.conf5
-rw-r--r--test/functional/configs/dkim_signing/simple.conf2
-rw-r--r--test/functional/configs/plugins.conf57
-rw-r--r--test/functional/messages/dmarc/fail_none1.eml3
5 files changed, 52 insertions, 21 deletions
diff --git a/test/functional/cases/131_dkim_signing/001_simple.robot b/test/functional/cases/131_dkim_signing/001_simple.robot
index 66bcffe37..d5bd56841 100644
--- a/test/functional/cases/131_dkim_signing/001_simple.robot
+++ b/test/functional/cases/131_dkim_signing/001_simple.robot
@@ -8,6 +8,7 @@ Variables ${TESTDIR}/lib/vars.py
*** Variables ***
${CONFIG} ${TESTDIR}/configs/plugins.conf
${MESSAGE} ${TESTDIR}/messages/dmarc/fail_none.eml
+${MESSAGE_FAIL} ${TESTDIR}/messages/dmarc/fail_none1.eml
${REDIS_SCOPE} Suite
${RSPAMD_SCOPE} Suite
${URL_TLD} ${TESTDIR}/../lua/unit/test_tld.dat
@@ -23,6 +24,11 @@ TEST NOT SIGNED - USERNAME WRONG DOMAIN
Check Rspamc ${result} DKIM-Signature: inverse=1
Should Not Contain ${result.stdout} DKIM_SIGNED (1.00)
+TEST NOT SIGNED - USERNAME WRONG PUBKEY
+ ${result} = Scan Message With Rspamc ${MESSAGE_FAIL} -u bob@invalid.za.org
+ Check Rspamc ${result} DKIM-Signature: inverse=1
+ Should Not Contain ${result.stdout} DKIM_SIGNED (1.00)
+
*** Keywords ***
DKIM Signing Setup
${PLUGIN_CONFIG} = Get File ${TESTDIR}/configs/dkim_signing/simple.conf
diff --git a/test/functional/configs/dkim.conf b/test/functional/configs/dkim.conf
index d3593a12d..f4d7c96fd 100644
--- a/test/functional/configs/dkim.conf
+++ b/test/functional/configs/dkim.conf
@@ -8,6 +8,11 @@ options = {
name = "test._domainkey.example.com";
type = txt;
replies = ["k=ed25519; p=yi50DjK5O9pqbFpNHklsv9lqaS0ArSYu02qp1S0DW1Y="];
+ },
+ {
+ name = "dkim._domainkey.cacophony.za.org",
+ type = "txt";
+ replies = ["v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDXtxBE5IiNRMcq2/lc2zErfdCvDFyQNBnMjbOjBQrPST2k4fdGbtpe5Iu5uS01Met+dAEf94XL8I0hwmYw+n70PP834zfJGi2egwGqrakpaWsCDPvIJZLkxJCJKQRA/zrQ622uEXdvYixVbsEGVw7U4wAGSmT5rU2eU1y63AlOlQIDAQAB"];
}];
}
}
diff --git a/test/functional/configs/dkim_signing/simple.conf b/test/functional/configs/dkim_signing/simple.conf
index d233beff6..2302a0c4f 100644
--- a/test/functional/configs/dkim_signing/simple.conf
+++ b/test/functional/configs/dkim_signing/simple.conf
@@ -1,3 +1,5 @@
dkim_signing {
path = "${TESTDIR}/configs/dkim.key";
+ check_pubkey = true;
+ allow_pubkey_mismatch = false;
}
diff --git a/test/functional/configs/plugins.conf b/test/functional/configs/plugins.conf
index eb7971478..65141d5c0 100644
--- a/test/functional/configs/plugins.conf
+++ b/test/functional/configs/plugins.conf
@@ -1,31 +1,46 @@
options = {
- filters = ["spf", "dkim", "regexp"]
- url_tld = "${URL_TLD}"
- pidfile = "${TMPDIR}/rspamd.pid"
- lua_path = "${INSTALLROOT}/share/rspamd/lib/?.lua"
- dns {
- nameserver = ["8.8.8.8", "8.8.4.4"];
- retransmits = 10;
- timeout = 2s;
- }
+ filters = ["spf", "dkim", "regexp"]
+ url_tld = "${URL_TLD}"
+ pidfile = "${TMPDIR}/rspamd.pid"
+ lua_path = "${INSTALLROOT}/share/rspamd/lib/?.lua"
+ dns {
+ nameserver = ["8.8.8.8", "8.8.4.4"];
+ retransmits = 10;
+ timeout = 2s;
+ fake_records = [{ # ed25519
+ name = "test._domainkey.example.com";
+ type = txt;
+ replies = ["k=ed25519; p=yi50DjK5O9pqbFpNHklsv9lqaS0ArSYu02qp1S0DW1Y="];
+ },
+ {
+ name = "dkim._domainkey.cacophony.za.org",
+ type = "txt";
+ replies = ["v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDXtxBE5IiNRMcq2/lc2zErfdCvDFyQNBnMjbOjBQrPST2k4fdGbtpe5Iu5uS01Met+dAEf94XL8I0hwmYw+n70PP834zfJGi2egwGqrakpaWsCDPvIJZLkxJCJKQRA/zrQ622uEXdvYixVbsEGVw7U4wAGSmT5rU2eU1y63AlOlQIDAQAB"];
+ },
+ {
+ name = "dkim._domainkey.invalid.za.org",
+ type = "txt";
+ replies = ["v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDEEXmNGQq7PUrr9Mg4UakTFHgXBCy2DOztkrZm+0OrVWtiRzGluxBkbOWTBwuU3/Yw97yTphBMQxzWFN603/f/KPAQcF/Lc1l+6kmIBBxNXjjGuOK/3PYKZVntUdKmqcQBYfnHdzH2Tohbuyx1a7xqnv6VSChqQrZU4CwkeT3+eQIDAQAB"];
+ }];
+ }
}
logging = {
- type = "file",
- level = "debug"
- filename = "${TMPDIR}/rspamd.log"
+ type = "file",
+ level = "debug"
+ filename = "${TMPDIR}/rspamd.log"
}
metric = {
- name = "default",
- actions = {
- reject = 100500,
- }
- unknown_weight = 1
+ name = "default",
+ actions = {
+ reject = 100500,
+ }
+ unknown_weight = 1
}
worker {
- type = normal
- bind_socket = ${LOCAL_ADDR}:${PORT_NORMAL}
- count = 1
- task_timeout = 60s;
+ type = normal
+ bind_socket = ${LOCAL_ADDR}:${PORT_NORMAL}
+ count = 1
+ task_timeout = 60s;
}
worker {
type = controller
diff --git a/test/functional/messages/dmarc/fail_none1.eml b/test/functional/messages/dmarc/fail_none1.eml
new file mode 100644
index 000000000..1579bb71f
--- /dev/null
+++ b/test/functional/messages/dmarc/fail_none1.eml
@@ -0,0 +1,3 @@
+From: Rspamd <foo@invalid.za.org>
+
+hello