From 9095ba380352f10024153ea29ee56631979426d9 Mon Sep 17 00:00:00 2001 From: Wolfgang Ocker Date: Tue, 3 Jan 2017 10:55:03 +0100 Subject: [PATCH] Fix #443 - RIMAP support (#448) * Add unit tests for #443 (rimap auth) * Fix #443 - configure rimap for saslauth * Fix #443 - reuse smtp-auth-login.txt when testing rimap auth --- Makefile | 12 +++++++++++- target/start-mailserver.sh | 16 ++++++++++++++-- test/tests.bats | 27 +++++++++++++++++++++++++++ 3 files changed, 52 insertions(+), 3 deletions(-) diff --git a/Makefile b/Makefile index a8022d1c..f01a1c63 100644 --- a/Makefile +++ b/Makefile @@ -99,6 +99,15 @@ run: -e POSTMASTER_ADDRESS=postmaster@localhost.localdomain \ --link ldap_for_mail:ldap \ -h mail.my-domain.com -t $(NAME) + sleep 15 + docker run -d --name mail_with_imap \ + -v "`pwd`/test/config":/tmp/docker-mailserver \ + -v "`pwd`/test":/tmp/docker-mailserver-test \ + -e ENABLE_SASLAUTHD=1 \ + -e SASLAUTHD_MECHANISMS=rimap \ + -e SASLAUTHD_MECH_OPTIONS=127.0.0.1 \ + -e POSTMASTER_ADDRESS=postmaster@localhost.localdomain \ + -h mail.my-domain.com -t $(NAME) # Wait for containers to fully start sleep 15 @@ -140,7 +149,8 @@ clean: mail_disabled_clamav_spamassassin \ mail_manual_ssl \ ldap_for_mail \ - mail_with_ldap + mail_with_ldap \ + mail_with_imap @if [ -f config/postfix-accounts.cf.bak ]; then\ rm -f config/postfix-accounts.cf ;\ diff --git a/target/start-mailserver.sh b/target/start-mailserver.sh index e0e1eaa5..bbe739a1 100644 --- a/target/start-mailserver.sh +++ b/target/start-mailserver.sh @@ -73,6 +73,7 @@ function register_functions() { if [ "$ENABLE_SASLAUTHD" = 1 ];then _register_setup_function "_setup_saslauthd" + _register_setup_function "_setup_postfix_sasl" fi _register_setup_function "_setup_dkim" @@ -451,11 +452,15 @@ function _setup_ldap() { postconf -e "virtual_alias_maps = ldap:/etc/postfix/ldap-aliases.cf, ldap:/etc/postfix/ldap-groups.cf" || \ notify 'inf' "==> Warning: /etc/postfix/ldap-aliases.cf or /etc/postfix/ldap-groups.cf not found" + return 0 +} + +function _setup_postfix_sasl() { [ ! -f /etc/postfix/sasl/smtpd.conf ] && cat > /etc/postfix/sasl/smtpd.conf << EOF pwcheck_method: saslauthd mech_list: plain login EOF -return 0 + return 0 } function _setup_saslauthd() { @@ -464,7 +469,7 @@ function _setup_saslauthd() { notify 'inf' "Configuring Cyrus SASL" # checking env vars and setting defaults [ -z $SASLAUTHD_MECHANISMS ] && SASLAUTHD_MECHANISMS=pam - [ -z $SASLAUTHD_LDAP_SEARCH_BASE ] && SASLAUTHD_MECHANISMS=pam + [ "$SASLAUTHD_MECHANISMS" = ldap -a -z $SASLAUTHD_LDAP_SEARCH_BASE ] && SASLAUTHD_MECHANISMS=pam [ -z $SASLAUTHD_LDAP_SERVER ] && SASLAUTHD_LDAP_SERVER=localhost [ -z $SASLAUTHD_LDAP_FILTER ] && SASLAUTHD_LDAP_FILTER='(&(uniqueIdentifier=%u)(mailEnabled=TRUE))' ([ -z $SASLAUTHD_LDAP_SSL ] || [ $SASLAUTHD_LDAP_SSL == 0 ]) && SASLAUTHD_LDAP_PROTO='ldap://' || SASLAUTHD_LDAP_PROTO='ldaps://' @@ -496,6 +501,13 @@ EOF -e "s|^MECHANISMS=.*|MECHANISMS="\"$SASLAUTHD_MECHANISMS\""|g" \ -e "s|^MECH_OPTIONS=.*|MECH_OPTIONS="\"$SASLAUTHD_MECH_OPTIONS\""|g" \ /etc/default/saslauthd + + if [ "$SASLAUTHD_MECHANISMS" = rimap ]; then + sed -i \ + -e 's|^OPTIONS="|OPTIONS="-r |g' \ + /etc/default/saslauthd + fi + sed -i \ -e "/smtpd_sasl_path =.*/d" \ -e "/smtpd_sasl_type =.*/d" \ diff --git a/test/tests.bats b/test/tests.bats index d1beb76e..3872111a 100644 --- a/test/tests.bats +++ b/test/tests.bats @@ -66,6 +66,11 @@ [ "$status" -eq 0 ] } +@test "checking process: saslauthd (saslauthd server enabled)" { + run docker exec mail_with_imap /bin/bash -c "ps aux --forest | grep -v grep | grep '/usr/sbin/saslauthd'" + [ "$status" -eq 0 ] +} + # # imap # @@ -881,3 +886,25 @@ run docker exec mail_with_ldap /bin/sh -c "nc -w 5 0.0.0.0 25 < /tmp/docker-mailserver-test/auth/sasl-ldap-smtp-auth.txt | grep 'Authentication successful'" [ "$status" -eq 0 ] } + + +# +# RIMAP +# + +# dovecot +@test "checking dovecot: ldap rimap connection and authentication works" { + run docker exec mail_with_imap /bin/sh -c "nc -w 1 0.0.0.0 143 < /tmp/docker-mailserver-test/auth/imap-auth.txt" + [ "$status" -eq 0 ] +} + +# saslauthd +@test "checking saslauthd: sasl rimap authentication works" { + run docker exec mail_with_imap bash -c "testsaslauthd -u user1@localhost.localdomain -p mypassword" + [ "$status" -eq 0 ] +} + +@test "checking saslauthd: rimap smtp authentication" { + run docker exec mail_with_imap /bin/sh -c "nc -w 5 0.0.0.0 25 < /tmp/docker-mailserver-test/auth/smtp-auth-login.txt | grep 'Authentication successful'" + [ "$status" -eq 0 ] +}