feat: add integration test between easywks server and client
This commit is contained in:
parent
3174aff2bc
commit
dadbcdbf3f
7 changed files with 149 additions and 0 deletions
|
@ -72,3 +72,65 @@ jobs:
|
||||||
gpg --auto-key-locate=clear,wkd,nodefault --locate-keys alice@example.org
|
gpg --auto-key-locate=clear,wkd,nodefault --locate-keys alice@example.org
|
||||||
kill %2 || true
|
kill %2 || true
|
||||||
kill %1 || true
|
kill %1 || true
|
||||||
|
|
||||||
|
easywksserver_easywksclient:
|
||||||
|
runs-on: docker
|
||||||
|
steps:
|
||||||
|
- uses: https://code.forgejo.org/actions/checkout@v4
|
||||||
|
- name: Integration Test against easywks-client
|
||||||
|
run: |
|
||||||
|
# General system setup
|
||||||
|
useradd -d /home/alice -m alice
|
||||||
|
useradd -d /home/webkey -m webkey
|
||||||
|
echo alice:supersecurepassword | chpasswd
|
||||||
|
echo "postfix postfix/mailname string example.org" | debconf-set-selections
|
||||||
|
echo "postfix postfix/main_mailer_type string 'Local only'" | debconf-set-selections
|
||||||
|
apt update; apt install --yes gnupg2 ca-certificates python3-pip apache2 dovecot-imapd postfix expect
|
||||||
|
echo "openpgpkey" > /etc/hostname
|
||||||
|
echo "127.0.0.1 openpgpkey.example.org openpgpkey example.org" > /etc/hosts
|
||||||
|
pip3 install --break-system-packages -e .[test]
|
||||||
|
openssl req -x509 -newkey rsa:4096 -keyout /etc/ssl/key.pem -out /etc/ssl/cert.pem -sha256 -days 365 -nodes -subj '/CN=openpgpkey.example.org' -addext 'subjectAltName=DNS:openpgpkey.example.org,DNS:example.org'
|
||||||
|
cp /etc/ssl/cert.pem /usr/local/share/ca-certificates/local.crt
|
||||||
|
update-ca-certificates
|
||||||
|
# Setup Apache
|
||||||
|
a2enmod ssl proxy_http rewrite
|
||||||
|
rm /etc/apache2/sites-enabled/000-default.conf
|
||||||
|
cp test/apache.conf /etc/apache2/sites-enabled/easywks.conf
|
||||||
|
apache2ctl start
|
||||||
|
mkdir -p /var/www/html/.well-known/autoconfig/mail/
|
||||||
|
cp test/config-v1.1.xml /var/www/html/.well-known/autoconfig/mail/config-v1.1.xml
|
||||||
|
# Setup Dovecot
|
||||||
|
cp test/dovecot.conf /etc/dovecot/conf.d/99-local.conf
|
||||||
|
dovecot -F &
|
||||||
|
# Setup Postfix
|
||||||
|
/usr/lib/postfix/configure-instance.sh -
|
||||||
|
cp test/transport /etc/postfix/transport
|
||||||
|
postmap /etc/postfix/transport
|
||||||
|
postconf smtpd_tls_cert_file=/etc/ssl/cert.pem
|
||||||
|
postconf smtpd_tls_key_file=/etc/ssl/key.pem
|
||||||
|
postconf transport_maps=hash:/etc/postfix/transport
|
||||||
|
postconf smtpd_sasl_type=dovecot
|
||||||
|
postconf smtpd_sasl_path=private/auth
|
||||||
|
postconf smtpd_sasl_auth_enable=yes
|
||||||
|
/usr/sbin/postmulti -i - -p start
|
||||||
|
# Setup EasyWKS
|
||||||
|
mkdir -p /tmp/easywks
|
||||||
|
cp test/easywks.yml /tmp/easywks.yml
|
||||||
|
easywks --config /tmp/easywks.yml init
|
||||||
|
easywks --config /tmp/easywks.yml webserver &
|
||||||
|
easywks --config /tmp/easywks.yml lmtpd &
|
||||||
|
sleep 3
|
||||||
|
# Run the test
|
||||||
|
install -m 0700 -d /tmp/gpg /tmp/cleangpg
|
||||||
|
export GNUPGHOME=/tmp/gpg
|
||||||
|
test/genkey.sh alice@example.org
|
||||||
|
export FINGERPRINT="$(gpg --with-colons --fingerprint alice@example.org | grep -A1 ^pub | grep ^fpr | cut -d: -f10)"
|
||||||
|
test/expect
|
||||||
|
gpg --auto-key-locate=clear,wkd,nodefault --locate-keys alice@example.org
|
||||||
|
# Teardown
|
||||||
|
apache2ctl stop
|
||||||
|
doveadm stop
|
||||||
|
/usr/sbin/postmulti -i - -p stop
|
||||||
|
kill %1 || true
|
||||||
|
kill %2 || true
|
||||||
|
sleep 5 # wait for daemons to terminate
|
||||||
|
|
24
test/apache.conf
Normal file
24
test/apache.conf
Normal file
|
@ -0,0 +1,24 @@
|
||||||
|
ServerName example.org
|
||||||
|
|
||||||
|
<VirtualHost *:80>
|
||||||
|
ServerName example.org
|
||||||
|
ServerAlias openpgpkey.example.org
|
||||||
|
ServerAlias openpgpkey
|
||||||
|
DocumentRoot /var/www/html
|
||||||
|
RewriteEngine On
|
||||||
|
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI}
|
||||||
|
</VirtualHost>
|
||||||
|
|
||||||
|
<VirtualHost *:443>
|
||||||
|
ServerName example.org
|
||||||
|
ServerAlias openpgpkey.example.org
|
||||||
|
ServerAlias openpgpkey
|
||||||
|
DocumentRoot /var/www/html
|
||||||
|
|
||||||
|
SSLEngine On
|
||||||
|
SSLCertificateFile /etc/ssl/cert.pem
|
||||||
|
SSLCertificateKeyFile /etc/ssl/key.pem
|
||||||
|
|
||||||
|
ProxyPass /.well-known/openpgpkey http://localhost:8080/.well-known/openpgpkey
|
||||||
|
ProxyPassReverse /.well-known/openpgpkey http://localhost:8080/.well-known/openpgpkey
|
||||||
|
</VirtualHost>
|
22
test/config-v1.1.xml
Normal file
22
test/config-v1.1.xml
Normal file
|
@ -0,0 +1,22 @@
|
||||||
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
|
<clientConfig version="1.1">
|
||||||
|
<emailProvider id="example.org">
|
||||||
|
<domain>example.org</domain>
|
||||||
|
<displayName>EasyWKS Example</displayName>
|
||||||
|
<displayShortName>Example</displayShortName>
|
||||||
|
<incomingServer type="imap">
|
||||||
|
<hostname>example.org</hostname>
|
||||||
|
<port>993</port>
|
||||||
|
<socketType>SSL</socketType>
|
||||||
|
<authentication>password-cleartext</authentication>
|
||||||
|
<username>%EMAILLOCALPART%</username>
|
||||||
|
</incomingServer>
|
||||||
|
<outgoingServer type="smtp">
|
||||||
|
<hostname>example.org</hostname>
|
||||||
|
<port>25</port>
|
||||||
|
<socketType>STARTTLS</socketType>
|
||||||
|
<authentication>password-cleartext</authentication>
|
||||||
|
<username>%EMAILLOCALPART%</username>
|
||||||
|
</outgoingServer>
|
||||||
|
</emailProvider>
|
||||||
|
</clientConfig>
|
8
test/dovecot.conf
Normal file
8
test/dovecot.conf
Normal file
|
@ -0,0 +1,8 @@
|
||||||
|
service auth {
|
||||||
|
unix_listener /var/spool/postfix/private/auth {
|
||||||
|
mode = 0666
|
||||||
|
}
|
||||||
|
}
|
||||||
|
ssl_cert = </etc/ssl/cert.pem
|
||||||
|
ssl_key = </etc/ssl/key.pem
|
||||||
|
log_path = /dev/stderr
|
13
test/easywks.yml
Normal file
13
test/easywks.yml
Normal file
|
@ -0,0 +1,13 @@
|
||||||
|
directory: /tmp/easywks
|
||||||
|
httpd:
|
||||||
|
host: 127.0.0.1
|
||||||
|
port: 8080
|
||||||
|
lmtpd:
|
||||||
|
host: 127.0.0.1
|
||||||
|
port: 8024
|
||||||
|
mailing_method: smtp
|
||||||
|
domains:
|
||||||
|
example.org:
|
||||||
|
submission_address: webkey@example.org
|
||||||
|
policy_flags:
|
||||||
|
me.s3lph.easywks_permit-unsigned-response: true # required for gpg-wks-client compat
|
19
test/expect
Executable file
19
test/expect
Executable file
|
@ -0,0 +1,19 @@
|
||||||
|
#!/usr/bin/expect -f
|
||||||
|
spawn ./client.py
|
||||||
|
expect "Enter email: "
|
||||||
|
send "alice@example.org\n"
|
||||||
|
expect "Chose $env(FINGERPRINT)"
|
||||||
|
expect "Enter IMAP/POP3/SMTP password (will not echo): "
|
||||||
|
send "supersecurepassword\n"
|
||||||
|
expect "Autoconfigured incoming server"
|
||||||
|
expect "Autoconfigured outgoing server"
|
||||||
|
expect "Please confirm: \[Y/n\] "
|
||||||
|
send "y\n"
|
||||||
|
expect "Sending submission request"
|
||||||
|
expect "Awaiting response"
|
||||||
|
expect "Received confirmation request"
|
||||||
|
expect "Creating confirmation response."
|
||||||
|
expect "Sending confirmation response"
|
||||||
|
expect "Awaiting publish response"
|
||||||
|
expect "Your key has been published to the Web Key Directory."
|
||||||
|
expect eof
|
1
test/transport
Normal file
1
test/transport
Normal file
|
@ -0,0 +1 @@
|
||||||
|
webkey@example.org lmtp:[127.0.0.1]:8024
|
Loading…
Reference in a new issue