2020-04-26 19:36:03 +00:00
|
|
|
load 'test_helper/common'
|
|
|
|
|
2020-04-27 07:57:36 +00:00
|
|
|
# Test case
|
|
|
|
# ---------
|
|
|
|
# By default, this image is using audited FFDHE groups (https://github.com/tomav/docker-mailserver/pull/1463)
|
|
|
|
#
|
2020-04-27 08:42:47 +00:00
|
|
|
# This test case covers the described case when `ONE_DIR=0`.
|
2020-04-27 07:57:36 +00:00
|
|
|
#
|
|
|
|
# Description:
|
2020-04-27 08:42:47 +00:00
|
|
|
# - When custom DHE parameters are supplied by the user:
|
|
|
|
# ~ User supplied DHE parameters are copied to the configuration directories for postfix and dovecot.
|
|
|
|
# ~ A warning is raised about usage of insecure parameters.
|
2020-04-27 07:57:36 +00:00
|
|
|
|
|
|
|
|
2020-04-26 19:36:03 +00:00
|
|
|
function setup() {
|
2020-10-19 11:13:42 +00:00
|
|
|
run_setup_file_if_necessary
|
2020-04-26 19:36:03 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
function teardown() {
|
2020-10-19 11:13:42 +00:00
|
|
|
run_teardown_file_if_necessary
|
2020-04-26 19:36:03 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
function setup_file() {
|
2020-10-19 13:19:34 +00:00
|
|
|
local PRIVATE_CONFIG
|
|
|
|
PRIVATE_CONFIG=$(duplicate_config_for_container .)
|
2020-10-19 11:13:42 +00:00
|
|
|
# copy the custom DHE params in local config
|
|
|
|
cp "$(pwd)/test/test-files/ssl/custom-dhe-params.pem" "${PRIVATE_CONFIG}/dhparams.pem"
|
2020-04-26 19:36:03 +00:00
|
|
|
|
2020-10-19 11:13:42 +00:00
|
|
|
docker run -d --name mail_manual_dhparams_not_one_dir \
|
2020-10-18 13:44:01 +00:00
|
|
|
-v "${PRIVATE_CONFIG}":/tmp/docker-mailserver \
|
2020-10-19 11:13:42 +00:00
|
|
|
-v "$(pwd)/test/test-files":/tmp/docker-mailserver-test:ro \
|
2020-04-26 19:36:03 +00:00
|
|
|
-e DMS_DEBUG=0 \
|
|
|
|
-e ONE_DIR=0 \
|
2020-11-05 12:32:42 +00:00
|
|
|
-h mail.my-domain.com -t "${NAME}"
|
2020-04-26 19:36:03 +00:00
|
|
|
wait_for_finished_setup_in_container mail_manual_dhparams_not_one_dir
|
|
|
|
}
|
|
|
|
|
|
|
|
function teardown_file() {
|
2020-10-19 11:13:42 +00:00
|
|
|
docker rm -f mail_manual_dhparams_not_one_dir
|
2020-04-26 19:36:03 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
@test "first" {
|
|
|
|
skip 'this test must come first to reliably identify when to run setup_file'
|
|
|
|
}
|
|
|
|
|
|
|
|
@test "checking dhparams: ONE_DIR=0 check manual dhparams is used" {
|
2020-04-27 07:57:36 +00:00
|
|
|
test_checksum=$(sha512sum "$(pwd)/test/test-files/ssl/custom-dhe-params.pem" | awk '{print $1}')
|
2020-11-05 12:32:42 +00:00
|
|
|
run echo "${test_checksum}"
|
2020-04-26 19:36:03 +00:00
|
|
|
refute_output '' # checksum must not be empty
|
|
|
|
|
|
|
|
docker_dovecot_checksum=$(docker exec mail_manual_dhparams_not_one_dir sha512sum /etc/dovecot/dh.pem | awk '{print $1}')
|
|
|
|
docker_postfix_checksum=$(docker exec mail_manual_dhparams_not_one_dir sha512sum /etc/postfix/dhparams.pem | awk '{print $1}')
|
2020-11-05 12:32:42 +00:00
|
|
|
assert_equal "${docker_dovecot_checksum}" "${test_checksum}"
|
|
|
|
assert_equal "${docker_postfix_checksum}" "${test_checksum}"
|
2020-04-26 19:36:03 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
@test "checking dhparams: ONE_DIR=0 check warning output when using manual dhparams" {
|
|
|
|
run sh -c "docker logs mail_manual_dhparams_not_one_dir | grep 'Using self-generated dhparams is considered as insecure'"
|
|
|
|
assert_success
|
|
|
|
}
|
|
|
|
|
|
|
|
@test "last" {
|
|
|
|
skip 'this test is only there to reliably mark the end for the teardown_file'
|
|
|
|
}
|