improve dhe tests documentation

This commit is contained in:
youtous 2020-04-27 09:57:36 +02:00
parent dff7355fa9
commit 149a10272c
No known key found for this signature in database
GPG key ID: 592173AE8CD254A5
4 changed files with 41 additions and 4 deletions

View file

@ -1,5 +1,17 @@
load 'test_helper/common'
# Test case
# ---------
# By default, this image is using audited FFDHE groups (https://github.com/tomav/docker-mailserver/pull/1463)
#
# This test suite cover the described situation for ONE_DIR=1 and for ONE_DIR=0.
#
# Description:
# - when using a default DHE parameters:
# ~ repo FFDHE4096 file is unchanged.
# ~ ffdhe4096 params file is copied in postfix and dovecot configuration.
function setup() {
run_setup_file_if_necessary
}

View file

@ -1,5 +1,18 @@
load 'test_helper/common'
# Test case
# ---------
# By default, this image is using audited FFDHE groups (https://github.com/tomav/docker-mailserver/pull/1463)
# However, an advanced user could want to supply custom DHE parameters.
#
# This test suite cover the described situation when ONE_DIR=0 is set.
#
# Description:
# - when using a CUSTOM DHE parameters:
# ~ custom dhe params file is copied in postfix and dovecot configuration.
# ~ a warning is raised about usage of insecure parameters.
function setup() {
run_setup_file_if_necessary
}
@ -10,7 +23,7 @@ function teardown() {
function setup_file() {
# copy the custom DHE params in local config
cp `pwd`/test/test-files/ssl/ffdhe2048.pem `pwd`/test/config/dhparams.pem
cp `pwd`/test/test-files/ssl/custom-dhe-params.pem `pwd`/test/config/dhparams.pem
docker run -d --name mail_manual_dhparams_not_one_dir \
-v "`pwd`/test/config":/tmp/docker-mailserver \
@ -33,7 +46,7 @@ function teardown_file() {
}
@test "checking dhparams: ONE_DIR=0 check manual dhparams is used" {
test_checksum=$(sha512sum "$(pwd)/test/test-files/ssl/ffdhe2048.pem" | awk '{print $1}')
test_checksum=$(sha512sum "$(pwd)/test/test-files/ssl/custom-dhe-params.pem" | awk '{print $1}')
run echo "$test_checksum"
refute_output '' # checksum must not be empty

View file

@ -1,5 +1,17 @@
load 'test_helper/common'
# Test case
# ---------
# By default, this image is using audited FFDHE groups (https://github.com/tomav/docker-mailserver/pull/1463)
# However, an advanced user could want to supply custom DHE parameters.
#
# This test suite cover the described situation when ONE_DIR=1 is set.
#
# Description:
# - when using a CUSTOM DHE parameters:
# ~ custom dhe params file is copied in postfix and dovecot configuration.
# ~ a warning is raised about usage of insecure parameters.
function setup() {
run_setup_file_if_necessary
}
@ -12,7 +24,7 @@ function setup_file() {
docker run -d --name mail_manual_dhparams_one_dir \
-v "`pwd`/test/config":/tmp/docker-mailserver \
-v "`pwd`/test/test-files":/tmp/docker-mailserver-test:ro \
-v "`pwd`/test/test-files/ssl/ffdhe2048.pem":/var/mail-state/lib-shared/dhparams.pem:ro \
-v "`pwd`/test/test-files/ssl/custom-dhe-params.pem":/var/mail-state/lib-shared/dhparams.pem:ro \
-e DMS_DEBUG=0 \
-e ONE_DIR=1 \
-h mail.my-domain.com -t ${NAME}
@ -29,7 +41,7 @@ function teardown_file() {
}
@test "checking dhparams: ONE_DIR=1 check manual dhparams is used" {
test_checksum=$(sha512sum "$(pwd)/test/test-files/ssl/ffdhe2048.pem" | awk '{print $1}')
test_checksum=$(sha512sum "$(pwd)/test/test-files/ssl/custom-dhe-params.pem" | awk '{print $1}')
run echo "$test_checksum"
refute_output '' # checksum must not be empty