git » chasquid » master » tree

[master] / test / t-21-dkim / run.sh 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
#!/bin/bash

set -e
. "$(dirname "$0")/../util/lib.sh"

init
check_hostaliases

rm -rf .data-A .data-B .mail

# Build with the DNS override, so we can fake DNS records.
export GOTAGS="dnsoverride"

# srv-A has a pre-generated key, and the mail has a pre-generated header.
# Generate a key for srv-B, and append it to our statically configured zones.
# Use a fixed selector so we can be more thorough in from_B_to_A.expected.
rm -f B/domains/srv-b/*.pem
mkdir -p B/domains/srv-b/
CONFDIR=B chasquid-util dkim-keygen srv-b sel77 > /dev/null

cp zones .zones
CONFDIR=B chasquid-util dkim-dns srv-b | sed 's/"//g' >> .zones

# Launch minidns in the background using our configuration.
minidns_bg --addr=":9053" -zones=.zones >> .minidns.log 2>&1

# Two servers:
# A - listens on :1025, hosts srv-A
# B - listens on :2015, hosts srv-B

CONFDIR=A generate_certs_for srv-A
CONFDIR=A add_user user-a@srv-a nadaA

CONFDIR=B generate_certs_for srv-B
CONFDIR=B add_user user-b@srv-b nadaB

mkdir -p .logs-A .logs-B

chasquid -v=2 --logfile=.logs-A/chasquid.log --config_dir=A \
	--testing__dns_addr=127.0.0.1:9053 \
	--testing__outgoing_smtp_port=2025 &
chasquid -v=2 --logfile=.logs-B/chasquid.log --config_dir=B \
	--testing__dns_addr=127.0.0.1:9053 \
	--testing__outgoing_smtp_port=1025 &

wait_until_ready 1465
wait_until_ready 2465
wait_until_ready 9053

# Send from A to B.
smtpc --addr=localhost:1465 \
	--server_cert=A/certs/srv-A/fullchain.pem \
	--user=user-a@srv-a --password=nadaA \
	user-b@srv-b < from_A_to_B

wait_for_file .mail/user-b@srv-b
mail_diff from_A_to_B.expected .mail/user-b@srv-b

# Send from B to A.
smtpc --addr=localhost:2465 \
	--server_cert=B/certs/srv-B/fullchain.pem \
	--user=user-b@srv-b --password=nadaB \
	user-a@srv-a < from_B_to_A

wait_for_file .mail/user-a@srv-a
mail_diff from_B_to_A.expected .mail/user-a@srv-a

# Run chasquid-util dkim-verify to double check these are valid.
cat .zones | grep _domainkey.srv-b | sed 's/.*TXT//g' > .srv-b.dns.txt
CONFDIR=A chasquid-util dkim-verify -v "--txt=$(cat ./.srv-b.dns.txt)" \
	< .mail/user-a@srv-a > .chasquid-util-dkim-verify.out 2>&1
if ! grep -q ";dkim=pass" .chasquid-util-dkim-verify.out; then
	echo "chasquid-util dkim-verify output:"
	cat .chasquid-util-dkim-verify.out
	echo
	fail "Failed chasquid-util dkim-verify"
fi

# If driusan/dkim's dkimverify is available, use it to check the generated
# signature.
if dkimverify --help 2>&1 > /dev/null | grep -q -- "-txt string"; then
	# Verify B's signature only, because dkimverify only supports RSA.
	dkimverify -txt .srv-b.dns.txt < .mail/user-a@srv-a
else
	echo "skipped driusan's dkimverify cross-check (binary not available)"
fi

success