2023-01-30 16:27:06 +03:00
|
|
|
package mtastsdb
|
|
|
|
|
|
|
|
import (
|
|
|
|
"errors"
|
|
|
|
"fmt"
|
|
|
|
"net"
|
|
|
|
"net/http"
|
|
|
|
"os"
|
|
|
|
"path/filepath"
|
|
|
|
"reflect"
|
|
|
|
"testing"
|
|
|
|
"time"
|
|
|
|
|
|
|
|
"github.com/mjl-/mox/dns"
|
|
|
|
"github.com/mjl-/mox/mox-"
|
|
|
|
"github.com/mjl-/mox/mtasts"
|
|
|
|
)
|
|
|
|
|
|
|
|
func tcheckf(t *testing.T, err error, format string, args ...any) {
|
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("%s: %s", fmt.Sprintf(format, args...), err)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestDB(t *testing.T) {
|
2023-05-22 15:40:36 +03:00
|
|
|
mox.Shutdown = ctxbg
|
make mox compile on windows, without "mox serve" but with working "mox localserve"
getting mox to compile required changing code in only a few places where
package "syscall" was used: for accessing file access times and for umask
handling. an open problem is how to start a process as an unprivileged user on
windows. that's why "mox serve" isn't implemented yet. and just finding a way
to implement it now may not be good enough in the near future: we may want to
starting using a more complete privilege separation approach, with a process
handling sensitive tasks (handling private keys, authentication), where we may
want to pass file descriptors between processes. how would that work on
windows?
anyway, getting mox to compile for windows doesn't mean it works properly on
windows. the largest issue: mox would normally open a file, rename or remove
it, and finally close it. this happens during message delivery. that doesn't
work on windows, the rename/remove would fail because the file is still open.
so this commit swaps many "remove" and "close" calls. renames are a longer
story: message delivery had two ways to deliver: with "consuming" the
(temporary) message file (which would rename it to its final destination), and
without consuming (by hardlinking the file, falling back to copying). the last
delivery to a recipient of a message (and the only one in the common case of a
single recipient) would consume the message, and the earlier recipients would
not. during delivery, the already open message file was used, to parse the
message. we still want to use that open message file, and the caller now stays
responsible for closing it, but we no longer try to rename (consume) the file.
we always hardlink (or copy) during delivery (this works on windows), and the
caller is responsible for closing and removing (in that order) the original
temporary file. this does cost one syscall more. but it makes the delivery code
(responsibilities) a bit simpler.
there is one more obvious issue: the file system path separator. mox already
used the "filepath" package to join paths in many places, but not everywhere.
and it still used strings with slashes for local file access. with this commit,
the code now uses filepath.FromSlash for path strings with slashes, uses
"filepath" in a few more places where it previously didn't. also switches from
"filepath" to regular "path" package when handling mailbox names in a few
places, because those always use forward slashes, regardless of local file
system conventions. windows can handle forward slashes when opening files, so
test code that passes path strings with forward slashes straight to go stdlib
file i/o functions are left unchanged to reduce code churn. the regular
non-test code, or test code that uses path strings in places other than
standard i/o functions, does have the paths converted for consistent paths
(otherwise we would end up with paths with mixed forward/backward slashes in
log messages).
windows cannot dup a listening socket. for "mox localserve", it isn't
important, and we can work around the issue. the current approach for "mox
serve" (forking a process and passing file descriptors of listening sockets on
"privileged" ports) won't work on windows. perhaps it isn't needed on windows,
and any user can listen on "privileged" ports? that would be welcome.
on windows, os.Open cannot open a directory, so we cannot call Sync on it after
message delivery. a cursory internet search indicates that directories cannot
be synced on windows. the story is probably much more nuanced than that, with
long deep technical details/discussions/disagreement/confusion, like on unix.
for "mox localserve" we can get away with making syncdir a no-op.
2023-10-14 11:54:07 +03:00
|
|
|
mox.ConfigStaticPath = filepath.FromSlash("../testdata/mtasts/fake.conf")
|
2023-01-30 16:27:06 +03:00
|
|
|
mox.Conf.Static.DataDir = "."
|
|
|
|
|
|
|
|
dbpath := mox.DataDirPath("mtasts.db")
|
|
|
|
os.MkdirAll(filepath.Dir(dbpath), 0770)
|
|
|
|
os.Remove(dbpath)
|
|
|
|
defer os.Remove(dbpath)
|
|
|
|
|
|
|
|
if err := Init(false); err != nil {
|
|
|
|
t.Fatalf("init database: %s", err)
|
|
|
|
}
|
|
|
|
defer Close()
|
|
|
|
|
|
|
|
// Mock time.
|
|
|
|
now := time.Now().Round(0)
|
|
|
|
timeNow = func() time.Time { return now }
|
|
|
|
defer func() { timeNow = time.Now }()
|
|
|
|
|
2023-05-22 15:40:36 +03:00
|
|
|
if p, err := lookup(ctxbg, dns.Domain{ASCII: "example.com"}); err != ErrNotFound {
|
2023-01-30 16:27:06 +03:00
|
|
|
t.Fatalf("expected not found, got %v, %#v", err, p)
|
|
|
|
}
|
|
|
|
|
|
|
|
policy1 := mtasts.Policy{
|
|
|
|
Version: "STSv1",
|
|
|
|
Mode: mtasts.ModeTesting,
|
|
|
|
MX: []mtasts.STSMX{
|
|
|
|
{Domain: dns.Domain{ASCII: "mx1.example.com"}},
|
|
|
|
{Domain: dns.Domain{ASCII: "mx2.example.com"}},
|
|
|
|
{Domain: dns.Domain{ASCII: "mx.backup-example.com"}},
|
|
|
|
},
|
|
|
|
MaxAgeSeconds: 1296000,
|
|
|
|
}
|
2023-05-22 15:40:36 +03:00
|
|
|
if err := Upsert(ctxbg, dns.Domain{ASCII: "example.com"}, "123", &policy1); err != nil {
|
2023-01-30 16:27:06 +03:00
|
|
|
t.Fatalf("upsert record: %s", err)
|
|
|
|
}
|
2023-05-22 15:40:36 +03:00
|
|
|
if got, err := lookup(ctxbg, dns.Domain{ASCII: "example.com"}); err != nil {
|
2023-01-30 16:27:06 +03:00
|
|
|
t.Fatalf("lookup after insert: %s", err)
|
|
|
|
} else if !reflect.DeepEqual(got.Policy, policy1) {
|
|
|
|
t.Fatalf("mismatch between inserted and retrieved: got %#v, want %#v", got, policy1)
|
|
|
|
}
|
|
|
|
|
|
|
|
policy2 := mtasts.Policy{
|
|
|
|
Version: "STSv1",
|
|
|
|
Mode: mtasts.ModeEnforce,
|
|
|
|
MX: []mtasts.STSMX{
|
|
|
|
{Domain: dns.Domain{ASCII: "mx1.example.com"}},
|
|
|
|
},
|
|
|
|
MaxAgeSeconds: 360000,
|
|
|
|
}
|
2023-05-22 15:40:36 +03:00
|
|
|
if err := Upsert(ctxbg, dns.Domain{ASCII: "example.com"}, "124", &policy2); err != nil {
|
2023-01-30 16:27:06 +03:00
|
|
|
t.Fatalf("upsert record: %s", err)
|
|
|
|
}
|
2023-05-22 15:40:36 +03:00
|
|
|
if got, err := lookup(ctxbg, dns.Domain{ASCII: "example.com"}); err != nil {
|
2023-01-30 16:27:06 +03:00
|
|
|
t.Fatalf("lookup after insert: %s", err)
|
|
|
|
} else if !reflect.DeepEqual(got.Policy, policy2) {
|
|
|
|
t.Fatalf("mismatch between inserted and retrieved: got %v, want %v", got, policy2)
|
|
|
|
}
|
|
|
|
|
|
|
|
// Check if database holds expected record.
|
2023-05-22 15:40:36 +03:00
|
|
|
records, err := PolicyRecords(ctxbg)
|
2023-01-30 16:27:06 +03:00
|
|
|
tcheckf(t, err, "policyrecords")
|
|
|
|
expRecords := []PolicyRecord{
|
|
|
|
{"example.com", now, now.Add(time.Duration(policy2.MaxAgeSeconds) * time.Second), now, now, false, "124", policy2},
|
|
|
|
}
|
|
|
|
records[0].Policy = mtasts.Policy{}
|
|
|
|
expRecords[0].Policy = mtasts.Policy{}
|
|
|
|
if !reflect.DeepEqual(records, expRecords) {
|
|
|
|
t.Fatalf("records mismatch, got %#v, expected %#v", records, expRecords)
|
|
|
|
}
|
|
|
|
|
2023-05-22 15:40:36 +03:00
|
|
|
if err := Upsert(ctxbg, dns.Domain{ASCII: "other.example.com"}, "", nil); err != nil {
|
2023-01-30 16:27:06 +03:00
|
|
|
t.Fatalf("upsert record: %s", err)
|
|
|
|
}
|
2023-05-22 15:40:36 +03:00
|
|
|
records, err = PolicyRecords(ctxbg)
|
2023-01-30 16:27:06 +03:00
|
|
|
tcheckf(t, err, "policyrecords")
|
|
|
|
expRecords = []PolicyRecord{
|
|
|
|
{"other.example.com", now, now.Add(5 * 60 * time.Second), now, now, true, "", mtasts.Policy{Mode: mtasts.ModeNone, MaxAgeSeconds: 5 * 60}},
|
|
|
|
{"example.com", now, now.Add(time.Duration(policy2.MaxAgeSeconds) * time.Second), now, now, false, "124", policy2},
|
|
|
|
}
|
|
|
|
if !reflect.DeepEqual(records, expRecords) {
|
|
|
|
t.Fatalf("records mismatch, got %#v, expected %#v", records, expRecords)
|
|
|
|
}
|
|
|
|
|
2023-05-22 15:40:36 +03:00
|
|
|
if _, err := lookup(ctxbg, dns.Domain{ASCII: "other.example.com"}); err != ErrBackoff {
|
2023-01-30 16:27:06 +03:00
|
|
|
t.Fatalf("got %#v, expected ErrBackoff", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
resolver := dns.MockResolver{
|
|
|
|
TXT: map[string][]string{
|
|
|
|
"_mta-sts.example.com.": {"v=STSv1; id=124"},
|
|
|
|
"_mta-sts.other.example.com.": {"v=STSv1; id=1"},
|
|
|
|
"_mta-sts.temperror.example.com.": {""},
|
|
|
|
},
|
2023-10-12 17:07:25 +03:00
|
|
|
Fail: []string{
|
|
|
|
"txt _mta-sts.temperror.example.com.",
|
2023-01-30 16:27:06 +03:00
|
|
|
},
|
|
|
|
}
|
|
|
|
|
|
|
|
testGet := func(domain string, expPolicy *mtasts.Policy, expFresh bool, expErr error) {
|
|
|
|
t.Helper()
|
2023-05-22 15:40:36 +03:00
|
|
|
p, fresh, err := Get(ctxbg, resolver, dns.Domain{ASCII: domain})
|
2023-01-30 16:27:06 +03:00
|
|
|
if (err == nil) != (expErr == nil) || err != nil && !errors.Is(err, expErr) {
|
|
|
|
t.Fatalf("got err %v, expected %v", err, expErr)
|
|
|
|
}
|
|
|
|
if !reflect.DeepEqual(p, expPolicy) || fresh != expFresh {
|
|
|
|
t.Fatalf("got policy %#v, fresh %v, expected %#v, %v", p, fresh, expPolicy, expFresh)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
testGet("example.com", &policy2, true, nil)
|
|
|
|
testGet("other.example.com", nil, false, nil) // Back off, already in database.
|
|
|
|
testGet("absent.example.com", nil, true, nil) // No MTA-STS.
|
|
|
|
testGet("temperror.example.com", nil, false, mtasts.ErrDNS)
|
|
|
|
|
|
|
|
// Force refetch of policy, that will fail.
|
|
|
|
mtasts.HTTPClient.Transport = &http.Transport{
|
|
|
|
Dial: func(network, addr string) (net.Conn, error) {
|
|
|
|
return nil, fmt.Errorf("bad")
|
|
|
|
},
|
|
|
|
}
|
|
|
|
defer func() {
|
|
|
|
mtasts.HTTPClient.Transport = nil
|
|
|
|
}()
|
|
|
|
resolver.TXT["_mta-sts.example.com."] = []string{"v=STSv1; id=125"}
|
|
|
|
testGet("example.com", &policy2, false, nil)
|
|
|
|
|
|
|
|
// Cached policy but no longer a DNS record.
|
|
|
|
delete(resolver.TXT, "_mta-sts.example.com.")
|
|
|
|
testGet("example.com", &policy2, false, nil)
|
|
|
|
}
|