mirror of
https://github.com/mjl-/mox.git
synced 2024-12-25 16:03:48 +03:00
8804d6b60e
the imap & smtp servers now allow logging in with tls client authentication and the "external" sasl authentication mechanism. email clients like thunderbird, fairemail, k9, macos mail implement it. this seems to be the most secure among the authentication mechanism commonly implemented by clients. a useful property is that an account can have a separate tls public key for each device/email client. with tls client cert auth, authentication is also bound to the tls connection. a mitm cannot pass the credentials on to another tls connection, similar to scram-*-plus. though part of scram-*-plus is that clients verify that the server knows the client credentials. for tls client auth with imap, we send a "preauth" untagged message by default. that puts the connection in authenticated state. given the imap connection state machine, further authentication commands are not allowed. some clients don't recognize the preauth message, and try to authenticate anyway, which fails. a tls public key has a config option to disable preauth, keeping new connections in unauthenticated state, to work with such email clients. for smtp (submission), we don't require an explicit auth command. both for imap and smtp, we allow a client to authenticate with another mechanism than "external". in that case, credentials are verified, and have to be for the same account as the tls client auth, but the adress can be another one than the login address configured with the tls public key. only the public key is used to identify the account that is authenticating. we ignore the rest of the certificate. expiration dates, names, constraints, etc are not verified. no certificate authorities are involved. users can upload their own (minimal) certificate. the account web interface shows openssl commands you can run to generate a private key, minimal cert, and a p12 file (the format that email clients seem to like...) containing both private key and certificate. the imapclient & smtpclient packages can now also use tls client auth. and so does "mox sendmail", either with a pem file with private key and certificate, or with just an ed25519 private key. there are new subcommands "mox config tlspubkey ..." for adding/removing/listing tls public keys from the cli, by the admin.
734 lines
20 KiB
Go
734 lines
20 KiB
Go
package imapserver
|
|
|
|
import (
|
|
"context"
|
|
"crypto/ed25519"
|
|
cryptorand "crypto/rand"
|
|
"crypto/tls"
|
|
"crypto/x509"
|
|
"fmt"
|
|
"math/big"
|
|
"net"
|
|
"os"
|
|
"path/filepath"
|
|
"reflect"
|
|
"strings"
|
|
"testing"
|
|
"time"
|
|
|
|
"github.com/mjl-/mox/imapclient"
|
|
"github.com/mjl-/mox/mlog"
|
|
"github.com/mjl-/mox/mox-"
|
|
"github.com/mjl-/mox/moxvar"
|
|
"github.com/mjl-/mox/store"
|
|
)
|
|
|
|
var ctxbg = context.Background()
|
|
var pkglog = mlog.New("imapserver", nil)
|
|
|
|
func init() {
|
|
sanityChecks = true
|
|
|
|
// Don't slow down tests.
|
|
badClientDelay = 0
|
|
authFailDelay = 0
|
|
}
|
|
|
|
func tocrlf(s string) string {
|
|
return strings.ReplaceAll(s, "\n", "\r\n")
|
|
}
|
|
|
|
// From ../rfc/3501:2589
|
|
var exampleMsg = tocrlf(`Date: Mon, 7 Feb 1994 21:52:25 -0800 (PST)
|
|
From: Fred Foobar <foobar@Blurdybloop.example>
|
|
Subject: afternoon meeting
|
|
To: mooch@owatagu.siam.edu.example
|
|
Message-Id: <B27397-0100000@Blurdybloop.example>
|
|
MIME-Version: 1.0
|
|
Content-Type: TEXT/PLAIN; CHARSET=US-ASCII
|
|
|
|
Hello Joe, do you think we can meet at 3:30 tomorrow?
|
|
|
|
`)
|
|
|
|
/*
|
|
From ../rfc/2049:801
|
|
|
|
Message structure:
|
|
|
|
Message - multipart/mixed
|
|
Part 1 - no content-type
|
|
Part 2 - text/plain
|
|
Part 3 - multipart/parallel
|
|
Part 3.1 - audio/basic (base64)
|
|
Part 3.2 - image/jpeg (base64, empty)
|
|
Part 4 - text/enriched
|
|
Part 5 - message/rfc822
|
|
Part 5.1 - text/plain (quoted-printable)
|
|
*/
|
|
var nestedMessage = tocrlf(`MIME-Version: 1.0
|
|
From: Nathaniel Borenstein <nsb@nsb.fv.com>
|
|
To: Ned Freed <ned@innosoft.com>
|
|
Date: Fri, 07 Oct 1994 16:15:05 -0700 (PDT)
|
|
Subject: A multipart example
|
|
Content-Type: multipart/mixed;
|
|
boundary=unique-boundary-1
|
|
|
|
This is the preamble area of a multipart message.
|
|
Mail readers that understand multipart format
|
|
should ignore this preamble.
|
|
|
|
If you are reading this text, you might want to
|
|
consider changing to a mail reader that understands
|
|
how to properly display multipart messages.
|
|
|
|
--unique-boundary-1
|
|
|
|
... Some text appears here ...
|
|
|
|
[Note that the blank between the boundary and the start
|
|
of the text in this part means no header fields were
|
|
given and this is text in the US-ASCII character set.
|
|
It could have been done with explicit typing as in the
|
|
next part.]
|
|
|
|
--unique-boundary-1
|
|
Content-type: text/plain; charset=US-ASCII
|
|
|
|
This could have been part of the previous part, but
|
|
illustrates explicit versus implicit typing of body
|
|
parts.
|
|
|
|
--unique-boundary-1
|
|
Content-Type: multipart/parallel; boundary=unique-boundary-2
|
|
|
|
--unique-boundary-2
|
|
Content-Type: audio/basic
|
|
Content-Transfer-Encoding: base64
|
|
|
|
aGVsbG8NCndvcmxkDQo=
|
|
|
|
--unique-boundary-2
|
|
Content-Type: image/jpeg
|
|
Content-Transfer-Encoding: base64
|
|
|
|
|
|
--unique-boundary-2--
|
|
|
|
--unique-boundary-1
|
|
Content-type: text/enriched
|
|
|
|
This is <bold><italic>enriched.</italic></bold>
|
|
<smaller>as defined in RFC 1896</smaller>
|
|
|
|
Isn't it
|
|
<bigger><bigger>cool?</bigger></bigger>
|
|
|
|
--unique-boundary-1
|
|
Content-Type: message/rfc822
|
|
|
|
From: info@mox.example
|
|
To: mox <info@mox.example>
|
|
Subject: (subject in US-ASCII)
|
|
Content-Type: Text/plain; charset=ISO-8859-1
|
|
Content-Transfer-Encoding: Quoted-printable
|
|
|
|
... Additional text in ISO-8859-1 goes here ...
|
|
|
|
--unique-boundary-1--
|
|
`)
|
|
|
|
func tcheck(t *testing.T, err error, msg string) {
|
|
t.Helper()
|
|
if err != nil {
|
|
t.Fatalf("%s: %s", msg, err)
|
|
}
|
|
}
|
|
|
|
func mockUIDValidity() func() {
|
|
orig := store.InitialUIDValidity
|
|
store.InitialUIDValidity = func() uint32 {
|
|
return 1
|
|
}
|
|
return func() {
|
|
store.InitialUIDValidity = orig
|
|
}
|
|
}
|
|
|
|
type testconn struct {
|
|
t *testing.T
|
|
conn net.Conn
|
|
client *imapclient.Conn
|
|
done chan struct{}
|
|
serverConn net.Conn
|
|
account *store.Account
|
|
switchStop func()
|
|
|
|
// Result of last command.
|
|
lastUntagged []imapclient.Untagged
|
|
lastResult imapclient.Result
|
|
lastErr error
|
|
}
|
|
|
|
func (tc *testconn) check(err error, msg string) {
|
|
tc.t.Helper()
|
|
if err != nil {
|
|
tc.t.Fatalf("%s: %s", msg, err)
|
|
}
|
|
}
|
|
|
|
func (tc *testconn) last(l []imapclient.Untagged, r imapclient.Result, err error) {
|
|
tc.lastUntagged = l
|
|
tc.lastResult = r
|
|
tc.lastErr = err
|
|
}
|
|
|
|
func (tc *testconn) xcode(s string) {
|
|
tc.t.Helper()
|
|
if tc.lastResult.Code != s {
|
|
tc.t.Fatalf("got last code %q, expected %q", tc.lastResult.Code, s)
|
|
}
|
|
}
|
|
|
|
func (tc *testconn) xcodeArg(v any) {
|
|
tc.t.Helper()
|
|
if !reflect.DeepEqual(tc.lastResult.CodeArg, v) {
|
|
tc.t.Fatalf("got last code argument %v, expected %v", tc.lastResult.CodeArg, v)
|
|
}
|
|
}
|
|
|
|
func (tc *testconn) xuntagged(exps ...imapclient.Untagged) {
|
|
tc.t.Helper()
|
|
tc.xuntaggedOpt(true, exps...)
|
|
}
|
|
|
|
func (tc *testconn) xuntaggedOpt(all bool, exps ...imapclient.Untagged) {
|
|
tc.t.Helper()
|
|
last := append([]imapclient.Untagged{}, tc.lastUntagged...)
|
|
var mismatch any
|
|
next:
|
|
for ei, exp := range exps {
|
|
for i, l := range last {
|
|
if reflect.TypeOf(l) != reflect.TypeOf(exp) {
|
|
continue
|
|
}
|
|
if !reflect.DeepEqual(l, exp) {
|
|
mismatch = l
|
|
continue
|
|
}
|
|
copy(last[i:], last[i+1:])
|
|
last = last[:len(last)-1]
|
|
continue next
|
|
}
|
|
if mismatch != nil {
|
|
tc.t.Fatalf("untagged data mismatch, got:\n\t%T %#v\nexpected:\n\t%T %#v", mismatch, mismatch, exp, exp)
|
|
}
|
|
var next string
|
|
if len(tc.lastUntagged) > 0 {
|
|
next = fmt.Sprintf(", next %#v", tc.lastUntagged[0])
|
|
}
|
|
tc.t.Fatalf("did not find untagged response %#v %T (%d) in %v%s", exp, exp, ei, tc.lastUntagged, next)
|
|
}
|
|
if len(last) > 0 && all {
|
|
tc.t.Fatalf("leftover untagged responses %v", last)
|
|
}
|
|
}
|
|
|
|
func tuntagged(t *testing.T, got imapclient.Untagged, dst any) {
|
|
t.Helper()
|
|
gotv := reflect.ValueOf(got)
|
|
dstv := reflect.ValueOf(dst)
|
|
if gotv.Type() != dstv.Type().Elem() {
|
|
t.Fatalf("got %v, expected %v", gotv.Type(), dstv.Type().Elem())
|
|
}
|
|
dstv.Elem().Set(gotv)
|
|
}
|
|
|
|
func (tc *testconn) xnountagged() {
|
|
tc.t.Helper()
|
|
if len(tc.lastUntagged) != 0 {
|
|
tc.t.Fatalf("got %v untagged, expected 0", tc.lastUntagged)
|
|
}
|
|
}
|
|
|
|
func (tc *testconn) transactf(status, format string, args ...any) {
|
|
tc.t.Helper()
|
|
tc.cmdf("", format, args...)
|
|
tc.response(status)
|
|
}
|
|
|
|
func (tc *testconn) response(status string) {
|
|
tc.t.Helper()
|
|
tc.lastUntagged, tc.lastResult, tc.lastErr = tc.client.Response()
|
|
tcheck(tc.t, tc.lastErr, "read imap response")
|
|
if strings.ToUpper(status) != string(tc.lastResult.Status) {
|
|
tc.t.Fatalf("got status %q, expected %q", tc.lastResult.Status, status)
|
|
}
|
|
}
|
|
|
|
func (tc *testconn) cmdf(tag, format string, args ...any) {
|
|
tc.t.Helper()
|
|
err := tc.client.Commandf(tag, format, args...)
|
|
tcheck(tc.t, err, "writing imap command")
|
|
}
|
|
|
|
func (tc *testconn) readstatus(status string) {
|
|
tc.t.Helper()
|
|
tc.response(status)
|
|
}
|
|
|
|
func (tc *testconn) readprefixline(pre string) {
|
|
tc.t.Helper()
|
|
line, err := tc.client.Readline()
|
|
tcheck(tc.t, err, "read line")
|
|
if !strings.HasPrefix(line, pre) {
|
|
tc.t.Fatalf("expected prefix %q, got %q", pre, line)
|
|
}
|
|
}
|
|
|
|
func (tc *testconn) writelinef(format string, args ...any) {
|
|
tc.t.Helper()
|
|
err := tc.client.Writelinef(format, args...)
|
|
tcheck(tc.t, err, "write line")
|
|
}
|
|
|
|
// wait at most 1 second for server to quit.
|
|
func (tc *testconn) waitDone() {
|
|
tc.t.Helper()
|
|
t := time.NewTimer(time.Second)
|
|
select {
|
|
case <-tc.done:
|
|
t.Stop()
|
|
case <-t.C:
|
|
tc.t.Fatalf("server not done within 1s")
|
|
}
|
|
}
|
|
|
|
func (tc *testconn) close() {
|
|
if tc.account == nil {
|
|
// Already closed, we are not strict about closing multiple times.
|
|
return
|
|
}
|
|
err := tc.account.Close()
|
|
tc.check(err, "close account")
|
|
// no account.CheckClosed(), the tests open accounts multiple times.
|
|
tc.account = nil
|
|
tc.client.Close()
|
|
tc.serverConn.Close()
|
|
tc.waitDone()
|
|
if tc.switchStop != nil {
|
|
tc.switchStop()
|
|
}
|
|
}
|
|
|
|
func xparseNumSet(s string) imapclient.NumSet {
|
|
ns, err := imapclient.ParseNumSet(s)
|
|
if err != nil {
|
|
panic(fmt.Sprintf("parsing numset %s: %s", s, err))
|
|
}
|
|
return ns
|
|
}
|
|
|
|
var connCounter int64
|
|
|
|
func start(t *testing.T) *testconn {
|
|
return startArgs(t, true, false, true, true, "mjl")
|
|
}
|
|
|
|
func startNoSwitchboard(t *testing.T) *testconn {
|
|
return startArgs(t, false, false, true, false, "mjl")
|
|
}
|
|
|
|
const password0 = "te\u0301st \u00a0\u2002\u200a" // NFD and various unicode spaces.
|
|
const password1 = "tést " // PRECIS normalized, with NFC.
|
|
|
|
func startArgs(t *testing.T, first, immediateTLS bool, allowLoginWithoutTLS, setPassword bool, accname string) *testconn {
|
|
return startArgsMore(t, first, immediateTLS, nil, nil, allowLoginWithoutTLS, false, setPassword, accname, nil)
|
|
}
|
|
|
|
// todo: the parameters and usage are too much now. change to scheme similar to smtpserver, with params in a struct, and a separate method for init and making a connection.
|
|
func startArgsMore(t *testing.T, first, immediateTLS bool, serverConfig, clientConfig *tls.Config, allowLoginWithoutTLS, noCloseSwitchboard, setPassword bool, accname string, afterInit func() error) *testconn {
|
|
limitersInit() // Reset rate limiters.
|
|
|
|
mox.Context = ctxbg
|
|
mox.ConfigStaticPath = filepath.FromSlash("../testdata/imap/mox.conf")
|
|
mox.MustLoadConfig(true, false)
|
|
if first {
|
|
store.Close() // May not be open, we ignore error.
|
|
os.RemoveAll("../testdata/imap/data")
|
|
err := store.Init(ctxbg)
|
|
tcheck(t, err, "store init")
|
|
}
|
|
acc, err := store.OpenAccount(pkglog, accname)
|
|
tcheck(t, err, "open account")
|
|
if setPassword {
|
|
err = acc.SetPassword(pkglog, password0)
|
|
tcheck(t, err, "set password")
|
|
}
|
|
switchStop := func() {}
|
|
if first {
|
|
switchStop = store.Switchboard()
|
|
}
|
|
|
|
if afterInit != nil {
|
|
err := afterInit()
|
|
tcheck(t, err, "after init")
|
|
}
|
|
|
|
serverConn, clientConn := net.Pipe()
|
|
|
|
if serverConfig == nil {
|
|
serverConfig = &tls.Config{
|
|
Certificates: []tls.Certificate{fakeCert(t, false)},
|
|
}
|
|
}
|
|
if immediateTLS {
|
|
if clientConfig == nil {
|
|
clientConfig = &tls.Config{InsecureSkipVerify: true}
|
|
}
|
|
clientConn = tls.Client(clientConn, clientConfig)
|
|
}
|
|
|
|
done := make(chan struct{})
|
|
connCounter++
|
|
cid := connCounter
|
|
go func() {
|
|
serve("test", cid, serverConfig, serverConn, immediateTLS, allowLoginWithoutTLS)
|
|
if !noCloseSwitchboard {
|
|
switchStop()
|
|
}
|
|
close(done)
|
|
}()
|
|
client, err := imapclient.New(clientConn, true)
|
|
tcheck(t, err, "new client")
|
|
tc := &testconn{t: t, conn: clientConn, client: client, done: done, serverConn: serverConn, account: acc}
|
|
if first && noCloseSwitchboard {
|
|
tc.switchStop = switchStop
|
|
}
|
|
return tc
|
|
}
|
|
|
|
func fakeCert(t *testing.T, randomkey bool) tls.Certificate {
|
|
seed := make([]byte, ed25519.SeedSize)
|
|
if randomkey {
|
|
cryptorand.Read(seed)
|
|
}
|
|
privKey := ed25519.NewKeyFromSeed(seed) // Fake key, don't use this for real!
|
|
template := &x509.Certificate{
|
|
SerialNumber: big.NewInt(1), // Required field...
|
|
// Valid period is needed to get session resumption enabled.
|
|
NotBefore: time.Now().Add(-time.Minute),
|
|
NotAfter: time.Now().Add(time.Hour),
|
|
}
|
|
localCertBuf, err := x509.CreateCertificate(cryptorand.Reader, template, template, privKey.Public(), privKey)
|
|
if err != nil {
|
|
t.Fatalf("making certificate: %s", err)
|
|
}
|
|
cert, err := x509.ParseCertificate(localCertBuf)
|
|
if err != nil {
|
|
t.Fatalf("parsing generated certificate: %s", err)
|
|
}
|
|
c := tls.Certificate{
|
|
Certificate: [][]byte{localCertBuf},
|
|
PrivateKey: privKey,
|
|
Leaf: cert,
|
|
}
|
|
return c
|
|
}
|
|
|
|
func TestLogin(t *testing.T) {
|
|
tc := start(t)
|
|
defer tc.close()
|
|
|
|
tc.transactf("bad", "login too many args")
|
|
tc.transactf("bad", "login") // no args
|
|
tc.transactf("no", "login mjl@mox.example badpass")
|
|
tc.transactf("no", `login mjl "%s"`, password0) // must use email, not account
|
|
tc.transactf("no", "login mjl@mox.example test")
|
|
tc.transactf("no", "login mjl@mox.example testtesttest")
|
|
tc.transactf("no", `login "mjl@mox.example" "testtesttest"`)
|
|
tc.transactf("no", "login \"m\xf8x@mox.example\" \"testtesttest\"")
|
|
tc.transactf("ok", `login mjl@mox.example "%s"`, password0)
|
|
tc.close()
|
|
|
|
tc = start(t)
|
|
tc.transactf("ok", `login "mjl@mox.example" "%s"`, password0)
|
|
tc.close()
|
|
|
|
tc = start(t)
|
|
tc.transactf("ok", `login "\"\"@mox.example" "%s"`, password0)
|
|
defer tc.close()
|
|
|
|
tc.transactf("bad", "logout badarg")
|
|
tc.transactf("ok", "logout")
|
|
}
|
|
|
|
// Test that commands don't work in the states they are not supposed to.
|
|
func TestState(t *testing.T) {
|
|
tc := start(t)
|
|
|
|
notAuthenticated := []string{"starttls", "authenticate", "login"}
|
|
authenticatedOrSelected := []string{"enable", "select", "examine", "create", "delete", "rename", "subscribe", "unsubscribe", "list", "namespace", "status", "append", "idle", "lsub"}
|
|
selected := []string{"close", "unselect", "expunge", "search", "fetch", "store", "copy", "move", "uid expunge"}
|
|
|
|
// Always allowed.
|
|
tc.transactf("ok", "capability")
|
|
tc.transactf("ok", "noop")
|
|
tc.transactf("ok", "logout")
|
|
tc.close()
|
|
tc = start(t)
|
|
defer tc.close()
|
|
|
|
// Not authenticated, lots of commands not allowed.
|
|
for _, cmd := range append(append([]string{}, authenticatedOrSelected...), selected...) {
|
|
tc.transactf("no", "%s", cmd)
|
|
}
|
|
|
|
// Some commands not allowed when authenticated.
|
|
tc.transactf("ok", `login mjl@mox.example "%s"`, password0)
|
|
for _, cmd := range append(append([]string{}, notAuthenticated...), selected...) {
|
|
tc.transactf("no", "%s", cmd)
|
|
}
|
|
|
|
tc.transactf("bad", "boguscommand")
|
|
}
|
|
|
|
func TestNonIMAP(t *testing.T) {
|
|
tc := start(t)
|
|
defer tc.close()
|
|
|
|
// imap greeting has already been read, we sidestep the imapclient.
|
|
_, err := fmt.Fprintf(tc.conn, "bogus\r\n")
|
|
tc.check(err, "write bogus command")
|
|
tc.readprefixline("* BYE ")
|
|
if _, err := tc.conn.Read(make([]byte, 1)); err == nil {
|
|
t.Fatalf("connection not closed after initial bad command")
|
|
}
|
|
}
|
|
|
|
func TestLiterals(t *testing.T) {
|
|
tc := start(t)
|
|
defer tc.close()
|
|
|
|
tc.client.Login("mjl@mox.example", password0)
|
|
tc.client.Create("tmpbox")
|
|
|
|
tc.transactf("ok", "rename {6+}\r\ntmpbox {7+}\r\nntmpbox")
|
|
|
|
from := "ntmpbox"
|
|
to := "tmpbox"
|
|
fmt.Fprint(tc.client, "xtag rename ")
|
|
tc.client.WriteSyncLiteral(from)
|
|
fmt.Fprint(tc.client, " ")
|
|
tc.client.WriteSyncLiteral(to)
|
|
fmt.Fprint(tc.client, "\r\n")
|
|
tc.client.LastTag = "xtag"
|
|
tc.last(tc.client.Response())
|
|
if tc.lastResult.Status != "OK" {
|
|
tc.t.Fatalf(`got %q, expected "OK"`, tc.lastResult.Status)
|
|
}
|
|
}
|
|
|
|
// Test longer scenario with login, lists, subscribes, status, selects, etc.
|
|
func TestScenario(t *testing.T) {
|
|
tc := start(t)
|
|
defer tc.close()
|
|
tc.transactf("ok", `login mjl@mox.example "%s"`, password0)
|
|
|
|
tc.transactf("bad", " missingcommand")
|
|
|
|
tc.transactf("ok", "examine inbox")
|
|
tc.transactf("ok", "unselect")
|
|
|
|
tc.transactf("ok", "examine inbox")
|
|
tc.transactf("ok", "close")
|
|
|
|
tc.transactf("ok", "select inbox")
|
|
tc.transactf("ok", "close")
|
|
|
|
tc.transactf("ok", "select inbox")
|
|
tc.transactf("ok", "expunge")
|
|
tc.transactf("ok", "check")
|
|
|
|
tc.transactf("ok", "subscribe inbox")
|
|
tc.transactf("ok", "unsubscribe inbox")
|
|
tc.transactf("ok", "subscribe inbox")
|
|
|
|
tc.transactf("ok", `lsub "" "*"`)
|
|
|
|
tc.transactf("ok", `list "" ""`)
|
|
tc.transactf("ok", `namespace`)
|
|
|
|
tc.transactf("ok", "enable utf8=accept")
|
|
tc.transactf("ok", "enable imap4rev2 utf8=accept")
|
|
|
|
tc.transactf("no", "create inbox")
|
|
tc.transactf("ok", "create tmpbox")
|
|
tc.transactf("ok", "rename tmpbox ntmpbox")
|
|
tc.transactf("ok", "delete ntmpbox")
|
|
|
|
tc.transactf("ok", "status inbox (uidnext messages uidvalidity deleted size unseen recent)")
|
|
|
|
tc.transactf("ok", "append inbox (\\seen) {%d+}\r\n%s", len(exampleMsg), exampleMsg)
|
|
tc.transactf("no", "append bogus () {%d}", len(exampleMsg))
|
|
tc.cmdf("", "append inbox () {%d}", len(exampleMsg))
|
|
tc.readprefixline("+ ")
|
|
_, err := tc.conn.Write([]byte(exampleMsg + "\r\n"))
|
|
tc.check(err, "write message")
|
|
tc.response("ok")
|
|
|
|
tc.transactf("ok", "fetch 1 all")
|
|
tc.transactf("ok", "fetch 1 body")
|
|
tc.transactf("ok", "fetch 1 binary[]")
|
|
|
|
tc.transactf("ok", `store 1 flags (\seen \answered)`)
|
|
tc.transactf("ok", `store 1 +flags ($junk)`) // should train as junk.
|
|
tc.transactf("ok", `store 1 -flags ($junk)`) // should retrain as non-junk.
|
|
tc.transactf("ok", `store 1 -flags (\seen)`) // should untrain completely.
|
|
tc.transactf("ok", `store 1 -flags (\answered)`)
|
|
tc.transactf("ok", `store 1 +flags (\answered)`)
|
|
tc.transactf("ok", `store 1 flags.silent (\seen \answered)`)
|
|
tc.transactf("ok", `store 1 -flags.silent (\answered)`)
|
|
tc.transactf("ok", `store 1 +flags.silent (\answered)`)
|
|
tc.transactf("bad", `store 1 flags (\badflag)`)
|
|
tc.transactf("ok", "noop")
|
|
|
|
tc.transactf("ok", "copy 1 Trash")
|
|
tc.transactf("ok", "copy 1 Trash")
|
|
tc.transactf("ok", "move 1 Trash")
|
|
|
|
tc.transactf("ok", "close")
|
|
tc.transactf("ok", "select Trash")
|
|
tc.transactf("ok", `store 1 flags (\deleted)`)
|
|
tc.transactf("ok", "expunge")
|
|
tc.transactf("ok", "noop")
|
|
|
|
tc.transactf("ok", `store 1 flags (\deleted)`)
|
|
tc.transactf("ok", "close")
|
|
tc.transactf("ok", "delete Trash")
|
|
}
|
|
|
|
func TestMailbox(t *testing.T) {
|
|
tc := start(t)
|
|
defer tc.close()
|
|
tc.client.Login("mjl@mox.example", password0)
|
|
|
|
invalid := []string{
|
|
"e\u0301", // é but as e + acute, not unicode-normalized
|
|
"/leadingslash",
|
|
"a//b",
|
|
"Inbox/",
|
|
"\x01",
|
|
" ",
|
|
"\x7f",
|
|
"\x80",
|
|
"\u2028",
|
|
"\u2029",
|
|
}
|
|
for _, bad := range invalid {
|
|
tc.transactf("no", "select {%d+}\r\n%s", len(bad), bad)
|
|
}
|
|
}
|
|
|
|
func TestMailboxDeleted(t *testing.T) {
|
|
tc := start(t)
|
|
defer tc.close()
|
|
tc.client.Login("mjl@mox.example", password0)
|
|
|
|
tc2 := startNoSwitchboard(t)
|
|
defer tc2.close()
|
|
tc2.client.Login("mjl@mox.example", password0)
|
|
|
|
tc.client.Create("testbox")
|
|
tc2.client.Select("testbox")
|
|
tc.client.Delete("testbox")
|
|
|
|
// Now try to operate on testbox while it has been removed.
|
|
tc2.transactf("no", "check")
|
|
tc2.transactf("no", "expunge")
|
|
tc2.transactf("no", "uid expunge 1")
|
|
tc2.transactf("no", "search all")
|
|
tc2.transactf("no", "uid search all")
|
|
tc2.transactf("no", "fetch 1:* all")
|
|
tc2.transactf("no", "uid fetch 1 all")
|
|
tc2.transactf("no", "store 1 flags ()")
|
|
tc2.transactf("no", "uid store 1 flags ()")
|
|
tc2.transactf("bad", "copy 1 inbox") // msgseq 1 not available.
|
|
tc2.transactf("no", "uid copy 1 inbox")
|
|
tc2.transactf("bad", "move 1 inbox") // msgseq 1 not available.
|
|
tc2.transactf("no", "uid move 1 inbox")
|
|
|
|
tc2.transactf("ok", "unselect")
|
|
|
|
tc.client.Create("testbox")
|
|
tc2.client.Select("testbox")
|
|
tc.client.Delete("testbox")
|
|
tc2.transactf("ok", "close")
|
|
}
|
|
|
|
func TestID(t *testing.T) {
|
|
tc := start(t)
|
|
defer tc.close()
|
|
tc.client.Login("mjl@mox.example", password0)
|
|
|
|
tc.transactf("ok", "id nil")
|
|
tc.xuntagged(imapclient.UntaggedID{"name": "mox", "version": moxvar.Version})
|
|
|
|
tc.transactf("ok", `id ("name" "mox" "version" "1.2.3" "other" "test" "test" nil)`)
|
|
tc.xuntagged(imapclient.UntaggedID{"name": "mox", "version": moxvar.Version})
|
|
|
|
tc.transactf("bad", `id ("name" "mox" "name" "mox")`) // Duplicate field.
|
|
}
|
|
|
|
func TestSequence(t *testing.T) {
|
|
tc := start(t)
|
|
defer tc.close()
|
|
tc.client.Login("mjl@mox.example", password0)
|
|
tc.client.Select("inbox")
|
|
|
|
tc.transactf("bad", "fetch * all") // ../rfc/9051:7018
|
|
tc.transactf("bad", "fetch 1 all") // ../rfc/9051:7018
|
|
|
|
tc.transactf("ok", "uid fetch 1 all") // non-existing messages are OK for uids.
|
|
tc.transactf("ok", "uid fetch * all") // * is like uidnext, a non-existing message.
|
|
|
|
tc.client.Append("inbox", nil, nil, []byte(exampleMsg))
|
|
tc.client.Append("inbox", nil, nil, []byte(exampleMsg))
|
|
tc.transactf("ok", "fetch 2:1,1 uid") // We reorder 2:1 to 1:2, but we don't deduplicate numbers.
|
|
tc.xuntagged(
|
|
imapclient.UntaggedFetch{Seq: 1, Attrs: []imapclient.FetchAttr{imapclient.FetchUID(1)}},
|
|
imapclient.UntaggedFetch{Seq: 2, Attrs: []imapclient.FetchAttr{imapclient.FetchUID(2)}},
|
|
imapclient.UntaggedFetch{Seq: 1, Attrs: []imapclient.FetchAttr{imapclient.FetchUID(1)}},
|
|
)
|
|
|
|
tc.transactf("ok", "uid fetch 3:* uid") // Because * is the last message, which is 2, the range becomes 3:2, which matches the last message.
|
|
tc.xuntagged(imapclient.UntaggedFetch{Seq: 2, Attrs: []imapclient.FetchAttr{imapclient.FetchUID(2)}})
|
|
}
|
|
|
|
// Test that a message that is expunged by another session can be read as long as a
|
|
// reference is held by a session. New sessions do not see the expunged message.
|
|
// todo: possibly implement the additional reference counting. so far it hasn't been worth the trouble.
|
|
func DisabledTestReference(t *testing.T) {
|
|
tc := start(t)
|
|
defer tc.close()
|
|
tc.client.Login("mjl@mox.example", password0)
|
|
tc.client.Select("inbox")
|
|
tc.client.Append("inbox", nil, nil, []byte(exampleMsg))
|
|
|
|
tc2 := startNoSwitchboard(t)
|
|
defer tc2.close()
|
|
tc2.client.Login("mjl@mox.example", password0)
|
|
tc2.client.Select("inbox")
|
|
|
|
tc.client.StoreFlagsSet("1", true, `\Deleted`)
|
|
tc.client.Expunge()
|
|
|
|
tc3 := startNoSwitchboard(t)
|
|
defer tc3.close()
|
|
tc3.client.Login("mjl@mox.example", password0)
|
|
tc3.transactf("ok", `list "" "inbox" return (status (messages))`)
|
|
tc3.xuntagged(imapclient.UntaggedList{Separator: '/', Mailbox: "Inbox"}, imapclient.UntaggedStatus{Mailbox: "Inbox", Attrs: map[imapclient.StatusAttr]int64{imapclient.StatusMessages: 0}})
|
|
|
|
tc2.transactf("ok", "fetch 1 rfc822.size")
|
|
tc.xuntagged(imapclient.UntaggedFetch{Seq: 1, Attrs: []imapclient.FetchAttr{imapclient.FetchRFC822Size(len(exampleMsg))}})
|
|
}
|