@serve.zone/dcrouter 5.0.2 → 5.0.3

package/test/test.contentscanner.ts

@@ -1,265 +0,0 @@
-import { tap, expect } from '@git.zone/tstest/tapbundle';
-import { ContentScanner, ThreatCategory } from '../ts/security/classes.contentscanner.js';
-import { Email } from '@push.rocks/smartmta';
-
-// Test instantiation
-tap.test('ContentScanner - should be instantiable', async () => {
-  const scanner = ContentScanner.getInstance({
-    scanBody: true,
-    scanSubject: true,
-    scanAttachments: true
-  });
-  
-  expect(scanner).toBeTruthy();
-});
-
-// Test singleton pattern
-tap.test('ContentScanner - should use singleton pattern', async () => {
-  const scanner1 = ContentScanner.getInstance();
-  const scanner2 = ContentScanner.getInstance();
-  
-  // Both instances should be the same object
-  expect(scanner1 === scanner2).toEqual(true);
-});
-
-// Test clean email can be correctly distinguished from high-risk email
-tap.test('ContentScanner - should distinguish between clean and suspicious emails', async () => {
-  // Create an instance with a higher minimum threat score
-  const scanner = new ContentScanner({
-    minThreatScore: 50 // Higher threshold to consider clean
-  });
-  
-  // Create a truly clean email with no potentially sensitive data patterns
-  const cleanEmail = new Email({
-    from: 'sender@example.com',
-    to: 'recipient@example.com',
-    subject: 'Project Update',
-    text: 'The project is on track. Let me know if you have questions.',
-    html: '<p>The project is on track. Let me know if you have questions.</p>'
-  });
-  
-  // Create a highly suspicious email
-  const suspiciousEmail = new Email({
-    from: 'admin@bank-fake.com',
-    to: 'victim@example.com',
-    subject: 'URGENT: Your account needs verification now!',
-    text: 'Click here to verify your account or it will be suspended: https://bit.ly/12345',
-    html: '<p>Click here to verify your account or it will be suspended: <a href="https://bit.ly/12345">click here</a></p>'
-  });
-  
-  // Test both emails
-  const cleanResult = await scanner.scanEmail(cleanEmail);
-  const suspiciousResult = await scanner.scanEmail(suspiciousEmail);
-  
-  console.log('Clean vs Suspicious results:', {
-    cleanScore: cleanResult.threatScore,
-    suspiciousScore: suspiciousResult.threatScore
-  });
-  
-  // Verify the scanner can distinguish between them
-  // Suspicious email should have a significantly higher score
-  expect(suspiciousResult.threatScore > cleanResult.threatScore + 40).toEqual(true);
-  
-  // Verify clean email scans all expected elements
-  expect(cleanResult.scannedElements.length > 0).toEqual(true);
-});
-
-// Test phishing detection in subject
-tap.test('ContentScanner - should detect phishing in subject', async () => {
-  // Create a dedicated scanner for this test
-  const scanner = new ContentScanner({
-    scanSubject: true,
-    scanBody: true,
-    scanAttachments: false,
-    customRules: []
-  });
-  
-  const email = new Email({
-    from: 'security@bank-account-verify.com',
-    to: 'victim@example.com',
-    subject: 'URGENT: Verify your bank account details immediately',
-    text: 'Your account will be suspended. Please verify your details.',
-    html: '<p>Your account will be suspended. Please verify your details.</p>'
-  });
-  
-  const result = await scanner.scanEmail(email);
-  
-  console.log('Phishing email scan result:', result);
-  
-  // We only care that it detected something suspicious
-  expect(result.threatScore >= 20).toEqual(true);
-  
-  // Check if any threat was detected (specific type may vary)
-  expect(result.threatType).toBeTruthy();
-});
-
-// Test malware indicators in body
-tap.test('ContentScanner - should detect malware indicators in body', async () => {
-  const scanner = ContentScanner.getInstance();
-  
-  const email = new Email({
-    from: 'invoice@company.com',
-    to: 'recipient@example.com',
-    subject: 'Your invoice',
-    text: 'Please see the attached invoice. You need to enable macros to view this document properly.',
-    html: '<p>Please see the attached invoice. You need to enable macros to view this document properly.</p>'
-  });
-  
-  const result = await scanner.scanEmail(email);
-  
-  expect(result.isClean).toEqual(false);
-  expect(result.threatType === ThreatCategory.MALWARE || result.threatType).toBeTruthy();
-  expect(result.threatScore >= 30).toEqual(true);
-});
-
-// Test suspicious link detection
-tap.test('ContentScanner - should detect suspicious links', async () => {
-  const scanner = ContentScanner.getInstance();
-  
-  const email = new Email({
-    from: 'newsletter@example.com',
-    to: 'recipient@example.com',
-    subject: 'Weekly Newsletter',
-    text: 'Check our latest offer at https://bit.ly/2x3F5 and https://t.co/abc123',
-    html: '<p>Check our latest offer at <a href="https://bit.ly/2x3F5">here</a> and <a href="https://t.co/abc123">here</a></p>'
-  });
-  
-  const result = await scanner.scanEmail(email);
-  
-  expect(result.isClean).toEqual(false);
-  expect(result.threatType).toEqual(ThreatCategory.SUSPICIOUS_LINK);
-  expect(result.threatScore >= 30).toEqual(true);
-});
-
-// Test script injection detection
-tap.test('ContentScanner - should detect script injection', async () => {
-  const scanner = ContentScanner.getInstance();
-  
-  const email = new Email({
-    from: 'newsletter@example.com',
-    to: 'recipient@example.com',
-    subject: 'Newsletter',
-    text: 'Check our website',
-    html: '<p>Check our website</p><script>document.cookie="session="+localStorage.getItem("token");</script>'
-  });
-  
-  const result = await scanner.scanEmail(email);
-  
-  expect(result.isClean).toEqual(false);
-  expect(result.threatType).toEqual(ThreatCategory.XSS);
-  expect(result.threatScore >= 40).toEqual(true);
-});
-
-// Test executable attachment detection
-tap.test('ContentScanner - should detect executable attachments', async () => {
-  const scanner = ContentScanner.getInstance();
-  
-  const email = new Email({
-    from: 'sender@example.com',
-    to: 'recipient@example.com',
-    subject: 'Software Update',
-    text: 'Please install the attached software update.',
-    attachments: [{
-      filename: 'update.exe',
-      content: Buffer.from('MZ...fake executable content...'),
-      contentType: 'application/octet-stream'
-    }]
-  });
-  
-  const result = await scanner.scanEmail(email);
-  
-  expect(result.isClean).toEqual(false);
-  expect(result.threatType).toEqual(ThreatCategory.EXECUTABLE);
-  expect(result.threatScore >= 70).toEqual(true);
-});
-
-// Test macro document detection
-tap.test('ContentScanner - should detect macro documents', async () => {
-  // Create a mock Office document with macro indicators
-  const fakeDocContent = Buffer.from('Document content...vbaProject.bin...Auto_Open...DocumentOpen...Microsoft VBA...');
-  
-  const scanner = ContentScanner.getInstance();
-  
-  const email = new Email({
-    from: 'sender@example.com',
-    to: 'recipient@example.com',
-    subject: 'Financial Report',
-    text: 'Please review the attached financial report.',
-    attachments: [{
-      filename: 'report.docm',
-      content: fakeDocContent,
-      contentType: 'application/vnd.ms-word.document.macroEnabled.12'
-    }]
-  });
-  
-  const result = await scanner.scanEmail(email);
-  
-  expect(result.isClean).toEqual(false);
-  expect(result.threatType).toEqual(ThreatCategory.MALICIOUS_MACRO);
-  expect(result.threatScore >= 60).toEqual(true);
-});
-
-// Test compound threat detection (multiple indicators)
-tap.test('ContentScanner - should detect compound threats', async () => {
-  const scanner = ContentScanner.getInstance();
-  
-  const email = new Email({
-    from: 'security@bank-verify.com',
-    to: 'victim@example.com',
-    subject: 'URGENT: Verify your account details immediately',
-    text: 'Your account will be suspended unless you verify your details at https://bit.ly/2x3F5',
-    html: '<p>Your account will be suspended unless you verify your details <a href="https://bit.ly/2x3F5">here</a>.</p>',
-    attachments: [{
-      filename: 'verification.exe',
-      content: Buffer.from('MZ...fake executable content...'),
-      contentType: 'application/octet-stream'
-    }]
-  });
-  
-  const result = await scanner.scanEmail(email);
-  
-  expect(result.isClean).toEqual(false);
-  expect(result.threatScore > 70).toEqual(true); // Should have a high score due to multiple threats
-});
-
-// Test custom rules
-tap.test('ContentScanner - should apply custom rules', async () => {
-  // Create a scanner with custom rules
-  const scanner = new ContentScanner({
-    customRules: [
-      {
-        pattern: /CUSTOM_PATTERN_FOR_TESTING/,
-        type: ThreatCategory.CUSTOM_RULE,
-        score: 50,
-        description: 'Custom pattern detected'
-      }
-    ]
-  });
-  
-  const email = new Email({
-    from: 'sender@example.com',
-    to: 'recipient@example.com',
-    subject: 'Test Custom Rule',
-    text: 'This message contains CUSTOM_PATTERN_FOR_TESTING that should be detected.'
-  });
-  
-  const result = await scanner.scanEmail(email);
-  
-  expect(result.isClean).toEqual(false);
-  expect(result.threatType).toEqual(ThreatCategory.CUSTOM_RULE);
-  expect(result.threatScore >= 50).toEqual(true);
-});
-
-// Test threat level classification
-tap.test('ContentScanner - should classify threat levels correctly', async () => {
-  expect(ContentScanner.getThreatLevel(10)).toEqual('none');
-  expect(ContentScanner.getThreatLevel(25)).toEqual('low');
-  expect(ContentScanner.getThreatLevel(50)).toEqual('medium');
-  expect(ContentScanner.getThreatLevel(80)).toEqual('high');
-});
-
-tap.test('stop', async () => {
-  await tap.stopForcefully();
-});
-
-export default tap.start();

package/test/test.dcrouter.email.ts

@@ -1,159 +0,0 @@
-import { tap, expect } from '@git.zone/tstest/tapbundle';
-import * as plugins from '../ts/plugins.js';
-import * as path from 'path';
-import * as fs from 'fs';
-import { DcRouter, type IDcRouterOptions } from '../ts/classes.dcrouter.js';
-import type { IUnifiedEmailServerOptions } from '@push.rocks/smartmta';
-
-
-tap.test('DcRouter class - Custom email port configuration', async () => {
-  // Define custom port mapping
-  const customPortMapping: Record<number, number> = {
-    25: 11025,    // Custom SMTP port mapping
-    587: 11587,   // Custom submission port mapping
-    465: 11465,   // Custom SMTPS port mapping
-    2525: 12525   // Additional custom port
-  };
-
-  // Create a custom email configuration using smartmta interfaces
-  const emailConfig: IUnifiedEmailServerOptions = {
-    ports: [25, 587, 465, 2525],
-    hostname: 'mail.example.com',
-    maxMessageSize: 50 * 1024 * 1024, // 50MB
-    domains: [
-      {
-        domain: 'example.com',
-        dnsMode: 'external-dns',
-      },
-      {
-        domain: 'example.org',
-        dnsMode: 'external-dns',
-      }
-    ],
-    routes: [
-      {
-        name: 'forward-example-com',
-        match: {
-          recipients: '*@example.com',
-        },
-        action: {
-          type: 'forward',
-          forward: {
-            host: 'mail1.example.com',
-            port: 25,
-          }
-        }
-      },
-      {
-        name: 'deliver-example-org',
-        match: {
-          recipients: '*@example.org',
-        },
-        action: {
-          type: 'deliver',
-          process: {
-            dkim: true,
-          }
-        }
-      }
-    ]
-  };
-
-  // Create DcRouter options with custom email port configuration
-  const options: IDcRouterOptions = {
-    emailConfig,
-    emailPortConfig: {
-      portMapping: customPortMapping,
-      portSettings: {
-        2525: {
-          terminateTls: false,
-          routeName: 'custom-smtp-route'
-        }
-      },
-    },
-    tls: {
-      contactEmail: 'test@example.com'
-    }
-  };
-
-  // Create DcRouter instance
-  const router = new DcRouter(options);
-
-  // Verify the options are correctly set
-  expect(router.options.emailPortConfig).toBeTruthy();
-  expect(router.options.emailPortConfig!.portMapping).toEqual(customPortMapping);
-
-  // Test the generateEmailRoutes method
-  if (typeof (router as any)['generateEmailRoutes'] === 'function') {
-    const routes = (router as any)['generateEmailRoutes'](emailConfig);
-
-    // Verify that all ports are configured
-    expect(routes.length).toBeGreaterThan(0);
-
-    // Check the custom port configuration
-    const customPortRoute = routes.find((r: any) => {
-      const ports = r.match.ports;
-      return ports === 2525 || (Array.isArray(ports) && (ports as number[]).includes(2525));
-    });
-    expect(customPortRoute).toBeTruthy();
-    expect(customPortRoute?.name).toEqual('custom-smtp-route');
-    expect(customPortRoute?.action.targets[0].port).toEqual(12525);
-
-    // Check standard port mappings
-    const smtpRoute = routes.find((r: any) => {
-      const ports = r.match.ports;
-      return ports === 25 || (Array.isArray(ports) && (ports as number[]).includes(25));
-    });
-    expect(smtpRoute?.action.targets[0].port).toEqual(11025);
-
-    const submissionRoute = routes.find((r: any) => {
-      const ports = r.match.ports;
-      return ports === 587 || (Array.isArray(ports) && (ports as number[]).includes(587));
-    });
-    expect(submissionRoute?.action.targets[0].port).toEqual(11587);
-  }
-});
-
-tap.test('DcRouter class - Email config with domains and routes', async () => {
-  // Create a basic email configuration
-  const emailConfig: IUnifiedEmailServerOptions = {
-    ports: [2525],
-    hostname: 'mail.example.com',
-    domains: [],
-    routes: []
-  };
-
-  // Create DcRouter options
-  const options: IDcRouterOptions = {
-    emailConfig,
-    tls: {
-      contactEmail: 'test@example.com'
-    },
-    cacheConfig: {
-      enabled: false,
-    }
-  };
-
-  // Create DcRouter instance
-  const router = new DcRouter(options);
-
-  // Start the router to initialize email services
-  await router.start();
-
-  // Verify unified email server was initialized
-  expect(router.emailServer).toBeTruthy();
-
-  // Stop the router
-  await router.stop();
-});
-
-// Final clean-up test
-tap.test('clean up after tests', async () => {
-  // No-op
-});
-
-tap.test('stop', async () => {
-  await tap.stopForcefully();
-});
-
-export default tap.start();

package/test/test.dns-server-config.ts

@@ -1,140 +0,0 @@
-#!/usr/bin/env tsx
-
-/**
- * Test DNS server configuration and record registration
- */
-
-import { tap, expect } from '@git.zone/tstest/tapbundle';
-import * as plugins from '../ts/plugins.js';
-
-// Test DNS configuration
-const testDnsConfig = {
-  udpPort: 5353, // Use non-privileged port for testing
-  httpsPort: 8443,
-  httpsKey: './test/fixtures/test-key.pem',
-  httpsCert: './test/fixtures/test-cert.pem',
-  dnssecZone: 'test.example.com',
-  records: [
-    { name: 'test.example.com', type: 'A', value: '192.168.1.1' },
-    { name: 'mail.test.example.com', type: 'A', value: '192.168.1.2' },
-    { name: 'test.example.com', type: 'MX', value: '10 mail.test.example.com' },
-    { name: 'test.example.com', type: 'TXT', value: 'v=spf1 a:mail.test.example.com ~all' },
-    { name: 'test.example.com', type: 'NS', value: 'ns1.test.example.com' },
-    { name: 'ns1.test.example.com', type: 'A', value: '192.168.1.1' }
-  ]
-};
-
-tap.test('DNS server configuration - should extract records correctly', async () => {
-  const { records, ...dnsServerOptions } = testDnsConfig;
-  
-  expect(dnsServerOptions.udpPort).toEqual(5353);
-  expect(dnsServerOptions.httpsPort).toEqual(8443);
-  expect(dnsServerOptions.dnssecZone).toEqual('test.example.com');
-  expect(records).toBeArray();
-  expect(records.length).toEqual(6);
-});
-
-tap.test('DNS server configuration - should handle record parsing', async () => {
-  const parseDnsRecordData = (type: string, value: string): any => {
-    switch (type) {
-      case 'A':
-        return value;
-      case 'MX':
-        const [priority, exchange] = value.split(' ');
-        return { priority: parseInt(priority), exchange };
-      case 'TXT':
-        return value;
-      case 'NS':
-        return value;
-      default:
-        return value;
-    }
-  };
-  
-  // Test A record parsing
-  const aRecord = parseDnsRecordData('A', '192.168.1.1');
-  expect(aRecord).toEqual('192.168.1.1');
-  
-  // Test MX record parsing
-  const mxRecord = parseDnsRecordData('MX', '10 mail.test.example.com');
-  expect(mxRecord).toHaveProperty('priority', 10);
-  expect(mxRecord).toHaveProperty('exchange', 'mail.test.example.com');
-  
-  // Test TXT record parsing
-  const txtRecord = parseDnsRecordData('TXT', 'v=spf1 a:mail.test.example.com ~all');
-  expect(txtRecord).toEqual('v=spf1 a:mail.test.example.com ~all');
-});
-
-tap.test('DNS server configuration - should group records by domain', async () => {
-  const records = testDnsConfig.records;
-  const recordsByDomain = new Map<string, typeof records>();
-  
-  for (const record of records) {
-    const pattern = record.name.includes('*') ? record.name : `*.${record.name}`;
-    if (!recordsByDomain.has(pattern)) {
-      recordsByDomain.set(pattern, []);
-    }
-    recordsByDomain.get(pattern)!.push(record);
-  }
-  
-  // Check grouping
-  expect(recordsByDomain.size).toBeGreaterThan(0);
-  
-  // Verify each group has records
-  for (const [pattern, domainRecords] of recordsByDomain) {
-    expect(domainRecords.length).toBeGreaterThan(0);
-    console.log(`Pattern: ${pattern}, Records: ${domainRecords.length}`);
-  }
-});
-
-tap.test('DNS server configuration - should extract unique record types', async () => {
-  const records = testDnsConfig.records;
-  const recordTypes = [...new Set(records.map(r => r.type))];
-  
-  expect(recordTypes).toContain('A');
-  expect(recordTypes).toContain('MX');
-  expect(recordTypes).toContain('TXT');
-  expect(recordTypes).toContain('NS');
-  
-  console.log('Unique record types:', recordTypes.join(', '));
-});
-
-tap.test('DNS server - mock handler registration', async () => {
-  // Mock DNS server for testing
-  const mockDnsServer = {
-    handlers: new Map<string, any>(),
-    registerHandler: function(pattern: string, types: string[], handler: Function) {
-      this.handlers.set(pattern, { types, handler });
-      console.log(`Registered handler for pattern: ${pattern}, types: ${types.join(', ')}`);
-    }
-  };
-  
-  // Simulate record registration
-  const records = testDnsConfig.records;
-  const recordsByDomain = new Map<string, typeof records>();
-  
-  for (const record of records) {
-    const pattern = record.name.includes('*') ? record.name : `*.${record.name}`;
-    if (!recordsByDomain.has(pattern)) {
-      recordsByDomain.set(pattern, []);
-    }
-    recordsByDomain.get(pattern)!.push(record);
-  }
-  
-  // Register handlers
-  for (const [domainPattern, domainRecords] of recordsByDomain) {
-    const recordTypes = [...new Set(domainRecords.map(r => r.type))];
-    mockDnsServer.registerHandler(domainPattern, recordTypes, (question: any) => {
-      const matchingRecord = domainRecords.find(
-        r => r.name === question.name && r.type === question.type
-      );
-      return matchingRecord || null;
-    });
-  }
-  
-  expect(mockDnsServer.handlers.size).toBeGreaterThan(0);
-});
-
-tap.start({
-  throwOnError: true
-});