Haraka 3.1.3 → 3.1.5

package/test/plugins/status.js

@@ -1,6 +1,7 @@
 'use strict'
 
-const assert = require('node:assert')
+const assert = require('node:assert/strict')
+const { describe, it, beforeEach } = require('node:test')
 
 const fixtures = require('haraka-test-fixtures')
 const outbound = require('../../outbound')
@@ -8,13 +9,12 @@ const TimerQueue = require('../../outbound/timer_queue')
 
 const Connection = fixtures.connection
 
-const _set_up = (done) => {
+const _set_up = () => {
     this.plugin = new fixtures.plugin('status')
     this.plugin.outbound = outbound
 
     this.connection = Connection.createConnection()
     this.connection.remote.is_local = true
-    done()
 }
 
 describe('status', () => {
@@ -29,7 +29,7 @@ describe('status', () => {
     describe('access', () => {
         beforeEach(_set_up)
 
-        it('remote', (done) => {
+        it('remote', (t, done) => {
             this.connection.remote.is_local = false
             this.plugin.hook_unrecognized_command(
                 (code) => {
@@ -45,7 +45,7 @@ describe('status', () => {
     describe('pools', () => {
         beforeEach(_set_up)
 
-        it('list_pools', (done) => {
+        it('list_pools', (t, done) => {
             this.connection.respond = (code, message) => {
                 const data = JSON.parse(message)
                 assert.equal('object', typeof data) // there should be one pools array for noncluster and more for cluster
@@ -58,7 +58,7 @@ describe('status', () => {
     describe('queues', () => {
         beforeEach(_set_up)
 
-        it('inspect_queue', (done) => {
+        it('inspect_queue', (t, done) => {
             // should list delivery_queue and temp_fail_queue per cluster children
             outbound.temp_fail_queue = new TimerQueue(10)
             outbound.temp_fail_queue.add('file1', 100, () => {})
@@ -73,7 +73,7 @@ describe('status', () => {
             this.plugin.hook_unrecognized_command(() => {}, this.connection, ['STATUS', 'QUEUE INSPECT'])
         })
 
-        it('stat_queue', (done) => {
+        it('stat_queue', (t, done) => {
             // should list files only
             this.connection.respond = (code, message) => {
                 const data = JSON.parse(message)
@@ -83,7 +83,7 @@ describe('status', () => {
             this.plugin.hook_unrecognized_command(() => {}, this.connection, ['STATUS', 'QUEUE STATS'])
         })
 
-        it('list_queue', (done) => {
+        it('list_queue', (t, done) => {
             // should list files only
             this.connection.respond = (code, message) => {
                 const data = JSON.parse(message)
@@ -93,7 +93,7 @@ describe('status', () => {
             this.plugin.hook_unrecognized_command(() => {}, this.connection, ['STATUS', 'QUEUE LIST'])
         })
 
-        it('discard_from_queue', (done) => {
+        it('discard_from_queue', (t, done) => {
             const self = this
 
             outbound.temp_fail_queue = new TimerQueue(10)
@@ -118,7 +118,7 @@ describe('status', () => {
             )
         })
 
-        it('push_email_at_queue', (done) => {
+        it('push_email_at_queue', (t, done) => {
             const timeout = setTimeout(() => {
                 assert.ok(false, 'Timeout')
                 done()

package/test/plugins/tls.js

@@ -1,12 +1,13 @@
 'use strict'
 
-const assert = require('node:assert')
+const assert = require('node:assert/strict')
 const path = require('node:path')
+const { describe, it, beforeEach } = require('node:test')
 
 const fixtures = require('haraka-test-fixtures')
 const Plugin = fixtures.plugin
 
-const _set_up = (done) => {
+const _set_up = () => {
     this.plugin = new Plugin('tls')
     this.connection = new fixtures.connection.createConnection()
 
@@ -15,33 +16,22 @@ const _set_up = (done) => {
     this.plugin.net_utils.config = this.plugin.net_utils.config.module_config(path.resolve('test'))
 
     this.plugin.tls_opts = {}
-    done()
 }
 
 describe('tls', () => {
     beforeEach(_set_up)
 
-    it('has function register', () => {
-        assert.ok(this.plugin)
-        assert.equal('function', typeof this.plugin.register)
-    })
-
-    it('has function upgrade_connection', () => {
-        assert.equal('function', typeof this.plugin.upgrade_connection)
-    })
-
-    it('has function advertise_starttls', () => {
-        assert.equal('function', typeof this.plugin.advertise_starttls)
-    })
-
-    it('has function emit_upgrade_msg', () => {
-        assert.equal('function', typeof this.plugin.emit_upgrade_msg)
-    })
+    const methods = ['register', 'upgrade_connection', 'advertise_starttls', 'emit_upgrade_msg']
+    for (const method of methods) {
+        it(`has function ${method}`, () => {
+            assert.equal(typeof this.plugin[method], 'function')
+        })
+    }
 
     describe('register', () => {
-        it('with certs, should call register_hook()', () => {
+        it('with certs, should register hooks', () => {
             this.plugin.register()
-            assert.ok(this.plugin.register_hook.called)
+            assert.ok(Object.keys(this.plugin.hooks).length)
         })
     })
 

package/test/plugins/xclient.js

@@ -0,0 +1,102 @@
+'use strict'
+
+const assert = require('node:assert/strict')
+const { describe, it, beforeEach } = require('node:test')
+
+const fixtures = require('haraka-test-fixtures')
+
+const _set_up = () => {
+    this.plugin = new fixtures.plugin('xclient')
+    this.connection = fixtures.connection.createConnection()
+    this.connection.capabilities = []
+}
+
+describe('xclient', () => {
+    beforeEach(_set_up)
+
+    describe('hook_capabilities', () => {
+        const cases = [
+            { desc: 'adds XCLIENT for loopback IPv4 (127.0.0.1)', ip: '127.0.0.1', expected: true },
+            { desc: 'adds XCLIENT for loopback IPv6 (::1)', ip: '::1', expected: true },
+            { desc: 'does not add XCLIENT for non-loopback IP', ip: '10.0.0.1', expected: false },
+        ]
+
+        for (const { desc, ip, expected } of cases) {
+            it(desc, async () => {
+                this.connection.remote.ip = ip
+                await new Promise((resolve) => this.plugin.hook_capabilities(resolve, this.connection))
+                const hasXclient = this.connection.capabilities.some((c) => c.startsWith('XCLIENT'))
+                assert.equal(hasXclient, expected)
+            })
+        }
+    })
+
+    describe('hook_unrecognized_command', () => {
+        const callHook = (params) =>
+            new Promise((resolve) => {
+                this.plugin.hook_unrecognized_command((code) => resolve(code), this.connection, params)
+            })
+
+        const cases = [
+            {
+                desc: 'ignores non-XCLIENT commands',
+                params: ['EHLO', 'example.com'],
+                check: (code) => assert.equal(code, undefined),
+            },
+            {
+                desc: 'denies XCLIENT when transaction is in progress',
+                setup: () => this.connection.init_transaction(),
+                params: ['XCLIENT', 'ADDR=127.0.0.1'],
+                check: (code) => assert.equal(code, DENY),
+            },
+            {
+                desc: 'denies XCLIENT from disallowed IP',
+                setup: () => {
+                    this.connection.remote.ip = '10.0.0.1'
+                },
+                params: ['XCLIENT', 'ADDR=127.0.0.2'],
+                check: (code) => assert.equal(code, DENY),
+            },
+            {
+                desc: 'denies XCLIENT with no valid IP address',
+                setup: () => {
+                    this.connection.remote.ip = '127.0.0.1'
+                },
+                params: ['XCLIENT', 'NAME=example.com'],
+                check: (code) => assert.equal(code, DENY),
+            },
+            {
+                desc: 'accepts XCLIENT with valid IPv4 ADDR from allowed host',
+                setup: () => {
+                    this.connection.remote.ip = '127.0.0.1'
+                },
+                params: ['XCLIENT', 'ADDR=1.2.3.4'],
+                check: (code) => assert.ok(code === NEXT_HOOK || code === undefined),
+            },
+            {
+                desc: 'accepts XCLIENT with valid IPv6 ADDR from allowed host',
+                setup: () => {
+                    this.connection.remote.ip = '127.0.0.1'
+                },
+                params: ['XCLIENT', 'ADDR=IPV6:2001:db8::1'],
+                check: (code) => assert.ok(code === NEXT_HOOK || code === undefined),
+            },
+            {
+                desc: 'accepts XCLIENT with ADDR and NAME, skipping rdns lookup',
+                setup: () => {
+                    this.connection.remote.ip = '127.0.0.1'
+                },
+                params: ['XCLIENT', 'ADDR=1.2.3.4 NAME=example.com'],
+                check: (code) => assert.equal(code, NEXT_HOOK),
+            },
+        ]
+
+        for (const { desc, setup, params, check } of cases) {
+            it(desc, async () => {
+                if (setup) setup()
+                const code = await callHook(params)
+                check(code)
+            })
+        }
+    })
+})

package/test/plugins.js

@@ -2,7 +2,8 @@
 
 process.env.WITHOUT_CONFIG_CACHE = true
 
-const assert = require('node:assert')
+const { describe, it, beforeEach, afterEach } = require('node:test')
+const assert = require('node:assert/strict')
 const fs = require('node:fs')
 const path = require('node:path')
 
@@ -49,7 +50,7 @@ describe('plugin', () => {
 
     describe('get_timeout', () => {
         const toPath = path.resolve('config', `${piName}.timeout`)
-        it('0s', (done) => {
+        it('0s', (t, done) => {
             fs.writeFile(toPath, '0', () => {
                 this.plugin = new plugin.Plugin(piName)
                 assert.equal(this.plugin.timeout, 0)
@@ -57,7 +58,7 @@ describe('plugin', () => {
             })
         })
 
-        it('3s', (done) => {
+        it('3s', (t, done) => {
             fs.writeFile(toPath, '3', () => {
                 this.plugin = new plugin.Plugin(piName)
                 assert.equal(this.plugin.timeout, 3)
@@ -65,7 +66,7 @@ describe('plugin', () => {
             })
         })
 
-        it('60s', (done) => {
+        it('60s', (t, done) => {
             fs.writeFile(toPath, '60', () => {
                 this.plugin = new plugin.Plugin(piName)
                 assert.equal(this.plugin.timeout, 60)
@@ -73,7 +74,7 @@ describe('plugin', () => {
             })
         })
 
-        it('30s default (overrides NaN)', (done) => {
+        it('30s default (overrides NaN)', (t, done) => {
             fs.writeFile(toPath, 'apple', () => {
                 this.plugin = new plugin.Plugin(piName)
                 assert.equal(this.plugin.timeout, 30)
@@ -83,14 +84,12 @@ describe('plugin', () => {
     })
 
     describe('plugin_paths', () => {
-        beforeEach((done) => {
+        beforeEach(() => {
             delete process.env.HARAKA
-            done()
         })
 
-        afterEach((done) => {
+        afterEach(() => {
             delete process.env.HARAKA
-            done()
         })
 
         it('CORE plugin: (tls)', () => {
@@ -190,14 +189,12 @@ describe('plugin', () => {
     })
 
     describe('plugin_config', () => {
-        beforeEach((done) => {
+        beforeEach(() => {
             delete process.env.HARAKA
-            done()
         })
 
-        afterEach((done) => {
+        afterEach(() => {
             delete process.env.HARAKA
-            done()
         })
 
         it('CORE plugin: (tls)', () => {

package/test/rfc1869.js

@@ -1,66 +1,89 @@
-const assert = require('node:assert')
+'use strict'
+
+const { describe, it } = require('node:test')
+const assert = require('node:assert/strict')
 
 const { parse } = require('../rfc1869')
 
 function _check(line, expected) {
     const match = /^(MAIL|RCPT)\s+(.*)$/.exec(line)
     const parsed = parse(match[1].toLowerCase(), match[2])
-    assert.equal(parsed.length, expected.length)
-    for (let x = 0; x < expected.length; x++) {
-        assert.equal(parsed[x], expected[x])
-    }
+    assert.deepEqual(parsed, expected)
 }
 
 describe('rfc1869', () => {
-    it('MAIL FROM:<>', () => {
-        _check('MAIL FROM:<>', ['<>'])
-    })
-
-    it('MAIL FROM:', () => {
-        _check('MAIL FROM:', ['<>'])
-    })
-
-    it('MAIL FROM:<postmaster>', () => {
-        _check('MAIL FROM:<postmaster>', ['<postmaster>'])
-    })
-
-    it('MAIL FROM:user', () => {
-        _check('MAIL FROM:user', ['user'])
-    })
-
-    it('MAIL FROM:user size=1234', () => {
-        _check('MAIL FROM:user size=1234', ['user', 'size=1234'])
-    })
+    describe('valid parse cases', () => {
+        const validCases = [
+            // MAIL FROM variants
+            ['MAIL FROM:<>', ['<>']],
+            ['MAIL FROM:', ['<>']],
+            ['MAIL FROM:<postmaster>', ['<postmaster>']],
+            ['MAIL FROM:user', ['user']],
+            ['MAIL FROM:user size=1234', ['user', 'size=1234']],
+            ['MAIL FROM:user@domain size=1234', ['user@domain', 'size=1234']],
+            ['MAIL FROM:<user@domain> size=1234', ['<user@domain>', 'size=1234']],
+            ['MAIL FROM:<user@domain> somekey', ['<user@domain>', 'somekey']],
+            ['MAIL FROM:<user@domain> somekey other=foo', ['<user@domain>', 'somekey', 'other=foo']],
+            // RFC 1652 BODY extension keyword
+            ['MAIL FROM:<user@domain> BODY=8BITMIME', ['<user@domain>', 'BODY=8BITMIME']],
+            // RFC 6531 SMTPUTF8 keyword (no value)
+            ['MAIL FROM:<user@domain> SMTPUTF8', ['<user@domain>', 'SMTPUTF8']],
+            // RCPT TO variants
+            ['RCPT TO: 0@mailblog.biz 0=9 1=9', ['<0@mailblog.biz>', '0=9', '1=9']],
+            ['RCPT TO:<r86x-ray@emailitin.com> state=1', ['<r86x-ray@emailitin.com>', 'state=1']],
+            ['RCPT TO:<user=name@domain.com> foo=bar', ['<user=name@domain.com>', 'foo=bar']],
+            ['RCPT TO:<postmaster>', ['<postmaster>']],
+            ['RCPT TO:<abuse>', ['<abuse>']],
+        ]
 
-    it('MAIL FROM:user@domain size=1234', () => {
-        _check('MAIL FROM:user@domain size=1234', ['user@domain', 'size=1234'])
+        for (const [line, expected] of validCases) {
+            it(line, () => _check(line, expected))
+        }
     })
 
-    it('MAIL FROM:<user@domain> size=1234', () => {
-        _check('MAIL FROM:<user@domain> size=1234', ['<user@domain>', 'size=1234'])
-    })
+    describe('error cases', () => {
+        const throwCases = [
+            {
+                desc: 'MAIL FROM with space inside angle-bracket address',
+                args: ['mail', 'FROM:<user@dom ain>'],
+            },
+            {
+                desc: 'RCPT TO with syntax error in address (space in address)',
+                args: ['rcpt', 'TO: user @domain bad'],
+            },
+            {
+                desc: 'RCPT TO unknown address (no @ and not postmaster/abuse)',
+                args: ['rcpt', 'TO:unknown'],
+            },
+        ]
 
-    it('MAIL FROM:<user@domain> somekey', () => {
-        _check('MAIL FROM:<user@domain> somekey', ['<user@domain>', 'somekey'])
+        for (const { desc, args } of throwCases) {
+            it(`throws: ${desc}`, () => {
+                assert.throws(() => parse(...args), Error)
+            })
+        }
     })
 
-    it('MAIL FROM:<user@domain> somekey other=foo', () => {
-        _check('MAIL FROM:<user@domain> somekey other=foo', ['<user@domain>', 'somekey', 'other=foo'])
-    })
-
-    it('RCPT TO ugly', () => {
-        _check('RCPT TO: 0@mailblog.biz 0=9 1=9', ['<0@mailblog.biz>', '0=9', '1=9'])
-    })
-
-    it('RCPT TO:<r86x-ray@emailitin.com> state=1', () => {
-        _check('RCPT TO:<r86x-ray@emailitin.com> state=1', ['<r86x-ray@emailitin.com>', 'state=1'])
-    })
-
-    it('RCPT TO:<user=name@domain.com> foo=bar', () => {
-        _check('RCPT TO:<user=name@domain.com> foo=bar', ['<user=name@domain.com>', 'foo=bar'])
-    })
+    describe('strict mode', () => {
+        const strictValidCases = [
+            ['mail', 'FROM:<user@domain.com>', '<user@domain.com>'],
+            ['rcpt', 'TO:<user@domain.com>', '<user@domain.com>'],
+        ]
+        for (const [type, line, expected] of strictValidCases) {
+            it(`strict ${type.toUpperCase()} with angle brackets accepts address`, () => {
+                const result = parse(type, line, true)
+                assert.equal(result[0], expected)
+            })
+        }
 
-    it('RCPT TO:<postmaster>', () => {
-        _check('RCPT TO:<postmaster>', ['<postmaster>'])
+        const strictThrowCases = [
+            ['mail', 'FROM:user@domain.com'],
+            ['rcpt', 'TO:user@domain.com'],
+        ]
+        for (const [type, line] of strictThrowCases) {
+            it(`strict ${type.toUpperCase()} without angle brackets throws`, () => {
+                assert.throws(() => parse(type, line, true), Error)
+            })
+        }
     })
 })