Haraka 3.1.6 → 3.1.7

package/test/plugins/toobusy.js

@@ -0,0 +1,21 @@
+'use strict'
+
+const assert = require('node:assert/strict')
+const { describe, it } = require('node:test')
+
+const fixtures = require('haraka-test-fixtures')
+
+describe('toobusy', () => {
+    describe('register', () => {
+        it('handles missing toobusy-js gracefully (does not throw)', () => {
+            const plugin = new fixtures.plugin('toobusy')
+            // toobusy-js is not installed; register should catch the error and return
+            let registered = false
+            plugin.register_hook = () => {
+                registered = true
+            }
+            assert.doesNotThrow(() => plugin.register())
+            assert.equal(registered, false, 'hook should not be registered without toobusy-js')
+        })
+    })
+})

package/test/plugins/xclient.js

@@ -99,4 +99,18 @@ describe('xclient', () => {
             })
         }
     })
+
+    describe('DESTPORT type', () => {
+        it('stores local.port as an integer (587/465 auth check)', async () => {
+            this.connection.remote.ip = '127.0.0.1'
+            await new Promise((resolve) => {
+                this.plugin.hook_unrecognized_command(() => resolve(), this.connection, [
+                    'XCLIENT',
+                    'ADDR=1.2.3.4 DESTPORT=587',
+                ])
+            })
+            assert.strictEqual(this.connection.local.port, 587)
+            assert.equal(typeof this.connection.local.port, 'number')
+        })
+    })
 })

package/test/server.js

@@ -527,3 +527,62 @@ describe('server', () => {
         })
     })
 })
+
+describe('_graceful (cluster restart)', () => {
+    it('actually disconnects workers (queued thunks are invoked)', async () => {
+        const cluster = require('node:cluster')
+        const Server = require('../server')
+        Server.cfg = Server.cfg || { main: {} }
+        Server.cfg.main = Server.cfg.main || {}
+        Server.cfg.main.force_shutdown_timeout = 1
+
+        const saved = {
+            cluster: Server.cluster,
+            workers: cluster.workers,
+            fork: cluster.fork,
+            rmAll: cluster.removeAllListeners,
+        }
+
+        let disconnected = 0
+        const mkWorker = () => ({
+            _cbs: {},
+            send() {},
+            kill() {},
+            once(ev, cb) {
+                ;(this._cbs[ev] ||= []).push(cb)
+            },
+            on(ev, cb) {
+                ;(this._cbs[ev] ||= []).push(cb)
+            },
+            _fire(ev) {
+                for (const cb of this._cbs[ev] || []) cb()
+            },
+            disconnect() {
+                disconnected++
+                setImmediate(() => {
+                    this._fire('disconnect')
+                    setImmediate(() => this._fire('exit'))
+                })
+            },
+        })
+
+        cluster.workers = { 1: mkWorker() }
+        cluster.removeAllListeners = () => {}
+        cluster.fork = () => {
+            const nw = mkWorker()
+            setImmediate(() => nw._fire('listening'))
+            return nw
+        }
+        Server.cluster = cluster
+
+        try {
+            await Server._graceful()
+            assert.equal(disconnected, 1, 'worker.disconnect() was invoked')
+        } finally {
+            Server.cluster = saved.cluster
+            cluster.workers = saved.workers
+            cluster.fork = saved.fork
+            cluster.removeAllListeners = saved.rmAll
+        }
+    })
+})

package/test/smtp_client.js

@@ -436,18 +436,18 @@ describe('SMTPClient closed() handler', () => {
     })
 })
 
-// ─── load_tls_config ──────────────────────────────────────────────────────────
+// ─── load_tls_options ──────────────────────────────────────────────────────────
 
-describe('SMTPClient#load_tls_config', () => {
+describe('SMTPClient#load_tls_options', () => {
     it('sets tls_options with servername equal to host', () => {
         const client = makeClient()
-        client.load_tls_config()
+        client.load_tls_options()
         assert.equal(client.tls_options.servername, 'mx.example.com')
     })
 
     it('merges additional opts into tls_options', () => {
         const client = makeClient()
-        client.load_tls_config({ key: Buffer.from('secret'), rejectUnauthorized: false })
+        client.load_tls_options({ key: Buffer.from('secret'), rejectUnauthorized: false })
         assert.equal(client.tls_options.servername, 'mx.example.com')
         assert.equal(client.tls_options.rejectUnauthorized, false)
         assert.ok(Buffer.isBuffer(client.tls_options.key))
@@ -728,10 +728,8 @@ describe('smtp_client.onCapabilitiesOutbound', () => {
 
     it('skips STARTTLS when host is in no_tls_hosts ban list', () => {
         client.response = ['STARTTLS']
-        // Note: the code checks tls_options.no_tls_hosts but reads tls_config.no_tls_hosts
-        // (a known quirk) — set both to exercise the branch
+        // no_tls_hosts is read from tls_options consistently
         client.tls_options = { no_tls_hosts: ['10.0.0.0/8'] }
-        client.tls_config = { no_tls_hosts: ['10.0.0.0/8'] }
         client.remote_ip = '10.0.0.1'
         const conn = makeConnection()
         smtp_client_module.onCapabilitiesOutbound(client, false, conn, { enable_tls: true, host: '10.0.0.1' }, () => {})
@@ -766,6 +764,25 @@ describe('smtp_client.get_client_plugin', () => {
         assert.ok(client instanceof SMTPClient)
     })
 
+    it('emits error (does not throw) when AUTH type is unsupported', async () => {
+        const c = {
+            host: 'relay.example.com',
+            port: 25,
+            auth_type: 'login',
+            auth_user: 'a',
+            auth_pass: 'b',
+        }
+        const client = await getClientPlugin(c)
+        client.auth_capabilities = [] // server advertised no AUTH
+        let errMsg
+        client.on('error', (m) => {
+            errMsg = m
+        })
+        // pre-fix this threw out of the event loop and crashed the worker
+        assert.doesNotThrow(() => client.emit('helo'))
+        assert.match(String(errMsg), /not supported by server/)
+    })
+
     it('merges auth_type / auth_user / auth_pass into c.auth', async () => {
         const c = { host: 'relay.example.com', port: 25, auth_type: 'plain', auth_user: 'alice', auth_pass: 's3cr3t' }
         await getClientPlugin(c)
@@ -791,6 +808,16 @@ describe('smtp_client.get_client_plugin', () => {
         assert.ok(written.some((l) => /EHLO relay\.example\.com/.test(l)))
     })
 
+    it('redacts AUTH credentials from protocol logs (S4)', async () => {
+        const client = await getClientPlugin()
+        const logged = []
+        conn.logprotocol = (p, msg) => logged.push(msg)
+        client.emit('client_protocol', 'AUTH PLAIN AGFsaWNlAHMzY3JldA==')
+        assert.equal(logged.length, 1)
+        assert.equal(logged[0], 'C: AUTH PLAIN [redacted]')
+        assert.ok(!logged[0].includes('AGFsaWNlAHMzY3JldA=='))
+    })
+
     it('greeting handler sends EHLO with hello.host when xclient is set', async () => {
         const client = await getClientPlugin()
         client.xclient = true
@@ -850,19 +877,25 @@ describe('smtp_client.get_client_plugin', () => {
         assert.ok(written.some((l) => /AUTH PLAIN/.test(l)))
     })
 
-    // Table-drive the helo-throws cases
+    // these used to throw out of the event loop (crashing the worker); they must
+    // now route through the smtp_client 'error' flow.
     for (const [desc, opts, capabilities, pattern] of [
         ['unsupported auth type', { type: 'plain', user: 'u', pass: 'p' }, ['cram-md5'], /not supported by server/],
         ['plain auth with no user/pass', { type: 'plain', user: '', pass: '' }, ['plain'], /Must include auth\.user/],
-        ['cram-md5 (not implemented)', { type: 'cram-md5', user: 'u', pass: 'p' }, ['cram-md5'], /Not implemented/],
+        ['cram-md5 (not implemented)', { type: 'cram-md5', user: 'u', pass: 'p' }, ['cram-md5'], /not implemented/i],
         ['unknown auth type', { type: 'gssapi', user: 'u', pass: 'p' }, ['gssapi'], /Unknown AUTH type/],
     ]) {
-        it(`helo handler throws for ${desc}`, async () => {
+        it(`helo handler emits error (no throw) for ${desc}`, async () => {
             const c = { host: 'relay.example.com', port: 25, auth: opts }
             const client = await getClientPlugin(c)
             client.authenticated = false
             client.auth_capabilities = capabilities
-            assert.throws(() => client.emit('helo'), pattern)
+            let errMsg
+            client.on('error', (m) => {
+                errMsg = m
+            })
+            assert.doesNotThrow(() => client.emit('helo'))
+            assert.match(String(errMsg), pattern)
         })
     }
 
@@ -1241,7 +1274,7 @@ describe('smtp_client', () => {
         }
 
         const client = new SMTPClient({ host: 'mx.example.com', port: 25, socket })
-        client.load_tls_config({ key: Buffer.from('OutboundTlsKeyLoaded') })
+        client.load_tls_options({ key: Buffer.from('OutboundTlsKeyLoaded') })
 
         client.command = 'starttls'
         cmds.line('250 Hello client.example.com\r\n')

package/test/tls_socket.js

@@ -239,4 +239,86 @@ test('tls_socket', async (t) => {
             }
         }
     })
+
+    await t.test('load_plugin_tls_options', async (t) => {
+        // Point haraka-config at test/config so tls.ini fixtures load.
+        const origConfig = tls_socket.config
+        const origCfg = tls_socket.cfg
+        const test_config = require('haraka-config').module_config(path.resolve(__dirname))
+
+        t.beforeEach(() => {
+            tls_socket.config = test_config
+            tls_socket.cfg = undefined // bust load_tls_ini cache between cases
+        })
+
+        t.after(() => {
+            tls_socket.config = origConfig
+            tls_socket.cfg = origCfg
+        })
+
+        await t.test('inherits tls.ini [main] when plugin cfg is empty', () => {
+            const opts = tls_socket.load_plugin_tls_options({})
+            // From test/config/tls.ini [main]
+            assert.equal(opts.rejectUnauthorized, false)
+            assert.equal(opts.minVersion, 'TLSv1')
+            assert.equal(opts.honorCipherOrder, true)
+            assert.ok(opts.ciphers && opts.ciphers.length)
+            assert.ok(Buffer.isBuffer(opts.key), 'key resolved to Buffer')
+            assert.ok(Buffer.isBuffer(opts.cert), 'cert resolved to Buffer')
+        })
+
+        await t.test('plugin cfg overrides [main]', () => {
+            const opts = tls_socket.load_plugin_tls_options({
+                rejectUnauthorized: true,
+                minVersion: 'TLSv1.3',
+                ciphers: 'ECDHE-RSA-AES256-GCM-SHA384',
+            })
+            assert.equal(opts.rejectUnauthorized, true)
+            assert.equal(opts.minVersion, 'TLSv1.3')
+            assert.equal(opts.ciphers, 'ECDHE-RSA-AES256-GCM-SHA384')
+        })
+
+        await t.test('resolves key/cert/dhparam file refs to Buffers', () => {
+            const opts = tls_socket.load_plugin_tls_options({
+                key: 'outbound_tls_key.pem',
+                cert: 'outbound_tls_cert.pem',
+                dhparam: 'dhparams.pem',
+            })
+            assert.ok(Buffer.isBuffer(opts.key) && opts.key.length > 0)
+            assert.ok(Buffer.isBuffer(opts.cert) && opts.cert.length > 0)
+            assert.ok(Buffer.isBuffer(opts.dhparam) && opts.dhparam.length > 0)
+        })
+
+        await t.test('drops missing dhparam rather than leaving null', () => {
+            const opts = tls_socket.load_plugin_tls_options({
+                dhparam: 'does_not_exist.pem',
+            })
+            assert.equal(opts.dhparam, undefined)
+        })
+
+        await t.test('normalises no_tls_hosts / force_tls_hosts to arrays', () => {
+            const opts = tls_socket.load_plugin_tls_options({
+                no_tls_hosts: '10.0.0.5',
+                force_tls_hosts: ['a.example.com', 'b.example.com'],
+            })
+            assert.deepEqual(opts.no_tls_hosts, ['10.0.0.5'])
+            assert.deepEqual(opts.force_tls_hosts, ['a.example.com', 'b.example.com'])
+
+            const opts2 = tls_socket.load_plugin_tls_options({})
+            assert.deepEqual(opts2.no_tls_hosts, [])
+            assert.deepEqual(opts2.force_tls_hosts, [])
+        })
+
+        await t.test('does not set servername', () => {
+            const opts = tls_socket.load_plugin_tls_options({})
+            assert.equal(opts.servername, undefined)
+        })
+
+        await t.test('does not mutate the input plugin cfg', () => {
+            const input = { rejectUnauthorized: true, no_tls_hosts: '10.0.0.5' }
+            const before = JSON.stringify(input)
+            tls_socket.load_plugin_tls_options(input)
+            assert.equal(JSON.stringify(input), before)
+        })
+    })
 })

package/tls_socket.js

@@ -251,6 +251,56 @@ exports.load_tls_ini = (opts) => {
     return cfg
 }
 
+// Build a client tls_options, merges a consumers own [tls] section
+// over tls.ini [main].
+exports.load_plugin_tls_options = (plugin_tls_cfg = {}) => {
+    const tls_cfg = exports.load_tls_ini({ role: 'client' })
+    const cfg = JSON.parse(JSON.stringify(plugin_tls_cfg))
+
+    // Inheritance from tls.ini [main] deliberately omits no_tls_hosts: the
+    // [main].no_tls_hosts list is documented as inbound-only; outbound and
+    // queue plugins should opt in explicitly via their own section.
+    const inheritable_opts = [
+        'key',
+        'cert',
+        'ciphers',
+        'minVersion',
+        'dhparam',
+        'requestCert',
+        'honorCipherOrder',
+        'rejectUnauthorized',
+        'force_tls_hosts',
+    ]
+    for (const opt of inheritable_opts) {
+        if (cfg[opt] !== undefined) continue // set in plugin [tls]
+        if (tls_cfg.main[opt] === undefined) continue // unset in tls.ini [main]
+        cfg[opt] = tls_cfg.main[opt]
+    }
+
+    // Resolve key/cert/dhparam file references to buffers. Drop empty results
+    // so we never pass null to tls.connect.
+    for (const k of ['key', 'cert', 'dhparam']) {
+        if (!cfg[k]) {
+            delete cfg[k]
+            continue
+        }
+        const ref = Array.isArray(cfg[k]) ? cfg[k][0] : cfg[k]
+        const bin = exports.config.get(ref, 'binary')
+        if (bin) cfg[k] = bin
+        else delete cfg[k]
+    }
+
+    for (const k of ['no_tls_hosts', 'force_tls_hosts']) {
+        if (!cfg[k]) {
+            cfg[k] = []
+            continue
+        }
+        if (!Array.isArray(cfg[k])) cfg[k] = [cfg[k]]
+    }
+
+    return cfg
+}
+
 exports.applySocketOpts = (name) => {
     // https://nodejs.org/api/tls.html#tls_new_tls_tlssocket_socket_options
     const TLSSocketOptions = [