Haraka 3.1.6 → 3.2.0

package/test/plugins/queue/smtp_proxy.js

@@ -0,0 +1,139 @@
+'use strict'
+
+const assert = require('node:assert')
+const path = require('node:path')
+const { describe, it, beforeEach, afterEach, before } = require('node:test')
+
+const fixtures = require('haraka-test-fixtures')
+
+const tls_socket = require('../../../tls_socket')
+
+before(() => {
+    require('haraka-constants').import(global)
+})
+
+describe('queue/smtp_proxy', () => {
+    let plugin, conn
+
+    beforeEach(() => {
+        plugin = new fixtures.plugin('queue/smtp_proxy')
+        plugin.load_smtp_proxy_ini()
+        conn = fixtures.connection.createConnection()
+        conn.init_transaction()
+    })
+
+    describe('hook_rset', () => {
+        it('calls next() when no smtp_client in notes', (t, done) => {
+            plugin.hook_rset((rc) => {
+                assert.equal(rc, undefined)
+                done()
+            }, conn)
+        })
+
+        it('releases smtp_client and calls next() when smtp_client exists', (t, done) => {
+            let released = false
+            conn.notes.smtp_client = {
+                release: () => {
+                    released = true
+                },
+            }
+            plugin.hook_rset((rc) => {
+                assert.equal(released, true)
+                assert.equal(conn.notes.smtp_client, undefined)
+                done()
+            }, conn)
+        })
+    })
+
+    describe('hook_quit', () => {
+        it('calls next() when no smtp_client in notes', (t, done) => {
+            plugin.hook_quit((rc) => {
+                assert.equal(rc, undefined)
+                done()
+            }, conn)
+        })
+
+        it('is the same function as hook_rset', () => {
+            assert.equal(plugin.hook_rset, plugin.hook_quit)
+        })
+    })
+
+    describe('hook_disconnect', () => {
+        it('calls next() when no smtp_client in notes', (t, done) => {
+            plugin.hook_disconnect((rc) => {
+                assert.equal(rc, undefined)
+                done()
+            }, conn)
+        })
+
+        it('releases and calls next when smtp_client exists', (t, done) => {
+            let released = false
+            let callNextCalled = false
+            conn.notes.smtp_client = {
+                release: () => {
+                    released = true
+                },
+                call_next: () => {
+                    callNextCalled = true
+                },
+            }
+            plugin.hook_disconnect((rc) => {
+                assert.equal(released, true)
+                assert.equal(callNextCalled, true)
+                assert.equal(conn.notes.smtp_client, undefined)
+                done()
+            }, conn)
+        })
+    })
+
+    describe('hook_queue', () => {
+        it('calls next() when transaction is missing', (t, done) => {
+            const connNoTxn = fixtures.connection.createConnection()
+            plugin.hook_queue((rc) => {
+                assert.equal(rc, undefined)
+                done()
+            }, connNoTxn)
+        })
+
+        it('calls next() when smtp_client is not in notes', (t, done) => {
+            plugin.hook_queue((rc) => {
+                assert.equal(rc, undefined)
+                done()
+            }, conn)
+        })
+    })
+
+    describe('tls_options', () => {
+        let origTlsConfig, origTlsCfg
+
+        beforeEach(() => {
+            origTlsConfig = tls_socket.config
+            origTlsCfg = tls_socket.cfg
+            tls_socket.config = require('haraka-config').module_config(path.resolve('test'))
+            tls_socket.cfg = undefined
+            // re-derive with test/config in scope
+            plugin.load_smtp_proxy_ini()
+        })
+
+        afterEach(() => {
+            tls_socket.config = origTlsConfig
+            tls_socket.cfg = origTlsCfg
+        })
+
+        it('populates tls_options from tls.ini [main]', () => {
+            assert.ok(plugin.tls_options)
+            assert.equal(plugin.tls_options.rejectUnauthorized, false)
+            assert.equal(plugin.tls_options.minVersion, 'TLSv1')
+            assert.ok(plugin.tls_options.ciphers)
+            assert.ok(Array.isArray(plugin.tls_options.no_tls_hosts))
+            assert.ok(Array.isArray(plugin.tls_options.force_tls_hosts))
+        })
+
+        it('reload re-derives tls_options', () => {
+            const first = plugin.tls_options
+            plugin.load_smtp_proxy_ini()
+            assert.ok(plugin.tls_options)
+            assert.notEqual(plugin.tls_options, first)
+        })
+    })
+})

package/test/plugins/rcpt_to.host_list_base.js

@@ -2,7 +2,7 @@
 const assert = require('node:assert/strict')
 const { describe, it, beforeEach } = require('node:test')
 
-const { Address } = require('address-rfc2821')
+const { Address } = require('../../address')
 const fixtures = require('haraka-test-fixtures')
 
 const _set_up = () => {

package/test/plugins/rcpt_to.in_host_list.js

@@ -2,7 +2,7 @@
 const assert = require('node:assert/strict')
 const { describe, it, beforeEach } = require('node:test')
 
-const { Address } = require('address-rfc2821')
+const { Address } = require('../../address')
 const fixtures = require('haraka-test-fixtures')
 require('haraka-constants').import(global)
 

package/test/plugins/record_envelope_addresses.js

@@ -1,9 +1,9 @@
 'use strict'
 
-const assert = require('node:assert/strict')
+const assert = require('node:assert')
 const { describe, it, beforeEach } = require('node:test')
 
-const { Address } = require('address-rfc2821')
+const { Address } = require('../../address')
 const fixtures = require('haraka-test-fixtures')
 
 const _set_up = () => {

package/test/plugins/reseed_rng.js

@@ -0,0 +1,34 @@
+'use strict'
+
+const assert = require('node:assert/strict')
+const { describe, it } = require('node:test')
+
+const fixtures = require('haraka-test-fixtures')
+
+describe('reseed_rng', () => {
+    describe('hook_init_child', () => {
+        it('calls Math.seedrandom with a hex string and calls next', (t, done) => {
+            const plugin = new fixtures.plugin('reseed_rng')
+            let called = false
+            let calledArg
+            Math.seedrandom = (arg) => {
+                called = true
+                calledArg = arg
+            }
+            plugin.hook_init_child((rc) => {
+                delete Math.seedrandom
+                assert.equal(rc, undefined)
+                assert.ok(called, 'Math.seedrandom should have been called')
+                assert.equal(typeof calledArg, 'string')
+                assert.ok(calledArg.length > 0)
+                done()
+            })
+        })
+
+        it('throws when Math.seedrandom is not defined', () => {
+            const plugin = new fixtures.plugin('reseed_rng')
+            delete Math.seedrandom
+            assert.throws(() => plugin.hook_init_child(() => {}), /Math\.seedrandom is not a function/)
+        })
+    })
+})

package/test/plugins/status.js

@@ -134,4 +134,75 @@ describe('status', () => {
             this.plugin.hook_unrecognized_command(() => {}, this.connection, ['STATUS', 'QUEUE PUSH file'])
         })
     })
+
+    describe('merge_worker_responses', () => {
+        beforeEach(_set_up)
+
+        it('POOL LIST merges objects from all workers', () => {
+            const result = JSON.parse(
+                JSON.stringify(
+                    this.plugin.merge_worker_responses('POOL LIST', [
+                        { 'host1:25': { inUse: 1, size: 3 } },
+                        { 'host2:25': { inUse: 0, size: 2 } },
+                        {},
+                    ]),
+                ),
+            )
+            assert.deepEqual(result, {
+                'host1:25': { inUse: 1, size: 3 },
+                'host2:25': { inUse: 0, size: 2 },
+            })
+        })
+
+        it('POOL LIST with all empty workers returns empty object', () => {
+            const result = JSON.parse(JSON.stringify(this.plugin.merge_worker_responses('POOL LIST', [{}, {}, {}])))
+            assert.deepEqual(result, {})
+        })
+
+        it('QUEUE INSPECT merges queues from all workers', () => {
+            const result = JSON.parse(
+                JSON.stringify(
+                    this.plugin.merge_worker_responses('QUEUE INSPECT', [
+                        { delivery_queue: [{ id: 'a' }], temp_fail_queue: [{ id: 'x', fire_time: 1 }] },
+                        { delivery_queue: [{ id: 'b' }], temp_fail_queue: [] },
+                        { delivery_queue: [], temp_fail_queue: [{ id: 'y', fire_time: 2 }] },
+                    ]),
+                ),
+            )
+            assert.deepEqual(result, {
+                delivery_queue: [{ id: 'a' }, { id: 'b' }],
+                temp_fail_queue: [
+                    { id: 'x', fire_time: 1 },
+                    { id: 'y', fire_time: 2 },
+                ],
+            })
+        })
+
+        it('QUEUE INSPECT with all empty queues returns empty lists', () => {
+            const result = JSON.parse(
+                JSON.stringify(
+                    this.plugin.merge_worker_responses('QUEUE INSPECT', [
+                        { delivery_queue: [], temp_fail_queue: [] },
+                        { delivery_queue: [], temp_fail_queue: [] },
+                    ]),
+                ),
+            )
+            assert.deepEqual(result, { delivery_queue: [], temp_fail_queue: [] })
+        })
+
+        it('QUEUE STATS sums across workers', () => {
+            const result = this.plugin.merge_worker_responses('QUEUE STATS', ['1/2/3', '0/1/0', '2/0/1'])
+            assert.equal(result, '3/3/4')
+        })
+
+        it('QUEUE STATS with all zeros', () => {
+            const result = this.plugin.merge_worker_responses('QUEUE STATS', ['0/0/0', '0/0/0', '0/0/0'])
+            assert.equal(result, '0/0/0')
+        })
+
+        it('unknown command returns results array unchanged', () => {
+            const result = this.plugin.merge_worker_responses('POOL UNKNOWN', [{ foo: 1 }, { foo: 2 }])
+            assert.equal(result.length, 2)
+        })
+    })
 })

package/test/plugins/tarpit.js

@@ -0,0 +1,91 @@
+'use strict'
+
+const assert = require('node:assert/strict')
+const { describe, it, beforeEach } = require('node:test')
+
+const fixtures = require('haraka-test-fixtures')
+
+describe('tarpit', () => {
+    let plugin
+
+    beforeEach(() => {
+        plugin = new fixtures.plugin('tarpit')
+        plugin.config.get = () => ({ main: {} })
+    })
+
+    describe('register', () => {
+        it('registers tarpit on all default hooks', () => {
+            const registered = []
+            plugin.register_hook = (hook) => registered.push(hook)
+            plugin.register()
+            assert.ok(registered.includes('connect'))
+            assert.ok(registered.includes('ehlo'))
+            assert.ok(registered.includes('mail'))
+            assert.ok(registered.includes('rcpt'))
+            assert.ok(registered.includes('data'))
+            assert.ok(registered.includes('queue'))
+            assert.ok(registered.includes('quit'))
+        })
+
+        it('registers only configured hooks when hooks_to_delay is set', () => {
+            plugin.config.get = () => ({ main: { hooks_to_delay: 'ehlo, mail' } })
+            const registered = []
+            plugin.register_hook = (hook) => registered.push(hook)
+            plugin.register()
+            assert.deepEqual(registered, ['ehlo', 'mail'])
+        })
+    })
+
+    describe('tarpit', () => {
+        let conn
+
+        beforeEach(() => {
+            conn = fixtures.connection.createConnection()
+            conn.init_transaction()
+        })
+
+        it('calls next immediately when no transaction', (t, done) => {
+            conn.transaction = null
+            plugin.tarpit((rc) => {
+                assert.equal(rc, undefined)
+                done()
+            }, conn)
+        })
+
+        it('calls next immediately when no tarpit delay set', (t, done) => {
+            // No tarpit note on connection or transaction
+            plugin.tarpit((rc) => {
+                assert.equal(rc, undefined)
+                done()
+            }, conn)
+        })
+
+        it('calls next immediately when connection.notes.tarpit is 0', (t, done) => {
+            conn.notes.tarpit = 0
+            plugin.tarpit((rc) => {
+                assert.equal(rc, undefined)
+                done()
+            }, conn)
+        })
+
+        it('delays and calls next when connection.notes.tarpit is set', { timeout: 3000 }, (t, done) => {
+            conn.notes.tarpit = 0.1
+            const start = Date.now()
+            plugin.tarpit((rc) => {
+                assert.equal(rc, undefined)
+                assert.ok(Date.now() - start >= 90, 'should have waited ~100ms')
+                done()
+            }, conn)
+        })
+
+        it('uses transaction.notes.tarpit when connection note is absent', { timeout: 3000 }, (t, done) => {
+            conn.transaction.notes.tarpit = 0.1
+            const start = Date.now()
+            plugin.tarpit((rc) => {
+                assert.equal(rc, undefined)
+                assert.ok(Date.now() - start >= 90)
+                done()
+            }, conn)
+        })
+    })
+})

package/test/plugins/tls.js

@@ -60,4 +60,29 @@ describe('tls', () => {
             )
         })
     })
+
+    describe('upgrade_connection (STARTTLS injection)', () => {
+        // RFC 3207 §4: data pipelined after STARTTLS but before the TLS
+        // handshake must be discarded, not processed on the cleartext channel.
+        it('discards pipelined plaintext before the TLS handshake', () => {
+            const c = this.connection
+            c.tls = { advertised: true }
+            c.notes = {}
+            // attacker pipelined an injected command after STARTTLS
+            c.current_data = Buffer.from('RCPT TO:<victim@example.com>\r\n')
+            let dataAtUpgrade = 'UPGRADE_NOT_CALLED'
+            c.client = {
+                upgrade() {
+                    dataAtUpgrade = c.current_data
+                },
+            }
+            c.respond = () => {} // bypass the real _process_data path
+            this.plugin.timeout = 0
+
+            this.plugin.upgrade_connection(() => {}, c, ['STARTTLS'])
+
+            assert.equal(dataAtUpgrade, null, 'buffer cleared before upgrade()')
+            assert.equal(c.current_data, null)
+        })
+    })
 })

package/test/plugins/toobusy.js

@@ -0,0 +1,21 @@
+'use strict'
+
+const assert = require('node:assert/strict')
+const { describe, it } = require('node:test')
+
+const fixtures = require('haraka-test-fixtures')
+
+describe('toobusy', () => {
+    describe('register', () => {
+        it('handles missing toobusy-js gracefully (does not throw)', () => {
+            const plugin = new fixtures.plugin('toobusy')
+            // toobusy-js is not installed; register should catch the error and return
+            let registered = false
+            plugin.register_hook = () => {
+                registered = true
+            }
+            assert.doesNotThrow(() => plugin.register())
+            assert.equal(registered, false, 'hook should not be registered without toobusy-js')
+        })
+    })
+})

package/test/plugins/xclient.js

@@ -99,4 +99,18 @@ describe('xclient', () => {
             })
         }
     })
+
+    describe('DESTPORT type', () => {
+        it('stores local.port as an integer (587/465 auth check)', async () => {
+            this.connection.remote.ip = '127.0.0.1'
+            await new Promise((resolve) => {
+                this.plugin.hook_unrecognized_command(() => resolve(), this.connection, [
+                    'XCLIENT',
+                    'ADDR=1.2.3.4 DESTPORT=587',
+                ])
+            })
+            assert.strictEqual(this.connection.local.port, 587)
+            assert.equal(typeof this.connection.local.port, 'number')
+        })
+    })
 })

package/test/server.js

@@ -527,3 +527,62 @@ describe('server', () => {
         })
     })
 })
+
+describe('_graceful (cluster restart)', () => {
+    it('actually disconnects workers (queued thunks are invoked)', async () => {
+        const cluster = require('node:cluster')
+        const Server = require('../server')
+        Server.cfg = Server.cfg || { main: {} }
+        Server.cfg.main = Server.cfg.main || {}
+        Server.cfg.main.force_shutdown_timeout = 1
+
+        const saved = {
+            cluster: Server.cluster,
+            workers: cluster.workers,
+            fork: cluster.fork,
+            rmAll: cluster.removeAllListeners,
+        }
+
+        let disconnected = 0
+        const mkWorker = () => ({
+            _cbs: {},
+            send() {},
+            kill() {},
+            once(ev, cb) {
+                ;(this._cbs[ev] ||= []).push(cb)
+            },
+            on(ev, cb) {
+                ;(this._cbs[ev] ||= []).push(cb)
+            },
+            _fire(ev) {
+                for (const cb of this._cbs[ev] || []) cb()
+            },
+            disconnect() {
+                disconnected++
+                setImmediate(() => {
+                    this._fire('disconnect')
+                    setImmediate(() => this._fire('exit'))
+                })
+            },
+        })
+
+        cluster.workers = { 1: mkWorker() }
+        cluster.removeAllListeners = () => {}
+        cluster.fork = () => {
+            const nw = mkWorker()
+            setImmediate(() => nw._fire('listening'))
+            return nw
+        }
+        Server.cluster = cluster
+
+        try {
+            await Server._graceful()
+            assert.equal(disconnected, 1, 'worker.disconnect() was invoked')
+        } finally {
+            Server.cluster = saved.cluster
+            cluster.workers = saved.workers
+            cluster.fork = saved.fork
+            cluster.removeAllListeners = saved.rmAll
+        }
+    })
+})

package/test/smtp_client.js

@@ -5,7 +5,7 @@ const assert = require('node:assert/strict')
 const { PassThrough } = require('node:stream')
 const path = require('node:path')
 
-const { Address } = require('address-rfc2821')
+const { Address } = require('../address')
 const fixtures = require('haraka-test-fixtures')
 const net_utils = require('haraka-net-utils')
 const message = require('haraka-email-message')
@@ -436,18 +436,18 @@ describe('SMTPClient closed() handler', () => {
     })
 })
 
-// ─── load_tls_config ──────────────────────────────────────────────────────────
+// ─── load_tls_options ──────────────────────────────────────────────────────────
 
-describe('SMTPClient#load_tls_config', () => {
+describe('SMTPClient#load_tls_options', () => {
     it('sets tls_options with servername equal to host', () => {
         const client = makeClient()
-        client.load_tls_config()
+        client.load_tls_options()
         assert.equal(client.tls_options.servername, 'mx.example.com')
     })
 
     it('merges additional opts into tls_options', () => {
         const client = makeClient()
-        client.load_tls_config({ key: Buffer.from('secret'), rejectUnauthorized: false })
+        client.load_tls_options({ key: Buffer.from('secret'), rejectUnauthorized: false })
         assert.equal(client.tls_options.servername, 'mx.example.com')
         assert.equal(client.tls_options.rejectUnauthorized, false)
         assert.ok(Buffer.isBuffer(client.tls_options.key))
@@ -728,10 +728,8 @@ describe('smtp_client.onCapabilitiesOutbound', () => {
 
     it('skips STARTTLS when host is in no_tls_hosts ban list', () => {
         client.response = ['STARTTLS']
-        // Note: the code checks tls_options.no_tls_hosts but reads tls_config.no_tls_hosts
-        // (a known quirk) — set both to exercise the branch
+        // no_tls_hosts is read from tls_options consistently
         client.tls_options = { no_tls_hosts: ['10.0.0.0/8'] }
-        client.tls_config = { no_tls_hosts: ['10.0.0.0/8'] }
         client.remote_ip = '10.0.0.1'
         const conn = makeConnection()
         smtp_client_module.onCapabilitiesOutbound(client, false, conn, { enable_tls: true, host: '10.0.0.1' }, () => {})
@@ -766,6 +764,25 @@ describe('smtp_client.get_client_plugin', () => {
         assert.ok(client instanceof SMTPClient)
     })
 
+    it('emits error (does not throw) when AUTH type is unsupported', async () => {
+        const c = {
+            host: 'relay.example.com',
+            port: 25,
+            auth_type: 'login',
+            auth_user: 'a',
+            auth_pass: 'b',
+        }
+        const client = await getClientPlugin(c)
+        client.auth_capabilities = [] // server advertised no AUTH
+        let errMsg
+        client.on('error', (m) => {
+            errMsg = m
+        })
+        // pre-fix this threw out of the event loop and crashed the worker
+        assert.doesNotThrow(() => client.emit('helo'))
+        assert.match(String(errMsg), /not supported by server/)
+    })
+
     it('merges auth_type / auth_user / auth_pass into c.auth', async () => {
         const c = { host: 'relay.example.com', port: 25, auth_type: 'plain', auth_user: 'alice', auth_pass: 's3cr3t' }
         await getClientPlugin(c)
@@ -791,6 +808,16 @@ describe('smtp_client.get_client_plugin', () => {
         assert.ok(written.some((l) => /EHLO relay\.example\.com/.test(l)))
     })
 
+    it('redacts AUTH credentials from protocol logs (S4)', async () => {
+        const client = await getClientPlugin()
+        const logged = []
+        conn.logprotocol = (p, msg) => logged.push(msg)
+        client.emit('client_protocol', 'AUTH PLAIN AGFsaWNlAHMzY3JldA==')
+        assert.equal(logged.length, 1)
+        assert.equal(logged[0], 'C: AUTH PLAIN [redacted]')
+        assert.ok(!logged[0].includes('AGFsaWNlAHMzY3JldA=='))
+    })
+
     it('greeting handler sends EHLO with hello.host when xclient is set', async () => {
         const client = await getClientPlugin()
         client.xclient = true
@@ -850,19 +877,25 @@ describe('smtp_client.get_client_plugin', () => {
         assert.ok(written.some((l) => /AUTH PLAIN/.test(l)))
     })
 
-    // Table-drive the helo-throws cases
+    // these used to throw out of the event loop (crashing the worker); they must
+    // now route through the smtp_client 'error' flow.
     for (const [desc, opts, capabilities, pattern] of [
         ['unsupported auth type', { type: 'plain', user: 'u', pass: 'p' }, ['cram-md5'], /not supported by server/],
         ['plain auth with no user/pass', { type: 'plain', user: '', pass: '' }, ['plain'], /Must include auth\.user/],
-        ['cram-md5 (not implemented)', { type: 'cram-md5', user: 'u', pass: 'p' }, ['cram-md5'], /Not implemented/],
+        ['cram-md5 (not implemented)', { type: 'cram-md5', user: 'u', pass: 'p' }, ['cram-md5'], /not implemented/i],
         ['unknown auth type', { type: 'gssapi', user: 'u', pass: 'p' }, ['gssapi'], /Unknown AUTH type/],
     ]) {
-        it(`helo handler throws for ${desc}`, async () => {
+        it(`helo handler emits error (no throw) for ${desc}`, async () => {
             const c = { host: 'relay.example.com', port: 25, auth: opts }
             const client = await getClientPlugin(c)
             client.authenticated = false
             client.auth_capabilities = capabilities
-            assert.throws(() => client.emit('helo'), pattern)
+            let errMsg
+            client.on('error', (m) => {
+                errMsg = m
+            })
+            assert.doesNotThrow(() => client.emit('helo'))
+            assert.match(String(errMsg), pattern)
         })
     }
 
@@ -1241,7 +1274,7 @@ describe('smtp_client', () => {
         }
 
         const client = new SMTPClient({ host: 'mx.example.com', port: 25, socket })
-        client.load_tls_config({ key: Buffer.from('OutboundTlsKeyLoaded') })
+        client.load_tls_options({ key: Buffer.from('OutboundTlsKeyLoaded') })
 
         client.command = 'starttls'
         cmds.line('250 Hello client.example.com\r\n')