diff options
| -rw-r--r-- | coverage.ini | 1 | ||||
| -rw-r--r-- | src/mailman_pgp/mta/tests/test_deliver.py | 85 | ||||
| -rw-r--r-- | src/mailman_pgp/pgp/tests/test_pgp.py | 63 | ||||
| -rw-r--r-- | src/mailman_pgp/rules/signature.py | 3 | ||||
| -rw-r--r-- | src/mailman_pgp/rules/tests/test_signature.py | 57 |
5 files changed, 205 insertions, 4 deletions
diff --git a/coverage.ini b/coverage.ini index f1ddddc..5238525 100644 --- a/coverage.ini +++ b/coverage.ini @@ -5,6 +5,7 @@ branch = true parallel = true omit = setup.py + */tests/__init__.py */test_*.py */testing/*.py diff --git a/src/mailman_pgp/mta/tests/test_deliver.py b/src/mailman_pgp/mta/tests/test_deliver.py new file mode 100644 index 0000000..756fd78 --- /dev/null +++ b/src/mailman_pgp/mta/tests/test_deliver.py @@ -0,0 +1,85 @@ +# Copyright (C) 2017 Jan Jancar +# +# This file is a part of the Mailman PGP plugin. +# +# This program is free software; you can redistribute it and/or modify it under +# the terms of the GNU General Public License as published by the Free +# Software Foundation, either version 3 of the License, or (at your option) +# any later version. +# +# This program is distributed in the hope that it will be useful, but WITHOUT +# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for +# more details. +# +# You should have received a copy of the GNU General Public License along with +# this program. If not, see <http://www.gnu.org/licenses/>. + +"""""" +from unittest import TestCase + +from mailman.app.lifecycle import create_list +from mailman.interfaces.mailinglist import Personalization +from mailman.interfaces.mta import SomeRecipientsFailed +from mailman.testing.helpers import (specialized_message_from_string as mfs, + subscribe) + +from mailman_pgp.database import transaction +from mailman_pgp.model.address import PGPAddress +from mailman_pgp.model.list import PGPMailingList +from mailman_pgp.mta.deliver import deliver +from mailman_pgp.pgp.tests.base import load_key +from mailman_pgp.testing.layers import PGPSMTPLayer + + +class TestDeliver(TestCase): + layer = PGPSMTPLayer + + def setUp(self): + with transaction(): + self.mlist = create_list('test@example.com', + style_name='pgp-default') + self.mlist.personalize = Personalization.individual + + self.list_key = load_key('ecc_p256.priv.asc') + self.pgp_list = PGPMailingList.for_list(self.mlist) + self.pgp_list.key = self.list_key + + # Make Anne a member of this mailing list. + self.anne = subscribe(self.mlist, 'Anne', email='anne@example.org') + self.anne_key = load_key('rsa_1024.priv.asc') + + self.bart = subscribe(self.mlist, 'Bart', email='bart@example.org') + self.bart_key = load_key('ecc_secp256k1.priv.asc') + + with transaction() as t: + self.pgp_anne = PGPAddress(self.anne.address) + self.pgp_anne.key = self.anne_key.pubkey + self.pgp_anne.key_confirmed = True + t.add(self.pgp_anne) + + with transaction() as t: + self.pgp_bart = PGPAddress(self.bart.address) + self.pgp_bart.key = self.bart_key.pubkey + self.pgp_bart.key_confirmed = True + t.add(self.pgp_bart) + self.msg = mfs("""\ +From: anne@example.org +To: test@example.com +Subject: some subject + +Some text. +""") + + def test_deliver(self): + msgdata = dict(recipients=['anne@example.org', 'bart@example.org']) + deliver(self.mlist, self.msg, msgdata) + + def test_deliver_no_key(self): + with transaction(): + self.pgp_anne.key = None + msgdata = dict(recipients=['anne@example.org', 'bart@example.org']) + with self.assertRaises(SomeRecipientsFailed) as err: + deliver(self.mlist, self.msg, msgdata) + self.assertEqual(err.exception.temporary_failures, + ['anne@example.org']) diff --git a/src/mailman_pgp/pgp/tests/test_pgp.py b/src/mailman_pgp/pgp/tests/test_pgp.py new file mode 100644 index 0000000..6ff674d --- /dev/null +++ b/src/mailman_pgp/pgp/tests/test_pgp.py @@ -0,0 +1,63 @@ +# Copyright (C) 2017 Jan Jancar +# +# This file is a part of the Mailman PGP plugin. +# +# This program is free software; you can redistribute it and/or modify it under +# the terms of the GNU General Public License as published by the Free +# Software Foundation, either version 3 of the License, or (at your option) +# any later version. +# +# This program is distributed in the hope that it will be useful, but WITHOUT +# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for +# more details. +# +# You should have received a copy of the GNU General Public License along with +# this program. If not, see <http://www.gnu.org/licenses/>. + +"""Tests for the module global PGP instance.""" +from unittest import TestCase + +from mailman.app.lifecycle import create_list +from mailman.testing.helpers import subscribe + +from mailman_pgp.config import config +from mailman_pgp.database import mm_transaction, transaction +from mailman_pgp.model.address import PGPAddress +from mailman_pgp.model.list import PGPMailingList +from mailman_pgp.pgp.tests.base import load_key +from mailman_pgp.testing.layers import PGPConfigLayer + + +class TestPGP(TestCase): + layer = PGPConfigLayer + + def setUp(self): + with mm_transaction(): + self.mlist = create_list('test@example.com', + style_name='pgp-default') + self.pgp_list = PGPMailingList.for_list(self.mlist) + self.list_key = self.pgp_list.generate_key(True) + + # Make Anne a member of this mailing list. + self.anne = subscribe(self.mlist, 'Anne', email='anne@example.org') + self.anne_key = load_key('rsa_1024.priv.asc') + + with transaction() as t: + self.pgp_anne = PGPAddress(self.anne.address) + self.pgp_anne.key = self.anne_key.pubkey + self.pgp_anne.key_confirmed = True + t.add(self.pgp_anne) + + def test_list_keydir(self): + keyring = config.pgp.list_keyring + self.assertEqual(len(keyring), 2) + with keyring.key(self.pgp_list.mlist.fqdn_listname) as key: + self.assertEqual(key.fingerprint, self.list_key.fingerprint) + + def test_user_keydir(self): + keyring = config.pgp.user_keyring + self.assertEqual(len(keyring), 2) + with keyring.key(self.anne_key.fingerprint) as key: + self.assertTrue(key.is_public) + self.assertEqual(key.fingerprint, self.anne_key.fingerprint) diff --git a/src/mailman_pgp/rules/signature.py b/src/mailman_pgp/rules/signature.py index 7742278..998e9c3 100644 --- a/src/mailman_pgp/rules/signature.py +++ b/src/mailman_pgp/rules/signature.py @@ -134,7 +134,8 @@ def on_message_posting(event): pgp_list = PGPMailingList.for_list(event.mlist) if pgp_list is None: return - pgp_address = PGPAddress.for_email(get_email(event.msg)) + address = getUtility(IUserManager).get_address(get_email(event.msg)) + pgp_address = PGPAddress.for_address(address) if pgp_address is None or pgp_address.key_fingerprint is None: return for sig_hash in event.msgdata['pgp_sig_hashes']: diff --git a/src/mailman_pgp/rules/tests/test_signature.py b/src/mailman_pgp/rules/tests/test_signature.py index 58af694..24cb5e9 100644 --- a/src/mailman_pgp/rules/tests/test_signature.py +++ b/src/mailman_pgp/rules/tests/test_signature.py @@ -14,16 +14,21 @@ # # You should have received a copy of the GNU General Public License along with # this program. If not, see <http://www.gnu.org/licenses/>. + +"""""" from unittest import TestCase from mailman.app.lifecycle import create_list from mailman.interfaces.action import Action +from mailman.interfaces.chain import AcceptEvent from mailman.interfaces.member import MemberRole from mailman.interfaces.usermanager import IUserManager from mailman.testing.helpers import (set_preferred, specialized_message_from_string as mfs) from zope.component import getUtility +from zope.event import notify +from mailman_pgp.chains.default import PGPChain from mailman_pgp.config import mm_config from mailman_pgp.database import mm_transaction, transaction from mailman_pgp.model.address import PGPAddress @@ -67,6 +72,10 @@ class TestPGPSignatureRule(TestCase): self.msg_mime_signed_invalid = load_message( 'mime_signed_invalid.eml') + def assertAction(self, msgdata, action, reasons): + self.assertEqual(msgdata['moderation_action'], action.name) + self.assertListEqual(msgdata['moderation_reasons'], reasons) + def test_has_rule(self): self.assertIn(Signature.name, mm_config.rules.keys()) @@ -104,9 +113,14 @@ To: test@example.com 'No key set for address {}.'.format( self.pgp_sender.address.original_email)]) - def assertAction(self, msgdata, action, reasons): - self.assertEqual(msgdata['moderation_action'], action.name) - self.assertListEqual(msgdata['moderation_reasons'], reasons) + def test_key_not_confirmed(self): + with transaction(): + self.pgp_sender.key_confirmed = False + + msgdata = {} + matches = self.rule.check(self.mlist, self.msg_mime_signed, msgdata) + self.assertTrue(matches) + self.assertAction(msgdata, Action.reject, ['Key not confirmed.']) def test_unsigned_action(self): with transaction(): @@ -194,3 +208,40 @@ To: test@example.com matches = self.rule.check(self.mlist, self.msg_inline_signed, msgdata) self.assertTrue(matches) self.assertAction(msgdata, Action.hold, ['Signature duplicate.']) + + +class TestPostingEvent(TestCase): + layer = PGPConfigLayer + + def setUp(self): + self.rule = Signature() + + user_manager = getUtility(IUserManager) + with mm_transaction(): + self.mlist = create_list('test@example.com', + style_name='pgp-default') + self.sender = user_manager.create_user('RSA-1024b@example.org') + set_preferred(self.sender) + self.mlist.subscribe(self.sender, MemberRole.member) + + self.pgp_list = PGPMailingList.for_list(self.mlist) + + self.sender_key = load_key('rsa_1024.priv.asc') + with transaction() as t: + self.pgp_sender = PGPAddress(self.sender.preferred_address) + self.pgp_sender.key = self.sender_key.pubkey + self.pgp_sender.key_confirmed = True + t.add(self.pgp_sender) + + def test_sighashes_added(self): + msg = load_message('mime_signed.eml') + wrapped = PGPWrapper(msg) + sighashes = set(hashes(wrapped.verify(self.sender_key))) + msgdata = dict(pgp_sig_hashes=sighashes) + notify(AcceptEvent(self.mlist, msg, msgdata, + mm_config.chains[PGPChain.name])) + + for hash in sighashes: + sig_hash = PGPSigHash.query().filter_by(hash=hash).one() + self.assertIsNotNone(sig_hash) + self.assertEqual(sig_hash.fingerprint, self.sender_key.fingerprint) |