diff --git a/opendkim/tests/Makefile.am b/opendkim/tests/Makefile.am index fb1cb82..81fbf79 100644 --- a/opendkim/tests/Makefile.am +++ b/opendkim/tests/Makefile.am @@ -1,4 +1,5 @@ -check_SCRIPTS = t-sign-ss t-sign-rs t-sign-rs-tables t-sign-rs-tables-bad \ +check_SCRIPTS = t-sign-ss t-sign-rs t-sign-rs-tables \ + t-sign-rs-tables-all-singlekey t-sign-rs-tables-bad \ t-sign-rs-tables-token t-sign-rs-multiple t-sign-rs-mixconf \ t-sign-rs-lua t-sign-ss-all t-sign-ss-ltag t-sign-ss-x \ t-verify-revoked t-verify-unspec t-verify-malformed \ @@ -38,6 +39,7 @@ EXTRA_DIST = \ t-sign-rs-multiple t-sign-rs-multiple.conf t-sign-rs-multiple.keys \ t-sign-rs-multiple.lua t-sign-rs-multiple.sign \ t-sign-rs-tables t-sign-rs-tables.conf t-sign-rs-tables.keys \ + t-sign-rs-tables-all-singlekey t-sign-rs-tables-all-singlekey.conf \ t-sign-rs-tables.lua t-sign-rs-tables.sign \ t-sign-rs-tables-bad t-sign-rs-tables-bad.conf \ t-sign-rs-tables-bad.keys t-sign-rs-tables-bad.lua \ diff --git a/opendkim/tests/t-sign-rs-tables-all-singlekey b/opendkim/tests/t-sign-rs-tables-all-singlekey new file mode 100755 index 0000000..da1987a --- /dev/null +++ b/opendkim/tests/t-sign-rs-tables-all-singlekey @@ -0,0 +1,11 @@ +#!/bin/sh +# +# +# relaxed/simple signing test using tables + +if [ x"$srcdir" = x"" ] +then + srcdir=`pwd` +fi + +../../miltertest/miltertest $MILTERTESTFLAGS -s $srcdir/t-sign-rs-tables-all-singlekey.lua diff --git a/opendkim/tests/t-sign-rs-tables-all-singlekey.conf b/opendkim/tests/t-sign-rs-tables-all-singlekey.conf new file mode 100644 index 0000000..7f4e454 --- /dev/null +++ b/opendkim/tests/t-sign-rs-tables-all-singlekey.conf @@ -0,0 +1,8 @@ +# +# relaxed/simple signing test + +Background No +Canonicalization relaxed/simple +RequireSafeKeys No +SigningTable csl:*=all +KeyTable csl:all=example.com:test:./testkey.private diff --git a/opendkim/tests/t-sign-rs-tables-all-singlekey.lua b/opendkim/tests/t-sign-rs-tables-all-singlekey.lua new file mode 100644 index 0000000..26885c0 --- /dev/null +++ b/opendkim/tests/t-sign-rs-tables-all-singlekey.lua @@ -0,0 +1,207 @@ +-- Copyright (c) 2009, 2010, 2012, 2013, 2014 The Trusted Domain Project. +-- All rights reserved. + +-- relaxed/simple signing test using KeyTable/SigningTable +-- +-- Confirms that a signature is added with the correct contents. +-- Tests a simple way of signing all throughput with a single +-- domain/selector. + +mt.echo("*** relaxed/simple signing test using tables to sign all input") + +-- setup +if TESTSOCKET ~= nil then + sock = TESTSOCKET +else + sock = "unix:" .. mt.getcwd() .. "/t-sign-rs-tables-all-singlekey.sock" +end +binpath = mt.getcwd() .. "/.." +if os.getenv("srcdir") ~= nil then + mt.chdir(os.getenv("srcdir")) +end + +-- try to start the filter +mt.startfilter(binpath .. "/opendkim", "-x", "t-sign-rs-tables-all-singlekey.conf", + "-p", sock) + +-- try to connect to it +conn = mt.connect(sock, 40, 0.25) +if conn == nil then + error("mt.connect() failed") +end + +-- send connection information +-- mt.negotiate() is called implicitly +if mt.conninfo(conn, "localhost", "127.0.0.1") ~= nil then + error("mt.conninfo() failed") +end +if mt.getreply(conn) ~= SMFIR_CONTINUE then + error("mt.conninfo() unexpected reply") +end + +-- send envelope macros and sender data +-- mt.helo() is called implicitly +mt.macro(conn, SMFIC_MAIL, "i", "t-sign-rs-tables-all-singlekey.conf") +if mt.mailfrom(conn, "user@example.com") ~= nil then + error("mt.mailfrom() failed") +end +if mt.getreply(conn) ~= SMFIR_CONTINUE then + error("mt.mailfrom() unexpected reply") +end + +-- send headers +-- mt.rcptto() is called implicitly +if mt.header(conn, "From", "user@example.com") ~= nil then + error("mt.header(From) failed") +end +if mt.getreply(conn) ~= SMFIR_CONTINUE then + error("mt.header(From) unexpected reply") +end +if mt.header(conn, "Date", "Tue, 22 Dec 2009 13:04:12 -0800") ~= nil then + error("mt.header(Date) failed") +end +if mt.getreply(conn) ~= SMFIR_CONTINUE then + error("mt.header(Date) unexpected reply") +end +if mt.header(conn, "Subject", "Signing test") ~= nil then + error("mt.header(Subject) failed") +end +if mt.getreply(conn) ~= SMFIR_CONTINUE then + error("mt.header(Subject) unexpected reply") +end + +-- send EOH +if mt.eoh(conn) ~= nil then + error("mt.eoh() failed") +end +if mt.getreply(conn) ~= SMFIR_CONTINUE then + error("mt.eoh() unexpected reply") +end + +-- send body +if mt.bodystring(conn, "This is a test!\r\n") ~= nil then + error("mt.bodystring() failed") +end +if mt.getreply(conn) ~= SMFIR_CONTINUE then + error("mt.bodystring() unexpected reply") +end + +-- end of message; let the filter react +if mt.eom(conn) ~= nil then + error("mt.eom() failed") +end +if mt.getreply(conn) ~= SMFIR_ACCEPT then + error("mt.eom() unexpected reply") +end + +-- verify that a signature got added +if not mt.eom_check(conn, MT_HDRINSERT, "DKIM-Signature") and + not mt.eom_check(conn, MT_HDRADD, "DKIM-Signature") then + error("no signature added") +end + +-- confirm properties +sig = mt.getheader(conn, "DKIM-Signature", 0) +if string.find(sig, "c=relaxed/simple", 1, true) == nil then + error("signature has wrong c= value") +end +if string.find(sig, "v=1", 1, true) == nil then + error("signature has wrong v= value") +end +if string.find(sig, "d=example.com", 1, true) == nil then + error("signature has wrong d= value") +end +if string.find(sig, "s=test", 1, true) == nil then + error("signature has wrong s= value") +end +if string.find(sig, "bh=3VWGQGY+cSNYd1MGM+X6hRXU0stl8JCaQtl4mbX/j2I=", 1, true) == nil then + error("signature has wrong bh= value") +end +if string.find(sig, "h=From:Date:Subject", 1, true) == nil then + error("signature has wrong h= value") +end +if string.find(sig, "i=signer@example.com", 1, true) ~= nil then + error("signature has unexpected i= value") +end + +mt.macro(conn, SMFIC_MAIL, "i", "t-sign-rs-tables-all-singlekey.conf") +if mt.mailfrom(conn, "user@example.com") ~= nil then + error("mt.mailfrom() failed") +end +if mt.getreply(conn) ~= SMFIR_CONTINUE then + error("mt.mailfrom() unexpected reply") +end + +-- send headers +-- mt.rcptto() is called implicitly +if mt.header(conn, "From", "user@example.net") ~= nil then + error("mt.header(From) failed") +end +if mt.getreply(conn) ~= SMFIR_CONTINUE then + error("mt.header(From) unexpected reply") +end +if mt.header(conn, "Date", "Tue, 22 Dec 2009 13:04:12 -0800") ~= nil then + error("mt.header(Date) failed") +end +if mt.getreply(conn) ~= SMFIR_CONTINUE then + error("mt.header(Date) unexpected reply") +end +if mt.header(conn, "Subject", "Signing test") ~= nil then + error("mt.header(Subject) failed") +end +if mt.getreply(conn) ~= SMFIR_CONTINUE then + error("mt.header(Subject) unexpected reply") +end + +-- send EOH +if mt.eoh(conn) ~= nil then + error("mt.eoh() failed") +end +if mt.getreply(conn) ~= SMFIR_CONTINUE then + error("mt.eoh() unexpected reply") +end + +-- send body +if mt.bodystring(conn, "This is a test!\r\n") ~= nil then + error("mt.bodystring() failed") +end +if mt.getreply(conn) ~= SMFIR_CONTINUE then + error("mt.bodystring() unexpected reply") +end + +-- end of message; let the filter react +if mt.eom(conn) ~= nil then + error("mt.eom() failed") +end +if mt.getreply(conn) ~= SMFIR_ACCEPT then + error("mt.eom() unexpected reply") +end + +-- verify that a signature got added +if not mt.eom_check(conn, MT_HDRINSERT, "DKIM-Signature") and + not mt.eom_check(conn, MT_HDRADD, "DKIM-Signature") then + error("no signature added") +end + +-- confirm properties +sig = mt.getheader(conn, "DKIM-Signature", 0) +if string.find(sig, "c=relaxed/simple", 1, true) == nil then + error("signature has wrong c= value") +end +if string.find(sig, "v=1", 1, true) == nil then + error("signature has wrong v= value") +end +if string.find(sig, "d=example.com", 1, true) == nil then + error("signature has wrong d= value") +end +if string.find(sig, "s=test", 1, true) == nil then + error("signature has wrong s= value") +end +if string.find(sig, "bh=3VWGQGY+cSNYd1MGM+X6hRXU0stl8JCaQtl4mbX/j2I=", 1, true) == nil then + error("signature has wrong bh= value") +end +if string.find(sig, "h=From:Date:Subject", 1, true) == nil then + error("signature has wrong h= value") +end + +mt.disconnect(conn)