diff options
| author | Antoine Eiche <lewo@abesis.fr> | 2020-10-05 21:18:36 +0200 |
|---|---|---|
| committer | Antoine Eiche <lewo@abesis.fr> | 2020-10-05 21:18:36 +0200 |
| commit | 4818b57a922cbf68e66d162c62116a2ab0005095 (patch) | |
| tree | ad4163803101db0fd38aa1a4ead8bf55f6cd025b | |
| parent | beba28ae14f2dc7adacf5a3a17ac70e3f0b83d57 (diff) | |
test.dovecot: ensure port 143 is closed when enableImap is not set
The test also checks the connection on the imap port 993 is a SSL
connection.
| -rw-r--r-- | mail-server/dovecot.nix | 4 | ||||
| -rw-r--r-- | tests/intern.nix | 9 |
2 files changed, 13 insertions, 0 deletions
diff --git a/mail-server/dovecot.nix b/mail-server/dovecot.nix index 56cc1ab..4e77baf 100644 --- a/mail-server/dovecot.nix +++ b/mail-server/dovecot.nix @@ -124,6 +124,7 @@ in ${if cfg.enableImap then '' port = 143 '' else '' + # see https://dovecot.org/pipermail/dovecot/2010-March/047479.html port = 0 ''} } @@ -132,6 +133,7 @@ in port = 993 ssl = yes '' else '' + # see https://dovecot.org/pipermail/dovecot/2010-March/047479.html port = 0 ''} } @@ -143,6 +145,7 @@ in ${if cfg.enablePop3 then '' port = 110 '' else '' + # see https://dovecot.org/pipermail/dovecot/2010-March/047479.html port = 0 ''} } @@ -151,6 +154,7 @@ in port = 995 ssl = yes '' else '' + # see https://dovecot.org/pipermail/dovecot/2010-March/047479.html port = 0 ''} } diff --git a/tests/intern.nix b/tests/intern.nix index b4f42db..0799fc0 100644 --- a/tests/intern.nix +++ b/tests/intern.nix @@ -62,6 +62,8 @@ pkgs.nixosTest { vmailGroupName = "vmail"; vmailUID = 5000; + + enableImap = false; }; }; }; @@ -86,5 +88,12 @@ pkgs.nixosTest { machine.succeed( "${pkgs.curl}/bin/curl --unix-socket /run/rspamd/worker-controller.sock http://localhost/ | grep -q '<body>'" ) + + with subtest("imap port 143 is closed and imaps is serving SSL"): + machine.wait_for_closed_port(143) + machine.wait_for_open_port(993) + machine.succeed( + "echo | ${pkgs.openssl}/bin/openssl s_client -connect localhost:993 | grep 'New, TLS'" + ) ''; } |