X-Git-Url: http://www.git.stargrave.org/?a=blobdiff_plain;f=t%2Fnntpd-tls.t;h=2a76867a290b44bebc67fbda817927e6eb452f16;hb=c589b65c54ce2507f38114990e3a722fd6cdfe3d;hp=3de219f157330eddd2775a78416c7e4121133035;hpb=0283273a14e1871955f6a9132f4f3f7884ec8a3f;p=public-inbox.git
diff --git a/t/nntpd-tls.t b/t/nntpd-tls.t
index 3de219f1..2a76867a 100644
--- a/t/nntpd-tls.t
+++ b/t/nntpd-tls.t
@@ -1,17 +1,15 @@
-# Copyright (C) 2019-2020 all contributors
+#!perl -w
+# Copyright (C) 2019-2021 all contributors
# License: AGPL-3.0+
use strict;
-use warnings;
-use Test::More;
-use Socket qw(SOCK_STREAM IPPROTO_TCP SOL_SOCKET);
+use v5.10.1;
use PublicInbox::TestCommon;
+use Socket qw(SOCK_STREAM IPPROTO_TCP SOL_SOCKET);
# IO::Poll and Net::NNTP are part of the standard library, but
# distros may split them off...
require_mods(qw(DBD::SQLite IO::Socket::SSL Net::NNTP IO::Poll));
Net::NNTP->can('starttls') or
plan skip_all => 'Net::NNTP does not support TLS';
-IO::Socket::SSL->VERSION(2.007) or
- plan skip_all => 'IO::Socket::SSL <2.007 not supported by Net::NNTP';
my $cert = 'certs/server-cert.pem';
my $key = 'certs/server-key.pem';
@@ -22,9 +20,6 @@ unless (-r $key && -r $cert) {
use_ok 'PublicInbox::TLS';
use_ok 'IO::Socket::SSL';
-require PublicInbox::InboxWritable;
-require PublicInbox::Eml;
-require PublicInbox::SearchIdx;
our $need_zlib;
eval { require Compress::Raw::Zlib } or
$need_zlib = 'Compress::Raw::Zlib missing';
@@ -33,47 +28,30 @@ require_git('2.6') if $version >= 2;
my ($tmpdir, $for_destroy) = tmpdir();
my $err = "$tmpdir/stderr.log";
my $out = "$tmpdir/stdout.log";
-my $inboxdir = "$tmpdir";
-my $pi_config = "$tmpdir/pi_config";
my $group = 'test-nntpd-tls';
my $addr = $group . '@example.com';
my $starttls = tcp_server();
my $nntps = tcp_server();
-my $ibx = PublicInbox::Inbox->new({
- inboxdir => $inboxdir,
- name => 'nntpd-tls',
- version => $version,
- -primary_address => $addr,
- indexlevel => 'basic',
-});
-$ibx = PublicInbox::InboxWritable->new($ibx, {nproc=>1});
-$ibx->init_inbox(0);
-{
- open my $fh, '>', $pi_config or die "open: $!\n";
- print $fh < $version, indexlevel => 'basic',
+ sub {
+ my ($im, $ibx) = @_;
+ $pi_config = "$ibx->{inboxdir}/pi_config";
+ open my $fh, '>', $pi_config or BAIL_OUT "open: $!";
+ print $fh <{inboxdir}
address = $addr
indexlevel = basic
newsgroup = $group
EOF
- ;
- close $fh or die "close: $!\n";
-}
-
-{
- my $im = $ibx->importer(0);
- my $mime = eml_load 't/data/0001.patch';
- ok($im->add($mime), 'message added');
- $im->done;
- if ($version == 1) {
- my $s = PublicInbox::SearchIdx->new($ibx, 1);
- $s->index_sync;
- }
-}
-
-my $nntps_addr = $nntps->sockhost . ':' . $nntps->sockport;
-my $starttls_addr = $starttls->sockhost . ':' . $starttls->sockport;
+ close $fh or BAIL_OUT "close: $!";
+ $im->add(eml_load 't/data/0001.patch') or BAIL_OUT;
+};
+$pi_config //= "$ibx->{inboxdir}/pi_config";
+undef $ibx;
+my $nntps_addr = tcp_host_port($nntps);
+my $starttls_addr = tcp_host_port($starttls);
my $env = { PI_CONFIG => $pi_config };
my $td;
@@ -168,6 +146,15 @@ for my $args (
is(sysread($slow, my $eof, 4096), 0, 'got EOF');
$slow = undef;
+ test_lei(sub {
+ lei_ok qw(ls-mail-source), "nntp://$starttls_addr",
+ \'STARTTLS not used by default';
+ ok(!lei(qw(ls-mail-source -c nntp.starttls=true),
+ "nntp://$starttls_addr"), 'STARTTLS verify fails');
+ like $lei_err, qr/STARTTLS requested/,
+ 'STARTTLS noted in stderr';
+ });
+
SKIP: {
skip 'TCP_DEFER_ACCEPT is Linux-only', 2 if $^O ne 'linux';
my $var = eval { Socket::TCP_DEFER_ACCEPT() } // 9;
@@ -182,10 +169,11 @@ for my $args (
skip 'accf_data not loaded? kldload accf_data', 2;
}
require PublicInbox::Daemon;
- my $var = PublicInbox::Daemon::SO_ACCEPTFILTER();
- my $x = getsockopt($nntps, SOL_SOCKET, $var);
+ my $x = getsockopt($nntps, SOL_SOCKET,
+ $PublicInbox::Daemon::SO_ACCEPTFILTER);
like($x, qr/\Adataready\0+\z/, 'got dataready accf for NNTPS');
- $x = getsockopt($starttls, IPPROTO_TCP, $var);
+ $x = getsockopt($starttls, IPPROTO_TCP,
+ $PublicInbox::Daemon::SO_ACCEPTFILTER);
is($x, undef, 'no BSD accept filter for plain NNTP');
};