aboutsummaryrefslogtreecommitdiffstats
path: root/tests/list
Commit message (Collapse)AuthorAgeFiles
* libinterimap: add support for the TLS SNI (Server Name Indication) extension.Guilhem Moulin2020-12-111
| | | | | | This is controlled by the new 'SSL_hostname' option. The default value of that option is the value of the 'host' option when it is hostname, and the empty string (which disables SNI) when it is an IP literal.
* New test with a server offering both RSA+ECDSA certificates.Guilhem Moulin2020-12-091
| | | | | | | | | | | | This requires dovecot-imapd 2.2.31 or later. Certificate generated with: $ openssl genpkey -algorithm EC -pkeyopt ec_paramgen_curve:P-256 -pkeyopt ec_param_enc:named_curve \ -out tests/snippets/dovecot/dovecot.ecdsa.key $ openssl req -x509 -days 3650 -subj "/CN=InterIMAP test suite" \ -key tests/snippets/dovecot/dovecot.ecdsa.key \ -out tests/snippets/dovecot/dovecot.ecdsa.crt
* libinterimap: abort on PREAUTH greeting received on plaintext connectionsGuilhem Moulin2020-08-031
| | | | | Set "STARTTLS = NO" to ignore. This is similar to CVE-2020-12398 and CVE-2020-14093.
* libinterimap: Fix response injection vulnerability after STARTTLS.Guilhem Moulin2020-08-031
| | | | For background see https://gitlab.com/muttmua/mutt/-/issues/248 .
* New test for hierarchy delimiter change.Guilhem Moulin2019-12-131
| | | | | | | Cf. https://www.imapwiki.org/ClientImplementation/MailboxList#Hierarchy_separators “Some clients cache the hierarchy separator forever. This has problems if the server configuration is changed (e.g. server software changed). Try to avoid this problem.”
* Test suite: add new test for pullimap(1).Guilhem Moulin2019-11-131
| | | | | This adds a dependency on Dovecot's LMTPd, which will bind to to TCP port 10024 on the loopback interface.
* Avoid sending large UID EXPUNGE|FETCH|STORE and APPEND commands.Guilhem Moulin2019-11-131
| | | | | | | | | | | | | | | | | | | | | | UID EXPUNGE|FETCH|STORE commands are now split into multiple (sequential) commands when their set representation exceeds 4096 bytes in size. Without splitting logic set representations could grow arbitrarily large, and exceed the server's maximum command size. This adds roundtrips which could be eliminated by pipelining, but it's unlikely to make any difference in typical synchronization work. While set representations seem to remain small in practice, they might grow significantly if many non-contiguous UIDs were flagged and/or expunged, and later synchronized at once. Furthermore, for MULTIAPPEND-capable servers, the number of messages is limited to 128 per APPEND command (also subject to a combined literal size of 1MiB like before). These numbers are currently not configurable. They're intentionally lower than Dovecot's default maximum command size (64k) in order to avoid a deadlock situation after sending 8k-long commands under COMPRESS=DEFLATE: https://dovecot.org/pipermail/dovecot/2019-November/117522.html .
* Net::IMAP::InterIMAP::push_flag_updates() bugfixes.Guilhem Moulin2019-11-131
| | | | | | | | | | | | | | The UNCHANGEDSINCE test from the CONDSTORE extension was incorrectly placed after the flag list in UID STORE commands. In practice this meant the server didn't add the MODIFIED code when needed. The server won't send an untagged FETCH command (and won't increase the message's MODSEQ) if no change was made to the flag list. A panic() was incorrectly triggered in that case. When the flag list was set (by another client) to a superset of the UID STORE command currently processed, the extra flags were not synchronized. Cf. RFC 7162 sec. 3.1.3 ex. 10.
* Test suite: add new test for COMPRESS=DEFLATE.Guilhem Moulin2019-11-131
| | | | | An imapd is required as `doveadm exec imap` won't offer COMPRESS=DEFLATE in its capability list.
* Test suite: add new tests for SSL/TLS.Guilhem Moulin2019-11-131
| | | | | SSL connections are accepted on TCP port 10993. Also, fix STARTTLS directive, broken since fba1c36…
* Test suite: add new tests for authentication.Guilhem Moulin2019-11-131
| | | | | | | | | This can't be done with `doveadm exec imap`, so the IMAPd needs to bind to TCP port 10143 on the loopback interface. Also, no longer pass ‘imap_capability’ Dovecot setting explicitely to `doveadm exec imap`; changed tests/sync-live-crippled to use type=imap instead of type=tunnel.
* Refactor and improve test suite.Guilhem Moulin2019-11-131