From b99cd2fd12bc3a2c6b858e65182a47a4ef27dba2 Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Fri, 11 Dec 2020 17:57:22 +0100 Subject: test suite: `mv tests/snippets tests/config` --- tests/config/dovecot/dhparams.pem | 8 ++++++++ tests/config/dovecot/imapd.conf | 19 +++++++++++++++++++ .../dovecot/interimap-required-capabilities.conf | 3 +++ tests/config/dovecot/lmtpd.conf | 7 +++++++ tests/config/dovecot/ssl.conf | 4 ++++ 5 files changed, 41 insertions(+) create mode 100644 tests/config/dovecot/dhparams.pem create mode 100644 tests/config/dovecot/imapd.conf create mode 100644 tests/config/dovecot/interimap-required-capabilities.conf create mode 100644 tests/config/dovecot/lmtpd.conf create mode 100644 tests/config/dovecot/ssl.conf (limited to 'tests/config') diff --git a/tests/config/dovecot/dhparams.pem b/tests/config/dovecot/dhparams.pem new file mode 100644 index 0000000..7734d2a --- /dev/null +++ b/tests/config/dovecot/dhparams.pem @@ -0,0 +1,8 @@ +-----BEGIN DH PARAMETERS----- +MIIBCAKCAQEA0J1dU8erRgIk4bMCBMLezjx32pcQpXrdNgl04dxZVxnJ5Ik2gGhA +uQRbbZhAlHNHtFtp9s4TdQ3Ddrv9SuWXYul8U5BWbcxs4nOtwFU8912SfiuVr/kc +4ok2zQ1hdMODtaqWS2ZKBmwcuk4QM6e7fMEAkuZX+Dtf2u8bG5G9B7OL5LggYtrP +cFVNQDtfhs64D+sUKJLWkgeg5NH6nbf+0Gs5a8v3/urHKvoxdVScGmKzF+LsFsBm +ycQjYeVtA9gLr41mo80rrFysUQqZtNkbdkaXOIA2r9JGTYex1l/XaediR8J94ck9 +dwAe2ubRqWcPjmoLJYQIPKiCbvXuJAd0wwIBAg== +-----END DH PARAMETERS----- diff --git a/tests/config/dovecot/imapd.conf b/tests/config/dovecot/imapd.conf new file mode 100644 index 0000000..2b26451 --- /dev/null +++ b/tests/config/dovecot/imapd.conf @@ -0,0 +1,19 @@ +protocols = $protocols imap + +mail_plugins = $mail_plugins zlib +protocol imap { + mail_plugins = $mail_plugins imap_zlib +} + +service imap-login { + inet_listener imap { + port = 10143 + } + inet_listener imaps { + port = 10993 + ssl = yes + } +} + +# we should avoid sending command lines that are too long +imap_max_line_length = 8192 diff --git a/tests/config/dovecot/interimap-required-capabilities.conf b/tests/config/dovecot/interimap-required-capabilities.conf new file mode 100644 index 0000000..10dd8e1 --- /dev/null +++ b/tests/config/dovecot/interimap-required-capabilities.conf @@ -0,0 +1,3 @@ +# strict minimum of IMAP capabilities required for interimap to work +# (in particular, no LITERAL+, MULTIAPPEND, COMPRESS=DEFLATE, SASL-IR) +imap_capability = IMAP4rev1 ENABLE UIDPLUS LIST-EXTENDED QRESYNC LIST-STATUS diff --git a/tests/config/dovecot/lmtpd.conf b/tests/config/dovecot/lmtpd.conf new file mode 100644 index 0000000..6aa8365 --- /dev/null +++ b/tests/config/dovecot/lmtpd.conf @@ -0,0 +1,7 @@ +protocols = $protocols lmtp + +service lmtp { + inet_listener lmtp { + port = 10024 + } +} diff --git a/tests/config/dovecot/ssl.conf b/tests/config/dovecot/ssl.conf new file mode 100644 index 0000000..2d68c80 --- /dev/null +++ b/tests/config/dovecot/ssl.conf @@ -0,0 +1,4 @@ +ssl = required +ssl_cert = Date: Fri, 11 Dec 2020 18:28:32 +0100 Subject: test suite: supply our own OpenSSL configuration file with MinProtocol=None. So we can test TLSv1 as well, not just TLSv1.2 and later. Also, explicitly set ssl_min_protocol=TLSv1 in the Dovecot configuration file (the default as of 2.3.11.3), hence running TLS tests now require Dovecot 2.3 or later. --- tests/config/dovecot/ssl.conf | 1 + tests/config/openssl.cnf | 14 ++++++++++++++ 2 files changed, 15 insertions(+) create mode 100644 tests/config/openssl.cnf (limited to 'tests/config') diff --git a/tests/config/dovecot/ssl.conf b/tests/config/dovecot/ssl.conf index 2d68c80..3fd99d5 100644 --- a/tests/config/dovecot/ssl.conf +++ b/tests/config/dovecot/ssl.conf @@ -2,3 +2,4 @@ ssl = required ssl_cert = Date: Thu, 17 Dec 2020 13:47:09 +0100 Subject: test suite: use stock OpenSSL config except for tests/tls-protocols. It's best to use a stock (clean) environment when possible. We only need to test TLS protocol version <1.2 for tests/tls-protocols. --- tests/config/openssl.cnf | 14 -------------- 1 file changed, 14 deletions(-) delete mode 100644 tests/config/openssl.cnf (limited to 'tests/config') diff --git a/tests/config/openssl.cnf b/tests/config/openssl.cnf deleted file mode 100644 index 980097d..0000000 --- a/tests/config/openssl.cnf +++ /dev/null @@ -1,14 +0,0 @@ -# as we want to test TLSv1 we need to set MinProtocol=None, see -# see /usr/share/doc/libssl1.1/NEWS.Debian.gz - -openssl_conf = default_conf - -[default_conf] -ssl_conf = ssl_sect - -[ssl_sect] -system_default = system_default_sect - -[system_default_sect] -MinProtocol = None -CipherString = DEFAULT -- cgit v1.2.3