test.dovecot: ensure port 143 is closed when enableImap is not set

The test also checks the connection on the imap port 993 is a SSL
connection.
This commit is contained in:
Antoine Eiche 2020-10-05 21:18:36 +02:00
parent beba28ae14
commit 4818b57a92
2 changed files with 13 additions and 0 deletions

View file

@ -124,6 +124,7 @@ in
${if cfg.enableImap then '' ${if cfg.enableImap then ''
port = 143 port = 143
'' else '' '' else ''
# see https://dovecot.org/pipermail/dovecot/2010-March/047479.html
port = 0 port = 0
''} ''}
} }
@ -132,6 +133,7 @@ in
port = 993 port = 993
ssl = yes ssl = yes
'' else '' '' else ''
# see https://dovecot.org/pipermail/dovecot/2010-March/047479.html
port = 0 port = 0
''} ''}
} }
@ -143,6 +145,7 @@ in
${if cfg.enablePop3 then '' ${if cfg.enablePop3 then ''
port = 110 port = 110
'' else '' '' else ''
# see https://dovecot.org/pipermail/dovecot/2010-March/047479.html
port = 0 port = 0
''} ''}
} }
@ -151,6 +154,7 @@ in
port = 995 port = 995
ssl = yes ssl = yes
'' else '' '' else ''
# see https://dovecot.org/pipermail/dovecot/2010-March/047479.html
port = 0 port = 0
''} ''}
} }

View file

@ -62,6 +62,8 @@ pkgs.nixosTest {
vmailGroupName = "vmail"; vmailGroupName = "vmail";
vmailUID = 5000; vmailUID = 5000;
enableImap = false;
}; };
}; };
}; };
@ -86,5 +88,12 @@ pkgs.nixosTest {
machine.succeed( machine.succeed(
"${pkgs.curl}/bin/curl --unix-socket /run/rspamd/worker-controller.sock http://localhost/ | grep -q '<body>'" "${pkgs.curl}/bin/curl --unix-socket /run/rspamd/worker-controller.sock http://localhost/ | grep -q '<body>'"
) )
with subtest("imap port 143 is closed and imaps is serving SSL"):
machine.wait_for_closed_port(143)
machine.wait_for_open_port(993)
machine.succeed(
"echo | ${pkgs.openssl}/bin/openssl s_client -connect localhost:993 | grep 'New, TLS'"
)
''; '';
} }