test.dovecot: ensure port 143 is closed when enableImap is not set

The test also checks the connection on the imap port 993 is a SSL
connection.
This commit is contained in:
Antoine Eiche 2020-10-05 21:18:36 +02:00
parent beba28ae14
commit 4818b57a92
2 changed files with 13 additions and 0 deletions

View file

@ -124,6 +124,7 @@ in
${if cfg.enableImap then ''
port = 143
'' else ''
# see https://dovecot.org/pipermail/dovecot/2010-March/047479.html
port = 0
''}
}
@ -132,6 +133,7 @@ in
port = 993
ssl = yes
'' else ''
# see https://dovecot.org/pipermail/dovecot/2010-March/047479.html
port = 0
''}
}
@ -143,6 +145,7 @@ in
${if cfg.enablePop3 then ''
port = 110
'' else ''
# see https://dovecot.org/pipermail/dovecot/2010-March/047479.html
port = 0
''}
}
@ -151,6 +154,7 @@ in
port = 995
ssl = yes
'' else ''
# see https://dovecot.org/pipermail/dovecot/2010-March/047479.html
port = 0
''}
}

View file

@ -62,6 +62,8 @@ pkgs.nixosTest {
vmailGroupName = "vmail";
vmailUID = 5000;
enableImap = false;
};
};
};
@ -86,5 +88,12 @@ pkgs.nixosTest {
machine.succeed(
"${pkgs.curl}/bin/curl --unix-socket /run/rspamd/worker-controller.sock http://localhost/ | grep -q '<body>'"
)
with subtest("imap port 143 is closed and imaps is serving SSL"):
machine.wait_for_closed_port(143)
machine.wait_for_open_port(993)
machine.succeed(
"echo | ${pkgs.openssl}/bin/openssl s_client -connect localhost:993 | grep 'New, TLS'"
)
'';
}