summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--mail/src/leap/mail/outgoing/service.py9
-rw-r--r--mail/src/leap/mail/outgoing/tests/test_outgoing.py24
-rw-r--r--mail/src/leap/mail/smtp/gateway.py43
-rw-r--r--mail/src/leap/mail/smtp/tests/test_gateway.py91
4 files changed, 112 insertions, 55 deletions
diff --git a/mail/src/leap/mail/outgoing/service.py b/mail/src/leap/mail/outgoing/service.py
index 3e14fbd..8d7c0f8 100644
--- a/mail/src/leap/mail/outgoing/service.py
+++ b/mail/src/leap/mail/outgoing/service.py
@@ -73,16 +73,17 @@ class SSLContextFactory(ssl.ClientContextFactory):
return ctx
-def outgoingFactory(userid, keymanager, opts):
+def outgoingFactory(userid, keymanager, opts, check_cert=True):
cert = unicode(opts.cert)
key = unicode(opts.key)
hostname = str(opts.hostname)
port = opts.port
- if not os.path.isfile(cert):
- raise errors.ConfigurationError(
- 'No valid SMTP certificate could be found for %s!' % userid)
+ if check_cert:
+ if not os.path.isfile(cert):
+ raise errors.ConfigurationError(
+ 'No valid SMTP certificate could be found for %s!' % userid)
return OutgoingMail(str(userid), keymanager, cert, key, hostname, port)
diff --git a/mail/src/leap/mail/outgoing/tests/test_outgoing.py b/mail/src/leap/mail/outgoing/tests/test_outgoing.py
index 5518b33..79eafd9 100644
--- a/mail/src/leap/mail/outgoing/tests/test_outgoing.py
+++ b/mail/src/leap/mail/outgoing/tests/test_outgoing.py
@@ -29,20 +29,19 @@ from twisted.mail.smtp import User
from mock import Mock
-from leap.mail.smtp.gateway import SMTPFactory
from leap.mail.rfc3156 import RFC3156CompliantGenerator
from leap.mail.outgoing.service import OutgoingMail
-from leap.mail.tests import (
- TestCaseWithKeyManager,
- ADDRESS,
- ADDRESS_2,
- PUBLIC_KEY_2,
-)
+from leap.mail.tests import TestCaseWithKeyManager
+from leap.mail.tests import ADDRESS, ADDRESS_2, PUBLIC_KEY_2
+from leap.mail.smtp.tests.test_gateway import getSMTPFactory
+
from leap.keymanager import openpgp, errors
BEGIN_PUBLIC_KEY = "-----BEGIN PGP PUBLIC KEY BLOCK-----"
+TEST_USER = u'anotheruser@leap.se'
+
class TestOutgoingMail(TestCaseWithKeyManager):
EMAIL_DATA = ['HELO gateway.leap.se',
@@ -73,11 +72,12 @@ class TestOutgoingMail(TestCaseWithKeyManager):
self.fromAddr, self._km, self._config['cert'],
self._config['key'], self._config['host'],
self._config['port'])
- self.proto = SMTPFactory(
- u'anotheruser@leap.se',
- self._km,
- self._config['encrypted_only'],
- self.outgoing_mail).buildProtocol(('127.0.0.1', 0))
+
+ user = TEST_USER
+
+ # TODO -- this shouldn't need SMTP to be tested!? or does it?
+ self.proto = getSMTPFactory(
+ {user: None}, {user: self._km}, {user: None})
self.dest = User(ADDRESS, 'gateway.leap.se', self.proto, ADDRESS_2)
d = TestCaseWithKeyManager.setUp(self)
diff --git a/mail/src/leap/mail/smtp/gateway.py b/mail/src/leap/mail/smtp/gateway.py
index 85b1560..7ff6b14 100644
--- a/mail/src/leap/mail/smtp/gateway.py
+++ b/mail/src/leap/mail/smtp/gateway.py
@@ -65,7 +65,8 @@ class LocalSMTPRealm(object):
_encoding = 'utf-8'
- def __init__(self, keymanager_sessions, sendmail_opts):
+ def __init__(self, keymanager_sessions, sendmail_opts,
+ encrypted_only=False):
"""
:param keymanager_sessions: a dict-like object, containing instances
of a Keymanager objects, indexed by
@@ -73,6 +74,7 @@ class LocalSMTPRealm(object):
"""
self._keymanager_sessions = keymanager_sessions
self._sendmail_opts = sendmail_opts
+ self.encrypted_only = encrypted_only
def requestAvatar(self, avatarId, mind, *interfaces):
if isinstance(avatarId, str):
@@ -86,7 +88,8 @@ class LocalSMTPRealm(object):
userid = avatarId
opts = self.getSendingOpts(userid)
outgoing = outgoingFactory(userid, keymanager, opts)
- avatar = SMTPDelivery(userid, keymanager, False, outgoing)
+ avatar = SMTPDelivery(userid, keymanager, self.encrypted_only,
+ outgoing)
return (smtp.IMessageDelivery, avatar,
getattr(avatar, 'logout', lambda: None))
@@ -123,22 +126,41 @@ class SMTPTokenChecker(LocalSoledadTokenChecker):
# we could also verify the certificate here.
-# TODO -- implement Queue using twisted.mail.mail.MailService
-class LocalSMTPServer(smtp.ESMTP):
+class LEAPInitMixin(object):
+ """
+ A Mixin that takes care of initialization of all the data needed to access
+ LEAP sessions.
+ """
def __init__(self, soledad_sessions, keymanager_sessions, sendmail_opts,
- *args, **kw):
-
- smtp.ESMTP.__init__(self, *args, **kw)
-
- realm = LocalSMTPRealm(keymanager_sessions, sendmail_opts)
+ encrypted_only=False):
+ realm = LocalSMTPRealm(keymanager_sessions, sendmail_opts,
+ encrypted_only)
portal = Portal(realm)
+
checker = SMTPTokenChecker(soledad_sessions)
self.checker = checker
self.portal = portal
portal.registerChecker(checker)
+class LocalSMTPServer(smtp.ESMTP, LEAPInitMixin):
+ """
+ The Production ESMTP Server: Authentication Needed.
+ Authenticates against SMTP Token stored in Local Soledad instance.
+ The Realm will produce a Delivery Object that handles encryption/signing.
+ """
+
+ # TODO: implement Queue using twisted.mail.mail.MailService
+
+ def __init__(self, soledads, keyms, sendmailopts, *args, **kw):
+ encrypted_only = kw.pop('encrypted_only', False)
+
+ LEAPInitMixin.__init__(self, soledads, keyms, sendmailopts,
+ encrypted_only)
+ smtp.ESMTP.__init__(self, *args, **kw)
+
+
class SMTPFactory(protocol.ServerFactory):
"""
Factory for an SMTP server with encrypted gatewaying capabilities.
@@ -147,6 +169,7 @@ class SMTPFactory(protocol.ServerFactory):
protocol = LocalSMTPServer
domain = LOCAL_FQDN
timeout = 600
+ encrypted_only = False
def __init__(self, soledad_sessions, keymanager_sessions, sendmail_opts):
self._soledad_sessions = soledad_sessions
@@ -156,7 +179,7 @@ class SMTPFactory(protocol.ServerFactory):
def buildProtocol(self, addr):
p = self.protocol(
self._soledad_sessions, self._keymanager_sessions,
- self._sendmail_opts)
+ self._sendmail_opts, encrypted_only=self.encrypted_only)
p.factory = self
p.host = LOCAL_FQDN
p.challengers = {"LOGIN": LOGINCredentials, "PLAIN": PLAINCredentials}
diff --git a/mail/src/leap/mail/smtp/tests/test_gateway.py b/mail/src/leap/mail/smtp/tests/test_gateway.py
index 0b9a364..df83cf0 100644
--- a/mail/src/leap/mail/smtp/tests/test_gateway.py
+++ b/mail/src/leap/mail/smtp/tests/test_gateway.py
@@ -15,7 +15,6 @@
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
-
"""
SMTP gateway tests.
"""
@@ -23,19 +22,18 @@ SMTP gateway tests.
import re
from datetime import datetime
+from twisted.mail import smtp
from twisted.internet import reactor
from twisted.internet.defer import inlineCallbacks, fail, succeed, Deferred
from twisted.test import proto_helpers
from mock import Mock
-from leap.mail.smtp.gateway import (
- SMTPFactory
-)
-from leap.mail.tests import (
- TestCaseWithKeyManager,
- ADDRESS,
- ADDRESS_2,
-)
+from leap.mail.smtp.gateway import SMTPFactory, LOCAL_FQDN
+from leap.mail.smtp.gateway import SMTPDelivery
+
+from leap.mail.outgoing.service import outgoingFactory
+from leap.mail.tests import TestCaseWithKeyManager
+from leap.mail.tests import ADDRESS, ADDRESS_2
from leap.keymanager import openpgp, errors
@@ -46,6 +44,52 @@ HOSTNAME_REGEX = "(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*" + \
"([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])"
IP_OR_HOST_REGEX = '(' + IP_REGEX + '|' + HOSTNAME_REGEX + ')'
+TEST_USER = u'anotheruser@leap.se'
+
+
+def getSMTPFactory(soledad_s, keymanager_s, sendmail_opts,
+ encrypted_only=False):
+ factory = UnauthenticatedSMTPFactory
+ factory.encrypted_only = encrypted_only
+ proto = factory(
+ soledad_s, keymanager_s, sendmail_opts).buildProtocol(('127.0.0.1', 0))
+ return proto
+
+
+class UnauthenticatedSMTPServer(smtp.SMTP):
+
+ encrypted_only = False
+
+ def __init__(self, soledads, keyms, opts, encrypted_only=False):
+ smtp.SMTP.__init__(self)
+
+ userid = TEST_USER
+ keym = keyms[userid]
+
+ class Opts:
+ cert = '/tmp/cert'
+ key = '/tmp/cert'
+ hostname = 'remote'
+ port = 666
+
+ outgoing = outgoingFactory(
+ userid, keym, Opts, check_cert=False)
+ avatar = SMTPDelivery(userid, keym, encrypted_only, outgoing)
+ self.delivery = avatar
+
+ def validateFrom(self, helo, origin):
+ return origin
+
+
+class UnauthenticatedSMTPFactory(SMTPFactory):
+ """
+ A Factory that produces a SMTP server that does not authenticate user.
+ Only for tests!
+ """
+ protocol = UnauthenticatedSMTPServer
+ domain = LOCAL_FQDN
+ encrypted_only = False
+
class TestSmtpGateway(TestCaseWithKeyManager):
@@ -85,14 +129,8 @@ class TestSmtpGateway(TestCaseWithKeyManager):
'250 Recipient address accepted',
'354 Continue']
- # XXX this bit can be refactored away in a helper
- # method...
- proto = SMTPFactory(
- u'anotheruser@leap.se',
- self._km,
- self._config['encrypted_only'],
- outgoing_mail=Mock()).buildProtocol(('127.0.0.1', 0))
- # snip...
+ user = TEST_USER
+ proto = getSMTPFactory({user: None}, {user: self._km}, {user: None})
transport = proto_helpers.StringTransport()
proto.makeConnection(transport)
reply = ""
@@ -116,12 +154,10 @@ class TestSmtpGateway(TestCaseWithKeyManager):
# mock the key fetching
self._km._fetch_keys_from_server = Mock(
return_value=fail(errors.KeyNotFound()))
- # prepare the SMTP factory
- proto = SMTPFactory(
- u'anotheruser@leap.se',
- self._km,
- self._config['encrypted_only'],
- outgoing_mail=Mock()).buildProtocol(('127.0.0.1', 0))
+ user = TEST_USER
+ proto = getSMTPFactory(
+ {user: None}, {user: self._km}, {user: None},
+ encrypted_only=True)
transport = proto_helpers.StringTransport()
proto.makeConnection(transport)
yield self.getReply(self.EMAIL_DATA[0] + '\r\n', proto, transport)
@@ -132,7 +168,7 @@ class TestSmtpGateway(TestCaseWithKeyManager):
self.assertEqual(
'550 Cannot receive for specified address\r\n',
reply,
- 'Address should have been rejecetd with appropriate message.')
+ 'Address should have been rejected with appropriate message.')
proto.setTimeout(None)
@inlineCallbacks
@@ -149,11 +185,8 @@ class TestSmtpGateway(TestCaseWithKeyManager):
# mock the key fetching
self._km._fetch_keys_from_server = Mock(
return_value=fail(errors.KeyNotFound()))
- # prepare the SMTP factory with encrypted only equal to false
- proto = SMTPFactory(
- u'anotheruser@leap.se',
- self._km,
- False, outgoing_mail=Mock()).buildProtocol(('127.0.0.1', 0))
+ user = TEST_USER
+ proto = getSMTPFactory({user: None}, {user: self._km}, {user: None})
transport = proto_helpers.StringTransport()
proto.makeConnection(transport)
yield self.getReply(self.EMAIL_DATA[0] + '\r\n', proto, transport)