aither/simple-nixos-mailserver
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Only prepend {CRYPT} scheme if there is no scheme present

Browse Source
This commit is contained in:
Charlotte Van Petegem
2026-04-23 10:09:09 +02:00
parent 0b1ca54241
commit 6e9a4420b3
2 changed files with 42 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
tests/internal.nix
+34
View File
@@ -41,7 +41,19 @@ let
mkpasswd -s <<<"$password" > $out
'';
hashPasswordWithScheme =
password:
pkgs.runCommand "password-${password}-hashed-with-scheme"
{
buildInputs = [ pkgs.dovecot ];
inherit password;
}
''
printf "$password\n$password\n" | doveadm -O pw -s SSHA256 > $out
'';
hashedPasswordFile = hashPassword "my-password";
hashedPasswordFileWithScheme = hashPasswordWithScheme "my-password";
passwordFile = pkgs.writeText "password" "my-password";
in
{
@@ -100,6 +112,9 @@ in
"user3@example.com" = {
passwordFile = "/run/passwords/user3";
};
"user4@example.com" = {
hashedPasswordFile = hashedPasswordFileWithScheme;
};
"send-only@example.com" = {
hashedPasswordFile = hashPassword "send-only";
sendOnly = true;
@@ -258,6 +273,25 @@ in
)
)
with subtest("user with scheme-prefixed hashedPasswordFile can send and receive"):
machine.succeed(
" ".join(
[
"mail-check send-and-read",
"--smtp-port 587",
"--smtp-starttls",
"--smtp-host localhost",
"--imap-host localhost",
"--imap-username user4@example.com",
"--from-addr user4@example.com",
"--to-addr user4@example.com",
"--src-password-file ${passwordFile}",
"--dst-password-file ${passwordFile}",
"--ignore-dkim-spf",
]
)
)
with subtest("imap port 143 is closed and imaps is serving SSL"):
machine.wait_for_closed_port(143)
machine.wait_for_open_port(993)