mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
29a900226d
* add new directive in the global scope `certificates_directory` which is used to bulk load certs and trust them in Authelia * this is in ADDITION to system certs and are trusted by both LDAP and SMTP * added a shared TLSConfig struct to be used by both SMTP and LDAP, and anything else in the future that requires tuning the TLS * remove usage of deprecated LDAP funcs Dial and DialTLS in favor of DialURL which is also easier to use * use the server name from LDAP URL or SMTP host when validating the certificate unless otherwise defined in the TLS section * added temporary translations from the old names to the new ones for all deprecated options * added docs * updated example configuration * final deprecations to be done in 4.28.0 * doc updates * fix misc linting issues * uniform deprecation notices for ease of final removal * added additional tests covering previously uncovered areas and the new configuration options * add non-fatal to certificate loading when system certs could not be loaded * adjust timeout of Suite ShortTimeouts * add warnings pusher for the StructValidator * make the schema suites uninform * utilize the warnings in the StructValidator * fix test suite usage for skip_verify * extract LDAP filter parsing into it's own function to make it possible to test * test LDAP filter parsing * update ErrorContainer interface * add tests to the StructValidator * add NewTLSConfig test * move baseDN for users/groups into parsed values * add tests to cover many of the outstanding areas in LDAP * add explicit deferred LDAP conn close to UpdatePassword * add some basic testing to SMTP notifier * suggestions from code review
58 lines
1.6 KiB
Go
58 lines
1.6 KiB
Go
package notification
|
|
|
|
import (
|
|
"crypto/tls"
|
|
"testing"
|
|
|
|
"github.com/stretchr/testify/assert"
|
|
|
|
"github.com/authelia/authelia/internal/configuration/schema"
|
|
"github.com/authelia/authelia/internal/configuration/validator"
|
|
)
|
|
|
|
func TestShouldConfigureSMTPNotifierWithTLS11AndDefaultHostname(t *testing.T) {
|
|
config := &schema.NotifierConfiguration{
|
|
DisableStartupCheck: true,
|
|
SMTP: &schema.SMTPNotifierConfiguration{
|
|
Host: "smtp.example.com",
|
|
Port: 25,
|
|
TLS: &schema.TLSConfig{
|
|
MinimumVersion: "TLS1.1",
|
|
},
|
|
},
|
|
}
|
|
|
|
sv := schema.NewStructValidator()
|
|
validator.ValidateNotifier(config, sv)
|
|
|
|
notifier := NewSMTPNotifier(*config.SMTP, nil)
|
|
|
|
assert.Equal(t, "smtp.example.com", notifier.tlsConfig.ServerName)
|
|
assert.Equal(t, uint16(tls.VersionTLS11), notifier.tlsConfig.MinVersion)
|
|
assert.False(t, notifier.tlsConfig.InsecureSkipVerify)
|
|
assert.Equal(t, "smtp.example.com:25", notifier.address)
|
|
}
|
|
|
|
func TestShouldConfigureSMTPNotifierWithServerNameOverrideAndDefaultTLS12(t *testing.T) {
|
|
config := &schema.NotifierConfiguration{
|
|
DisableStartupCheck: true,
|
|
SMTP: &schema.SMTPNotifierConfiguration{
|
|
Host: "smtp.example.com",
|
|
Port: 25,
|
|
TLS: &schema.TLSConfig{
|
|
ServerName: "smtp.golang.org",
|
|
},
|
|
},
|
|
}
|
|
|
|
sv := schema.NewStructValidator()
|
|
validator.ValidateNotifier(config, sv)
|
|
|
|
notifier := NewSMTPNotifier(*config.SMTP, nil)
|
|
|
|
assert.Equal(t, "smtp.golang.org", notifier.tlsConfig.ServerName)
|
|
assert.Equal(t, uint16(tls.VersionTLS12), notifier.tlsConfig.MinVersion)
|
|
assert.False(t, notifier.tlsConfig.InsecureSkipVerify)
|
|
assert.Equal(t, "smtp.example.com:25", notifier.address)
|
|
}
|