Add tests for key cache invalidation

rspamd · Feb 2, 2019 · 04b5bfd · 04b5bfd
1 parent ebc58cb
commit 04b5bfd
Show file tree

Hide file tree

Showing 2 changed files with 57 additions and 0 deletions.
diff --git a/test/functional/cases/131_dkim_signing/004_invalidate_key.robot b/test/functional/cases/131_dkim_signing/004_invalidate_key.robot
@@ -0,0 +1,51 @@
+*** Settings ***
+Suite Setup     Key Invalidation Setup
+Suite Teardown  Key Invalidation Teardown
+Library         ${TESTDIR}/lib/rspamd.py
+Resource        ${TESTDIR}/lib/rspamd.robot
+Variables       ${TESTDIR}/lib/vars.py
+
+*** Variables ***
+${CONFIG}       ${TESTDIR}/configs/plugins.conf
+${MESSAGE}      ${TESTDIR}/messages/dmarc/fail_none.eml
+${REDIS_SCOPE}  Suite
+${RSPAMD_SCOPE}  Suite
+${URL_TLD}      ${TESTDIR}/../lua/unit/test_tld.dat
+
+*** Test Cases ***
+TEST SIGNED
+  ${result} =  Scan Message With Rspamc  ${MESSAGE}  -u  bob@cacophony.za.org
+  Check Rspamc  ${result}  DKIM-Signature:
+  Should Contain  ${result.stdout}  DKIM_SIGNED
+
+TEST NOT SIGNED - MISSING KEY
+  [Setup] 	Delete Key
+  ${result} =  Scan Message With Rspamc  ${MESSAGE}  -u  bob@cacophony.za.org
+  Check Rspamc  ${result}  DKIM-Signature:  inverse=1
+  Should Not Contain  ${result.stdout}  DKIM_SIGNED
+
+TEST NOT SIGNED - KEY NO LONGER MATCHES
+  [Setup]	Move Key
+  ${result} =  Scan Message With Rspamc  ${MESSAGE}  -u  bob@cacophony.za.org
+  Check Rspamc  ${result}  DKIM-Signature:  inverse=1
+  Should Not Contain  ${result.stdout}  DKIM_SIGNED
+
+*** Keywords ***
+Key Invalidation Setup
+  ${key_dir}  Make Temporary Directory
+  Set Suite Variable  ${KEY_DIR}  ${key_dir}
+  Copy File  ${TESTDIR}/configs/dkim-eddsa.key  ${KEY_DIR}/dkim-eddsa.key
+  ${PLUGIN_CONFIG} =  Get File  ${TESTDIR}/configs/dkim_signing/invalidate.conf
+  Set Suite Variable  ${PLUGIN_CONFIG}
+  Generic Setup  PLUGIN_CONFIG
+
+Delete Key
+  Remove File  ${KEY_DIR}/dkim-eddsa.key
+
+Move Key
+  Copy File  ${TESTDIR}/configs/dkim.key  ${KEY_DIR}/dkim-eddsa.key
+  Set Modified Time  ${KEY_DIR}/dkim-eddsa.key  NOW + 3s
+
+Key Invalidation Teardown
+  Cleanup Temporary Directory  ${KEY_DIR}
+  Normal Teardown
diff --git a/test/functional/configs/dkim_signing/invalidate.conf b/test/functional/configs/dkim_signing/invalidate.conf
@@ -0,0 +1,6 @@
+dkim_signing {
+  path = "${KEY_DIR}/dkim-eddsa.key";
+  selector = "eddsa";
+  check_pubkey = true;
+  allow_pubkey_mismatch = false;
+}