tests: Don't ask the milter to mangle headers

flowerysong · Oct 18, 2024 · 21b8fd6 · 21b8fd6
1 parent 54d28a4
commit 21b8fd6
Showing 1 changed file with 49 additions and 33 deletions.
diff --git a/test/test_milter.py b/test/test_milter.py
@@ -9,13 +9,18 @@
 
 @pytest.fixture
 def run_miltertest(request, milter, milter_config):
-    def _run_miltertest(headers=None, standard_headers=True, body='test body\r\n'):
+    def _run_miltertest(
+        headers=None,
+        standard_headers=True,
+        body='test body\r\n',
+        protocol=miltertest.SMFI_V6_PROT,
+    ):
         headers = copy.copy(headers) or []
         if standard_headers:
             headers.extend(
                 [
-                    ['From', '[email protected]\n'],
-                    ['Date', 'Fri, 04 Oct 2024 10:11:12 -0400'],
+                    ['From', ' [email protected]\n'],
+                    ['Date', ' Fri, 04 Oct 2024 10:11:12 -0400'],
                     ['Subject', request.function.__name__],
                 ]
             )
@@ -24,7 +29,7 @@ def _run_miltertest(headers=None, standard_headers=True, body='test body\r\n'):
         sock = socket.socket(family=socket.AF_UNIX)
         sock.connect(bytes(milter_config['sock']))
         conn = miltertest.MilterConnection(sock)
-        conn.optneg_mta(protocol=miltertest.SMFI_V6_PROT ^ miltertest.SMFIP_HDR_LEADSPC)
+        conn.optneg_mta(protocol=protocol)
         conn.send(miltertest.SMFIC_CONNECT, hostname='localhost', address='127.0.0.1', family=miltertest.SMFIA_INET, port=666)
         conn.send(miltertest.SMFIC_HELO, helo='mx.example.com')
 
@@ -60,6 +65,17 @@ def test_milter_basic(run_miltertest):
     """Basic signing"""
     res = run_miltertest()
 
+    assert res['headers'][0] == ['Authentication-Results', ' example.com; arc=none smtp.remote-ip=127.0.0.1']
+    assert res['headers'][1][0] == 'ARC-Seal'
+    assert 'cv=none' in res['headers'][1][1]
+    assert res['headers'][2][0] == 'ARC-Message-Signature'
+    assert res['headers'][3] == ['ARC-Authentication-Results', ' i=1; example.com; arc=none smtp.remote-ip=127.0.0.1']
+
+
+def test_milter_v2(run_miltertest):
+    """Basic signing"""
+    res = run_miltertest(protocol=miltertest.SMFI_V2_PROT)
+
     assert res['headers'][0] == ['Authentication-Results', 'example.com; arc=none smtp.remote-ip=127.0.0.1']
     assert res['headers'][1][0] == 'ARC-Seal'
     assert 'cv=none' in res['headers'][1][1]
@@ -70,7 +86,7 @@ def test_milter_basic(run_miltertest):
 def test_milter_staticmsg(run_miltertest):
     headers = [
         ['ARC-Seal', (
-            'i=1; cv=none; a=rsa-sha256; d=dkimpy.example.com; s=sel;\r\n'
+            ' i=1; cv=none; a=rsa-sha256; d=dkimpy.example.com; s=sel;\r\n'
             ' t=1728713840;\r\n'
             ' b=jmHJmDXHe4eFAurv+yXz1RTRLj+XNaHedD4GYWPt0XntR94pMNSFlU2TxT0rzkMcE4Nkt\r\n'
             ' xFrz0OYVfexpgNJ393tO8czBH4OwEwV2E5h+U/8N1vM+KHKfcg2n02SOxUa991Z1+CXUrO6\r\n'
@@ -79,7 +95,7 @@ def test_milter_staticmsg(run_miltertest):
             ' gGinobwxRu7skmTPq0TSlBQQ/1fuxpSOpocjnY+E/g3FH3ZsAtbOG2jVYd9w=='
         )],
         ['ARC-Message-Signature', (
-            'i=1; a=rsa-sha256; c=relaxed/relaxed;\r\n'
+            ' i=1; a=rsa-sha256; c=relaxed/relaxed;\r\n'
             ' d=dkimpy.example.com; s=sel; t=1728713840; h=content-type :\r\n'
             ' mime-version : content-transfer-encoding : subject : from : to : from;\r\n'
             ' bh=Pb6s/Xlf4u1eDlYyO0NCaMRMrCg6xDNkK5byz8RDY1s=;\r\n'
@@ -89,20 +105,20 @@ def test_milter_staticmsg(run_miltertest):
             ' Q+eZZxcT7W2MWaByV2Jjz4B+sh0IzfX2wPNsGOsNpD+MvpehQsa9ig7eEndNWw7V1qpaMN+\r\n'
             ' vtOnb5H80nu0K4H7fvrNUI4h4b+UTumqR/HhiNTFRobUGiwuvrP4CWHj3dtQ==\r\n'
         )],
-        ['ARC-Authentication-Results', 'i=1; dkimpy.example.com'],
-        ['Content-Type', 'text/plain; charset="us-ascii"'],
-        ['MIME-Version', '1.0'],
-        ['Content-Transfer-Encoding', '7bit'],
-        ['Subject', 'test message from dkimpy'],
-        ['From', '[email protected]'],
-        ['To', '[email protected]'],
+        ['ARC-Authentication-Results', ' i=1; dkimpy.example.com'],
+        ['Content-Type', ' text/plain; charset="us-ascii"'],
+        ['MIME-Version', ' 1.0'],
+        ['Content-Transfer-Encoding', ' 7bit'],
+        ['Subject', ' test message from dkimpy'],
+        ['From', ' [email protected]'],
+        ['To', ' [email protected]'],
     ]
     res = run_miltertest(headers, False, 'test message\r\n')
-    assert res['headers'][0] == ['Authentication-Results', 'example.com; arc=pass smtp.remote-ip=127.0.0.1']
+    assert res['headers'][0] == ['Authentication-Results', ' example.com; arc=pass smtp.remote-ip=127.0.0.1']
     assert res['headers'][1][0] == 'ARC-Seal'
     assert 'cv=pass' in res['headers'][1][1]
     assert res['headers'][2][0] == 'ARC-Message-Signature'
-    assert res['headers'][3] == ['ARC-Authentication-Results', 'i=2; example.com; arc=pass smtp.remote-ip=127.0.0.1']
+    assert res['headers'][3] == ['ARC-Authentication-Results', ' i=2; example.com; arc=pass smtp.remote-ip=127.0.0.1']
 
 
 def test_milter_resign(run_miltertest):
@@ -114,10 +130,10 @@ def test_milter_resign(run_miltertest):
         headers = [*res['headers'], *headers]
         res = run_miltertest(headers)
 
-        assert res['headers'][0] == ['Authentication-Results', 'example.com; arc=pass smtp.remote-ip=127.0.0.1']
+        assert res['headers'][0] == ['Authentication-Results', ' example.com; arc=pass smtp.remote-ip=127.0.0.1']
 
         if i <= 50:
-            assert res['headers'][3] == ['ARC-Authentication-Results', f'i={i}; example.com; arc=pass smtp.remote-ip=127.0.0.1']
+            assert res['headers'][3] == ['ARC-Authentication-Results', f' i={i}; example.com; arc=pass smtp.remote-ip=127.0.0.1']
             assert 'cv=pass' in res['headers'][1][1]
 
             # quick and dirty parsing
@@ -135,23 +151,23 @@ def test_milter_mode_s(run_miltertest):
     assert len(res['headers']) == 3
     assert 'cv=none' in res['headers'][0][1]
     assert res['headers'][1][0] == 'ARC-Message-Signature'
-    assert res['headers'][2] == ['ARC-Authentication-Results', 'i=1; example.com; arc=none smtp.remote-ip=127.0.0.1']
+    assert res['headers'][2] == ['ARC-Authentication-Results', ' i=1; example.com; arc=none smtp.remote-ip=127.0.0.1']
 
 
 def test_milter_mode_v(run_miltertest):
     """Verify mode"""
     res = run_miltertest()
 
     assert len(res['headers']) == 1
-    assert res['headers'][0] == ['Authentication-Results', 'example.com; arc=none smtp.remote-ip=127.0.0.1']
+    assert res['headers'][0] == ['Authentication-Results', ' example.com; arc=none smtp.remote-ip=127.0.0.1']
 
 
 def test_milter_mode_none_verify(run_miltertest):
     """No configured mode, from a host that's not in InternalHosts"""
     res = run_miltertest()
 
     assert len(res['headers']) == 1
-    assert res['headers'][0] == ['Authentication-Results', 'example.com; arc=none smtp.remote-ip=127.0.0.1']
+    assert res['headers'][0] == ['Authentication-Results', ' example.com; arc=none smtp.remote-ip=127.0.0.1']
 
 
 def test_milter_mode_none_sign(run_miltertest):
@@ -161,7 +177,7 @@ def test_milter_mode_none_sign(run_miltertest):
     assert len(res['headers']) == 3
     assert 'cv=none' in res['headers'][0][1]
     assert res['headers'][1][0] == 'ARC-Message-Signature'
-    assert res['headers'][2] == ['ARC-Authentication-Results', 'i=1; example.com; arc=none smtp.remote-ip=127.0.0.1']
+    assert res['headers'][2] == ['ARC-Authentication-Results', ' i=1; example.com; arc=none smtp.remote-ip=127.0.0.1']
 
 
 @pytest.mark.parametrize(
@@ -360,7 +376,7 @@ def test_milter_ar(run_miltertest, data):
     """Test Authentication-Results parsing"""
     res = run_miltertest([['Authentication-Results', x] for x in data[0]])
 
-    assert res['headers'][3] == ['ARC-Authentication-Results', f'i=1; example.com; {data[1]}']
+    assert res['headers'][3] == ['ARC-Authentication-Results', f' i=1; example.com; {data[1]}']
 
 
 def test_milter_ar_override(run_miltertest):
@@ -373,17 +389,17 @@ def test_milter_ar_override(run_miltertest):
 
     res = run_miltertest(headers)
 
-    assert res['headers'][0] == ['Authentication-Results', 'example.com; arc=fail smtp.remote-ip=127.0.0.1']
+    assert res['headers'][0] == ['Authentication-Results', ' example.com; arc=fail smtp.remote-ip=127.0.0.1']
     assert 'cv=fail' in res['headers'][1][1]
-    assert res['headers'][3] == ['ARC-Authentication-Results', 'i=2; example.com; arc=fail']
+    assert res['headers'][3] == ['ARC-Authentication-Results', ' i=2; example.com; arc=fail']
 
     # override the result to "pass"
     headers = [*res['headers'], *headers]
     headers[0][1] = 'example.com; arc=pass'
     res = run_miltertest(headers)
 
     # the chain is dead because it came in as failed, no matter what A-R says
-    assert res['headers'][0] == ['Authentication-Results', 'example.com; arc=fail smtp.remote-ip=127.0.0.1']
+    assert res['headers'][0] == ['Authentication-Results', ' example.com; arc=fail smtp.remote-ip=127.0.0.1']
     assert len(res['headers']) == 1
 
 
@@ -393,13 +409,13 @@ def test_milter_ar_override_disabled(run_miltertest):
 
     # override the result to "fail"
     headers = res['headers']
-    headers[0][1] = 'example.com; arc=fail'
+    headers[0][1] = ' example.com; arc=fail'
 
     res = run_miltertest(headers)
 
-    assert res['headers'][0] == ['Authentication-Results', 'example.com; arc=pass smtp.remote-ip=127.0.0.1']
+    assert res['headers'][0] == ['Authentication-Results', ' example.com; arc=pass smtp.remote-ip=127.0.0.1']
     assert 'cv=pass' in res['headers'][1][1]
-    assert res['headers'][3] == ['ARC-Authentication-Results', 'i=2; example.com; arc=pass smtp.remote-ip=127.0.0.1']
+    assert res['headers'][3] == ['ARC-Authentication-Results', ' i=2; example.com; arc=pass smtp.remote-ip=127.0.0.1']
 
 
 def test_milter_ar_override_multi(run_miltertest):
@@ -413,9 +429,9 @@ def test_milter_ar_override_multi(run_miltertest):
     ]
     res = run_miltertest(headers)
 
-    assert res['headers'][0] == ['Authentication-Results', 'example.com; arc=pass smtp.remote-ip=127.0.0.1']
+    assert res['headers'][0] == ['Authentication-Results', ' example.com; arc=pass smtp.remote-ip=127.0.0.1']
     assert 'cv=pass' in res['headers'][1][1]
-    assert res['headers'][3] == ['ARC-Authentication-Results', 'i=2; example.com; arc=pass']
+    assert res['headers'][3] == ['ARC-Authentication-Results', ' i=2; example.com; arc=pass']
 
 
 def test_milter_seal_failed(run_miltertest):
@@ -437,8 +453,8 @@ def test_milter_seal_failed(run_miltertest):
 def test_milter_authresip(run_miltertest):
     """AuthResIP false disables smtp.remote-ip"""
     res = run_miltertest()
-    assert res['headers'][0][1] == 'example.com; arc=none'
-    assert res['headers'][3][1] == 'i=1; example.com; arc=none'
+    assert res['headers'][0][1] == ' example.com; arc=none'
+    assert res['headers'][3][1] == ' i=1; example.com; arc=none'
 
 
 def test_milter_peerlist(run_miltertest):
@@ -452,4 +468,4 @@ def test_milter_softwareheader(run_miltertest):
     res = run_miltertest()
 
     assert res['headers'][0][0] == 'ARC-Filter'
-    assert res['headers'][0][1].startswith('OpenARC Filter v')
+    assert res['headers'][0][1].startswith(' OpenARC Filter v')