91 lines
2.3 KiB
Go
91 lines
2.3 KiB
Go
package smtp
|
|
|
|
import (
|
|
stdsmtp "net/smtp"
|
|
"strings"
|
|
"testing"
|
|
|
|
"internal-mail-skill/internal/config"
|
|
)
|
|
|
|
func TestBuildMessageOmitsBccHeaderButKeepsRecipients(t *testing.T) {
|
|
req := SendRequest{
|
|
FromAddress: "agent@example.com",
|
|
FromName: "Agent",
|
|
To: []string{"to@example.com"},
|
|
Cc: []string{"cc@example.com"},
|
|
Bcc: []string{"hidden@example.com"},
|
|
Subject: "Hello",
|
|
Body: "Body",
|
|
}
|
|
|
|
msg, recipients, err := BuildMessage(req)
|
|
if err != nil {
|
|
t.Fatalf("BuildMessage() error = %v", err)
|
|
}
|
|
raw := string(msg)
|
|
if strings.Contains(raw, "Bcc:") || strings.Contains(raw, "hidden@example.com") {
|
|
t.Fatalf("raw message leaked Bcc: %s", raw)
|
|
}
|
|
if len(recipients) != 3 {
|
|
t.Fatalf("recipients = %#v", recipients)
|
|
}
|
|
if recipients[2] != "hidden@example.com" {
|
|
t.Fatalf("Bcc missing from envelope recipients: %#v", recipients)
|
|
}
|
|
}
|
|
|
|
func TestAuthForConfigRequiresExplicitOptInForCleartextAuth(t *testing.T) {
|
|
cfg := config.SMTPConfig{
|
|
Host: "smtp.example.local",
|
|
Username: "user",
|
|
Password: "secret",
|
|
AuthRequired: true,
|
|
}
|
|
|
|
if _, err := authForConfig(cfg); err == nil {
|
|
t.Fatal("authForConfig() error = nil, want cleartext auth rejection")
|
|
}
|
|
|
|
cfg.AllowInsecureAuth = true
|
|
auth, err := authForConfig(cfg)
|
|
if err != nil {
|
|
t.Fatalf("authForConfig() with opt-in error = %v", err)
|
|
}
|
|
proto, _, err := auth.Start(&stdsmtp.ServerInfo{Name: cfg.Host, TLS: false})
|
|
if err != nil {
|
|
t.Fatalf("insecure auth Start() error = %v", err)
|
|
}
|
|
if proto != "PLAIN" {
|
|
t.Fatalf("proto = %q, want PLAIN", proto)
|
|
}
|
|
|
|
cfg.AllowInsecureAuth = false
|
|
cfg.UseSTARTTLS = true
|
|
auth, err = authForConfig(cfg)
|
|
if err != nil {
|
|
t.Fatalf("authForConfig() over STARTTLS error = %v", err)
|
|
}
|
|
if _, _, err := auth.Start(&stdsmtp.ServerInfo{Name: cfg.Host, TLS: true}); err != nil {
|
|
t.Fatalf("TLS auth Start() error = %v", err)
|
|
}
|
|
}
|
|
|
|
func TestAuthForConfigAllowsImplicitTLSAuth(t *testing.T) {
|
|
cfg := config.SMTPConfig{
|
|
Host: "smtp.example.local",
|
|
Username: "user",
|
|
Password: "secret",
|
|
AuthRequired: true,
|
|
UseTLS: true,
|
|
}
|
|
|
|
auth, err := authForConfig(cfg)
|
|
if err != nil {
|
|
t.Fatalf("authForConfig() error = %v", err)
|
|
}
|
|
if _, _, err := auth.Start(&stdsmtp.ServerInfo{Name: cfg.Host, TLS: false}); err != nil {
|
|
t.Fatalf("implicit TLS auth Start() error = %v", err)
|
|
}
|
|
}
|