From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on dcvr.yhbt.net X-Spam-Level: X-Spam-Status: No, score=-4.0 required=3.0 tests=ALL_TRUSTED,BAYES_00 shortcircuit=no autolearn=ham autolearn_force=no version=3.4.2 Received: from localhost (dcvr.yhbt.net [127.0.0.1]) by dcvr.yhbt.net (Postfix) with ESMTP id 54E1F1FC97 for ; Wed, 17 Feb 2021 10:07:08 +0000 (UTC) From: Eric Wong To: meta@public-inbox.org Subject: [PATCH 11/11] lei: check for IMAP auth errors Date: Wed, 17 Feb 2021 09:07:07 -0100 Message-Id: <20210217100707.6796-12-e@80x24.org> In-Reply-To: <20210217100707.6796-1-e@80x24.org> References: <20210217100707.6796-1-e@80x24.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit List-Id: We need to ensure authentication failures and error codes get propagated to the parent process(es) properly. For now, this will just be a maintainer test which hits a read/write IMAP server on public-inbox.org on a non-standard port with invalid credentials. --- lib/PublicInbox/LeiAuth.pm | 1 + lib/PublicInbox/NetReader.pm | 3 +++ xt/lei-auth-fail.t | 20 ++++++++++++++++++++ 3 files changed, 24 insertions(+) create mode 100644 xt/lei-auth-fail.t diff --git a/lib/PublicInbox/LeiAuth.pm b/lib/PublicInbox/LeiAuth.pm index 7210af99..7acb9900 100644 --- a/lib/PublicInbox/LeiAuth.pm +++ b/lib/PublicInbox/LeiAuth.pm @@ -42,6 +42,7 @@ sub auth_eof { sub auth_start { my ($self, $lei, $post_auth_cb, @args) = @_; + $lei->_lei_cfg(1); # workers may need to read config my $op = $lei->workers_start($self, 'auth', 1, { 'nrd_merge' => [ \&nrd_merge, $lei ], '' => [ \&auth_eof, $lei, $post_auth_cb, @args ], diff --git a/lib/PublicInbox/NetReader.pm b/lib/PublicInbox/NetReader.pm index ad8c18d0..61ea538b 100644 --- a/lib/PublicInbox/NetReader.pm +++ b/lib/PublicInbox/NetReader.pm @@ -89,6 +89,9 @@ sub mic_for { # mic = Mail::IMAPClient $self->{mic_arg}->{uri_section($uri)} = $mic_arg; } else { $err = "E: <$url> LOGIN: $@\n"; + if ($cred && defined($cred->{password})) { + $err =~ s/\Q$cred->{password}\E/*******/g; + } $mic = undef; } $cred->run($mic ? 'approve' : 'reject') if $cred; diff --git a/xt/lei-auth-fail.t b/xt/lei-auth-fail.t new file mode 100644 index 00000000..5308d0f9 --- /dev/null +++ b/xt/lei-auth-fail.t @@ -0,0 +1,20 @@ +#!perl -w +# Copyright (C) 2021 all contributors +# License: AGPL-3.0+ +use strict; use v5.10.1; use PublicInbox::TestCommon; + +# TODO: mock IMAP server which fails at authentication so we don't +# have to make external connections to test this: +my $imap_fail = $ENV{TEST_LEI_IMAP_FAIL_URL} // + 'imaps://AzureDiamond:Hunter2@public-inbox.org:994/INBOX'; +test_lei(sub { + ok(!lei(qw(convert -o mboxrd:/dev/stdout), $imap_fail), + 'IMAP auth failure on convert'); + like($lei_err, qr!\bE:.*?imaps://.*?!sm, 'error shown'); + unlike($lei_err, qr!Hunter2!s, 'password not shown'); + is($lei_out, '', 'nothing output'); + ok(!lei(qw(import), $imap_fail), 'IMAP auth failure on import'); + like($lei_err, qr!\bE:.*?imaps://.*?!sm, 'error shown'); + unlike($lei_err, qr!Hunter2!s, 'password not shown'); +}); +done_testing;