From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on dcvr.yhbt.net X-Spam-Level: X-Spam-ASN: X-Spam-Status: No, score=-4.2 required=3.0 tests=ALL_TRUSTED,BAYES_00, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF shortcircuit=no autolearn=ham autolearn_force=no version=3.4.6 Received: from localhost (dcvr.yhbt.net [127.0.0.1]) by dcvr.yhbt.net (Postfix) with ESMTP id DBAD91F56A for ; Tue, 3 Oct 2023 06:43:53 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=80x24.org; s=selector1; t=1696315433; bh=plNb7GwDSS/KeCfP5HhRGAQm6kmKSSdEaCCmQUjHTTk=; h=From:To:Subject:Date:In-Reply-To:References:From; b=TRKPisERIfhP7BHEalyKKPBAFBavwohkcOdpvUW9ta0lJxlVbYYWSsFg0dGDXrbE6 +p5CYEgsWMbqJtYFSolJ4Ei+ieiSD18gLAYcwFNT0QZeuOMZlssG21hy5GXMfruG0Y /+bPwuejhKhhwoM48zcK6Jc1bhd4KMcHu1t1fVSE= From: Eric Wong To: meta@public-inbox.org Subject: [PATCH 7/8] xt/lei-onion-convert: test TLS + SOCKS Date: Tue, 3 Oct 2023 06:43:51 +0000 Message-ID: <20231003064352.2902298-8-e@80x24.org> In-Reply-To: <20231003064352.2902298-1-e@80x24.org> References: <20231003064352.2902298-1-e@80x24.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit List-Id: While .onion URLs don't commonly use TLS, using Tor to access non-.onion URLs is possible and TLS is advisable in that case. TLS + SOCKS support is also useful for non-Tor SOCKS proxies (e.g. "ssh -D"), but 127.0.0.1:9050 (Tor) is probably the most standardized address. While we're in the area: switch to v5.12, use autodie, and ensure all necessary modules are present. --- xt/lei-onion-convert.t | 21 ++++++++++++++++++--- 1 file changed, 18 insertions(+), 3 deletions(-) diff --git a/xt/lei-onion-convert.t b/xt/lei-onion-convert.t index 6dd17065..d3afbbb9 100644 --- a/xt/lei-onion-convert.t +++ b/xt/lei-onion-convert.t @@ -1,10 +1,12 @@ #!perl -w -# Copyright (C) 2021 all contributors +# Copyright (C) all contributors # License: AGPL-3.0+ -use strict; use v5.10; use PublicInbox::TestCommon; +use v5.12; use PublicInbox::TestCommon; use PublicInbox::MboxReader; +use autodie qw(pipe close); my $test_tor = $ENV{TEST_TOR}; plan skip_all => "TEST_TOR unset" unless $test_tor; +require_mods qw(IO::Socket::Socks IO::Socket::SSL Mail::IMAPClient Net::NNTP); unless ($test_tor =~ m!\Asocks5h://!i) { my $default = 'socks5h://127.0.0.1:9050'; diag "using $default (set TEST_TOR=socks5h://ADDR:PORT to override)"; @@ -19,11 +21,24 @@ my @cnv = qw(lei convert -o mboxrd:/dev/stdout); my @proxy_cli = ("--proxy=$test_tor"); my $proxy_cfg = "proxy=$test_tor"; test_lei(sub { + # ensure TLS + SOCKS works + ok !lei(qw(ls-mail-source imaps://mews.public-inbox.org/ + -c), "imap.$proxy_cfg"), + 'imaps fails on wrong hostname w/ Tor'; + ok !lei(qw(ls-mail-source nntps://mews.public-inbox.org/ + -c), "nntp.$proxy_cfg"), + 'nntps fails on wrong hostname w/ Tor'; + + lei_ok qw(ls-mail-source imaps://news.public-inbox.org/ + -c), "imap.$proxy_cfg"; + lei_ok qw(ls-mail-source nntps://news.public-inbox.org/ + -c), "nntp.$proxy_cfg"; + my $run = {}; for my $args ([$nntp_url, @proxy_cli], [$imap_url, @proxy_cli], [ $nntp_url, '-c', "nntp.$proxy_cfg" ], [ $imap_url, '-c', "imap.$proxy_cfg" ]) { - pipe(my ($r, $w)) or xbail "pipe: $!"; + pipe(my $r, my $w); my $cmd = [@cnv, @$args]; my $td = start_script($cmd, undef, { 1 => $w, run_mode => 0 }); $args->[0] =~ s!\A(.+?://).*!$1...!;