9 RT::Test::get_abs_relocatable_dir( File::Spec->updir(),
10 qw/data gnupg keyrings/ );
17 passphrase => 'rt-test',
21 use String::ShellQuote 'shell_quote';
25 my ($baseurl, $m) = RT::Test->started_ok;
27 # configure key for General queue
28 ok( $m->login, 'we did log in' );
29 $m->get( $baseurl.'/Admin/Queues/');
30 $m->follow_link_ok( {text => 'General'} );
31 $m->submit_form( form_number => 3,
32 fields => { CorrespondAddress => 'general@example.com' } );
33 $m->content_like(qr/general\@example.com.* - never/, 'has key info.');
35 ok(my $user = RT::User->new(RT->SystemUser));
36 ok($user->Load('root'), "Loaded user 'root'");
37 $user->SetEmailAddress('recipient@example.com');
39 # test simple mail. supposedly this should fail when
40 # 1. the queue requires signature
41 # 2. the from is not what the key is associated with
42 my $mail = RT::Test->open_mailgate_ok($baseurl);
44 From: recipient\@example.com
45 To: general\@$RT::rtname
46 Subject: This is a test of new ticket creation as root
51 RT::Test->close_mailgate_ok($mail);
54 my $tick = RT::Test->last_ticket;
56 'This is a test of new ticket creation as root',
59 my $txn = $tick->Transactions->First;
61 $txn->Attachments->First->Headers,
62 qr/^X-RT-Incoming-Encryption: Not encrypted/m,
63 'recorded incoming mail that is not encrypted'
65 like( $txn->Attachments->First->Content, qr/Blah/);
68 # test for signed mail
73 qw(gpg --batch --no-tty --armor --sign),
74 '--default-key' => 'recipient@example.com',
75 '--homedir' => $homedir,
76 '--passphrase' => 'recipient',
83 $mail = RT::Test->open_mailgate_ok($baseurl);
85 From: recipient\@example.com
86 To: general\@$RT::rtname
87 Subject: signed message for queue
91 RT::Test->close_mailgate_ok($mail);
94 my $tick = RT::Test->last_ticket;
95 is( $tick->Subject, 'signed message for queue',
99 my $txn = $tick->Transactions->First;
100 my ($msg, $attach) = @{$txn->Attachments->ItemsArrayRef};
102 is( $msg->GetHeader('X-RT-Incoming-Encryption'),
104 'recorded incoming mail that is encrypted'
106 # test for some kind of PGP-Signed-By: Header
107 like( $attach->Content, qr/fnord/);
110 # test for clear-signed mail
115 qw(gpg --batch --no-tty --armor --sign --clearsign),
116 '--default-key' => 'recipient@example.com',
117 '--homedir' => $homedir,
118 '--passphrase' => 'recipient',
125 $mail = RT::Test->open_mailgate_ok($baseurl);
127 From: recipient\@example.com
128 To: general\@$RT::rtname
129 Subject: signed message for queue
133 RT::Test->close_mailgate_ok($mail);
136 my $tick = RT::Test->last_ticket;
137 is( $tick->Subject, 'signed message for queue',
141 my $txn = $tick->Transactions->First;
142 my ($msg, $attach) = @{$txn->Attachments->ItemsArrayRef};
143 is( $msg->GetHeader('X-RT-Incoming-Encryption'),
145 'recorded incoming mail that is encrypted'
147 # test for some kind of PGP-Signed-By: Header
148 like( $attach->Content, qr/clearfnord/);
151 # test for signed and encrypted mail
156 qw(gpg --batch --no-tty --encrypt --armor --sign),
157 '--recipient' => 'general@example.com',
158 '--default-key' => 'recipient@example.com',
159 '--homedir' => $homedir,
160 '--passphrase' => 'recipient',
167 $mail = RT::Test->open_mailgate_ok($baseurl);
169 From: recipient\@example.com
170 To: general\@$RT::rtname
171 Subject: Encrypted message for queue
175 RT::Test->close_mailgate_ok($mail);
178 my $tick = RT::Test->last_ticket;
179 is( $tick->Subject, 'Encrypted message for queue',
183 my $txn = $tick->Transactions->First;
184 my ($msg, $attach, $orig) = @{$txn->Attachments->ItemsArrayRef};
186 is( $msg->GetHeader('X-RT-Incoming-Encryption'),
188 'recorded incoming mail that is encrypted'
190 is( $msg->GetHeader('X-RT-Privacy'),
192 'recorded incoming mail that is encrypted'
194 like( $attach->Content, qr/orz/);
196 is( $orig->GetHeader('Content-Type'), 'application/x-rt-original-message');
197 ok(index($orig->Content, $buf) != -1, 'found original msg');
201 # test that if it gets base64 transfer-encoded, we still get the content out
202 $buf = encode_base64($buf);
203 $mail = RT::Test->open_mailgate_ok($baseurl);
205 From: recipient\@example.com
206 To: general\@$RT::rtname
207 Content-transfer-encoding: base64
208 Subject: Encrypted message for queue
212 RT::Test->close_mailgate_ok($mail);
215 my $tick = RT::Test->last_ticket;
216 is( $tick->Subject, 'Encrypted message for queue',
220 my $txn = $tick->Transactions->First;
221 my ($msg, $attach, $orig) = @{$txn->Attachments->ItemsArrayRef};
223 is( $msg->GetHeader('X-RT-Incoming-Encryption'),
225 'recorded incoming mail that is encrypted'
227 is( $msg->GetHeader('X-RT-Privacy'),
229 'recorded incoming mail that is encrypted'
231 like( $attach->Content, qr/orz/);
233 is( $orig->GetHeader('Content-Type'), 'application/x-rt-original-message');
234 ok(index($orig->Content, $buf) != -1, 'found original msg');
238 # test for signed mail by other key
243 qw(gpg --batch --no-tty --armor --sign),
244 '--default-key' => 'rt@example.com',
245 '--homedir' => $homedir,
246 '--passphrase' => 'test',
253 $mail = RT::Test->open_mailgate_ok($baseurl);
255 From: recipient\@example.com
256 To: general\@$RT::rtname
257 Subject: signed message for queue
261 RT::Test->close_mailgate_ok($mail);
264 my $tick = RT::Test->last_ticket;
265 my $txn = $tick->Transactions->First;
266 my ($msg, $attach) = @{$txn->Attachments->ItemsArrayRef};
267 # XXX: in this case, which credential should we be using?
268 is( $msg->GetHeader('X-RT-Incoming-Signature'),
269 'Test User <rt@example.com>',
270 'recorded incoming mail signed by others'
274 # test for encrypted mail with key not associated to the queue
279 qw(gpg --batch --no-tty --armor --encrypt),
280 '--recipient' => 'random@localhost',
281 '--homedir' => $homedir,
283 \"should not be there either\r\n",
288 $mail = RT::Test->open_mailgate_ok($baseurl);
290 From: recipient\@example.com
291 To: general\@$RT::rtname
292 Subject: encrypted message for queue
296 RT::Test->close_mailgate_ok($mail);
299 my $tick = RT::Test->last_ticket;
300 my $txn = $tick->Transactions->First;
301 my ($msg, $attach) = @{$txn->Attachments->ItemsArrayRef};
305 local $TODO = "this test requires keys associated with queues";
306 unlike( $attach->Content, qr/should not be there either/);
310 # test for badly encrypted mail
316 qw(gpg --batch --no-tty --armor --encrypt),
317 '--recipient' => 'rt@example.com',
318 '--homedir' => $homedir,
320 \"really should not be there either\r\n",
325 $buf =~ s/PGP MESSAGE/SCREWED UP/g;
327 RT::Test->fetch_caught_mails;
329 $mail = RT::Test->open_mailgate_ok($baseurl);
331 From: recipient\@example.com
332 To: general\@$RT::rtname
333 Subject: encrypted message for queue
337 RT::Test->close_mailgate_ok($mail);
338 my @mail = RT::Test->fetch_caught_mails;
339 is(@mail, 1, 'caught outgoing mail.');
343 my $tick = RT::Test->last_ticket;
344 my $txn = $tick->Transactions->First;
345 my ($msg, $attach) = @{$txn->Attachments->ItemsArrayRef};
346 unlike( ($attach ? $attach->Content : ''), qr/really should not be there either/);