feat(tranquil-server): email config, tests, fmt #10

crates/tranquil-comms/tests/email_smtp.rs

reviewed

This file has not been changed.

crates/tranquil-pds/src/repo_ops.rs

reviewed

This file has not been changed.

crates/tranquil-pds/tests/repo_batch.rs

reviewed

This file has not been changed.

-4

crates/tranquil-server/src/main.rs

reviewed

··· 57 57 eprint!("{e}"); 58 58 return ExitCode::FAILURE; 59 59 } 60 60 - if let Err(e) = EmailSender::from_config(&config) { 61 61 - eprintln!("Email configuration invalid: {e}"); 62 62 - return ExitCode::FAILURE; 63 63 - } 64 60 println!("Configuration is valid."); 65 61 ExitCode::SUCCESS 66 62 }

crates/tranquil-store/src/blockstore/store.rs

reviewed

This file has not been changed.

crates/tranquil-store/src/gauntlet/farm.rs

reviewed

This file has not been changed.

crates/tranquil-store/src/lib.rs

reviewed

This file has not been changed.

crates/tranquil-store/src/sim.rs

reviewed

This file has not been changed.

crates/tranquil-store/tests/gauntlet_smoke.rs

reviewed

This file has not been changed.

crates/tranquil-store/tests/sim_blockstore.rs

reviewed

This file has not been changed.

crates/tranquil-store/tests/sim_eventlog.rs

reviewed

This file has not been changed.

crates/tranquil-sync/src/subscribe_repos.rs

reviewed

This file has not been changed.

+308 -78

crates/tranquil-config/src/lib.rs

reviewed

··· 226 226 } 227 227 } 228 228 229 229 - // -- email smarthost -------------------------------------------------- 230 230 - match self.email.smarthost.tls.to_ascii_lowercase().as_str() { 231 231 - "implicit" | "starttls" => {} 232 232 - "none" => { 233 233 - if self.email.smarthost.password.is_some() { 234 234 - errors.push( 235 235 - "email.smarthost.tls = \"none\" with email.smarthost.password set \ 236 236 - would transmit credentials in plaintext; use \"starttls\" or \"implicit\"" 237 237 - .to_string(), 238 238 - ); 239 239 - } 240 240 - } 241 241 - other => errors.push(format!( 242 242 - "email.smarthost.tls must be \"implicit\", \"starttls\", or \"none\", got \"{other}\"" 243 243 - )), 244 244 - } 245 245 - 246 246 - let smarthost_host_set = self 247 247 - .email 248 248 - .smarthost 249 249 - .host 250 250 - .as_deref() 251 251 - .is_some_and(|h| !h.is_empty()); 252 252 - let username_set = self.email.smarthost.username.is_some(); 253 253 - let password_set = self.email.smarthost.password.is_some(); 254 254 - if !smarthost_host_set && (username_set || password_set) { 255 255 - errors.push( 256 256 - "email.smarthost.username or email.smarthost.password is set but \ 257 257 - email.smarthost.host is empty; credentials would be silently ignored" 258 258 - .to_string(), 259 259 - ); 260 260 - } 261 261 - if smarthost_host_set && username_set != password_set { 262 262 - errors.push( 263 263 - "email.smarthost.username and email.smarthost.password must both be set or \ 264 264 - both unset; otherwise authentication would silently degrade to anonymous" 265 265 - .to_string(), 266 266 - ); 267 267 - } 268 268 - 269 269 - if self.email.smarthost.command_timeout_secs == 0 { 270 270 - errors.push("email.smarthost.command_timeout_secs must be at least 1".to_string()); 271 271 - } 272 272 - if self.email.smarthost.total_timeout_secs == 0 { 273 273 - errors.push("email.smarthost.total_timeout_secs must be at least 1".to_string()); 274 274 - } 275 275 - if self.email.smarthost.pool_size == 0 { 276 276 - errors.push("email.smarthost.pool_size must be at least 1".to_string()); 277 277 - } 278 278 - 279 279 - if self.email.direct_mx.max_concurrent_sends == 0 { 280 280 - errors.push("email.direct_mx.max_concurrent_sends must be at least 1".to_string()); 281 281 - } 282 282 - if self.email.direct_mx.command_timeout_secs == 0 { 283 283 - errors.push("email.direct_mx.command_timeout_secs must be at least 1".to_string()); 284 284 - } 285 285 - if self.email.direct_mx.total_timeout_secs == 0 { 286 286 - errors.push("email.direct_mx.total_timeout_secs must be at least 1".to_string()); 287 287 - } 288 288 - 289 289 - let dkim_set = self.email.dkim.selector.is_some() 290 290 - || self.email.dkim.domain.is_some() 291 291 - || self.email.dkim.private_key_path.is_some(); 292 292 - if dkim_set { 293 293 - if self.email.dkim.selector.is_none() { 294 294 - errors 295 295 - .push("email.dkim.selector is required when any DKIM field is set".to_string()); 296 296 - } 297 297 - if self.email.dkim.domain.is_none() { 298 298 - errors.push("email.dkim.domain is required when any DKIM field is set".to_string()); 299 299 - } 300 300 - if self.email.dkim.private_key_path.is_none() { 301 301 - errors.push( 302 302 - "email.dkim.private_key_path is required when any DKIM field is set" 303 303 - .to_string(), 304 304 - ); 305 305 - } 306 306 - } 229 229 + // -- email ----------------------------------------------------------- 230 230 + self.email 231 231 + .validate(self.server.hostname_without_port(), &mut errors); 307 232 308 233 // -- telegram --------------------------------------------------------- 309 234 if self.telegram.bot_token.is_some() && self.telegram.webhook_secret.is_none() { ··· 864 789 pub dkim: DkimConfig, 865 790 } 866 791 792 792 + impl EmailConfig { 793 793 + pub fn validate(&self, server_hostname: &str, errors: &mut Vec<String>) { 794 794 + match self.smarthost.tls.to_ascii_lowercase().as_str() { 795 795 + "implicit" | "starttls" => {} 796 796 + "none" => { 797 797 + if self.smarthost.password.is_some() { 798 798 + errors.push( 799 799 + "email.smarthost.tls = \"none\" with email.smarthost.password set \ 800 800 + would transmit credentials in plaintext; use \"starttls\" or \"implicit\"" 801 801 + .to_string(), 802 802 + ); 803 803 + } 804 804 + } 805 805 + other => errors.push(format!( 806 806 + "email.smarthost.tls must be \"implicit\", \"starttls\", or \"none\", got \"{other}\"" 807 807 + )), 808 808 + } 809 809 + 810 810 + let smarthost_host_set = self 811 811 + .smarthost 812 812 + .host 813 813 + .as_deref() 814 814 + .is_some_and(|h| !h.is_empty()); 815 815 + let username_set = self.smarthost.username.is_some(); 816 816 + let password_set = self.smarthost.password.is_some(); 817 817 + if !smarthost_host_set && (username_set || password_set) { 818 818 + errors.push( 819 819 + "email.smarthost.username or email.smarthost.password is set but \ 820 820 + email.smarthost.host is empty; credentials would be silently ignored" 821 821 + .to_string(), 822 822 + ); 823 823 + } 824 824 + if smarthost_host_set && username_set != password_set { 825 825 + errors.push( 826 826 + "email.smarthost.username and email.smarthost.password must both be set or \ 827 827 + both unset; otherwise authentication would silently degrade to anonymous" 828 828 + .to_string(), 829 829 + ); 830 830 + } 831 831 + 832 832 + if self.smarthost.command_timeout_secs == 0 { 833 833 + errors.push("email.smarthost.command_timeout_secs must be at least 1".to_string()); 834 834 + } 835 835 + if self.smarthost.total_timeout_secs == 0 { 836 836 + errors.push("email.smarthost.total_timeout_secs must be at least 1".to_string()); 837 837 + } 838 838 + if self.smarthost.pool_size == 0 { 839 839 + errors.push("email.smarthost.pool_size must be at least 1".to_string()); 840 840 + } 841 841 + 842 842 + if self.direct_mx.max_concurrent_sends == 0 { 843 843 + errors.push("email.direct_mx.max_concurrent_sends must be at least 1".to_string()); 844 844 + } 845 845 + if self.direct_mx.command_timeout_secs == 0 { 846 846 + errors.push("email.direct_mx.command_timeout_secs must be at least 1".to_string()); 847 847 + } 848 848 + if self.direct_mx.total_timeout_secs == 0 { 849 849 + errors.push("email.direct_mx.total_timeout_secs must be at least 1".to_string()); 850 850 + } 851 851 + 852 852 + let dkim_set = self.dkim.selector.is_some() 853 853 + || self.dkim.domain.is_some() 854 854 + || self.dkim.private_key_path.is_some(); 855 855 + if dkim_set { 856 856 + if self.dkim.selector.is_none() { 857 857 + errors 858 858 + .push("email.dkim.selector is required when any DKIM field is set".to_string()); 859 859 + } 860 860 + if self.dkim.domain.is_none() { 861 861 + errors.push("email.dkim.domain is required when any DKIM field is set".to_string()); 862 862 + } 863 863 + if self.dkim.private_key_path.is_none() { 864 864 + errors.push( 865 865 + "email.dkim.private_key_path is required when any DKIM field is set" 866 866 + .to_string(), 867 867 + ); 868 868 + } 869 869 + } 870 870 + 871 871 + let Some(from_address) = self.from_address.as_deref().filter(|s| !s.is_empty()) else { 872 872 + return; 873 873 + }; 874 874 + 875 875 + if !looks_like_email_address(from_address) { 876 876 + errors.push(format!( 877 877 + "email.from_address {from_address:?} is not a valid email address" 878 878 + )); 879 879 + } 880 880 + if self.from_name.chars().any(|c| c.is_control()) { 881 881 + errors.push("email.from_name must not contain control characters".to_string()); 882 882 + } 883 883 + 884 884 + let helo_raw = self 885 885 + .helo_name 886 886 + .as_deref() 887 887 + .map(str::to_string) 888 888 + .unwrap_or_else(|| server_hostname.to_string()); 889 889 + if !is_non_whitespace_token(&helo_raw) { 890 890 + errors.push(format!( 891 891 + "email HELO name {helo_raw:?} must be non-empty and contain no whitespace" 892 892 + )); 893 893 + } 894 894 + 895 895 + if smarthost_host_set { 896 896 + let host = self.smarthost.host.as_deref().unwrap_or(""); 897 897 + if !is_non_whitespace_token(host) { 898 898 + errors.push(format!( 899 899 + "email.smarthost.host {host:?} must contain no whitespace" 900 900 + )); 901 901 + } 902 902 + if self.smarthost.port == 0 { 903 903 + errors.push("email.smarthost.port must be non-zero".to_string()); 904 904 + } 905 905 + if let Some(u) = self.smarthost.username.as_deref() 906 906 + && u.is_empty() 907 907 + { 908 908 + errors.push("email.smarthost.username must be non-empty".to_string()); 909 909 + } 910 910 + if let Some(p) = self.smarthost.password.as_deref() 911 911 + && p.is_empty() 912 912 + { 913 913 + errors.push("email.smarthost.password must be non-empty".to_string()); 914 914 + } 915 915 + } 916 916 + 917 917 + if let Some(selector) = self.dkim.selector.as_deref() 918 918 + && !is_valid_dkim_selector(selector) 919 919 + { 920 920 + errors.push(format!( 921 921 + "email.dkim.selector {selector:?} must be valid subdomain syntax" 922 922 + )); 923 923 + } 924 924 + if let Some(domain) = self.dkim.domain.as_deref() 925 925 + && !is_non_whitespace_token(domain) 926 926 + { 927 927 + errors.push(format!( 928 928 + "email.dkim.domain {domain:?} must be non-empty and contain no whitespace" 929 929 + )); 930 930 + } 931 931 + if let Some(key_path) = self.dkim.private_key_path.as_deref() 932 932 + && key_path.trim().is_empty() 933 933 + { 934 934 + errors.push("email.dkim.private_key_path must be non-empty".to_string()); 935 935 + } 936 936 + } 937 937 + } 938 938 + 939 939 + fn looks_like_email_address(s: &str) -> bool { 940 940 + let trimmed = s.trim(); 941 941 + if trimmed.is_empty() || trimmed.chars().any(char::is_whitespace) { 942 942 + return false; 943 943 + } 944 944 + let mut parts = trimmed.split('@'); 945 945 + let local = parts.next().unwrap_or(""); 946 946 + let domain = parts.next().unwrap_or(""); 947 947 + parts.next().is_none() && !local.is_empty() && !domain.is_empty() && domain.contains('.') 948 948 + } 949 949 + 950 950 + fn is_non_whitespace_token(s: &str) -> bool { 951 951 + let trimmed = s.trim(); 952 952 + !trimmed.is_empty() && !trimmed.chars().any(char::is_whitespace) 953 953 + } 954 954 + 955 955 + fn is_valid_dkim_selector(s: &str) -> bool { 956 956 + let trimmed = s.trim(); 957 957 + !trimmed.is_empty() 958 958 + && trimmed.split('.').all(|seg| { 959 959 + let starts_alnum = seg 960 960 + .chars() 961 961 + .next() 962 962 + .is_some_and(|c| c.is_ascii_alphanumeric()); 963 963 + let ends_alnum = seg 964 964 + .chars() 965 965 + .next_back() 966 966 + .is_some_and(|c| c.is_ascii_alphanumeric()); 967 967 + let body_ok = seg.chars().all(|c| c.is_ascii_alphanumeric() || c == '-'); 968 968 + starts_alnum && ends_alnum && body_ok 969 969 + }) 970 970 + } 971 971 + 867 972 #[derive(Debug, Config)] 868 973 pub struct SmarthostConfig { 869 974 /// SMTP relay host. When set, mail is delivered through this host ··· 1440 1545 result 1441 1546 ); 1442 1547 } 1548 1548 + 1549 1549 + #[test] 1550 1550 + fn email_address_predicate_accepts_typical_addresses() { 1551 1551 + assert!(looks_like_email_address("alice@nel.pet")); 1552 1552 + assert!(looks_like_email_address("a.b+tag@example.co.uk")); 1553 1553 + } 1554 1554 + 1555 1555 + #[test] 1556 1556 + fn email_address_predicate_rejects_malformed() { 1557 1557 + assert!(!looks_like_email_address("")); 1558 1558 + assert!(!looks_like_email_address("no-at-sign")); 1559 1559 + assert!(!looks_like_email_address("@nel.pet")); 1560 1560 + assert!(!looks_like_email_address("alice@")); 1561 1561 + assert!(!looks_like_email_address("alice@nel")); 1562 1562 + assert!(!looks_like_email_address("a@b@c.com")); 1563 1563 + assert!(!looks_like_email_address("alice @nel.pet")); 1564 1564 + } 1565 1565 + 1566 1566 + #[test] 1567 1567 + fn dkim_selector_predicate_matches_subdomain_syntax() { 1568 1568 + assert!(is_valid_dkim_selector("default")); 1569 1569 + assert!(is_valid_dkim_selector("s2024-q1")); 1570 1570 + assert!(is_valid_dkim_selector("mailo-2024.nel.pet")); 1571 1571 + assert!(!is_valid_dkim_selector("")); 1572 1572 + assert!(!is_valid_dkim_selector("a..b")); 1573 1573 + assert!(!is_valid_dkim_selector("-leading")); 1574 1574 + assert!(!is_valid_dkim_selector("trailing-")); 1575 1575 + assert!(!is_valid_dkim_selector("s_under")); 1576 1576 + } 1577 1577 + 1578 1578 + #[test] 1579 1579 + fn email_validate_disabled_when_from_address_unset() { 1580 1580 + let cfg = email_config_for_test(EmailOverrides::default()); 1581 1581 + let mut errors = Vec::new(); 1582 1582 + cfg.validate("test.local", &mut errors); 1583 1583 + assert!(errors.is_empty(), "expected no errors, got {errors:?}"); 1584 1584 + } 1585 1585 + 1586 1586 + #[test] 1587 1587 + fn email_validate_rejects_bad_from_address() { 1588 1588 + let cfg = email_config_for_test(EmailOverrides { 1589 1589 + from_address: Some("not-an-email"), 1590 1590 + ..Default::default() 1591 1591 + }); 1592 1592 + let mut errors = Vec::new(); 1593 1593 + cfg.validate("test.local", &mut errors); 1594 1594 + assert!( 1595 1595 + errors.iter().any(|e| e.contains("from_address")), 1596 1596 + "expected from_address error, got {errors:?}" 1597 1597 + ); 1598 1598 + } 1599 1599 + 1600 1600 + #[test] 1601 1601 + fn email_validate_rejects_smarthost_with_bad_credentials() { 1602 1602 + let cfg = email_config_for_test(EmailOverrides { 1603 1603 + from_address: Some("alice@nel.pet"), 1604 1604 + smarthost_host: Some("smtp.nel.pet"), 1605 1605 + smarthost_username: Some(""), 1606 1606 + smarthost_password: Some("hunter2"), 1607 1607 + ..Default::default() 1608 1608 + }); 1609 1609 + let mut errors = Vec::new(); 1610 1610 + cfg.validate("test.local", &mut errors); 1611 1611 + assert!( 1612 1612 + errors.iter().any(|e| e.contains("smarthost.username")), 1613 1613 + "expected smarthost.username error, got {errors:?}" 1614 1614 + ); 1615 1615 + } 1616 1616 + 1617 1617 + #[test] 1618 1618 + fn email_validate_rejects_bad_dkim_selector() { 1619 1619 + let cfg = email_config_for_test(EmailOverrides { 1620 1620 + from_address: Some("alice@nel.pet"), 1621 1621 + dkim_selector: Some("-bad"), 1622 1622 + dkim_domain: Some("nel.pet"), 1623 1623 + dkim_key_path: Some("/etc/dkim.key"), 1624 1624 + ..Default::default() 1625 1625 + }); 1626 1626 + let mut errors = Vec::new(); 1627 1627 + cfg.validate("test.local", &mut errors); 1628 1628 + assert!( 1629 1629 + errors.iter().any(|e| e.contains("dkim.selector")), 1630 1630 + "expected dkim.selector error, got {errors:?}" 1631 1631 + ); 1632 1632 + } 1633 1633 + 1634 1634 + #[derive(Default)] 1635 1635 + struct EmailOverrides { 1636 1636 + from_address: Option<&'static str>, 1637 1637 + smarthost_host: Option<&'static str>, 1638 1638 + smarthost_username: Option<&'static str>, 1639 1639 + smarthost_password: Option<&'static str>, 1640 1640 + dkim_selector: Option<&'static str>, 1641 1641 + dkim_domain: Option<&'static str>, 1642 1642 + dkim_key_path: Option<&'static str>, 1643 1643 + } 1644 1644 + 1645 1645 + fn email_config_for_test(o: EmailOverrides) -> EmailConfig { 1646 1646 + EmailConfig { 1647 1647 + from_address: o.from_address.map(str::to_string), 1648 1648 + from_name: "Tranquil PDS".to_string(), 1649 1649 + helo_name: None, 1650 1650 + smarthost: SmarthostConfig { 1651 1651 + host: o.smarthost_host.map(str::to_string), 1652 1652 + port: 587, 1653 1653 + username: o.smarthost_username.map(str::to_string), 1654 1654 + password: o.smarthost_password.map(str::to_string), 1655 1655 + tls: "starttls".to_string(), 1656 1656 + pool_size: 4, 1657 1657 + command_timeout_secs: 30, 1658 1658 + total_timeout_secs: 60, 1659 1659 + }, 1660 1660 + direct_mx: DirectMxConfig { 1661 1661 + command_timeout_secs: 30, 1662 1662 + total_timeout_secs: 60, 1663 1663 + max_concurrent_sends: 8, 1664 1664 + require_tls: false, 1665 1665 + }, 1666 1666 + dkim: DkimConfig { 1667 1667 + selector: o.dkim_selector.map(str::to_string), 1668 1668 + domain: o.dkim_domain.map(str::to_string), 1669 1669 + private_key_path: o.dkim_key_path.map(str::to_string), 1670 1670 + }, 1671 1671 + } 1672 1672 + } 1443 1673 }