def test_reverse_prev_secrets(): orig_addr = '*****@*****.**' new_srs = srslib.SRS(b'new secret', prev_secrets=[_srs._secret]) ctl_srs = srslib.SRS(b'new secret') srs0_addr = _srs.forward(orig_addr, '1st.com') assert new_srs.reverse(srs0_addr) == orig_addr with pytest.raises(srslib.InvalidHashError): ctl_srs.reverse(srs0_addr) addr = srs0_addr for i in range(2, 11): addr = _srs.forward(addr, '%d.com' % i) rev_addr = new_srs.reverse(addr) assert rev_addr == srs0_addr with pytest.raises(srslib.InvalidHashError): ctl_srs.reverse(rev_addr)
def test_check_timestamp(): past_srs = srslib.SRS(_srs._secret) now_srs = srslib.SRS(_srs._secret, validity_days=10) now = time.time() now_srs._time_fn = lambda: now i = 0 while True: past_srs._time_fn = lambda: now - i * srslib.SRS._SECONDS_IN_DAY if i > 0 and past_srs.generate_ts() == now_srs.generate_ts(): break srs0_addr = past_srs.forward('*****@*****.**', '1st.com') if i < now_srs._validity_days: now_srs.reverse(srs0_addr) else: with pytest.raises(srslib.InvalidTimestampError): now_srs.reverse(srs0_addr) i += 1
def postfix_recipient_map(recipient): """ Rewrite the envelope recipient if it is a valid SRS address. This is meant for bounces to go back to the original sender. """ srs = srslib.SRS(flask.current_app.configMail["MAIL_SECRET_KEY"]) if srslib.SRS.is_srs_address(recipient): try: return flask.jsonify(srs.reverse(recipient)) except srslib.Error as error: return flask.abort(404) return flask.abort(404)
def postfix_sender_map(sender): """ Rewrite the envelope sender in case the mail was not emitted by us. This is for bounces to come back the reverse path properly. """ srs = srslib.SRS(flask.current_app.configMail["MAIL_SECRET_KEY"]) domain = flask.current_app.configMail["MAIL_DOMAIN"] try: localpart, domain_name = models.Email.resolve_domain(sender) except Exception as error: return flask.abort(404) if models.Domain.query.get(domain_name): return flask.abort(404) return flask.jsonify(srs.forward(sender, domain))
# Unless required by applicable law or agreed to in writing, software # # distributed under the License is distributed on an "AS IS" BASIS, # # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # # See the License for the specific language governing permissions and # # limitations under the License. # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # """Tests for srslib.""" import re import pytest import srslib import time # Default instance for testing. _srs = srslib.SRS(b'12345678') def test_forward_1st_hop(): srs0_addr = _srs.forward('*****@*****.**', '1st.com') assert re.match( r'SRS0=[A-Za-z0-9+/]{4}=[A-Z2-7]{2}=example[.]com=alice@1st[.]com$', srs0_addr) def test_forward_2nd_hop(): srs1_addr = _srs.forward('[email protected]', '2nd.com') assert re.match( r'SRS1=[A-Za-z0-9+/]{4}=1st[.]com=-ASd[+]=11=example[.]com=alice@2nd[.]com$', srs1_addr)