dcrouter/test/suite/smtpclient_connection/test.ccm-02.tls-connection.ts

import { tap, expect } from '@git.zone/tstest/tapbundle';
import { startTestServer, stopTestServer, type ITestServer } from '../../helpers/server.loader.js';
import { createSmtpClient } from '../../../ts/mail/delivery/smtpclient/index.js';
import type { SmtpClient } from '../../../ts/mail/delivery/smtpclient/smtp-client.js';
import { Email } from '../../../ts/mail/core/classes.email.js';

let testServer: ITestServer;
let smtpClient: SmtpClient;

tap.test('setup - start SMTP server with TLS', async () => {
  testServer = await startTestServer({
    port: 2526,
    tlsEnabled: true,
    authRequired: false
  });
  
  expect(testServer.port).toEqual(2526);
  expect(testServer.config.tlsEnabled).toBeTrue();
});

tap.test('CCM-02: TLS Connection - should establish secure connection', async () => {
  const startTime = Date.now();
  
  try {
    // Create SMTP client with TLS
    smtpClient = createSmtpClient({
      host: testServer.hostname,
      port: testServer.port,
      secure: true,
      connectionTimeout: 10000,
      tls: {
        rejectUnauthorized: false // For self-signed test certificates
      },
      debug: true
    });
    
    // Verify secure connection
    const isConnected = await smtpClient.verify();
    expect(isConnected).toBeTrue();
    
    const duration = Date.now() - startTime;
    console.log(`✅ TLS connection established in ${duration}ms`);
    
  } catch (error) {
    const duration = Date.now() - startTime;
    console.error(`❌ TLS connection failed after ${duration}ms:`, error);
    throw error;
  }
});

tap.test('CCM-02: TLS Connection - should send email over secure connection', async () => {
  const email = new Email({
    from: 'test@example.com',
    to: 'recipient@example.com',
    subject: 'TLS Connection Test',
    text: 'This email was sent over a secure TLS connection',
    html: '<p>This email was sent over a <strong>secure TLS connection</strong></p>'
  });
  
  const result = await smtpClient.sendMail(email);
  
  expect(result.success).toBeTrue();
  expect(result.acceptedRecipients).toContain('recipient@example.com');
  expect(result.rejectedRecipients).toBeArray();
  expect(result.rejectedRecipients.length).toEqual(0);
  
  console.log('✅ Email sent successfully over TLS');
  console.log('📧 Message ID:', result.messageId);
});

tap.test('CCM-02: TLS Connection - should validate certificate options', async () => {
  let errorThrown = false;
  
  try {
    // Create client with strict certificate validation
    const strictClient = createSmtpClient({
      host: testServer.hostname,
      port: testServer.port,
      secure: true,
      connectionTimeout: 5000,
      tls: {
        rejectUnauthorized: true, // Strict validation
        servername: testServer.hostname
      }
    });
    
    await strictClient.verify();
    await strictClient.close();
  } catch (error) {
    errorThrown = true;
    // Expected to fail with self-signed certificate
    expect(error).toBeInstanceOf(Error);
    console.log('✅ Certificate validation working correctly');
  }
  
  // For self-signed certs, strict validation should fail
  expect(errorThrown).toBeTrue();
});

tap.test('CCM-02: TLS Connection - should support custom TLS options', async () => {
  const tlsClient = createSmtpClient({
    host: testServer.hostname,
    port: testServer.port,
    secure: true,
    connectionTimeout: 10000,
    tls: {
      rejectUnauthorized: false,
      minVersion: 'TLSv1.2',
      maxVersion: 'TLSv1.3'
    }
  });
  
  const isConnected = await tlsClient.verify();
  expect(isConnected).toBeTrue();
  
  await tlsClient.close();
  console.log('✅ Custom TLS options accepted');
});

tap.test('CCM-02: TLS Connection - should handle TLS handshake errors', async () => {
  // Start a non-TLS server to test handshake failure
  const nonTlsServer = await startTestServer({
    port: 2527,
    tlsEnabled: false
  });
  
  let errorThrown = false;
  
  try {
    const failClient = createSmtpClient({
      host: nonTlsServer.hostname,
      port: nonTlsServer.port,
      secure: true, // Try TLS on non-TLS server
      connectionTimeout: 5000,
      tls: {
        rejectUnauthorized: false
      }
    });
    
    await failClient.verify();
  } catch (error) {
    errorThrown = true;
    expect(error).toBeInstanceOf(Error);
    console.log('✅ TLS handshake error handled correctly');
  }
  
  expect(errorThrown).toBeTrue();
  
  await stopTestServer(nonTlsServer);
});

tap.test('cleanup - close SMTP client', async () => {
  if (smtpClient && smtpClient.isConnected()) {
    await smtpClient.close();
  }
});

tap.test('cleanup - stop SMTP server', async () => {
  await stopTestServer(testServer);
});

tap.start();
update 2025-05-24 16:19:19 +00:00			`import { tap, expect } from '@git.zone/tstest/tapbundle';`
			`import { startTestServer, stopTestServer, type ITestServer } from '../../helpers/server.loader.js';`
			`import { createSmtpClient } from '../../../ts/mail/delivery/smtpclient/index.js';`
			`import type { SmtpClient } from '../../../ts/mail/delivery/smtpclient/smtp-client.js';`
			`import { Email } from '../../../ts/mail/core/classes.email.js';`

			`let testServer: ITestServer;`
			`let smtpClient: SmtpClient;`

			`tap.test('setup - start SMTP server with TLS', async () => {`
			`testServer = await startTestServer({`
			`port: 2526,`
			`tlsEnabled: true,`
			`authRequired: false`
			`});`

			`expect(testServer.port).toEqual(2526);`
			`expect(testServer.config.tlsEnabled).toBeTrue();`
			`});`

			`tap.test('CCM-02: TLS Connection - should establish secure connection', async () => {`
			`const startTime = Date.now();`

			`try {`
			`// Create SMTP client with TLS`
			`smtpClient = createSmtpClient({`
			`host: testServer.hostname,`
			`port: testServer.port,`
			`secure: true,`
			`connectionTimeout: 10000,`
			`tls: {`
			`rejectUnauthorized: false // For self-signed test certificates`
			`},`
			`debug: true`
			`});`

			`// Verify secure connection`
			`const isConnected = await smtpClient.verify();`
			`expect(isConnected).toBeTrue();`

			`const duration = Date.now() - startTime;`
			console.log(`✅ TLS connection established in ${duration}ms`);

			`} catch (error) {`
			`const duration = Date.now() - startTime;`
			console.error(`❌ TLS connection failed after ${duration}ms:`, error);
			`throw error;`
			`}`
			`});`

			`tap.test('CCM-02: TLS Connection - should send email over secure connection', async () => {`
			`const email = new Email({`
			`from: 'test@example.com',`
			`to: 'recipient@example.com',`
			`subject: 'TLS Connection Test',`
			`text: 'This email was sent over a secure TLS connection',`
			`html: '<p>This email was sent over a <strong>secure TLS connection</strong></p>'`
			`});`

			`const result = await smtpClient.sendMail(email);`

			`expect(result.success).toBeTrue();`
			`expect(result.acceptedRecipients).toContain('recipient@example.com');`
			`expect(result.rejectedRecipients).toBeArray();`
			`expect(result.rejectedRecipients.length).toEqual(0);`

			`console.log('✅ Email sent successfully over TLS');`
			`console.log('📧 Message ID:', result.messageId);`
			`});`

			`tap.test('CCM-02: TLS Connection - should validate certificate options', async () => {`
			`let errorThrown = false;`

			`try {`
			`// Create client with strict certificate validation`
			`const strictClient = createSmtpClient({`
			`host: testServer.hostname,`
			`port: testServer.port,`
			`secure: true,`
			`connectionTimeout: 5000,`
			`tls: {`
			`rejectUnauthorized: true, // Strict validation`
			`servername: testServer.hostname`
			`}`
			`});`

			`await strictClient.verify();`
			`await strictClient.close();`
			`} catch (error) {`
			`errorThrown = true;`
			`// Expected to fail with self-signed certificate`
			`expect(error).toBeInstanceOf(Error);`
			`console.log('✅ Certificate validation working correctly');`
			`}`

			`// For self-signed certs, strict validation should fail`
			`expect(errorThrown).toBeTrue();`
			`});`

			`tap.test('CCM-02: TLS Connection - should support custom TLS options', async () => {`
			`const tlsClient = createSmtpClient({`
			`host: testServer.hostname,`
			`port: testServer.port,`
			`secure: true,`
			`connectionTimeout: 10000,`
			`tls: {`
			`rejectUnauthorized: false,`
			`minVersion: 'TLSv1.2',`
			`maxVersion: 'TLSv1.3'`
			`}`
			`});`

			`const isConnected = await tlsClient.verify();`
			`expect(isConnected).toBeTrue();`

			`await tlsClient.close();`
			`console.log('✅ Custom TLS options accepted');`
			`});`

			`tap.test('CCM-02: TLS Connection - should handle TLS handshake errors', async () => {`
			`// Start a non-TLS server to test handshake failure`
			`const nonTlsServer = await startTestServer({`
			`port: 2527,`
			`tlsEnabled: false`
			`});`

			`let errorThrown = false;`

			`try {`
			`const failClient = createSmtpClient({`
			`host: nonTlsServer.hostname,`
			`port: nonTlsServer.port,`
			`secure: true, // Try TLS on non-TLS server`
			`connectionTimeout: 5000,`
			`tls: {`
			`rejectUnauthorized: false`
			`}`
			`});`

			`await failClient.verify();`
			`} catch (error) {`
			`errorThrown = true;`
			`expect(error).toBeInstanceOf(Error);`
			`console.log('✅ TLS handshake error handled correctly');`
			`}`

			`expect(errorThrown).toBeTrue();`

			`await stopTestServer(nonTlsServer);`
			`});`

			`tap.test('cleanup - close SMTP client', async () => {`
			`if (smtpClient && smtpClient.isConnected()) {`
			`await smtpClient.close();`
			`}`
			`});`

			`tap.test('cleanup - stop SMTP server', async () => {`
			`await stopTestServer(testServer);`
			`});`

			`tap.start();`