Dirty commit - refactoring starttls ad test into three separate ones

22 files changed, 618 insertions, 22 deletions

diff --git a/check/magma/core/core_check.c b/check/magma/core/core_check.c
index 1cfc279a..64a34e82 100644
--- a/check/magma/core/core_check.c
+++ b/check/magma/core/core_check.c
@@ -878,7 +878,7 @@ START_TEST (check_ip_private_s) {
 	bool_t result = true;
 	stringer_t *errmsg = MANAGEDBUF(1024);
 
-	if (status()) result = check_ip_private_scheck(errmsg);
+	if (status()) result = check_ip_private_sthread(errmsg);
 
 	log_test("CORE / HOST / ADDRESS / PRIVATE / SINGLE THREADED:", errmsg);
 	ck_assert_msg(result, st_char_get(errmsg));
@@ -892,7 +892,7 @@ START_TEST (check_ip_localhost_s) {
 	bool_t result = true;
 	stringer_t *errmsg = MANAGEDBUF(1024);
 
-	if (status()) result = check_ip_localhost_scheck(errmsg);
+	if (status()) result = check_ip_localhost_sthread(errmsg);
 
 	log_test("CORE / HOST / ADDRESS / LOCAL / SINGLE THREADED:", errmsg);
 	ck_assert_msg(result, st_char_get(errmsg));
diff --git a/check/magma/core/core_check.h b/check/magma/core/core_check.h
index c3ee5ca1..3789742d 100644
--- a/check/magma/core/core_check.h
+++ b/check/magma/core/core_check.h
@@ -51,6 +51,11 @@ void	  check_inx_append_test(inx_t *);
 bool_t 	  check_inx_append_sthread(MAGMA_INDEX, stringer_t*);
 bool_t 	  check_inx_append_mthread(MAGMA_INDEX, stringer_t*);
 
+/// ip_check.c
+bool_t check_uint16_to_hex_st(uint16_t val, stringer_t *buff);
+bool_t check_ip_private_sthread(stringer_t *errmsg);
+bool_t check_ip_localhost_sthread(stringer_t *errmsg);
+
 /// linked_check.c
 bool_t   check_indexes_linked_cursor(char **errmsg);
 bool_t   check_indexes_linked_cursor_compare(uint64_t values[], inx_cursor_t *cursor);
diff --git a/check/magma/core/ip_check.c b/check/magma/core/ip_check.c
index 7ecb8ba3..e87594d1 100644
--- a/check/magma/core/ip_check.c
+++ b/check/magma/core/ip_check.c
@@ -7,6 +7,35 @@
 
 #include "magma_check.h"
 
+bool_t check_uint16_to_hex_st(uint16_t val, stringer_t *buff) {
+
+	uint32_t digits[4] = { 0, 0, 0, 0 };
+	chr_t *hex_chrs = "0123456789abcdef";
+
+	if ((st_length_get(buff) + st_avail_get(buff)) < 5) return false;
+
+	digits[0] = val / 4096;
+	val -= digits[0] * 4096;
+
+	digits[1] = val / 256;
+	val -= digits[1] * 256;
+
+	digits[2] = val / 16;
+	val -= digits[2] * 16;
+
+	digits[3] = val;
+
+	st_wipe(buff);
+
+	if (st_sprint(buff, "%c%c%c%c", *(hex_chrs + digits[0]), *(hex_chrs + digits[1]),
+		*(hex_chrs + digits[2]), *(hex_chrs + digits[3])) == -1) {
+
+		return false;
+	}
+
+	return true;
+}
+
 void check_address_standard_s (int _i CK_ATTRIBUTE_UNUSED) {
 
 	log_disable();
@@ -319,10 +348,12 @@ void check_address_octet_s (int _i CK_ATTRIBUTE_UNUSED) {
 	ck_assert_msg(!errmsg, st_char_get(errmsg));
 }
 
-bool_t check_ip_private_scheck(stringer_t *errmsg) {
+bool_t check_ip_private_sthread(stringer_t *errmsg) {
 
-	st_sprint(errmsg, "This check needs love. Touch me tender, and finish me off.");
-	return false;
+	ip_t ip;
+	uint16_t segments[4] = { 0, 0, 0, 0 };
+	stringer_t *ipstr = MANAGEDBUF(64), *hex_buffs[8] = { MANAGEDBUF(5), MANAGEDBUF(5), MANAGEDBUF(5), MANAGEDBUF(5),
+		MANAGEDBUF(5), MANAGEDBUF(5), MANAGEDBUF(5), MANAGEDBUF(5) };
 
 	/// MEDIUM: Write the private IP address checks.
 	///
@@ -330,42 +361,355 @@ bool_t check_ip_private_scheck(stringer_t *errmsg) {
 	/// the correct response.
 	///
 	/// Generate random addresses in the 10.0.0.0/8 range and verify the outcome.
+
+	st_wipe(ipstr);
+
+	segments[0] = 10;
+	for (size_t i = 0; i < 10; i++) {
+
+		for (size_t j = 1; j < 4; j++) segments[j] = rand() % 256;
+		st_sprint(ipstr, "%d.%d.%d.%d", segments[0], segments[1], segments[2], segments[3]);
+
+		if (!ip_addr_st(st_char_get(ipstr), &ip)) {
+			st_sprint(errmsg, "Failed to construct an ip address object. { ipstr = %.*s }",
+				st_length_int(ipstr), st_char_get(ipstr));
+			return false;
+		}
+		else if (!ip_private(&ip)) {
+			st_sprint(errmsg, "ip_private() failed to return true. { ipstr = %.*s }",
+				st_length_int(ipstr), st_char_get(ipstr));
+			return false;
+		}
+
+		st_wipe(ipstr);
+	}
+
 	/// Generate random addresses in the 127.0.0.0/8 range and verify the outcome (localhost).
+	segments[0] = 127;
+	for (size_t i = 0; i < 10; i++) {
+
+		for (size_t j = 1; j < 4; j++) segments[j] = rand() % 256;
+		st_sprint(ipstr, "%d.%d.%d.%d", segments[0], segments[1], segments[2], segments[3]);
+
+		if (!ip_addr_st(st_char_get(ipstr), &ip)) {
+			st_sprint(errmsg, "Failed to construct an ip address object. { ipstr = %.*s }",
+				st_length_int(ipstr), st_char_get(ipstr));
+			return false;
+		}
+		else if (!ip_private(&ip)) {
+			st_sprint(errmsg, "ip_private() failed to return true. { ipstr = %.*s }",
+				st_length_int(ipstr), st_char_get(ipstr));
+			return false;
+		}
+
+		st_wipe(ipstr);
+	}
+
 	/// Generate random addresses in the 172.16.0.0/12 range and verify the outcome.
+	segments[0] = 172;
+	for (size_t i = 0; i < 10; i++) {
+
+		segments[1] = 16 + (rand() % 16);
+		for (size_t j = 2; j < 4; j++) segments[j] = rand() % 256;
+		st_sprint(ipstr, "%d.%d.%d.%d", segments[0], segments[1], segments[2], segments[3]);
+
+		if (!ip_addr_st(st_char_get(ipstr), &ip)) {
+			st_sprint(errmsg, "Failed to construct an ip address object. { ipstr = %.*s }",
+				st_length_int(ipstr), st_char_get(ipstr));
+			return false;
+		}
+		else if (!ip_private(&ip)) {
+			st_sprint(errmsg, "ip_private() failed to return true. { ipstr = %.*s }",
+				st_length_int(ipstr), st_char_get(ipstr));
+			return false;
+		}
+
+		st_wipe(ipstr);
+	}
+
 	/// Generate random addresses in the 192.168.0.0/16 range and verify the outcome.
+	segments[0] = 192;
+	segments[1] = 168;
+	for (size_t i = 0; i < 10; i++) {
+
+		for (size_t j = 2; j < 4; j++) segments[j] = rand() % 256;
+		st_sprint(ipstr, "%d.%d.%d.%d", segments[0], segments[1], segments[2], segments[3]);
+
+		if (!ip_addr_st(st_char_get(ipstr), &ip)) {
+			st_sprint(errmsg, "Failed to construct an ip address object. { ipstr = %.*s }",
+				st_length_int(ipstr), st_char_get(ipstr));
+			return false;
+		}
+		else if (!ip_private(&ip)) {
+			st_sprint(errmsg, "ip_private() failed to return true. { ipstr = %.*s }",
+				st_length_int(ipstr), st_char_get(ipstr));
+			return false;
+		}
+
+		st_wipe(ipstr);
+	}
+
 	/// Generate random addresses in the 72.0.0.0/8 and 172.0.0.0/8 ranges then verify the outcome (non-private).
-	///
+	segments[0] = 72;
+	for (size_t i = 0; i < 10; i++) {
+
+		for (size_t j = 1; j < 4; j++) segments[j] = rand() % 256;
+		st_sprint(ipstr, "%d.%d.%d.%d", segments[0], segments[1], segments[2], segments[3]);
+
+		if (!ip_addr_st(st_char_get(ipstr), &ip)) {
+			st_sprint(errmsg, "Failed to construct an ip address object. { ipstr = %.*s }",
+				st_length_int(ipstr), st_char_get(ipstr));
+			return false;
+		}
+		else if (!ip_private(&ip)) {
+			st_sprint(errmsg, "ip_private() failed to return true. { ipstr = %.*s }",
+				st_length_int(ipstr), st_char_get(ipstr));
+			return false;
+		}
+
+		st_wipe(ipstr);
+	}
+
+	segments[0] = 172;
+	for (size_t i = 0; i < 10; i++) {
+
+		for (size_t j = 1; j < 4; j++) segments[j] = rand() % 256;
+		st_sprint(ipstr, "%d.%d.%d.%d", segments[0], segments[1], segments[2], segments[3]);
+
+		if (!ip_addr_st(st_char_get(ipstr), &ip)) {
+			st_sprint(errmsg, "Failed to construct an ip address object. { ipstr = %.*s }",
+				st_length_int(ipstr), st_char_get(ipstr));
+			return false;
+		}
+		else if (!ip_private(&ip)) {
+			st_sprint(errmsg, "ip_private() failed to return true. { ipstr = %.*s }",
+				st_length_int(ipstr), st_char_get(ipstr));
+			return false;
+		}
+
+		st_wipe(ipstr);
+	}
+
 	/// Generate an address using ::1 and verify the outcome.
+	if (!ip_addr_st("::1", &ip)) {
+		st_sprint(errmsg, "Failed to construct an ip address object. { ipstr = %.*s }",
+			st_length_int(ipstr), st_char_get(ipstr));
+		return false;
+	}
+	else if (!ip_private(&ip)) {
+		st_sprint(errmsg, "ip_private() failed to return true. { ipstr = %.*s }",
+			st_length_int(ipstr), st_char_get(ipstr));
+		return false;
+	}
+
+	st_wipe(ipstr);
+
 	/// Generate random addresses in the fc00::/7 range and verify the outcome.
+	for (size_t i = 0; i < 10; i++) {
+
+		for (size_t j = 1; j < 8; j++) check_uint16_to_hex_st(rand() % 65536, hex_buffs[j]);
+		st_sprint(ipstr, "fc00::%s::%s::%s::%s::%s::%s::%s", st_char_get(hex_buffs[1]), st_char_get(hex_buffs[2]),
+			st_char_get(hex_buffs[3]), st_char_get(hex_buffs[4]), st_char_get(hex_buffs[5]), st_char_get(hex_buffs[6]),
+			st_char_get(hex_buffs[7]));
+
+		if (!ip_addr_st(st_char_get(ipstr), &ip)) {
+			st_sprint(errmsg, "Failed to construct an ip address object. { ipstr = %.*s }",
+				st_length_int(ipstr), st_char_get(ipstr));
+			return false;
+		}
+		else if (!ip_private(&ip)) {
+			st_sprint(errmsg, "ip_private() failed to return true. { ipstr = %.*s }",
+				st_length_int(ipstr), st_char_get(ipstr));
+			return false;
+		}
+
+		st_wipe(ipstr);
+	}
+
 	/// Generate random addresses in the (pick well known non-private prefix)::/7 range and verify the outcome.
-	///
+
+
 	/// Generate random addresses in the private IPv4 ranges above and map them into the IPv4 to IPv6 compatability/translation
 	/// range... ::ffff:0:0/96 and verify the outcome.
-	///
+
+	segments[0] = 172;
+	for (size_t i = 0; i < 10; i++) {
+
+		for (size_t j = 1; j < 4; j++) segments[j] = rand() % 256;
+		st_sprint(ipstr, "::ffff:%d.%d.%d.%d", segments[0], segments[1], segments[2], segments[3]);
+
+		if (!ip_addr_st(st_char_get(ipstr), &ip)) {
+			st_sprint(errmsg, "Failed to construct an ip address object. { ipstr = %.*s }",
+				st_length_int(ipstr), st_char_get(ipstr));
+			return false;
+		}
+		else if (!ip_private(&ip)) {
+			st_sprint(errmsg, "ip_private() failed to return true. { ipstr = %.*s }",
+				st_length_int(ipstr), st_char_get(ipstr));
+			return false;
+		}
+
+		st_wipe(ipstr);
+	}
+
 	/// Finally, call ip_private() using an invalid IP address struct. This includes passing NULL. Providing an IP struct
 	/// with an address family other than AF_INET or AF_INET6 and any other edge case you can think of.
 
+	if (!ip_addr_st("0.42.42.42", &ip)) {
+
+		st_sprint(errmsg, "Failed to create invalid ip_t object.");
+		return false;
+	}
+	else if (ip_private(NULL) || ip_private(&ip)) {
+
+		st_sprint(errmsg, "ip_private() failed to return false when passed an invalid ip_t object.");
+		return false;
+	}
+
+	return true;
 }
 
-bool_t check_ip_localhost_scheck(stringer_t *errmsg) {
+bool_t check_ip_localhost_sthread(stringer_t *errmsg) {
 
-	st_sprint(errmsg, "This check needs love. Touch me tender, and finish me off.");
-	return false;
+	ip_t ip;
+	uint16_t segments[4] = { 0, 0, 0, 0 };
+	stringer_t *ipstr = MANAGEDBUF(64);/*, *hex_buffs[8] = { MANAGEDBUF(5), MANAGEDBUF(5), MANAGEDBUF(5), MANAGEDBUF(5),
+		MANAGEDBUF(5), MANAGEDBUF(5), MANAGEDBUF(5), MANAGEDBUF(5) };*/
 
 	/// MEDIUM: Write the localhost IP address checks.
 	///
 	/// Use the ip_addr_st() function to turn test addresses into IP address structs and confirm ip_localhost() returns
 	/// the correct response.
-	///
 	/// Generate random addresses in the 127.0.0.1/8 range and verify the outcome.
+
+	st_wipe(ipstr);
+
+	segments[0] = 127;
+	for (size_t i = 0; i < 10; i++) {
+
+		segments[1] = rand() % 256;
+		segments[2] = rand() % 256;
+		segments[3] = rand() % 255 + 1;
+
+		st_sprint(ipstr, "%d.%d.%d.%d", segments[0], segments[1], segments[2], segments[3]);
+
+		if (!ip_addr_st(st_char_get(ipstr), &ip)) {
+			st_sprint(errmsg, "Failed to construct an ip address object. { ipstr = %.*s }",
+				st_length_int(ipstr), st_char_get(ipstr));
+			return false;
+		}
+		else if (!ip_localhost(&ip)) {
+			st_sprint(errmsg, "ip_localhost() failed to return true. { ipstr = %.*s }",
+				st_length_int(ipstr), st_char_get(ipstr));
+			return false;
+		}
+
+		st_wipe(ipstr);
+	}
+
 	/// Generate random addresses in the 72.0.0.0/8 and 172.0.0.0/8 ranges then verify the outcome (non-private).
-	///
+
+	segments[0] = 72;
+	for (size_t i = 0; i < 10; i++) {
+
+		segments[1] = rand() % 256;
+		segments[2] = rand() % 256;
+		segments[3] = rand() % 255 + 1;
+
+		st_sprint(ipstr, "%d.%d.%d.%d", segments[0], segments[1], segments[2], segments[3]);
+
+		if (!ip_addr_st(st_char_get(ipstr), &ip)) {
+			st_sprint(errmsg, "Failed to construct an ip address object. { ipstr = %.*s }",
+				st_length_int(ipstr), st_char_get(ipstr));
+			return false;
+		}
+		else if (ip_localhost(&ip)) {
+			st_sprint(errmsg, "ip_localhost() failed to return true. { ipstr = %.*s }",
+				st_length_int(ipstr), st_char_get(ipstr));
+			return false;
+		}
+
+		st_wipe(ipstr);
+	}
+	segments[0] = 172;
+	for (size_t i = 0; i < 10; i++) {
+
+		segments[1] = rand() % 256;
+		segments[2] = rand() % 256;
+		segments[3] = rand() % 255 + 1;
+
+		st_sprint(ipstr, "%d.%d.%d.%d", segments[0], segments[1], segments[2], segments[3]);
+
+		if (!ip_addr_st(st_char_get(ipstr), &ip)) {
+			st_sprint(errmsg, "Failed to construct an ip address object. { ipstr = %.*s }",
+				st_length_int(ipstr), st_char_get(ipstr));
+			return false;
+		}
+		else if (ip_localhost(&ip)) {
+			st_sprint(errmsg, "ip_localhost() failed to return true. { ipstr = %.*s }",
+				st_length_int(ipstr), st_char_get(ipstr));
+			return false;
+		}
+
+		st_wipe(ipstr);
+	}
+
 	/// Generate an address using ::1 and verify the outcome.
+	if (!ip_addr_st("::1", &ip)) {
+		st_sprint(errmsg, "Failed to construct an ip address object. { ipstr = %.*s }",
+			st_length_int(ipstr), st_char_get(ipstr));
+		return false;
+	}
+	else if (!ip_localhost(&ip)) {
+		st_sprint(errmsg, "ip_localhost() failed to return true. { ipstr = %.*s }",
+			st_length_int(ipstr), st_char_get(ipstr));
+		return false;
+	}
+
+	st_wipe(ipstr);
+
 	/// Generate random addresses in the (pick well known non-private prefix)::/7 range and verify the outcome.
-	///
+
+
 	/// Generate IPv4 addresses in the range above and map them into the IPv4 to IPv6 compatability/translation
 	/// range... ::ffff:0:0/96 and verify the outcome.
-	///
+
+	segments[0] = 127;
+	for (size_t i = 0; i < 10; i++) {
+
+		segments[1] = rand() % 256;
+		segments[2] = rand() % 256;
+		segments[3] = rand() % 255 + 1;
+
+		st_sprint(ipstr, "::ffff:%d.%d.%d.%d", segments[0], segments[1], segments[2], segments[3]);
+
+		if (!ip_addr_st(st_char_get(ipstr), &ip)) {
+			st_sprint(errmsg, "Failed to construct an ip address object. { ipstr = %.*s }",
+				st_length_int(ipstr), st_char_get(ipstr));
+			return false;
+		}
+		else if (!ip_localhost(&ip)) {
+			st_sprint(errmsg, "ip_localhost() failed to return true. { ipstr = %.*s }",
+				st_length_int(ipstr), st_char_get(ipstr));
+			return false;
+		}
+
+		st_wipe(ipstr);
+	}
+
 	/// Finally, call ip_localhost() using an invalid IP address struct. This includes passing NULL. Providing an IP struct
 	/// with an address family other than AF_INET or AF_INET6 and any other edge case you can think of.
+
+	if (!ip_addr_st("0.42.42.42", &ip)) {
+
+		st_sprint(errmsg, "Failed to create invalid ip_t object.");
+		return false;
+	}
+	else if (ip_localhost(NULL) || ip_localhost(&ip)) {
+
+		st_sprint(errmsg, "ip_localhost() failed to return false when passed an invalid ip_t object.");
+		return false;
+	}
+
+	return true;
 }
diff --git a/check/magma/regression/regression_check.c b/check/magma/regression/regression_check.c
index 83575f41..dce5fefb 100644
--- a/check/magma/regression/regression_check.c
+++ b/check/magma/regression/regression_check.c
@@ -95,6 +95,26 @@ START_TEST (check_regression_imap_search_range_parsing_s) {
 }
 END_TEST
 
+START_TEST (check_regression_http_append_string_s) {
+
+	log_disable();
+	bool_t outcome = true;
+	server_t *server = NULL;
+	stringer_t *errmsg = MANAGEDBUF(1024);
+
+	if (!(server = servers_get_by_protocol(HTTP, false))) {
+		st_sprint(errmsg, "No HTTP servers were configured and available for testing.");
+		outcome = false;
+	}
+	else if (status()) {
+		outcome = check_regression_http_append_string(errmsg, server->network.port);
+	}
+
+	log_test("REGRESSION / HTTP / APPEND STRING / SINGLE THREADED:", errmsg);
+	ck_assert_msg(outcome, st_char_get(errmsg));
+}
+END_TEST
+
 Suite * suite_check_regression(void) {
 
 	Suite *s = suite_create("\tRegression");
@@ -102,6 +122,7 @@ Suite * suite_check_regression(void) {
 	suite_check_testcase(s, "REGRESSION", "Regression File Descriptors Leak/M", check_regression_file_descriptors_leak_m);
 	suite_check_testcase(s, "REGRESSION", "Regression SMTP Dot Stuffing/S", check_regression_smtp_dot_stuffing_s);
 	suite_check_testcase(s, "REGRESSION", "Regression IMAP Search Range Parsing/S", check_regression_imap_search_range_parsing_s);
+	suite_check_testcase(s, "REGRESSION", "Regression HTTP Append String/S", check_regression_http_append_string_s);
 
 	return s;
 }
diff --git a/check/magma/regression/regression_check.h b/check/magma/regression/regression_check.h
index d37d8ae5..8781b6ed 100644
--- a/check/magma/regression/regression_check.h
+++ b/check/magma/regression/regression_check.h
@@ -12,6 +12,7 @@ void check_regression_file_descriptors_leak_test(void);
 bool_t check_client_dot_stuff(client_t *client, chr_t *token);
 bool_t check_regression_smtp_dot_stuffing_sthread(stringer_t *errmsg);
 bool_t check_regression_imap_search_range_parsing_sthread(stringer_t *errmsg, uint32_t port);
+bool_t check_regression_http_append_string(stringer_t *errmsg, uint32_t port);
 
 Suite * suite_check_regression(void);
 
diff --git a/check/magma/regression/regression_check_helpers.c b/check/magma/regression/regression_check_helpers.c
index 34d3e5d1..f10bf193 100644
--- a/check/magma/regression/regression_check_helpers.c
+++ b/check/magma/regression/regression_check_helpers.c
@@ -180,3 +180,33 @@ bool_t check_regression_imap_search_range_parsing_sthread(stringer_t *errmsg, ui
 	client_close(client);
 	return true;
 }
+
+bool_t check_regression_http_append_string(stringer_t *errmsg, uint32_t port) {
+
+	// The bug that this test checks for should show up in the server log as:
+	// "The append string appears to be empty."
+
+	client_t *client = NULL;
+	chr_t *message = "POST /portal/camel HTTP/1.1\r\nHost: localhost:10000\r\nAccept: */*\r\n" \
+		"Content-Type: application/x-www-form-urlencoded\r\nContent-Length: 10000\r\n\r\n" \
+		"Foo Bar Baz\r\n";
+
+	// Connect the client.
+	if (!(client = client_connect("localhost", port)) || !net_set_timeout(client->sockd, 20, 20)) {
+
+		st_sprint(errmsg, "Failed to connect with the IMAP server over TCP.");
+		client_close(client);
+		return false;
+	}
+	// Send an HTTP message with an improperly long Content-Length header.
+	else if (client_write(client, NULLER(message)) != ns_length_get(message)) {
+
+		st_sprint(errmsg, "Failed to write the HTTP message to the client.");
+		client_close(client);
+		return false;
+	}
+	// Force close the connection.
+	client_close(client);
+
+	return true;
+}
diff --git a/check/magma/servers/http/http_check.c b/check/magma/servers/http/http_check.c
index 53d5b222..2084986a 100644
--- a/check/magma/servers/http/http_check.c
+++ b/check/magma/servers/http/http_check.c
@@ -55,7 +55,7 @@ START_TEST (check_http_network_options_s) {
 	stringer_t *errmsg = MANAGEDBUF(1024);
 
 	if (!(server = servers_get_by_protocol(HTTP, true))) {
-		st_sprint(errmsg, "No HTTP servers were configured to support TCP connections.");
+		st_sprint(errmsg, "No HTTP servers were configured to support TLS connections.");
 		outcome = false;
 	}
 	else if (status() && !check_http_network_options_sthread(errmsg, server->network.port, true)) {
@@ -67,10 +67,31 @@ START_TEST (check_http_network_options_s) {
 }
 END_TEST
 
+START_TEST (check_http_mime_types_s) {
+
+	log_disable();
+	bool_t outcome = true;
+	server_t *server = NULL;
+	stringer_t *errmsg = MANAGEDBUF(1024);
+
+	if (!(server = servers_get_by_protocol(HTTP, true))) {
+		st_sprint(errmsg, "No HTTP servers were configured to support TLS connections.");
+		outcome = false;
+	}
+	else if (status() && !check_http_mime_types_sthread(errmsg, server->network.port, true)) {
+		outcome = false;
+	}
+
+	log_test("HTTP / MIME TYPES / SINGLE THREADED:", errmsg);
+	ck_assert_msg(outcome, st_char_get(errmsg));
+}
+END_TEST
+
 Suite * suite_check_http(void) {
 
 	Suite *s = suite_create("\tHTTP");
 
+	suite_check_testcase(s, "HTTP", "HTTP MIME Types/S", check_http_mime_types_s);
 	suite_check_testcase(s, "HTTP", "HTTP Network Basic/ TCP/S", check_http_network_basic_tcp_s);
 	suite_check_testcase(s, "HTTP", "HTTP Network Basic/ TLS/S", check_http_network_basic_tls_s);
 	suite_check_testcase(s, "HTTP", "HTTP Network Options/S", check_http_network_options_s);
diff --git a/check/magma/servers/http/http_check.h b/check/magma/servers/http/http_check.h
index 75387e88..b6982893 100644
--- a/check/magma/servers/http/http_check.h
+++ b/check/magma/servers/http/http_check.h
@@ -13,6 +13,7 @@ int32_t check_http_content_length_get(client_t *client);
 bool_t check_http_content_length_test(client_t *client, uint32_t content_length, stringer_t *errmsg);
 bool_t check_http_network_basic_sthread(stringer_t *errmsg, uint32_t port, bool_t secure);
 bool_t check_http_network_options_sthread(stringer_t *errmsg, uint32_t port, bool_t secure);
+bool_t check_http_mime_types_sthread(stringer_t *errmsg, uint32_t port, bool_t secure);
 
 Suite * suite_check_http(void);
 
diff --git a/check/magma/servers/http/http_check_network.c b/check/magma/servers/http/http_check_network.c
index 52c2e781..57f2593f 100644
--- a/check/magma/servers/http/http_check_network.c
+++ b/check/magma/servers/http/http_check_network.c
@@ -166,3 +166,70 @@ bool_t check_http_network_options_sthread(stringer_t *errmsg, uint32_t port, boo
 
 	return true;
 }
+
+bool_t check_http_mime_types_sthread(stringer_t *errmsg, uint32_t port, bool_t secure) {
+
+	size_t delim_index = 0;
+	media_type_t *media_type = NULL;
+	stringer_t *content_type = MANAGEDBUF(128), *group = NULL, *sub = NULL;
+	placer_t header_pl = pl_null(), group_pl = pl_null(), sub_pl = pl_null();
+	chr_t *types[] = {"application/octet-stream", "audio/aiff", "audio/aiff", "audio/basic", "video/avi", "image/bmp",
+		"application/x-bzip", "application/x-bzip2", "text/x-c", "application/java", "text/plain", "text/x-c", "application/x-x509-ca-cert",
+		"text/css", "text/csv", "application/msword", "application/msword", "video/x-flv", "image/gif", "application/gzip", "text/x-h",
+		"text/html", "text/html", "image/x-icon", "application/inf", "text/x-java-source", "image/jpeg", "image/jpeg", "image/jpeg",
+		"image/jpeg", "application/javascript", "application/json", "text/plain", "application/x-lzh", "application/x-lzh", "video/mpeg",
+		"video/mpeg", "video/mpeg", "audio/midi", "audio/midi", "video/quicktime", "audio/mpeg3", "video/mpeg", "video/mpeg",
+		"application/ogg", "application/pdf", "text-script.perl", "image/png", "application/mspowerpoint", "application/powerpoint",
+		"application/postscript", "text/x-script.python", "video/quicktime", "audio/x-realaudio", "application/rss+xml", "text/rtf",
+		"text/x-asm", "text/x-sgml", "text/x-sgml", "application/x-sh", "text/html", "application/x-shockwave-flash", "application/x-tar",
+		"application-xtcl", "text/plain", "application/x-compressed", "image/tiff", "image/tiff", "text/plain", "text/x-uuencode",
+		"text/x-uuencode", "audio/wav", "video/x-ms-wmv", "application/wordperfect", "application/wordperfect", "image/xbm",
+		"application/excel", "application/excel", "text/xml", "application/x-compressed", "application/zip"
+	}, *extensions[] = {
+		"" ".aif", ".aiff", ".au", ".avi", ".bmp", ".bz", ".bz2", ".c", ".class", ".conf", ".cpp", ".crt", ".css", ".csv", ".doc",
+		".dot", ".flv", ".gif", ".gz", ".h", ".htm", ".html", ".ico", ".inf", ".java", ".jfif", ".jpe", ".jpeg", ".jpg", ".js", ".json",
+		".lst", ".lzh", ".lzs", ".m1v", ".m2v", ".m4v", ".mid", ".midi", ".mov", ".mp3", ".mpeg", ".mpg", ".ogg", ".pdf", ".pl",
+		".png", ".pps", ".ppt", ".ps", ".py", ".qt", ".ra", ".rss", ".rtf", ".s", ".sgm", ".smgl", ".sh", ".shtml", ".swf", ".tar",
+		".tcl", ".text", ".tgz", ".tif", ".tiff", ".txt", ".uu", ".uue", ".wav", ".wmv", ".wp5", ".wp6", ".xbm", ".xl", ".xls", ".xml",
+		".z", ".zip"
+	};
+
+	for (size_t i = 0; i < sizeof(types)/sizeof(chr_t *); i++) {
+
+		st_wipe(content_type);
+		st_sprint(content_type, "Content-Type: %s\r\n", types[i]);
+		header_pl = pl_init(st_data_get(content_type), st_length_get(content_type));
+
+		if (!st_search_chr(NULLER(types[i]), '/', &delim_index)) {
+
+			st_sprint(errmsg, "Failed to split mime type.");
+			return false;
+		}
+
+		group_pl = pl_init(types[i], delim_index);
+		sub_pl = pl_init(types[i] + delim_index + 1, ns_length_get(types[i]) - delim_index);
+
+		if (!(group = mail_mime_type_group(header_pl)) || !(sub = mail_mime_type_sub(header_pl)) ||
+			st_cmp_cs_eq(&group_pl, &group) != 0 || st_cmp_cs_ends(&sub_pl, &sub) != 0) {
+
+			st_sprint(errmsg, "Failed to return correct group/sub values from content type header. " \
+				"{ header = %.*s , group = %.*s , sub = %.*s }", st_length_int(content_type), st_char_get(content_type),
+				st_length_int(group), st_char_get(group), st_length_int(sub), st_char_get(sub));
+			st_cleanup(group, sub);
+			return false;
+		}
+
+		if (!(media_type = mail_mime_get_media_type(extensions[i])) || media_type->name != types[i]) {
+
+			st_sprint(errmsg, "Failed to return the correct media type object for an extension. { extension = %s , type = %s }",
+				extensions[i], types[i]);
+			st_cleanup(group, sub);
+			return false;
+		}
+
+		st_cleanup(group, sub);
+		group = sub = NULL;
+	}
+
+	return true;
+}
diff --git a/check/magma/servers/imap/imap_check.c b/check/magma/servers/imap/imap_check.c
index a74b30d2..398216d8 100644
--- a/check/magma/servers/imap/imap_check.c
+++ b/check/magma/servers/imap/imap_check.c
@@ -86,6 +86,27 @@ START_TEST (check_imap_network_fetch_s) {
 }
 END_TEST
 
+START_TEST (check_imap_network_starttls_ad_s) {
+
+	log_disable();
+	bool_t outcome = true;
+	stringer_t *errmsg = MANAGEDBUF(1024);
+	server_t *tcp_server = NULL, *tls_server = NULL;
+
+	if (!(tcp_server = servers_get_by_protocol(IMAP, false)) || !(tls_server = servers_get_by_protocol(IMAP, true))) {
+		st_sprint(errmsg, "No IMAP servers were configured to support TCP connections.");
+		outcome = false;
+	}
+	else if (status() && !check_imap_network_starttls_ad_sthread(errmsg, tcp_server->network.port,
+		tls_server->network.port)) {
+
+		outcome = false;
+	}
+
+	log_test("IMAP / NETWORK / STARTTLS AD / SINGLE THREADED:", errmsg);
+	ck_assert_msg(outcome, st_char_get(errmsg));
+}
+
 Suite * suite_check_imap(void) {
 
 	Suite *s = suite_create("\tIMAP");
@@ -94,6 +115,7 @@ Suite * suite_check_imap(void) {
 	suite_check_testcase(s, "IMAP", "IMAP Network Basic/ TLS/S", check_imap_network_basic_tls_s);
 	suite_check_testcase(s, "IMAP", "IMAP Network Search/S", check_imap_network_search_s);
 	suite_check_testcase(s, "IMAP", "IMAP Network Fetch/S", check_imap_network_fetch_s);
+	suite_check_testcase(s, "IMAP", "IMAP Network STARTTLS Ad/S", check_imap_network_starttls_ad_s);
 
 	return s;
 }
diff --git a/check/magma/servers/imap/imap_check.h b/check/magma/servers/imap/imap_check.h
index 05e0bb29..961b3723 100644
--- a/check/magma/servers/imap/imap_check.h
+++ b/check/magma/servers/imap/imap_check.h
@@ -15,6 +15,7 @@ bool_t check_imap_client_close_logout(client_t *client, uint32_t tag_num, string
 bool_t check_imap_network_basic_sthread(stringer_t *errmsg, uint32_t port, bool_t secure);
 bool_t check_imap_network_search_sthread(stringer_t *errmsg, uint32_t port, bool_t secure);
 bool_t check_imap_network_fetch_sthread(stringer_t *errmsg, uint32_t port, bool_t secure);
+bool_t check_imap_network_starttls_ad_sthread(stringer_t *errmsg, uint32_t tcp_port, uint32_t tls_port);
 
 Suite * suite_check_imap(void);
 
diff --git a/check/magma/servers/imap/imap_check_network.c b/check/magma/servers/imap/imap_check_network.c
index 3c0cdd94..9a01ebcd 100644
--- a/check/magma/servers/imap/imap_check_network.c
+++ b/check/magma/servers/imap/imap_check_network.c
@@ -325,6 +325,7 @@ bool_t check_imap_network_fetch_sthread(stringer_t *errmsg, uint32_t port, bool_
 	if (!(client = client_connect("localhost", port)) || (secure && (client_secure(client) == -1)) ||
 		!net_set_timeout(client->sockd, 20, 20) || client_read_line(client) <= 0 || (client->status != 1) ||
 		st_cmp_cs_starts(&(client->line), NULLER("* OK"))) {
+
 		st_sprint(errmsg, "Failed to connect with the IMAP server.");
 		client_close(client);
 		return false;
@@ -346,6 +347,7 @@ bool_t check_imap_network_fetch_sthread(stringer_t *errmsg, uint32_t port, bool_
 
 		if (!(tag = st_alloc(uint32_digits(tag_num) + 2)) || (st_sprint(tag, "A%u", tag_num) != uint32_digits(tag_num) + 1) ||
 			!(success = st_merge("sn", tag, " OK"))) {
+
 			st_sprint(errmsg, "Failed to construct the tag or success strings. { i = %d }", i);
 			st_cleanup(tag, success);
 			client_close(client);
@@ -354,6 +356,7 @@ bool_t check_imap_network_fetch_sthread(stringer_t *errmsg, uint32_t port, bool_
 		else if (client_print(client, "%s %s\r\n", st_char_get(tag), commands[i]) <= 0 ||
 			!check_imap_client_read_end(client, st_char_get(tag)) || client_status(client) != 1 ||
 			st_cmp_cs_starts(&(client->line), success)) {
+
 			st_sprint(errmsg, "Failed to return a successful status. { command = \"%s\" }", commands[i]);
 			st_cleanup(tag, success);
 			client_close(client);
@@ -373,3 +376,24 @@ bool_t check_imap_network_fetch_sthread(stringer_t *errmsg, uint32_t port, bool_
 	return true;
 }
 
+bool_t check_imap_network_starttls_advertisement_sthread(stringer_t *errmsg, uint32_t tcp_port, uint32_t tls_port) {
+
+	client_t *client = NULL;
+
+	// Check the initial response.
+	if (!(client = client_connect("localhost", port)) || (secure && (client_secure(client) == -1)) ||
+		!net_set_timeout(client->sockd, 20, 20) || client_read_line(client) <= 0 || (client->status != 1) ||
+		st_cmp_cs_starts(&(client->line), NULLER("* OK"))) {
+
+		st_sprint(errmsg, "Failed to connect with the IMAP server.");
+		client_close(client);
+		return false;
+	}
+
+	// Check for STARTTLS in the capabilities when connected over TCP.
+	// Reconnect the client via TLS.
+	// Check for the absense of STARTTLS in the capabilities when connected over TLS.
+
+	client_close(client);
+	return true;
+}
diff --git a/check/magma/servers/pop/pop_check.c b/check/magma/servers/pop/pop_check.c
index b3b1c45e..6d5d5ea5 100644
--- a/check/magma/servers/pop/pop_check.c
+++ b/check/magma/servers/pop/pop_check.c
@@ -46,12 +46,32 @@ START_TEST (check_pop_network_basic_tls_s) {
 }
 END_TEST
 
+START_TEST (check_pop_network_stls_advertisement_s) {
+
+	log_disable();
+	bool_t outcome = true;
+	stringer_t *errmsg = MANAGEDBUF(1024);
+	server_t *tcp_server = NULL, tls_server = NULL;
+
+	if (status() && !(tls = servers_get_by_protocol(POP, false)) || !(tls_server = servers_get_by_protocol(POP, true))) {
+		st_sprint(errmsg, "No POP servers were configured to support TLS connections.");
+		outcome = false;
+	}
+	else if (status() && !check_pop_network_basic_sthread(errmsg, tcp_server->network.port, tls_server->network.port)) {
+		outcome = false;
+	}
+
+	log_test("POP / NETWORK / STLS ADVERTISEMENT / SINGLE THREADED:", errmsg);
+	ck_assert_msg(outcome, st_char_get(errmsg));
+}
+
 Suite * suite_check_pop(void) {
 
 	Suite *s = suite_create("\tPOP");
 
 	suite_check_testcase(s, "POP", "POP Network Basic / TCP/S", check_pop_network_basic_tcp_s);
 	suite_check_testcase(s, "POP", "POP Network Basic / TLS/S", check_pop_network_basic_tls_s);
+	suite_check_testcase(s, "POP", "POP Network STLS Advertisement/S", check_pop_network_stls_advertisement);
 
 	return s;
 }
diff --git a/check/magma/servers/pop/pop_check.h b/check/magma/servers/pop/pop_check.h
index a5ea7d8c..51a1a12b 100644
--- a/check/magma/servers/pop/pop_check.h
+++ b/check/magma/servers/pop/pop_check.h
@@ -12,6 +12,7 @@ uint64_t check_pop_client_read_list(client_t *client, stringer_t *errmsg);
 bool_t check_pop_client_read_end(client_t *client, uint64_t* size, chr_t *token);
 bool_t 	check_pop_network_basic_sthread(stringer_t *errmsg, uint32_t port, bool_t secure);
 bool_t check_pop_client_auth(client_t *client, chr_t *user, chr_t *pass, stringer_t *errmsg);
+bool_t check_pop_network_stls_ad(stringer_t *errmsg, uint32_t tcp_port, uint32_t tls_port);
 
 /// pop_check.c
 Suite * suite_check_pop(void);
diff --git a/check/magma/servers/pop/pop_check_network.c b/check/magma/servers/pop/pop_check_network.c
index 348e683d..b8f953fe 100644
--- a/check/magma/servers/pop/pop_check_network.c
+++ b/check/magma/servers/pop/pop_check_network.c
@@ -209,3 +209,20 @@ bool_t check_pop_network_basic_sthread(stringer_t *errmsg, uint32_t port, bool_t
 
 	return true;
 }
+
+bool_t check_pop_network_stls_advertisement_sthread(stringer_t *errmsg, uint32_t tcp_port, uint32_t tls_port) {
+
+	client_t *client = NULL;
+
+	// Connect the client.
+	if (!(client = client_connect("localhost", port)) || (secure && (client_secure(client) == -1)) ||
+		!net_set_timeout(client->sockd, 20, 20) || client_read_line(client) <= 0 || client_status(client) != 1 ||
+		st_cmp_cs_starts(&(client->line), NULLER("+OK"))) {
+
+		st_sprint(errmsg, "Failed to connect with the POP server.");
+		client_close(client);
+		return false;
+	}
+
+	return true;
+}
diff --git a/check/magma/servers/smtp/checkers_check.c b/check/magma/servers/smtp/checkers_check.c
index a031707a..37bc6e13 100644
--- a/check/magma/servers/smtp/checkers_check.c
+++ b/check/magma/servers/smtp/checkers_check.c
@@ -260,3 +260,9 @@ bool_t check_smtp_checkers_filters_sthread(stringer_t *errmsg, int_t action, int
 
 	return true;
 }
+
+bool_t check_smtp_checkers_rbl_sthread(stringer_t *errmsg) {
+
+	st_sprint(errmsg, "This test is a stub and needs implemented.");
+	return false;
+}
diff --git a/check/magma/servers/smtp/smtp_check.c b/check/magma/servers/smtp/smtp_check.c
index b9b36c9e..a288c8fc 100644
--- a/check/magma/servers/smtp/smtp_check.c
+++ b/check/magma/servers/smtp/smtp_check.c
@@ -90,6 +90,19 @@ START_TEST (check_smtp_checkers_filters_s) {
 }
 END_TEST
 
+START_TEST (check_smtp_checkers_rbl_s) {
+
+	log_disable();
+	bool_t outcome = true;
+	stringer_t *errmsg = MANAGEDBUF(1024);
+
+	if (status()) outcome = check_smtp_checkers_rbl_sthread(errmsg);
+
+	log_test("SMTP / CHECKERS / RBL / SINGLE THREADED:", errmsg);
+	ck_assert_msg(outcome, st_char_get(errmsg));
+}
+END_TEST
+
 START_TEST (check_smtp_network_auth_plain_s) {
 
 	log_disable();
@@ -185,6 +198,7 @@ Suite * suite_check_smtp(void) {
 	suite_check_testcase(s, "SMTP", "SMTP Accept Message/S", check_smtp_accept_store_message_s);
 	suite_check_testcase(s, "SMTP", "SMTP Checkers Greylist/S", check_smtp_checkers_greylist_s);
 	suite_check_testcase(s, "SMTP", "SMTP Checkers Filters/S", check_smtp_checkers_filters_s);
+	suite_check_testcase(s, "SMTP", "SMTP Checkers RBL", check_smtp_checkers_rbl_s);
 	suite_check_testcase(s, "SMTP", "SMTP Network Basic/ TCP/S", check_smtp_network_basic_tcp_s);
 	suite_check_testcase(s, "SMTP", "SMTP Network Basic/ TLS/S", check_smtp_network_basic_tls_s);
 	suite_check_testcase(s, "SMTP", "SMTP Network Auth Plain/S", check_smtp_network_auth_plain_s);
diff --git a/check/magma/servers/smtp/smtp_check.h b/check/magma/servers/smtp/smtp_check.h
index 440d21db..442bd6f2 100644
--- a/check/magma/servers/smtp/smtp_check.h
+++ b/check/magma/servers/smtp/smtp_check.h
@@ -14,6 +14,7 @@ bool_t check_smtp_accept_message_sthread(stringer_t *errmsg);
 bool_t check_smtp_checkers_greylist_sthread(stringer_t *errmsg);
 bool_t check_smtp_checkers_regex_sthread(stringer_t *errmsg);
 bool_t check_smtp_checkers_filters_sthread(stringer_t *errmsg, int_t action, int_t expected);
+bool_t check_smtp_checkers_rbl_sthread(stringer_t *errmsg);
 
 /// smtp_check_network.c
 bool_t check_smtp_client_read_end(client_t *client);
diff --git a/check/magma/servers/smtp/smtp_check_network.c b/check/magma/servers/smtp/smtp_check_network.c
index b5d01eec..071176de 100644
--- a/check/magma/servers/smtp/smtp_check_network.c
+++ b/check/magma/servers/smtp/smtp_check_network.c
@@ -251,11 +251,11 @@ bool_t check_smtp_network_auth_sthread(stringer_t *errmsg, uint32_t port, bool_t
 		return false;
 	}
 	// Try sending mail from an unauthenticated account (ladar@lavabit.com).
-	else if ((errmsg = NULL) || !check_smtp_client_mail_rcpt_data(client, "ladar@lavabit.com", "princess@example.com", errmsg) ||
+	else if (!check_smtp_client_mail_rcpt_data(client, "ladar@lavabit.com", "princess@example.com", errmsg) ||
 		client_print(client, ".\r\n") != 3 || !check_smtp_client_read_end(client) || client_status(client) != 1 ||
 		st_cmp_cs_starts(&(client->line), NULLER("550"))) {
 
-		if (!errmsg) st_sprint(errmsg, "Failed to return an error status after sending from an unauthenticated account.");
+		if (st_empty(errmsg)) st_sprint(errmsg, "Failed to return an error status after sending from an unauthenticated account.");
 		client_close(client);
 		return false;
 	}
diff --git a/sandbox/etc/magma.sandbox.config b/sandbox/etc/magma.sandbox.config
index 6784aac4..ce4cb820 100755
--- a/sandbox/etc/magma.sandbox.config
+++ b/sandbox/etc/magma.sandbox.config
@@ -73,7 +73,7 @@ magma.web.portal.safeguard = false
 
 magma.relay.timeout = 60
 magma.relay[1].name = localhost
-magma.relay[1].port = 7000
+magma.relay[1].port = 25
 
 magma.servers[1].name = Lavabit Molten
 magma.servers[1].domain = lavabit.com
diff --git a/src/core/host/ip.c b/src/core/host/ip.c
index 29a7871e..4d5ca964 100644
--- a/src/core/host/ip.c
+++ b/src/core/host/ip.c
@@ -509,10 +509,10 @@ bool_t ip_addr_st(chr_t *ipstr, ip_t *out) {
 	size_t i;
 	struct in_addr in4;
 	struct in6_addr in6;
-	sa_family_t class = -1;
+	sa_family_t class = 0;
 
 	// Delimiter of '.' indicates IPv4 address; ':' for IPv6
-	for (i = 0; i < ns_length_get(ipstr) && class == -1; i++) {
+	for (i = 0; i < ns_length_get(ipstr) && class == 0; i++) {
 
 		if (ipstr[i] == '.') {
 			class = AF_INET;
diff --git a/src/core/parsers/token.c b/src/core/parsers/token.c
index 7d6f8906..00dcacbb 100644
--- a/src/core/parsers/token.c
+++ b/src/core/parsers/token.c
@@ -19,7 +19,7 @@ uint64_t tok_get_count_bl(void *block, size_t length, char token) {
 	uint64_t count = 1;
 
 #ifdef MAGMA_PEDANTIC
-	if (!block) log_pedantic("Attempted a token count on a NULL string bugger.");
+	if (!block) log_pedantic("Attempted a token count on a NULL string buffer.");
 	else if (!length) log_pedantic("Attempted a token count on an empty string.");
 #endif