dev/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

Merge pull request #224196 from wentasah/mailutils-fix

Browse Source 
mailutils: fix testsuite failure caused by unsupported weak hashes
This commit is contained in:
Sandro 2023-04-12 10:59:13 +02:00 committed by GitHub
commit 6a4b2b3408
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 64 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
pkgs/tools/networking/mailutils/default.nix
View File

@ -23,6 +23,7 @@
, sasl
, system-sendmail
, libxcrypt
, mkpasswd
, pythonSupport ? true
, guileSupport ? true
@ -79,6 +80,9 @@ stdenv.mkDerivation rec {
url = "https://lists.gnu.org/archive/html/bug-mailutils/2020-11/txtiNjqcNpqOk.txt";
sha256 = "0ghzqb8qx2q8cffbvqzw19mivv7r5f16whplzhm7hdj0j2i6xf6s";
})
# https://github.com/NixOS/nixpkgs/issues/223967
# https://lists.gnu.org/archive/html/bug-mailutils/2023-04/msg00000.html
./don-t-use-descrypt-password-in-the-test-suite.patch
];
enableParallelBuilding = true;
@ -94,7 +98,7 @@ stdenv.mkDerivation rec {
] ++ lib.optional (!pythonSupport) "--without-python"
++ lib.optional (!guileSupport) "--without-guile";
nativeCheckInputs = [ dejagnu ];
nativeCheckInputs = [ dejagnu mkpasswd ];
doCheck = !stdenv.isDarwin; # ERROR: All 46 tests were run, 46 failed unexpectedly.
doInstallCheck = false; # fails

59
pkgs/tools/networking/mailutils/don-t-use-descrypt-password-in-the-test-suite.patch Normal file
View File

@ -0,0 +1,59 @@
From 59a1abfa7b339bccfc228f38cc791cdacf4010d4 Mon Sep 17 00:00:00 2001
From: Michal Sojka <michal.sojka@cvut.cz>
Date: Sat, 1 Apr 2023 10:59:00 +0200
Subject: [PATCH] Don't use descrypt password in the test suite
The descrypt method is not considered strong and some
distributions (like NixOS) start compiling libxcrypt without it [1].
To start using different hash methods, it is not sufficient to replace
the password hash in testsuite/etc/passwd.in, because differently
hashed passwords contain '$' characters (e.g.
$y$j9T$lP8UWS9GZ4zfeTVDpmtbr1$dVozXOvWQXLQyhWGX7YyW8TIQTg8EfQLUzYPp3WCWo9)
and the test suite replaces '$'-starting strings with values of the
corresponding variables. Since I've not found a way to escape dollars
for TCL's subst function, we do not hardcode the passwd hash directly
to the file, but generate it dynamically and replace it in the file
via a variable.
[1]: https://github.com/NixOS/nixpkgs/pull/220557
---
pop3d/testsuite/lib/pop3d.exp | 1 +
testsuite/etc/passwd.in | 2 +-
testsuite/lib/mailutils.exp | 1 +
3 files changed, 3 insertions(+), 1 deletion(-)
diff --git a/pop3d/testsuite/lib/pop3d.exp b/pop3d/testsuite/lib/pop3d.exp
index 930861d8a..3b67844d2 100644
--- a/pop3d/testsuite/lib/pop3d.exp
+++ b/pop3d/testsuite/lib/pop3d.exp
@@ -26,6 +26,7 @@ if ![mu_check_capability ENABLE_VIRTUAL_DOMAINS] {
}
set POP3D_ETC_DIR "$MU_DATA_DIR/etc"
+set MU_PASSWD_HASH [exec mkpasswd --method=yescrypt guessme]
mu_makespool "$MU_RC_DIR" "$POP3D_ETC_DIR"
mu_create_config pop3d
diff --git a/testsuite/etc/passwd.in b/testsuite/etc/passwd.in
index c4e471b09..b13a75238 100644
--- a/testsuite/etc/passwd.in
+++ b/testsuite/etc/passwd.in
@@ -1 +1 @@
-user:abld/G2Q2Le2w:1000:1000:Test User:$MU_SPOOL_DIR:/bin/sh
+user:$MU_PASSWD_HASH:1000:1000:Test User:$MU_SPOOL_DIR:/bin/sh
diff --git a/testsuite/lib/mailutils.exp b/testsuite/lib/mailutils.exp
index e4d45c85b..725ccf259 100644
--- a/testsuite/lib/mailutils.exp
+++ b/testsuite/lib/mailutils.exp
@@ -39,6 +39,7 @@ proc mu_copy_file {src dst} {
global MU_FOLDER_DIR
global MU_RC_DIR
global MU_DATA_DIR
+ global MU_PASSWD_HASH
set input [open $src r]
set output [open $dst w]
--
2.39.2