From f80b2b510db9b02e98fb2ba1042b755543c852cf Mon Sep 17 00:00:00 2001
From: Félix Baylac Jacqué <felix@alternativebit.fr>
Date: Sun, 12 Nov 2023 10:54:01 +0100
Subject: nixosTests/pleroma: fix test

Two issues:

1. We need a subjectAltName on the TLS cert. Stolen from the akkoma
   test. <3 illdefined
2. There's a bug in the current toot release wrt. date parsing. It's
   been fixed upstream but it's not been released yet. Using the
   current toot master for this VM test to work around this.

Note: I warned upstream we'd need a new toot release.

Fixes https://github.com/NixOS/nixpkgs/issues/264951
---
 nixos/tests/pleroma.nix | 21 ++++++++++++++++++---
 1 file changed, 18 insertions(+), 3 deletions(-)

diff --git a/nixos/tests/pleroma.nix b/nixos/tests/pleroma.nix
index 4f1aef854146..c80f48e52ed5 100644
--- a/nixos/tests/pleroma.nix
+++ b/nixos/tests/pleroma.nix
@@ -25,6 +25,18 @@
 
 import ./make-test-python.nix ({ pkgs, ... }:
   let
+  # Fix for https://github.com/ihabunek/toot/pull/405. Includes
+  # https://github.com/ihabunek/toot/pull/405. TOREMOVE when
+  # toot > 0.38.1
+  patched-toot = pkgs.toot.overrideAttrs (old: {
+    version = "unstable-24-09-2023";
+    src = pkgs.fetchFromGitHub {
+      owner = "ihabunek";
+      repo = "toot";
+      rev = "30857f570d64a26da80d0024227a8259f7cb65b5";
+      sha256 = "sha256-BxrI7UY9bfqPzS+VLqCFSmu4PkIkvhntcEeNJb1AzOs=";
+    };
+  });
   send-toot = pkgs.writeScriptBin "send-toot" ''
     set -eux
     # toot is using the requests library internally. This library
@@ -164,9 +176,12 @@ import ./make-test-python.nix ({ pkgs, ... }:
   '';
 
   tls-cert = pkgs.runCommand "selfSignedCerts" { buildInputs = [ pkgs.openssl ]; } ''
-    openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -nodes -subj '/CN=pleroma.nixos.test' -days 36500
     mkdir -p $out
-    cp key.pem cert.pem $out
+    openssl req -x509 \
+      -subj '/CN=pleroma.nixos.test/' -days 49710 \
+      -addext 'subjectAltName = DNS:pleroma.nixos.test' \
+      -keyout "$out/key.pem" -newkey ed25519 \
+      -out "$out/cert.pem" -noenc
   '';
 
   hosts = nodes: ''
@@ -180,7 +195,7 @@ import ./make-test-python.nix ({ pkgs, ... }:
       security.pki.certificateFiles = [ "${tls-cert}/cert.pem" ];
       networking.extraHosts = hosts nodes;
       environment.systemPackages = with pkgs; [
-        toot
+        patched-toot
         send-toot
       ];
     };
-- 
cgit 1.4.1