From 59a1abfa7b339bccfc228f38cc791cdacf4010d4 Mon Sep 17 00:00:00 2001 From: Michal Sojka Date: Sat, 1 Apr 2023 10:59:00 +0200 Subject: [PATCH] Don't use descrypt password in the test suite The descrypt method is not considered strong and some distributions (like NixOS) start compiling libxcrypt without it [1]. To start using different hash methods, it is not sufficient to replace the password hash in testsuite/etc/passwd.in, because differently hashed passwords contain '$' characters (e.g. $y$j9T$lP8UWS9GZ4zfeTVDpmtbr1$dVozXOvWQXLQyhWGX7YyW8TIQTg8EfQLUzYPp3WCWo9) and the test suite replaces '$'-starting strings with values of the corresponding variables. Since I've not found a way to escape dollars for TCL's subst function, we do not hardcode the passwd hash directly to the file, but generate it dynamically and replace it in the file via a variable. [1]: https://github.com/NixOS/nixpkgs/pull/220557 --- pop3d/testsuite/lib/pop3d.exp | 1 + testsuite/etc/passwd.in | 2 +- testsuite/lib/mailutils.exp | 1 + 3 files changed, 3 insertions(+), 1 deletion(-) diff --git a/pop3d/testsuite/lib/pop3d.exp b/pop3d/testsuite/lib/pop3d.exp index 930861d8a..3b67844d2 100644 --- a/pop3d/testsuite/lib/pop3d.exp +++ b/pop3d/testsuite/lib/pop3d.exp @@ -26,6 +26,7 @@ if ![mu_check_capability ENABLE_VIRTUAL_DOMAINS] { } set POP3D_ETC_DIR "$MU_DATA_DIR/etc" +set MU_PASSWD_HASH [exec mkpasswd --method=yescrypt guessme] mu_makespool "$MU_RC_DIR" "$POP3D_ETC_DIR" mu_create_config pop3d diff --git a/testsuite/etc/passwd.in b/testsuite/etc/passwd.in index c4e471b09..b13a75238 100644 --- a/testsuite/etc/passwd.in +++ b/testsuite/etc/passwd.in @@ -1 +1 @@ -user:abld/G2Q2Le2w:1000:1000:Test User:$MU_SPOOL_DIR:/bin/sh +user:$MU_PASSWD_HASH:1000:1000:Test User:$MU_SPOOL_DIR:/bin/sh diff --git a/testsuite/lib/mailutils.exp b/testsuite/lib/mailutils.exp index e4d45c85b..725ccf259 100644 --- a/testsuite/lib/mailutils.exp +++ b/testsuite/lib/mailutils.exp @@ -39,6 +39,7 @@ proc mu_copy_file {src dst} { global MU_FOLDER_DIR global MU_RC_DIR global MU_DATA_DIR + global MU_PASSWD_HASH set input [open $src r] set output [open $dst w] -- 2.39.2