Re: [PATCH v2 2/2] test/smime: fix signature verification test with newer gmime.

Subject: Re: [PATCH v2 2/2] test/smime: fix signature verification test with newer gmime.

Date: Tue, 12 Apr 2022 16:26:12 -0700

To: michaeljgruber+grubix+git@gmail.com, notmuch@notmuchmail.org

Cc: Michael J Gruber

From: Daniel Kahn Gillmor

Thanks, Michael--

This LGTM.

It is more narrowly-targeted at permitting this specific variation than
Bremner's earlier version of the patch (and it doesn't have any tests
marked BROKEN), which is nice.

It might be marginally cleaner to swap out the LEFT_ANGLE RIGHT_ANGLE
variables for a single replacement variable like so:

if [ $NOTMUCH_GMIME_EMITS_ANGLE_BRACKETS == 1 ]; then
   EXPECTED_EMAIL_ADDR='<test_suite@notmuchmail.org>'
else
   EXPECTED_EMAIL_ADDR='test_suite@notmuchmail.org'
fi

This makes for only one variable substitution in the json comparison
tests, if i'm looking at it right.

Any of these approaches is fine with me.

    --dkg

On Tue 2022-04-12 22:15:56 +0200, michaeljgruber+grubix+git@gmail.com wrote:
> From: David Bremner <david@tethera.net>
>
> The extra machinery to check for the actual output format is justified
> by the possibility that distros may patch this newer output format
> into older versions of gmime.
>
> Amended-by: Michael J Gruber <git@grubix.eu>
> Signed-off-by: Michael J Gruber <git@grubix.eu>
> ---
> Here is what I meant with my comments: We have everything in place to
> adjust the expected test output to the detected gmime behaviour. This
> also takes into account dkg's remarks on the variable names.
>
> [And yes, I have list bounces again, please forgive my mess and multiple
> subscriptions to work around it.]
>
>  configure          | 17 +++++++++++++++++
>  test/T355-smime.sh | 11 +++++++++--
>  2 files changed, 26 insertions(+), 2 deletions(-)
>
> diff --git a/configure b/configure
> index d6e1200e..056f9232 100755
> --- a/configure
> +++ b/configure
> @@ -588,6 +588,11 @@ int main () {
>  #ifdef CHECK_VALIDITY
>      validity = g_mime_certificate_get_id_validity (cert);
>      if (validity != GMIME_VALIDITY_FULL) return !! fprintf (stderr, "Got validity %d, expected %d\n", validity, GMIME_VALIDITY_FULL);
> +#endif
> +#ifdef CHECK_EMAIL
> +    const char *email = g_mime_certificate_get_email (cert);
> +    if (! email) return !! fprintf (stderr, "no email returned");
> +    if (email[0] == '<') return 2;
>  #endif
>      return 0;
>  }
> @@ -622,6 +627,15 @@ EOF
>  		errors=$((errors + 1))
>  	    fi
>  	fi
> +	printf "Checking whether GMime emits email addresses with angle brackets... "
> +	if ${CC} -DCHECK_EMAIL ${CFLAGS} ${gmime_cflags} _check_gmime_cert.c ${gmime_ldflags} -o _check_email &&
> +		GNUPGHOME=${TEMP_GPG} ./_check_email; then
> +	    gmime_emits_angle_brackets=0
> +	    printf "No.\n"
> +	else
> +	    gmime_emits_angle_brackets=1
> +	    printf "Yes.\n"
> +	fi
>      else
>  	printf 'No.\nFailed to set up gpgsm for testing X.509 certificate validity support.\n'
>  	errors=$((errors + 1))
> @@ -1559,6 +1573,9 @@ NOTMUCH_HAVE_XAPIAN_DB_RETRY_LOCK=${WITH_RETRY_LOCK}
>  # Whether GMime can verify X.509 certificate validity
>  NOTMUCH_GMIME_X509_CERT_VALIDITY=${gmime_x509_cert_validity}
>  
> +# Whether GMime emits addresses with angle brackets (with <>)
> +NOTMUCH_GMIME_EMITS_ANGLE_BRACKETS=${gmime_emits_angle_brackets}
> +
>  # Whether GMime can verify signatures when decrypting with a session key:
>  NOTMUCH_GMIME_VERIFY_WITH_SESSION_KEY=${gmime_verify_with_session_key}
>  
> diff --git a/test/T355-smime.sh b/test/T355-smime.sh
> index 31fa4b4e..b15169b7 100755
> --- a/test/T355-smime.sh
> +++ b/test/T355-smime.sh
> @@ -35,6 +35,13 @@ EOF
>  test_expect_equal_file EXPECTED OUTPUT
>  
>  test_begin_subtest "signature verification (notmuch CLI)"
> +if [ $NOTMUCH_GMIME_EMITS_ANGLE_BRACKETS == 1 ]; then
> +    LEFT_ANGLE='<'
> +    RIGHT_ANGLE='>'
> +else
> +    LEFT_ANGLE=''
> +    RIGHT_ANGLE=''
> +fi
>  output=$(notmuch show --format=json --verify subject:"test signed message 001" \
>      | notmuch_json_show_sanitize \
>      | sed -e 's|"created": [-1234567890]*|"created": 946728000|g' \
> @@ -46,7 +53,7 @@ expected='[[[{"id": "XXXXX",
>   "timestamp": 946728000,
>   "date_relative": "2000-01-01",
>   "tags": ["inbox","signed"],
> - "crypto": {"signed": {"status": [{"fingerprint": "'$FINGERPRINT'", "status": "good","userid": "CN=Notmuch Test Suite", "email": "<test_suite@notmuchmail.org>", "expires": 424242424, "created": 946728000}]}},
> + "crypto": {"signed": {"status": [{"fingerprint": "'$FINGERPRINT'", "status": "good","userid": "CN=Notmuch Test Suite", "email": "'$LEFT_ANGLE'test_suite@notmuchmail.org'$RIGHT_ANGLE'", "expires": 424242424, "created": 946728000}]}},
>   "headers": {"Subject": "test signed message 001",
>   "From": "Notmuch Test Suite <test_suite@notmuchmail.org>",
>   "To": "test_suite@notmuchmail.org",
> @@ -55,7 +62,7 @@ expected='[[[{"id": "XXXXX",
>   "sigstatus": [{"fingerprint": "'$FINGERPRINT'",
>   "status": "good",
>   "userid": "CN=Notmuch Test Suite",
> - "email": "<test_suite@notmuchmail.org>",
> + "email": "'$LEFT_ANGLE'test_suite@notmuchmail.org'$RIGHT_ANGLE'",
>   "expires": 424242424,
>   "created": 946728000}],
>   "content-type": "multipart/signed",
> -- 
> 2.36.0.rc0.457.gf4fc0d8e4e
signature.asc (application/pgp-signature)
_______________________________________________
notmuch mailing list -- notmuch@notmuchmail.org
To unsubscribe send an email to notmuch-leave@notmuchmail.org

Thread: