[PATCH] Update crypto test for gmime 2.6.5

[PATCH] Update crypto test for gmime 2.6.5

[Thomas Jost]

gmime 2.6 had a bug [1] which made it impossible to tell why a signature
verification failed when the signer key was unavailable (empty "sigstatus" field
in the JSON output). Since 00b5623d the corresponding test is marked as broken
when using gmime 2.6 (2.4 is fine).

The bug has been fixed in gmime 2.6.5. Consequently, the crypto test needs to be
adjusted so that it is only marked broken for gmime 2.6.4 and below.

[1] https://bugzilla.gnome.org/show_bug.cgi?id=668085
---

Hello world,

Here's a little update about gmime 2.6. The latest version (2.6.5)
fixes the little regression introduced in 2.6.

In all honesty, I'm not sure adding such a workaround in the test
suite is worth the effort. If gmime 2.6.5 is quickly packaged by major
distros (it's already in Arch), we could as well make notmuch depend
on gmime >= 2.6.5. (One line to change in configure). Or we could just
stop trying to mark the test as broken and let it fail for buggy
versions of gmime.

What do you think?

Best regards,
Thomas

 test/crypto |    4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/test/crypto b/test/crypto
index 1dbb60a..cbab216 100755
--- a/test/crypto
+++ b/test/crypto
@@ -104,8 +104,8 @@ test_expect_equal \
     "$expected"
 
 test_begin_subtest "signature verification with signer key unavailable"
-# this is broken with current versions of gmime-2.6
-(ldd $(which notmuch) | grep -Fq gmime-2.6) && test_subtest_known_broken
+# this is broken with gmime-2.6.x for x <= 4
+ldd $(which notmuch) | grep -Fq gmime-2.6 && pkg-config --max-version=2.6.4 gmime-2.6 && test_subtest_known_broken
 # move the gnupghome temporarily out of the way
 mv "${GNUPGHOME}"{,.bak}
 output=$(notmuch show --format=json --verify subject:"test signed message 001" \
-- 
1.7.9.1

Re: [PATCH] Update crypto test for gmime 2.6.5

[Tomi Ollila]

On Tue, 21 Feb 2012 17:05:43 +0100, Thomas Jost <schnouki@schnouki.net> wrote:
> gmime 2.6 had a bug [1] which made it impossible to tell why a signature
> verification failed when the signer key was unavailable (empty "sigstatus" field
> in the JSON output). Since 00b5623d the corresponding test is marked as broken
> when using gmime 2.6 (2.4 is fine).
> 
> The bug has been fixed in gmime 2.6.5. Consequently, the crypto test needs to be
> adjusted so that it is only marked broken for gmime 2.6.4 and below.
> 
> [1] https://bugzilla.gnome.org/show_bug.cgi?id=668085
> ---
> 
> Hello world,
> 
> Here's a little update about gmime 2.6. The latest version (2.6.5)
> fixes the little regression introduced in 2.6.
> 
> In all honesty, I'm not sure adding such a workaround in the test
> suite is worth the effort. If gmime 2.6.5 is quickly packaged by major
> distros (it's already in Arch), we could as well make notmuch depend
> on gmime >= 2.6.5. (One line to change in configure). Or we could just
> stop trying to mark the test as broken and let it fail for buggy
> versions of gmime.
> 
> What do you think?

I'm in favor of gmime >= 2.6.5 requirement.

> 
> Best regards,
> Thomas

Tomi

[PATCH] build: Require gmime 2.6.5

[Thomas Jost]

gmime-2.6 had a bug [1] which made it impossible to tell why a signature
verification failed when the signer key was unavailable (empty "sigstatus" field
in the JSON output). Since 00b5623d the corresponding test is marked as broken
when using gmime-2.6 (2.4 is fine).

This bug has been fixed in gmime 2.6.5, which is now the minimal gmime-2.6
version required for building notmuch (gmime-2.4 is still available). As a
consequence the version check in test/crypto can be removed.

[1] https://bugzilla.gnome.org/show_bug.cgi?id=668085
---

Hi Tomi, hi again list,

I agree it's a better solution.

Here is another patch that makes gmime >= 2.6.5 a requirement.
Building against gmime-2.4 is of course still possible.

Apparently gmime 2.6.5 is not available yet in Debian, nor in Fedora,
so I think we should wait a little bit before pushing this.

Best regards,
Thomas

 configure   |    4 +++-
 test/crypto |    2 --
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/configure b/configure
index 8b85b9d..279e650 100755
--- a/configure
+++ b/configure
@@ -273,9 +273,11 @@ if [ ${have_xapian} = "0" ]; then
     errors=$((errors + 1))
 fi
 
+# If using GMime 2.6, we need to have a version >= 2.6.5 to avoid a
+# crypto bug.
 printf "Checking for GMime development files... "
 have_gmime=0
-for gmimepc in gmime-2.6 gmime-2.4; do
+for gmimepc in 'gmime-2.6 >= 2.6.5' gmime-2.4; do
     if pkg-config --exists $gmimepc; then
 	printf "Yes ($gmimepc).\n"
 	have_gmime=1
diff --git a/test/crypto b/test/crypto
index 1dbb60a..6723ef8 100755
--- a/test/crypto
+++ b/test/crypto
@@ -104,8 +104,6 @@ test_expect_equal \
     "$expected"
 
 test_begin_subtest "signature verification with signer key unavailable"
-# this is broken with current versions of gmime-2.6
-(ldd $(which notmuch) | grep -Fq gmime-2.6) && test_subtest_known_broken
 # move the gnupghome temporarily out of the way
 mv "${GNUPGHOME}"{,.bak}
 output=$(notmuch show --format=json --verify subject:"test signed message 001" \
-- 
1.7.9.1

Re: [PATCH] Update crypto test for gmime 2.6.5

[Daniel Kahn Gillmor]

On 02/21/2012 11:49 AM, Tomi Ollila wrote:
> I'm in favor of gmime >= 2.6.5 requirement.

I tend to agree with Tomi here.  I'm going to work on getting gmime
2.6.5 into debian later today.

	--dkg

Re: [PATCH] Update crypto test for gmime 2.6.5

[Daniel Kahn Gillmor]

[-- Attachment #1: Type: text/plain, Size: 416 bytes --]

On Tue, 21 Feb 2012 14:45:06 -0500, Daniel Kahn Gillmor <dkg@fifthhorseman.net> wrote:
> On 02/21/2012 11:49 AM, Tomi Ollila wrote:
> > I'm in favor of gmime >= 2.6.5 requirement.
> 
> I tend to agree with Tomi here.  I'm going to work on getting gmime
> 2.6.5 into debian later today.

gmime 2.6.6 is now in debian unstable.  You can expect to see it on the
mirrors in the next day or so.

        --dkg

[-- Attachment #2: Type: application/pgp-signature, Size: 965 bytes --]

[PATCH] build: Require gmime >= 2.6.7

[David Bremner]

From: Thomas Jost <schnouki@schnouki.net>

gmime-2.6 had a bug [1] which made it impossible to tell why a signature
verification failed when the signer key was unavailable (empty "sigstatus" field
in the JSON output). Since 00b5623d the corresponding test is marked as broken
when using gmime-2.6 (2.4 is fine).

This bug has been fixed in gmime 2.6.5, which is now the minimal gmime-2.6
version required for building notmuch (gmime-2.4 is still available). As a
consequence the version check in test/crypto can be removed.

[Added by db]

Although less unambigously a bug, Gmime 2.6 prior to 2.6.7 also was
more strict about parsing, and rejected messages with initial "From "
headers.  This restriction is relaxed in [2].  For reasons explained in [3],
we want to keep this more relaxed parsing for now.

[1] https://bugzilla.gnome.org/show_bug.cgi?id=668085

[2] http://git.gnome.org/browse/gmime/commit/?id=d311f576baf750476e06e9a1367a2dc1793ea7eb

[3] id:"1331385931-1610-1-git-send-email-david@tethera.net"
---

As an alternative to applying [3], I could apply this modified version of
Thomas's patch. 


 configure   |    4 +++-
 test/crypto |    2 --
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/configure b/configure
index dedb7d8..ee0ae73 100755
--- a/configure
+++ b/configure
@@ -273,9 +273,11 @@ if [ ${have_xapian} = "0" ]; then
     errors=$((errors + 1))
 fi
 
+# If using GMime 2.6, we need to have a version >= 2.6.5 to avoid a
+# crypto bug. We need 2.6.7 for permissive "From " header handling.
 printf "Checking for GMime development files... "
 have_gmime=0
-for gmimepc in gmime-2.6 gmime-2.4; do
+for gmimepc in 'gmime-2.6 >= 2.6.7' gmime-2.4; do
     if pkg-config --exists $gmimepc; then
 	printf "Yes ($gmimepc).\n"
 	have_gmime=1
diff --git a/test/crypto b/test/crypto
index 1dbb60a..6723ef8 100755
--- a/test/crypto
+++ b/test/crypto
@@ -104,8 +104,6 @@ test_expect_equal \
     "$expected"
 
 test_begin_subtest "signature verification with signer key unavailable"
-# this is broken with current versions of gmime-2.6
-(ldd $(which notmuch) | grep -Fq gmime-2.6) && test_subtest_known_broken
 # move the gnupghome temporarily out of the way
 mv "${GNUPGHOME}"{,.bak}
 output=$(notmuch show --format=json --verify subject:"test signed message 001" \
-- 
1.7.9.1

Re: [PATCH] build: Require gmime >= 2.6.7

[Tomi Ollila]

On Sun, 11 Mar 2012 22:29:46 -0300, David Bremner <david@tethera.net> wrote:
> From: Thomas Jost <schnouki@schnouki.net>
> 
> gmime-2.6 had a bug [1] which made it impossible to tell why a signature
> verification failed when the signer key was unavailable (empty "sigstatus" field
> in the JSON output). Since 00b5623d the corresponding test is marked as broken
> when using gmime-2.6 (2.4 is fine).
> 
> This bug has been fixed in gmime 2.6.5, which is now the minimal gmime-2.6
> version required for building notmuch (gmime-2.4 is still available). As a
> consequence the version check in test/crypto can be removed.
> 
> [Added by db]
> 
> Although less unambigously a bug, Gmime 2.6 prior to 2.6.7 also was
> more strict about parsing, and rejected messages with initial "From "
> headers.  This restriction is relaxed in [2].  For reasons explained in [3],
> we want to keep this more relaxed parsing for now.
> 
> [1] https://bugzilla.gnome.org/show_bug.cgi?id=668085
> 
> [2] http://git.gnome.org/browse/gmime/commit/?id=d311f576baf750476e06e9a1367a2dc1793ea7eb
> 
> [3] id:"1331385931-1610-1-git-send-email-david@tethera.net"
> ---
> 
> As an alternative to applying [3], I could apply this modified version of
> Thomas's patch. 

I propose this patch is applied. It is best to require the very latest of
gmime 2.6 version at this time (gmime 2.6 maturing...)

This will make id:"1331402091-15663-1-git-send-email-tom.prince@ualberta.net"
stale. It can be reworked by changing $IFS to something else in code.

(We might start requiring some gmime 2.4 versions to be present; For me
 some tests fail when using gmime 2.4.21 (with gmimg 2.4.25 all works ok) --
 and then Reworked Tom Prince's patch could be used to overrile this
 "restriction")

Tomi


>  configure   |    4 +++-
>  test/crypto |    2 --
>  2 files changed, 3 insertions(+), 3 deletions(-)
> 
> diff --git a/configure b/configure
> index dedb7d8..ee0ae73 100755
> --- a/configure
> +++ b/configure
> @@ -273,9 +273,11 @@ if [ ${have_xapian} = "0" ]; then
>      errors=$((errors + 1))
>  fi
>  
> +# If using GMime 2.6, we need to have a version >= 2.6.5 to avoid a
> +# crypto bug. We need 2.6.7 for permissive "From " header handling.
>  printf "Checking for GMime development files... "
>  have_gmime=0
> -for gmimepc in gmime-2.6 gmime-2.4; do
> +for gmimepc in 'gmime-2.6 >= 2.6.7' gmime-2.4; do
>      if pkg-config --exists $gmimepc; then
>  	printf "Yes ($gmimepc).\n"
>  	have_gmime=1
> diff --git a/test/crypto b/test/crypto
> index 1dbb60a..6723ef8 100755
> --- a/test/crypto
> +++ b/test/crypto
> @@ -104,8 +104,6 @@ test_expect_equal \
>      "$expected"
>  
>  test_begin_subtest "signature verification with signer key unavailable"
> -# this is broken with current versions of gmime-2.6
> -(ldd $(which notmuch) | grep -Fq gmime-2.6) && test_subtest_known_broken
>  # move the gnupghome temporarily out of the way
>  mv "${GNUPGHOME}"{,.bak}
>  output=$(notmuch show --format=json --verify subject:"test signed message 001" \
> -- 
> 1.7.9.1
> 
> _______________________________________________
> notmuch mailing list
> notmuch@notmuchmail.org
> http://notmuchmail.org/mailman/listinfo/notmuch
> 

Re: [PATCH] build: Require gmime >= 2.6.7

[David Bremner]

On Sun, 11 Mar 2012 22:29:46 -0300, David Bremner <david@tethera.net> wrote:
> From: Thomas Jost <schnouki@schnouki.net>
> 
> gmime-2.6 had a bug [1] which made it impossible to tell why a signature
> verification failed when the signer key was unavailable (empty "sigstatus" field
> in the JSON output). Since 00b5623d the corresponding test is marked as broken
> when using gmime-2.6 (2.4 is fine).

After positive feedback from dkg and Domo, pushed, with a corresponding
update to debian/control. 

d