From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp10.migadu.com ([2001:41d0:2:bcc0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms0.migadu.com with LMTPS id ENFsDCvoN2INvQAAgWs5BA (envelope-from ) for ; Mon, 21 Mar 2022 03:51:23 +0100 Received: from aspmx1.migadu.com ([2001:41d0:2:bcc0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp10.migadu.com with LMTPS id EPM9BSvoN2I+CQEAG6o9tA (envelope-from ) for ; Mon, 21 Mar 2022 03:51:23 +0100 Received: from mail.notmuchmail.org (yantan.tethera.net [IPv6:2a01:4f9:c011:7a79::1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 4EBE4455CB for ; Mon, 21 Mar 2022 03:51:22 +0100 (CET) Received: from yantan.tethera.net (localhost [127.0.0.1]) by mail.notmuchmail.org (Postfix) with ESMTP id AA61D5F6BC; Mon, 21 Mar 2022 02:51:19 +0000 (UTC) X-Greylist: delayed 483 seconds by postgrey-1.36 at yantan; Sun, 20 Mar 2022 22:12:43 UTC Received: from che.mayfirst.org (che.mayfirst.org [IPv6:2001:470:1:116::7]) by mail.notmuchmail.org (Postfix) with ESMTPS id 0FB105F478 for ; Sun, 20 Mar 2022 22:12:43 +0000 (UTC) Received: from fifthhorseman.net (lair.fifthhorseman.net [108.58.6.98]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by che.mayfirst.org (Postfix) with ESMTPSA id B5AB7F9AF; Sun, 20 Mar 2022 18:04:35 -0400 (EDT) Received: by fifthhorseman.net (Postfix, from userid 1000) id DC83220522; Sun, 20 Mar 2022 17:10:52 -0400 (EDT) From: Daniel Kahn Gillmor To: David Bremner , notmuch@notmuchmail.org Subject: Re: Failing notmuch/SMIME test In-Reply-To: <87mthn5yfy.fsf@tethera.net> References: <87mthn5yfy.fsf@tethera.net> Autocrypt: addr=dkg@fifthhorseman.net; prefer-encrypt=mutual; keydata= mDMEX+i03xYJKwYBBAHaRw8BAQdACA4xvL/xI5dHedcnkfViyq84doe8zFRid9jW7CC9XBiI0QQf FgoAgwWCX+i03wWJBZ+mAAMLCQcJEOCS6zpcoQ26RxQAAAAAAB4AIHNhbHRAbm90YXRpb25zLnNl cXVvaWEtcGdwLm9yZ/tr8E9NA10HvcAVlSxnox6z62KXCInWjZaiBIlgX6O5AxUKCAKbAQIeARYh BMKfigwB81402BaqXOCS6zpcoQ26AADZHQD/Zx9nc3N2kj13AUsKMr/7zekBtgfSIGB3hRCU74Su G44A/34Yp6IAkndewLxb1WdRSokycnaCVyrk0nb4imeAYyoPtBc8ZGtnQGZpZnRoaG9yc2VtYW4u bmV0PojRBBMWCgCDBYJf6LTfBYkFn6YAAwsJBwkQ4JLrOlyhDbpHFAAAAAAAHgAgc2FsdEBub3Rh dGlvbnMuc2VxdW9pYS1wZ3Aub3JnL0Gwxvypz2tu1IPG+yu1zPjkiZwpscsitwrVvzN3bbADFQoI ApsBAh4BFiEEwp+KDAHzXjTYFqpc4JLrOlyhDboAAPkXAP0Z29z7jW+YzLzPTQML4EQLMbkHOfU4 +s+ki81Czt0WqgD/SJ8RyrqDCtEP8+E4ZSR01ysKqh+MUAsTaJlzZjehiQ24MwRf6LTfFgkrBgEE AdpHDwEBB0DkKHOW2kmqfAK461+acQ49gc2Z6VoXMChRqobGP0ubb4kBiAQYFgoBOgWCX+i03wWJ BZ+mAAkQ4JLrOlyhDbpHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3Jnfvo+ nHoxDwaLaJD8XZuXiaqBNZtIGXIypF1udBBRoc0CmwICHgG+oAQZFgoAbwWCX+i03wkQPp1xc3He VlxHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnaheiqE7Pfi3Atb3GGTw+ jFcBGOaobgzEJrhEuFpXREEWIQQttUkcnfDcj0MoY88+nXFzcd5WXAAAvrsBAIJ5sBg8Udocv25N stN/zWOiYpnjjvOjVMLH4fV3pWE1AP9T6hzHz7hRnAA8d01vqoxOlQ3O6cb/kFYAjqx3oMXSBhYh BMKfigwB81402BaqXOCS6zpcoQ26AADX7gD/b83VObe14xrNP8xcltRrBZF5OE1rQSPkMNy+eWpk eCwA/1hxiS8ZxL5/elNjXiWuHXEvUGnRoVj745Vl48sZPVYMuDgEX+i03xIKKwYBBAGXVQEFAQEH QIGex1WZbH6xhUBve5mblScGYU+Y8QJOomXH+rr5tMsMAwEICYjJBBgWCgB7BYJf6LTfBYkFn6YA CRDgkus6XKENukcUAAAAAAAeACBzYWx0QG5vdGF0aW9ucy5zZXF1b2lhLXBncC5vcmcEAx9vTD3b J0SXkhvcRcCr6uIDJwic3KFKxkH1m4QW0QKbDAIeARYhBMKfigwB81402BaqXOCS6zpcoQ26AAAX mwD8CWmukxwskU82RZLMk5fm1wCgMB5z8dA50KLw3rgsCykBAKg1w/Y7XpBS3SlXEegIg1K1e6dR fRxL7Z37WZXoH8AH Date: Sun, 20 Mar 2022 17:10:51 -0400 Message-ID: <875yo8nxd0.fsf@fifthhorseman.net> MIME-Version: 1.0 X-MailFrom: dkg@debian.org X-Mailman-Rule-Hits: nonmember-moderation X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-notmuch.notmuchmail.org-0 Message-ID-Hash: 7H5HOFHQU4J4UT53654FD6PASB6PA77F X-Message-ID-Hash: 7H5HOFHQU4J4UT53654FD6PASB6PA77F X-Mailman-Approved-At: Mon, 21 Mar 2022 02:51:18 +0000 X-Mailman-Version: 3.3.3 Precedence: list List-Id: "Use and development of the notmuch mail system." List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: Content-Type: multipart/mixed; boundary="===============4501317971099672905==" X-Migadu-Flow: FLOW_IN X-Migadu-To: larch@yhetil.org X-Migadu-Country: DE ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1647831082; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references:list-id:list-help: list-owner:list-unsubscribe:list-subscribe:list-post:autocrypt:autocrypt; bh=IAJz7WiAxJRbf7nyYGE0NHQnIm7/wFD3Bub/SuWXjW0=; b=NqIoPoupVMrIYzGns9Emmfe7mV39ZsRl+iHw3bCUYFu6Q4f+Ul2e7yaGJVto/HNvMZ2Esb roV8ltJuxSf0M30z4kuH8wopnvlcDl7AxP3EllpBdO7QmrQQeWmgGDTUq0IRUSBOGaKIxI iAP3UAWeOXlOrdnnvAvOO26E6UVNwVEROMpMAfW+e9lxpdK60ZujOHuGHU4BQG7FPDt96B 8s4C3EAJI13TysaUeiLW0il/ciK0oaQlGHUUkQtVwhPQ4qqUE2/Cm2vnEzzJz8nCpc00Qj SEdMfKYIGWpGrzI3KuFlYFnTXBmICROEZFiM4ey2a6nE3Bzw6MMWqawMM+uilg== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1647831082; a=rsa-sha256; cv=none; b=n5If3qELi8Rb2M2UAAEEQo3N98BaJRveRMk8wjBNMKTFEJW7T0dvDvhMzxuKEYrXYGXEFB Lfu0dkNxtMoZrRR13EYYkZSEcibrko19VVY+DJx88egfatoOBSlPl0wIxuzw63nltSnYYf V6tjH6Vy2nzX7pgfEHhe23lHNKVCRQhwSYVcVZ5V/vHqlJtnOcKAyWftHZc5tFaeNu81Ke UPl+n8L8cbRuTTVY6Z2ynhr/mdCW2eJroREUC1pORkQmVHw3kLxr18txbZiVX/ylihb9dm 6UTf9i8t/GRtjkvJ22qCiMITPQFjgbUHAH9wMg8CgWiwPBUv80wY1rCtvpsUqw== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=none; dmarc=none; spf=pass (aspmx1.migadu.com: domain of notmuch-bounces@notmuchmail.org designates 2a01:4f9:c011:7a79::1 as permitted sender) smtp.mailfrom=notmuch-bounces@notmuchmail.org X-Migadu-Spam-Score: -4.10 Authentication-Results: aspmx1.migadu.com; dkim=none; dmarc=none; spf=pass (aspmx1.migadu.com: domain of notmuch-bounces@notmuchmail.org designates 2a01:4f9:c011:7a79::1 as permitted sender) smtp.mailfrom=notmuch-bounces@notmuchmail.org X-Migadu-Queue-Id: 4EBE4455CB X-Spam-Score: -4.10 X-Migadu-Scanner: scn1.migadu.com X-TUID: jCs+TAOEtxir --===============4501317971099672905== Content-Type: multipart/signed; boundary="==-=-="; micalg=pgp-sha256; protocol="application/pgp-signature" --==-=-= Content-Type: multipart/mixed; boundary="=-=-=" --=-=-= Content-Type: text/plain Hi Bremner, thanks for flagging this. On Fri 2022-03-18 07:48:01 -0300, David Bremner wrote: > One of the SMIME tests is failing for me. > > T355-smime: Testing S/MIME signature verification and decryption > FAIL signature verification (notmuch CLI) > --- T355-smime.4.expected 2022-03-18 10:31:31.877258855 +0000 > +++ T355-smime.4.output 2022-03-18 10:31:31.877258855 +0000 > @@ -24,7 +24,7 @@ > "sigstatus": [ > { > "created": 946728000, > - "email": "", > + "email": "test_suite@notmuchmail.org", > "expires": 424242424, > "fingerprint": "616F46CD73834C63847756AF0DFB64A6E0972A47", > "status": "good", > @@ -38,7 +38,7 @@ > "status": [ > { > "created": 946728000, > - "email": "", > + "email": "test_suite@notmuchmail.org", > "expires": 424242424, > "fingerprint": "616F46CD73834C63847756AF0DFB64A6E0972A47", > "status": "good", > > > I'm running gpgsm 2.2.27, gpgme 1.16.0, and gmime 3.2.9. At guess the > change is due to the recent gmime upgrade, but that is pure speculation, > I could not find anything in the gmime git log to back it up. I think it is probably due to this squashed changeset in gmime: https://github.com/jstedfast/gmime/commit/0ab298a0086c09c403b5d35effa73b59f271693d (yes, this is my own proposed change, weirdly re-structured by github) The root motivation for this change is some lack of clarity in the underlying gpgme toolkit, which i've never been able to get resolved: https://dev.gnupg.org/T5450 > The change looks innocuous enough, but of course it's enough to break > the test, and I'm not sure how to make this consistent between > versions. I suppose the right way to fix this generically is a test which abstracts out whether gmime reports an angle-addr or a addr-spec for x.509 certs, and then adjust the tests to match. I can try to send a patch for this, but it'll take me a while to swap it all back in. If anyone wants to propose a patch in the meantime, i'd also be happy to review. The simplest thing in the short term is probably to switch the test to matching based on the bare e-mail address and assert a build-dep on gmime 3.2.8 (see attached), but that seems a little bit extreme, since gmime only released 3.2.9 recently (and 3.2.8 never made it out the door via any formal channels, if i understand the history correctly). I'll see whether i can make a better fix. --dkg --=-=-= Content-Type: text/x-diff Content-Disposition: inline; filename=0001-test-avoid-breakage-with-the-latest-gmime.patch Content-Transfer-Encoding: quoted-printable From=20df2b487c5db2af183a75bc32e3a3adf9b90c6316 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Sun, 20 Mar 2022 17:07:13 -0400 Subject: [PATCH] test: avoid breakage with the latest gmime since gmime 3.2.7, it is now reporting the more stable "email" field from g= pgme as the cert info: https://github.com/jstedfast/gmime/commit/0ab298a0086c09c403b5d35effa73b59f= 271693d However, this changes the minimum version of gmime quite dramatically. A better fix would add a gmime test that normalizes the test results appropriately, contingent on whether this change is made in gmime, but i haven't written that test yet. =2D-- configure | 2 +- test/T355-smime.sh | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/configure b/configure index 36f3f606..d529c358 100755 =2D-- a/configure +++ b/configure @@ -481,7 +481,7 @@ if [ ${have_xapian} =3D "0" ]; then errors=3D$((errors + 1)) fi =20 =2DGMIME_MINVER=3D3.0.3 +GMIME_MINVER=3D3.2.8 =20 printf "Checking for GMime development files (>=3D $GMIME_MINVER)... " if pkg-config --exists "gmime-3.0 >=3D $GMIME_MINVER"; then diff --git a/test/T355-smime.sh b/test/T355-smime.sh index 31fa4b4e..c25f94f9 100755 =2D-- a/test/T355-smime.sh +++ b/test/T355-smime.sh @@ -46,7 +46,7 @@ expected=3D'[[[{"id": "XXXXX", "timestamp": 946728000, "date_relative": "2000-01-01", "tags": ["inbox","signed"], =2D "crypto": {"signed": {"status": [{"fingerprint": "'$FINGERPRINT'", "sta= tus": "good","userid": "CN=3DNotmuch Test Suite", "email": "", "expires": 424242424, "created": 946728000}]}}, + "crypto": {"signed": {"status": [{"fingerprint": "'$FINGERPRINT'", "statu= s": "good","userid": "CN=3DNotmuch Test Suite", "email": "test_suite@notmuc= hmail.org", "expires": 424242424, "created": 946728000}]}}, "headers": {"Subject": "test signed message 001", "From": "Notmuch Test Suite ", "To": "test_suite@notmuchmail.org", @@ -55,7 +55,7 @@ expected=3D'[[[{"id": "XXXXX", "sigstatus": [{"fingerprint": "'$FINGERPRINT'", "status": "good", "userid": "CN=3DNotmuch Test Suite", =2D "email": "", + "email": "test_suite@notmuchmail.org", "expires": 424242424, "created": 946728000}], "content-type": "multipart/signed", =2D-=20 2.35.1 --=-=-=-- --==-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iHUEARYIAB0WIQQttUkcnfDcj0MoY88+nXFzcd5WXAUCYjeYXAAKCRA+nXFzcd5W XBLeAP4tHQz0Etx25WUfjoiKGfi+oQTIalcajbsXqc3feQqjQwEAtREdtcP2QHw0 AccmumEcIY09REZ+sykOoE2BKxSnGgM= =PuJF -----END PGP SIGNATURE----- --==-=-=-- --===============4501317971099672905== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline --===============4501317971099672905==--