From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp11.migadu.com ([2001:41d0:2:bcc0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms0.migadu.com with LMTPS id iHYuAD3sU2IWoQAAgWs5BA (envelope-from ) for ; Mon, 11 Apr 2022 10:52:13 +0200 Received: from aspmx1.migadu.com ([2001:41d0:2:bcc0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp11.migadu.com with LMTPS id MD4/OTzsU2KjeAEA9RJhRA (envelope-from ) for ; Mon, 11 Apr 2022 10:52:12 +0200 Received: from mail.notmuchmail.org (yantan.tethera.net [IPv6:2a01:4f9:c011:7a79::1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 61E583E9DD for ; Mon, 11 Apr 2022 10:52:12 +0200 (CEST) Received: from yantan.tethera.net (localhost [127.0.0.1]) by mail.notmuchmail.org (Postfix) with ESMTP id B082B5F6BE; Mon, 11 Apr 2022 08:52:09 +0000 (UTC) X-Greylist: delayed 425 seconds by postgrey-1.36 at yantan; Mon, 11 Apr 2022 08:52:06 UTC Received: from mailproxy07.manitu.net (mailproxy07.manitu.net [IPv6:2a00:1828:1000:1112::2]) by mail.notmuchmail.org (Postfix) with ESMTPS id AC2D85F5E3 for ; Mon, 11 Apr 2022 08:52:06 +0000 (UTC) Received: from mail-ot1-f42.google.com (mail-ot1-f42.google.com [209.85.210.42]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: michael@grubix.eu) by mailproxy07.manitu.net (Postfix) with ESMTPSA id 422FAC88CA for ; Mon, 11 Apr 2022 10:45:02 +0200 (CEST) Received: by mail-ot1-f42.google.com with SMTP id a17-20020a9d3e11000000b005cb483c500dso10808044otd.6 for ; Mon, 11 Apr 2022 01:45:00 -0700 (PDT) X-Gm-Message-State: AOAM533c8Tw+H2y2Ztepodp+p7MvMclOJQaZQZdAQj7uoSI/wQRIwqKj MUka1WdNtATXxoheSMdNYdSfO4FscnlJ/pprBVA= X-Google-Smtp-Source: ABdhPJxo5sWyMuMJU9NRKgE8SGgW3dll/uFU4zecxIn5WzjCVaA/6jJ20RJxK7MfqBHfSIPO+2dQZAHOxB7k6NeBvNw= X-Received: by 2002:a9d:f06:0:b0:5b2:37c7:40b9 with SMTP id 6-20020a9d0f06000000b005b237c740b9mr11149091ott.74.1649666698905; Mon, 11 Apr 2022 01:44:58 -0700 (PDT) MIME-Version: 1.0 References: <874k3pvrfq.fsf@tethera.net> <20220409123453.606391-1-david@tethera.net> <20220409123453.606391-2-david@tethera.net> <87r164mp7a.fsf@fifthhorseman.net> In-Reply-To: <87r164mp7a.fsf@fifthhorseman.net> From: Michael J Gruber Date: Mon, 11 Apr 2022 10:44:47 +0200 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH 2/2] test/smime: fix signature verification test with newer gmime. To: Daniel Kahn Gillmor Message-ID-Hash: CBDUTXXV6VUW4TICQBLQRPNZMSYRKQVP X-Message-ID-Hash: CBDUTXXV6VUW4TICQBLQRPNZMSYRKQVP X-MailFrom: git@grubix.eu X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-notmuch.notmuchmail.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: notmuch@notmuchmail.org X-Mailman-Version: 3.3.3 Precedence: list List-Id: "Use and development of the notmuch mail system." List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: Content-Type: multipart/mixed; boundary="===============6050934368242086102==" X-Migadu-Flow: FLOW_IN X-Migadu-To: larch@yhetil.org X-Migadu-Country: DE ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1649667132; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references:list-id:list-help: list-owner:list-unsubscribe:list-subscribe:list-post; bh=/OIqpTR8DHJNasra53YRT5AZkW84k004T559PpwHgm8=; b=AnErRk2+QlOzizh+Y1eEgu830FeH+aIZH0oM00NAp7pLM5sVZIbldIL6tk6ubQgMp6M9Tu uN1XIfZaYj7cboat6Rq9WOPaUSY6W9zaEn1fouJnMfdLynhQhEiGwviqcmVA48j7HoCVFt CPqjWKXc+imnXJOP5t+UiOnUJ6HqS1o5kfFMV/C4VSC2GX5v91NIuhzj+51KA3HWta7bVB LqYZ64fLzj/PHR1JxhAYxCxD82G1rH2FU+/LI5Oy9hKuhu3s6ZEGTAKcArcgInCB7zv7cq CxMxtTjDfiQyqpbqRTL7F+LH9vMsXzV/FQ8Ta5yc+HUQO3zIslb9hXG79jmyjw== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1649667132; a=rsa-sha256; cv=none; b=Y4dlZCzEes7lzCS2FQKFpU+njbaUJZvkwnKd4NKApEcIrhvLkRooumadHddqrBr6/0qh3y 74XmaknjYvcPLCM6gqPCbPhviavnmttYn3pMBgTIZMa21h+6G1a3ytD//v+F88AZzEwgsi zps33PjVtdL5Tk3kXKAX8H2p9cq00mNl5PbeQ5tAwt47GhNsUbzW+CqvEV264i0RUlKoeW 9YQJSI2FjFjBXr9Drjn8eDMA006JBw3WVd7F2gf+UU9f2Ehc0nCPgm66XMYYuiuqhipNRa 8yGlDHxF9/pRC7BQBzJ8yxYZXPndNy+3P2CyfCGzoXINsb20esddnVAu2ovfSQ== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=none; dmarc=none; spf=pass (aspmx1.migadu.com: domain of notmuch-bounces@notmuchmail.org designates 2a01:4f9:c011:7a79::1 as permitted sender) smtp.mailfrom=notmuch-bounces@notmuchmail.org X-Migadu-Spam-Score: -3.04 Authentication-Results: aspmx1.migadu.com; dkim=none; dmarc=none; spf=pass (aspmx1.migadu.com: domain of notmuch-bounces@notmuchmail.org designates 2a01:4f9:c011:7a79::1 as permitted sender) smtp.mailfrom=notmuch-bounces@notmuchmail.org X-Migadu-Queue-Id: 61E583E9DD X-Spam-Score: -3.04 X-Migadu-Scanner: scn0.migadu.com X-TUID: NOLKBWS82sZL --===============6050934368242086102== Content-Type: multipart/alternative; boundary="000000000000960f5705dc5cf5d9" --000000000000960f5705dc5cf5d9 Content-Type: text/plain; charset="UTF-8" Am Mo., 11. Apr. 2022 um 02:36 Uhr schrieb Daniel Kahn Gillmor < dkg@debian.org>: > Thanks, Bremner! > > This series looks reasonable to me. nice clever hack to reuse the > gmime embedded .c source for the test. > Just so that others don't have to be wondering, too: notmuch does not embed gmime sources and does not reuse them. (It would be very wrong to do so.) notmuch has a file `_check_gmime_cert.c` which is used for configure checks and which David cleverly amended to check for the return format of signature checks (when compiled against the libgmime3). If I read 2/2 correctly, though, then T355-smime does not adjust its expected textual outcome to the results of the check, but rather marks the test "known broken" if the signature check does not return the "new" format. In other words: Unless you have a very new unpatched gmime, T355-sime does not "really" do this subtest any more - it is happy as soon as it fails for any reason. > a bit of a tweak below: > > On Sat 2022-04-09 09:34:53 -0300, David Bremner wrote: > > + printf "Checking for GMime new email format... " > > + if ${CC} -DCHECK_EMAIL ${CFLAGS} ${gmime_cflags} > _check_gmime_cert.c ${gmime_ldflags} -o _check_email && > > + GNUPGHOME=${TEMP_GPG} ./_check_email; then > > + gmime_new_email_format=1 > > + printf "Yes.\n" > > + else > > + gmime_new_email_format=0 > > + printf "No (some tests will be skipped).\n" > > + fi > > else > > printf 'No.\nFailed to set up gpgsm for testing X.509 certificate > validity support.\n' > > errors=$((errors + 1)) > > Words like "new" have a tendency to get, well, old. > > I'd say > > "Checking GMime emits email addresses from certs without angle > brackets..." > > And i'd name the variable gmime_cert_addresses_have_angle_brackets (so > "1" effectively means "probably a stale, deprecated version of GMime"). > > Then change the rest of the tests to match. > > This is kind of an aesthetic choice -- i'd be fine with the original > patch too. but it seems safer to just identify the out-of-date stuff > when it happens, rather than identifying the current stuff. > > --dkg > _______________________________________________ > notmuch mailing list -- notmuch@notmuchmail.org > To unsubscribe send an email to notmuch-leave@notmuchmail.org > --000000000000960f5705dc5cf5d9 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable


=
Am Mo., 11. Apr. 2022 um 02:36=C2=A0U= hr schrieb Daniel Kahn Gillmor <dkg@de= bian.org>:
a bit of a tweak below:

On Sat 2022-04-09 09:34:53 -0300, David Bremner wrote:
> +=C2=A0 =C2=A0 =C2=A0printf "Checking for GMime new email format.= .. "
> +=C2=A0 =C2=A0 =C2=A0if ${CC} -DCHECK_EMAIL ${CFLAGS} ${gmime_cflags} = _check_gmime_cert.c ${gmime_ldflags} -o _check_email &&
> +=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0GNUPGHOME=3D${TEMP_GP= G} ./_check_email; then
> +=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0gmime_new_email_format=3D1
> +=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0printf "Yes.\n"
> +=C2=A0 =C2=A0 =C2=A0else
> +=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0gmime_new_email_format=3D0
> +=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0printf "No (some tests will be= skipped).\n"
> +=C2=A0 =C2=A0 =C2=A0fi
>=C2=A0 =C2=A0 =C2=A0 else
>=C2=A0 =C2=A0 =C2=A0 =C2=A0printf 'No.\nFailed to set up gpgsm for = testing X.509 certificate validity support.\n'
>=C2=A0 =C2=A0 =C2=A0 =C2=A0errors=3D$((errors + 1))

Words like "new" have a tendency to get, well, old.

I'd say

=C2=A0 =C2=A0"Checking GMime emits email addresses from certs without = angle brackets..."

And i'd name the variable gmime_cert_addresses_have_angle_brackets (so<= br> "1" effectively means "probably a stale, deprecated version = of GMime").

Then change the rest of the tests to match.

This is kind of an aesthetic choice -- i'd be fine with the original patch too.=C2=A0 but it seems safer to just identify the out-of-date stuff<= br> when it happens, rather than identifying the current stuff.

=C2=A0 =C2=A0 =C2=A0 --dkg
_______________________________________________
notmuch mailing list -- notmuch@notmuchmail.org
To unsubscribe send an email to notmuch-leave@notmuchmail.org
--000000000000960f5705dc5cf5d9-- --===============6050934368242086102== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline --===============6050934368242086102==--