[Pkg-privacy-commits] [Git][pkg-privacy-team/snowflake][debian/sid] 3 commits: Patch the tests to don't use entropy
meskio (@meskio-guest)
gitlab at salsa.debian.org
Fri Jun 17 15:15:55 BST 2022
meskio pushed to branch debian/sid at Privacy Maintainers / snowflake
Commits:
c577fdc8 by meskio at 2022-06-02T17:29:36+02:00
Patch the tests to don't use entropy
They were failing in mips
- - - - -
cc02e581 by meskio at 2022-06-02T17:37:54+02:00
Bump version 2.2.0-2
- - - - -
f01c019f by meskio at 2022-06-11T16:42:26+02:00
Package snowflake library
- - - - -
5 changed files:
- debian/changelog
- debian/control
- + debian/golang-snowflake-dev.install
- + debian/patches/0002-Don-t-use-entropy-for-test.patch
- debian/patches/series
Changes:
=====================================
debian/changelog
=====================================
@@ -1,3 +1,15 @@
+snowflake (2.2.0-3) UNRELEASED; urgency=medium
+
+ * Package snowflake library (golang-snowflake-dev)
+
+ -- Ruben Pollan <meskio at sindominio.net> Sat, 11 Jun 2022 14:57:46 +0200
+
+snowflake (2.2.0-2) unstable; urgency=medium
+
+ * Patch tests to don't use entropy.
+
+ -- Ruben Pollan <meskio at sindominio.net> Thu, 02 Jun 2022 17:33:15 +0200
+
snowflake (2.2.0-1) unstable; urgency=medium
* New upstream release.
=====================================
debian/control
=====================================
@@ -51,3 +51,26 @@ Description: WebRTC pluggable transport for Tor (client)
Snowflake bridge and then to through the Tor network.
.
This package provides the client.
+
+Package: golang-snowflake-dev
+Architecture: all
+Depends: golang-github-google-uuid-dev,
+ golang-github-gorilla-websocket-dev,
+ golang-github-prometheus-client-golang-dev,
+ golang-github-prometheus-client-model-dev,
+ golang-github-smartystreets-goconvey-dev,
+ golang-github-stretchr-testify-dev,
+ golang-github-xtaci-kcp-dev,
+ golang-github-xtaci-smux-dev,
+ golang-golang-x-crypto-dev,
+ golang-golang-x-net-dev,
+ golang-google-protobuf-dev,
+ golang-goptlib-dev (>= 1.2.0),
+ golang-refraction-networking-utls-dev,
+ ${misc:Depends},
+Description: WebRTC pluggable transport for Tor (library)
+ Snowflake helps users circumvent censorship by making a WebRTC
+ connection to volunteer proxies. These proxies relay Tor traffic to a
+ Snowflake bridge and then to through the Tor network.
+ .
+ This package provides golang library sources.
=====================================
debian/golang-snowflake-dev.install
=====================================
@@ -0,0 +1 @@
+_build/src/git.torproject.org/pluggable-transports/snowflake.git usr/share/gocode/src/git.torproject.org/pluggable-transports/
=====================================
debian/patches/0002-Don-t-use-entropy-for-test.patch
=====================================
@@ -0,0 +1,74 @@
+From f38c91f906af5b806f463e790eddc134961abf1f Mon Sep 17 00:00:00 2001
+From: meskio <meskio at torproject.org>
+Date: Thu, 2 Jun 2022 11:19:47 +0200
+Subject: [PATCH] Don't use entropy for test
+
+Use math/rand instead of crypto/rand, so entropy is not a blocker when
+running the tests.
+---
+ common/amp/armor_test.go | 2 +-
+ common/utls/roundtripper_test.go | 14 +++++++++++---
+ 2 files changed, 12 insertions(+), 4 deletions(-)
+
+diff --git a/common/amp/armor_test.go b/common/amp/armor_test.go
+index 594ae65..fc7561e 100644
+--- a/common/amp/armor_test.go
++++ b/common/amp/armor_test.go
+@@ -1,9 +1,9 @@
+ package amp
+
+ import (
+- "crypto/rand"
+ "io"
+ "io/ioutil"
++ "math/rand"
+ "strings"
+ "testing"
+ )
+diff --git a/common/utls/roundtripper_test.go b/common/utls/roundtripper_test.go
+index 6a91385..bccb799 100644
+--- a/common/utls/roundtripper_test.go
++++ b/common/utls/roundtripper_test.go
+@@ -1,12 +1,12 @@
+ package utls
+
+ import (
+- "crypto/rand"
+ "crypto/rsa"
+ "crypto/tls"
+ "crypto/x509"
+ "crypto/x509/pkix"
+ "math/big"
++ "math/rand"
+ "net/http"
+ "testing"
+ "time"
+@@ -26,7 +26,15 @@ func TestRoundTripper(t *testing.T) {
+ Convey("[Test]Set up http servers", t, func(c C) {
+ c.Convey("[Test]Generate Self-Signed Cert", func(c C) {
+ // Ported from https://gist.github.com/samuel/8b500ddd3f6118d052b5e6bc16bc4c09
+- priv, err := rsa.GenerateKey(rand.Reader, 4096)
++
++ // note that we use the insecure math/rand here because some platforms
++ // fail the test suite at build time in Debian, due to entropy starvation.
++ // since that's not a problem at test time, we do *not* use a secure
++ // mechanism for key generation.
++ //
++ // DO NOT REUSE THIS CODE IN PRODUCTION, IT IS DANGEROUS
++ insecureRandReader := rand.New(rand.NewSource(1337))
++ priv, err := rsa.GenerateKey(insecureRandReader, 4096)
+ c.So(err, ShouldBeNil)
+ template := x509.Certificate{
+ SerialNumber: big.NewInt(1),
+@@ -40,7 +48,7 @@ func TestRoundTripper(t *testing.T) {
+ ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
+ BasicConstraintsValid: true,
+ }
+- derBytes, err := x509.CreateCertificate(rand.Reader, &template, &template, priv.Public(), priv)
++ derBytes, err := x509.CreateCertificate(insecureRandReader, &template, &template, priv.Public(), priv)
+ c.So(err, ShouldBeNil)
+ selfSignedPrivateKey = priv
+ selfSignedCert = derBytes
+--
+2.36.1
+
=====================================
debian/patches/series
=====================================
@@ -1 +1,2 @@
0001-Adapt-tests-to-work-with-devian-version-of-goconvey.patch
+0002-Don-t-use-entropy-for-test.patch
View it on GitLab: https://salsa.debian.org/pkg-privacy-team/snowflake/-/compare/87e8a37ff7ef2b34aafd25300f882b1917565db2...f01c019f0a361beadf558464d0952d6f7cfc9a90
--
View it on GitLab: https://salsa.debian.org/pkg-privacy-team/snowflake/-/compare/87e8a37ff7ef2b34aafd25300f882b1917565db2...f01c019f0a361beadf558464d0952d6f7cfc9a90
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-privacy-commits/attachments/20220617/dbc9f8c6/attachment-0001.htm>
More information about the Pkg-privacy-commits
mailing list