Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

testssl: 2.9.5-4 -> 2.9.5-5 #38936

Merged
merged 1 commit into from Apr 14, 2018
Merged

testssl: 2.9.5-4 -> 2.9.5-5 #38936

merged 1 commit into from Apr 14, 2018

Conversation

etu
Copy link
Contributor

@etu etu commented Apr 14, 2018

Motivation for this change

Changelog:
https://github.com/drwetter/testssl.sh/releases/tag/v2.9.5-5

Also improved expression.

Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option build-use-sandbox in nix.conf on non-NixOS)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nox --run "nox-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Fits CONTRIBUTING.md.

@etu
Copy link
Contributor Author

etu commented Apr 14, 2018

@GrahamcOfBorg build testssl

@GrahamcOfBorg
Copy link

Success on x86_64-linux (full log)

Attempted: testssl

Partial log (click to expand)

no Makefile, doing nothing
installing
post-installation fixup
shrinking RPATHs of ELF executables and libraries in /nix/store/0f57nqv6zgx3j60fk4pdyz98ry3hs5w1-testssl.sh-2.9.5-5
strip is /nix/store/j75dgadrff2d1fyc4fczmcgqkid2imdx-binutils-2.30/bin/strip
stripping (with command strip and flags -S) in /nix/store/0f57nqv6zgx3j60fk4pdyz98ry3hs5w1-testssl.sh-2.9.5-5/bin 
patching script interpreter paths in /nix/store/0f57nqv6zgx3j60fk4pdyz98ry3hs5w1-testssl.sh-2.9.5-5
/nix/store/0f57nqv6zgx3j60fk4pdyz98ry3hs5w1-testssl.sh-2.9.5-5/bin/testssl.sh: interpreter directive changed from "/usr/bin/env bash" to "/nix/store/xn5gv3lpfy91yvfy9b0i7klfcxh9xskz-bash-4.4-p19/bin/bash"
checking for references to /build in /nix/store/0f57nqv6zgx3j60fk4pdyz98ry3hs5w1-testssl.sh-2.9.5-5...
/nix/store/0f57nqv6zgx3j60fk4pdyz98ry3hs5w1-testssl.sh-2.9.5-5

@GrahamcOfBorg
Copy link

Success on aarch64-linux (full log)

Attempted: testssl

Partial log (click to expand)

no Makefile, doing nothing
installing
post-installation fixup
shrinking RPATHs of ELF executables and libraries in /nix/store/5n2hq0a4kdg2xwgnw5dh29jv9m9wq4kd-testssl.sh-2.9.5-5
strip is /nix/store/j7d4mr0ikv974ig7yzhknpsq288js4bs-binutils-2.30/bin/strip
stripping (with command strip and flags -S) in /nix/store/5n2hq0a4kdg2xwgnw5dh29jv9m9wq4kd-testssl.sh-2.9.5-5/bin
patching script interpreter paths in /nix/store/5n2hq0a4kdg2xwgnw5dh29jv9m9wq4kd-testssl.sh-2.9.5-5
/nix/store/5n2hq0a4kdg2xwgnw5dh29jv9m9wq4kd-testssl.sh-2.9.5-5/bin/testssl.sh: interpreter directive changed from "/usr/bin/env bash" to "/nix/store/adw9jx59wnrh5659wz43nbjya3m4b3gl-bash-4.4-p19/bin/bash"
checking for references to /build in /nix/store/5n2hq0a4kdg2xwgnw5dh29jv9m9wq4kd-testssl.sh-2.9.5-5...
/nix/store/5n2hq0a4kdg2xwgnw5dh29jv9m9wq4kd-testssl.sh-2.9.5-5

dotlambda
dotlambda reviewed Apr 14, 2018
View reviewed changes
pkgs/applications/networking/testssl/default.nix Outdated
};

buildInputs = [ coreutils openssl ];
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That should not be necessary as both are mentioned in postPatch

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I didn't know that nix picked that up automatically, removed.

dotlambda
dotlambda reviewed Apr 14, 2018
View reviewed changes
pkgs/applications/networking/testssl/default.nix Outdated
mkdir -p $out/bin $out/etc
cp -r etc/ $out/
mkdir -p $out/bin
cp -r etc/ $out
cp testssl.sh $out/bin/testssl.sh
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Here you could use install, but that's personal taste:

install -Dt $out/bin testssl.sh
cp -r etc $out

dotlambda
dotlambda reviewed Apr 14, 2018
View reviewed changes
pkgs/applications/networking/testssl/default.nix Outdated
};

patches = [ ./testssl.patch ];

postPatch = ''
substituteInPlace testssl.sh \
--replace /bin/pwd ${pwdBinPath} \
--replace /bin/pwd ${coreutils}/bin/pwd \
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I can't find /bin/pwd in testssl.sh

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's in there, when I do grep 'bin/pwd' result/bin/testssl.sh I get the following output:

          cwd="$(/nix/store/jy9knxp7nmw80jkf932axrs1b4p9k4hi-coreutils-8.29/bin/pwd)" || \
     if [[ "$openssl_location" =~ $(/nix/store/jy9knxp7nmw80jkf932axrs1b4p9k4hi-coreutils-8.29/bin/pwd)/bin ]]; then

On the patched one.

Copy link
Contributor Author

@etu etu Apr 14, 2018
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It seems to be line 11404 and 11406 :p

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah, sorry. I was looking at the development version.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

However, I think that's a bit inconsistent: There are other places where $(pwd) or $(printf) is used. Maybe we should use makeWrapper to add coreutils to the path and replace /bin/pwd by pwd?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I was told before that people rather patch bash scripts than to have wrappers for them, since it's easy to patch. But I've added a --replace for $(pwd) as well

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

And what about printf, basename, kill, ...? I think in this case a wrapper is definitely the simplest solution.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I also see hostname from nettools used

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not sure if that's generally agreed upon, but I think this should run fine in nix-shell --pure -p testssl.
However, I get

/nix/store/mjswi7v7il7afrjpr8rf7sl42nasijgb-testssl.sh-2.9.5-5/bin/testssl.sh: line 121: hostname: command not found
Fatal error: Neither "dig", "host", "drill" or "nslookup" is present

@GrahamcOfBorg
Copy link

Success on x86_64-linux (full log)

Attempted: testssl

Partial log (click to expand)

no Makefile, doing nothing
installing
post-installation fixup
shrinking RPATHs of ELF executables and libraries in /nix/store/zad7pxgc3v84yc8n0vqf63x7brw8ixmd-testssl.sh-2.9.5-5
strip is /nix/store/j75dgadrff2d1fyc4fczmcgqkid2imdx-binutils-2.30/bin/strip
stripping (with command strip and flags -S) in /nix/store/zad7pxgc3v84yc8n0vqf63x7brw8ixmd-testssl.sh-2.9.5-5/bin 
patching script interpreter paths in /nix/store/zad7pxgc3v84yc8n0vqf63x7brw8ixmd-testssl.sh-2.9.5-5
/nix/store/zad7pxgc3v84yc8n0vqf63x7brw8ixmd-testssl.sh-2.9.5-5/bin/testssl.sh: interpreter directive changed from "/usr/bin/env bash" to "/nix/store/xn5gv3lpfy91yvfy9b0i7klfcxh9xskz-bash-4.4-p19/bin/bash"
checking for references to /build in /nix/store/zad7pxgc3v84yc8n0vqf63x7brw8ixmd-testssl.sh-2.9.5-5...
/nix/store/zad7pxgc3v84yc8n0vqf63x7brw8ixmd-testssl.sh-2.9.5-5

@GrahamcOfBorg
Copy link

Success on aarch64-linux (full log)

Attempted: testssl

Partial log (click to expand)

no Makefile, doing nothing
installing
post-installation fixup
shrinking RPATHs of ELF executables and libraries in /nix/store/hk8rlxk9frsl3fv9hszdw5d18hkqqgsa-testssl.sh-2.9.5-5
strip is /nix/store/j7d4mr0ikv974ig7yzhknpsq288js4bs-binutils-2.30/bin/strip
stripping (with command strip and flags -S) in /nix/store/hk8rlxk9frsl3fv9hszdw5d18hkqqgsa-testssl.sh-2.9.5-5/bin
patching script interpreter paths in /nix/store/hk8rlxk9frsl3fv9hszdw5d18hkqqgsa-testssl.sh-2.9.5-5
/nix/store/hk8rlxk9frsl3fv9hszdw5d18hkqqgsa-testssl.sh-2.9.5-5/bin/testssl.sh: interpreter directive changed from "/usr/bin/env bash" to "/nix/store/adw9jx59wnrh5659wz43nbjya3m4b3gl-bash-4.4-p19/bin/bash"
checking for references to /build in /nix/store/hk8rlxk9frsl3fv9hszdw5d18hkqqgsa-testssl.sh-2.9.5-5...
/nix/store/hk8rlxk9frsl3fv9hszdw5d18hkqqgsa-testssl.sh-2.9.5-5

@GrahamcOfBorg
Copy link

Success on x86_64-linux (full log)

Attempted: testssl

Partial log (click to expand)

no Makefile, doing nothing
installing
post-installation fixup
shrinking RPATHs of ELF executables and libraries in /nix/store/vsdg1f6cqc97wx3y1n5vwbikyzi84b45-testssl.sh-2.9.5-5
strip is /nix/store/j75dgadrff2d1fyc4fczmcgqkid2imdx-binutils-2.30/bin/strip
stripping (with command strip and flags -S) in /nix/store/vsdg1f6cqc97wx3y1n5vwbikyzi84b45-testssl.sh-2.9.5-5/bin 
patching script interpreter paths in /nix/store/vsdg1f6cqc97wx3y1n5vwbikyzi84b45-testssl.sh-2.9.5-5
/nix/store/vsdg1f6cqc97wx3y1n5vwbikyzi84b45-testssl.sh-2.9.5-5/bin/testssl.sh: interpreter directive changed from "/usr/bin/env bash" to "/nix/store/xn5gv3lpfy91yvfy9b0i7klfcxh9xskz-bash-4.4-p19/bin/bash"
checking for references to /build in /nix/store/vsdg1f6cqc97wx3y1n5vwbikyzi84b45-testssl.sh-2.9.5-5...
/nix/store/vsdg1f6cqc97wx3y1n5vwbikyzi84b45-testssl.sh-2.9.5-5

@GrahamcOfBorg
Copy link

Success on aarch64-linux (full log)

Attempted: testssl

Partial log (click to expand)

no Makefile, doing nothing
installing
post-installation fixup
shrinking RPATHs of ELF executables and libraries in /nix/store/igsx4z4vrd450hws066nr92r18m44cdz-testssl.sh-2.9.5-5
strip is /nix/store/j7d4mr0ikv974ig7yzhknpsq288js4bs-binutils-2.30/bin/strip
stripping (with command strip and flags -S) in /nix/store/igsx4z4vrd450hws066nr92r18m44cdz-testssl.sh-2.9.5-5/bin
patching script interpreter paths in /nix/store/igsx4z4vrd450hws066nr92r18m44cdz-testssl.sh-2.9.5-5
/nix/store/igsx4z4vrd450hws066nr92r18m44cdz-testssl.sh-2.9.5-5/bin/testssl.sh: interpreter directive changed from "/usr/bin/env bash" to "/nix/store/adw9jx59wnrh5659wz43nbjya3m4b3gl-bash-4.4-p19/bin/bash"
checking for references to /build in /nix/store/igsx4z4vrd450hws066nr92r18m44cdz-testssl.sh-2.9.5-5...
/nix/store/igsx4z4vrd450hws066nr92r18m44cdz-testssl.sh-2.9.5-5

@GrahamcOfBorg
Copy link

Success on x86_64-linux (full log)

Attempted: testssl

Partial log (click to expand)

no Makefile, doing nothing
installing
post-installation fixup
shrinking RPATHs of ELF executables and libraries in /nix/store/mjswi7v7il7afrjpr8rf7sl42nasijgb-testssl.sh-2.9.5-5
strip is /nix/store/j75dgadrff2d1fyc4fczmcgqkid2imdx-binutils-2.30/bin/strip
stripping (with command strip and flags -S) in /nix/store/mjswi7v7il7afrjpr8rf7sl42nasijgb-testssl.sh-2.9.5-5/bin 
patching script interpreter paths in /nix/store/mjswi7v7il7afrjpr8rf7sl42nasijgb-testssl.sh-2.9.5-5
/nix/store/mjswi7v7il7afrjpr8rf7sl42nasijgb-testssl.sh-2.9.5-5/bin/testssl.sh: interpreter directive changed from "/usr/bin/env bash" to "/nix/store/xn5gv3lpfy91yvfy9b0i7klfcxh9xskz-bash-4.4-p19/bin/bash"
checking for references to /build in /nix/store/mjswi7v7il7afrjpr8rf7sl42nasijgb-testssl.sh-2.9.5-5...
/nix/store/mjswi7v7il7afrjpr8rf7sl42nasijgb-testssl.sh-2.9.5-5

@GrahamcOfBorg
Copy link

Success on aarch64-linux (full log)

Attempted: testssl

Partial log (click to expand)

no Makefile, doing nothing
installing
post-installation fixup
shrinking RPATHs of ELF executables and libraries in /nix/store/fs80ynpw0zkq0v4df1dgd3azwkc7mm5p-testssl.sh-2.9.5-5
strip is /nix/store/j7d4mr0ikv974ig7yzhknpsq288js4bs-binutils-2.30/bin/strip
stripping (with command strip and flags -S) in /nix/store/fs80ynpw0zkq0v4df1dgd3azwkc7mm5p-testssl.sh-2.9.5-5/bin
patching script interpreter paths in /nix/store/fs80ynpw0zkq0v4df1dgd3azwkc7mm5p-testssl.sh-2.9.5-5
/nix/store/fs80ynpw0zkq0v4df1dgd3azwkc7mm5p-testssl.sh-2.9.5-5/bin/testssl.sh: interpreter directive changed from "/usr/bin/env bash" to "/nix/store/adw9jx59wnrh5659wz43nbjya3m4b3gl-bash-4.4-p19/bin/bash"
checking for references to /build in /nix/store/fs80ynpw0zkq0v4df1dgd3azwkc7mm5p-testssl.sh-2.9.5-5...
/nix/store/fs80ynpw0zkq0v4df1dgd3azwkc7mm5p-testssl.sh-2.9.5-5

@etu
Copy link
Contributor Author

etu commented Apr 14, 2018

@dotlambda Now it works in a pure shell, and got rid of some patching by using a wrapper.

dotlambda
dotlambda reviewed Apr 14, 2018
View reviewed changes
pkgs/applications/networking/testssl/default.nix Outdated
dnsutils # for dig
nettools # for hostname
openssl # for openssl
openssl # for openssl
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The line is there twice

@GrahamcOfBorg
Copy link

Success on aarch64-linux (full log)

Attempted: testssl

Partial log (click to expand)

no Makefile, doing nothing
installing
post-installation fixup
shrinking RPATHs of ELF executables and libraries in /nix/store/vhdfaxnrwpjl351si1i1hnbyadfddqff-testssl.sh-2.9.5-5
strip is /nix/store/j7d4mr0ikv974ig7yzhknpsq288js4bs-binutils-2.30/bin/strip
stripping (with command strip and flags -S) in /nix/store/vhdfaxnrwpjl351si1i1hnbyadfddqff-testssl.sh-2.9.5-5/bin
patching script interpreter paths in /nix/store/vhdfaxnrwpjl351si1i1hnbyadfddqff-testssl.sh-2.9.5-5
/nix/store/vhdfaxnrwpjl351si1i1hnbyadfddqff-testssl.sh-2.9.5-5/bin/.testssl.sh-wrapped: interpreter directive changed from "/usr/bin/env bash" to "/nix/store/adw9jx59wnrh5659wz43nbjya3m4b3gl-bash-4.4-p19/bin/bash"
checking for references to /build in /nix/store/vhdfaxnrwpjl351si1i1hnbyadfddqff-testssl.sh-2.9.5-5...
/nix/store/vhdfaxnrwpjl351si1i1hnbyadfddqff-testssl.sh-2.9.5-5

@GrahamcOfBorg
Copy link

Success on x86_64-linux (full log)

Attempted: testssl

Partial log (click to expand)

no Makefile, doing nothing
installing
post-installation fixup
shrinking RPATHs of ELF executables and libraries in /nix/store/p1vlw5bh5hpgrrpqhk1vcd5pamgkpzk1-testssl.sh-2.9.5-5
strip is /nix/store/j75dgadrff2d1fyc4fczmcgqkid2imdx-binutils-2.30/bin/strip
stripping (with command strip and flags -S) in /nix/store/p1vlw5bh5hpgrrpqhk1vcd5pamgkpzk1-testssl.sh-2.9.5-5/bin 
patching script interpreter paths in /nix/store/p1vlw5bh5hpgrrpqhk1vcd5pamgkpzk1-testssl.sh-2.9.5-5
/nix/store/p1vlw5bh5hpgrrpqhk1vcd5pamgkpzk1-testssl.sh-2.9.5-5/bin/.testssl.sh-wrapped: interpreter directive changed from "/usr/bin/env bash" to "/nix/store/xn5gv3lpfy91yvfy9b0i7klfcxh9xskz-bash-4.4-p19/bin/bash"
checking for references to /build in /nix/store/p1vlw5bh5hpgrrpqhk1vcd5pamgkpzk1-testssl.sh-2.9.5-5...
/nix/store/p1vlw5bh5hpgrrpqhk1vcd5pamgkpzk1-testssl.sh-2.9.5-5

@dotlambda dotlambda merged commit 8b19b14 into NixOS:master Apr 14, 2018
@etu etu deleted the testssl-upgrades branch April 14, 2018 19:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dotlambda dotlambda dotlambda approved these changes

Assignees
No one assigned
Labels
10.rebuild-darwin: 0 10.rebuild-linux: 1-10
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@etu @GrahamcOfBorg @dotlambda