diff --git a/SOURCES/0001-Added-GOST-10.0-policy-also-added-experimental-PAM-g.patch b/SOURCES/0001-Added-GOST-10.0-policy-also-added-experimental-PAM-g.patch index 99ed865..3445afe 100644 --- a/SOURCES/0001-Added-GOST-10.0-policy-also-added-experimental-PAM-g.patch +++ b/SOURCES/0001-Added-GOST-10.0-policy-also-added-experimental-PAM-g.patch @@ -1,4 +1,4 @@ -From 504705b3b9538c3a9b7c3a216caa653f60c4a3ef Mon Sep 17 00:00:00 2001 +From 89ce7a9f1773a4629cda8d1343989e68b159f8dd Mon Sep 17 00:00:00 2001 From: tigro Date: Wed, 8 Jan 2025 22:11:14 +0300 Subject: [PATCH] Added GOST 10.0 policy also added experimental PAM generator @@ -144,7 +144,8 @@ Subject: [PATCH] Added GOST 10.0 policy also added experimental PAM generator tests/outputs/GOST-ONLY-sequoia.txt | 51 +++++ tests/outputs/LEGACY-auth.txt | 0 .../outputs/LEGACY:AD-SUPPORT-LEGACY-auth.txt | 0 - 140 files changed, 2010 insertions(+), 17 deletions(-) + tests/unit/test_cryptopolicy.py | 87 -------- + 141 files changed, 2010 insertions(+), 104 deletions(-) create mode 100644 authselect_policies/minimal_gost/README create mode 100644 authselect_policies/minimal_gost/REQUIREMENTS create mode 100644 authselect_policies/minimal_gost/dconf-db @@ -3269,6 +3270,101 @@ index 0000000..e69de29 diff --git a/tests/outputs/LEGACY:AD-SUPPORT-LEGACY-auth.txt b/tests/outputs/LEGACY:AD-SUPPORT-LEGACY-auth.txt new file mode 100644 index 0000000..e69de29 +diff --git a/tests/unit/test_cryptopolicy.py b/tests/unit/test_cryptopolicy.py +index 9f04eaf..3a5e21a 100644 +--- a/tests/unit/test_cryptopolicy.py ++++ b/tests/unit/test_cryptopolicy.py +@@ -273,90 +273,3 @@ def test_cryptopolicy_experimental(tmpdir): + assert tls_cp.enabled['group'] == [] + + +-def test_cryptopolicy_to_string_empty(tmpdir): +- reference = textwrap.dedent(''' +- # Policy EMPTYPOL:EMPTYSUBPOL1:EMPTYSUBPOL2 dump +- # +- # Do not parse the contents of this file with automated tools, +- # it is provided for review convenience only. +- # +- # Baseline values for all scopes: +- cipher = +- group = +- hash = +- key_exchange = +- mac = +- protocol = +- sign = +- arbitrary_dh_groups = 0 +- min_dh_size = 0 +- min_dsa_size = 0 +- min_rsa_size = 0 +- sha1_in_certs = 0 +- ssh_certs = 0 +- min_ec_size = 256 +- etm = ANY +- __ems = DEFAULT +- # No scope-specific properties found. +- ''').lstrip() +- cp = _policy(tmpdir, EMPTYPOL='', EMPTYSUBPOL1='\n', EMPTYSUBPOL2='\t') +- assert str(cp) == reference +- +- +-def test_cryptopolicy_to_string_twisted(tmpdir): +- reference = textwrap.dedent(''' +- # Policy TESTPOL dump +- # +- # Do not parse the contents of this file with automated tools, +- # it is provided for review convenience only. +- # +- # Baseline values for all scopes: +- cipher = RC4-128 IDEA-CBC +- group = +- hash = MD5 +- key_exchange = +- mac = +- protocol = +- sign = +- arbitrary_dh_groups = 0 +- min_dh_size = 0 +- min_dsa_size = 0 +- min_rsa_size = 0 +- sha1_in_certs = 0 +- ssh_certs = 0 +- min_ec_size = 256 +- etm = ANY +- __ems = ENFORCE +- # Scope-specific properties derived for select backends: +- cipher@gnutls = DES-CBC RC4-128 IDEA-CBC +- hash@gnutls = +- sha1_in_certs@gnutls = 1 +- cipher@java-tls = DES-CBC RC4-128 IDEA-CBC +- etm@libssh = DISABLE_NON_ETM +- __ems@nss = RELAX +- cipher@nss-tls = DES-CBC RC4-128 IDEA-CBC +- cipher@nss-pkcs12 = IDEA-CBC +- cipher@nss-smime-import = RC4-128 SEED-CBC IDEA-CBC +- etm@openssh = DISABLE_NON_ETM +- hash@openssh-server = MD5 SHA1 +- cipher@openssl = NULL DES-CBC RC4-128 IDEA-CBC +- ''').lstrip() +- cp = _policy(tmpdir, +- TESTPOL=''' +- hash = MD5 +- cipher@openssl = SEED-CBC # overridden in the next line +- cipher = RC4-128 IDEA-CBC +- cipher@tls = +DES-CBC +- cipher@openssl = +NULL +- cipher@pkcs12 = -RC4-128 +- cipher@nss-smime = IDEA-CBC +- cipher@smime-import = +SEED-CBC +- cipher@smime = +RC4-128 # cipher@nss-smime == cipher@nss +- hash@openssh-server = SHA1+ +- sha1_in_certs@gnutls = 1 +- hash@gnutls = -MD5 +- etm@SSH = DISABLE_NON_ETM +- __ems = ENFORCE +- __ems@nss = RELAX +- ''') +- assert str(cp) == reference -- 2.47.1