summaryrefslogtreecommitdiff
path: root/tests/integration_tests/modules
diff options
context:
space:
mode:
authorChad Smith <chad.smith@canonical.com>2022-02-14 08:51:03 -0700
committerGitHub <noreply@github.com>2022-02-14 08:51:03 -0700
commit17818549b3dda58a907ef44ed7de9f837ad66c3c (patch)
tree5427d452228920bbf41260536432c528146e5cf8 /tests/integration_tests/modules
parent0b41b359a70bbbf3a648862a9b849d60b9ff6c3b (diff)
downloadvyos-cloud-init-17818549b3dda58a907ef44ed7de9f837ad66c3c.tar.gz
vyos-cloud-init-17818549b3dda58a907ef44ed7de9f837ad66c3c.zip
tests: when generating crypted password, generate in target env (#1252)
There are inconsistencies for cryptographic libraries across major distribution releases. From a bionic host, which doesn't support yescrypt hashing scheme, attempting run run crypt.crypt locally using a yescrypt hash from a Jammmy /etc/shadow file will result in failure to produce an encrypted password. For "unsupported" hash schemes, crypt.crypt returns None. To avoid inconsistencies of python cryptographic libs across Linux releases, perform the password encryption on the system under test.
Diffstat (limited to 'tests/integration_tests/modules')
-rw-r--r--tests/integration_tests/modules/test_set_password.py12
1 files changed, 7 insertions, 5 deletions
diff --git a/tests/integration_tests/modules/test_set_password.py b/tests/integration_tests/modules/test_set_password.py
index e0f8b692..0e35cd26 100644
--- a/tests/integration_tests/modules/test_set_password.py
+++ b/tests/integration_tests/modules/test_set_password.py
@@ -8,8 +8,6 @@ other tests chpasswd's list being a string. Both expect the same results, so
they use a mixin to share their test definitions, because we can (of course)
only specify one user-data per instance.
"""
-import crypt
-
import pytest
import yaml
@@ -162,9 +160,13 @@ class Mixin:
shadow_users, _ = self._fetch_and_parse_etc_shadow(class_client)
fmt_and_salt = shadow_users["tom"].rsplit("$", 1)[0]
- expected_value = crypt.crypt("mypassword123!", fmt_and_salt)
-
- assert expected_value == shadow_users["tom"]
+ GEN_CRYPT_CONTENT = (
+ "import crypt\n"
+ f"print(crypt.crypt('mypassword123!', '{fmt_and_salt}'))\n"
+ )
+ class_client.write_to_file("/gen_crypt.py", GEN_CRYPT_CONTENT)
+ result = class_client.execute("python3 /gen_crypt.py")
+ assert result.stdout == shadow_users["tom"]
def test_shadow_expected_users(self, class_client):
"""Test that the right set of users is in /etc/shadow."""