diff options
author | Chad Smith <chad.smith@canonical.com> | 2022-02-14 08:51:03 -0700 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-02-14 08:51:03 -0700 |
commit | 17818549b3dda58a907ef44ed7de9f837ad66c3c (patch) | |
tree | 5427d452228920bbf41260536432c528146e5cf8 /tests/integration_tests/modules | |
parent | 0b41b359a70bbbf3a648862a9b849d60b9ff6c3b (diff) | |
download | vyos-cloud-init-17818549b3dda58a907ef44ed7de9f837ad66c3c.tar.gz vyos-cloud-init-17818549b3dda58a907ef44ed7de9f837ad66c3c.zip |
tests: when generating crypted password, generate in target env (#1252)
There are inconsistencies for cryptographic libraries across
major distribution releases.
From a bionic host, which doesn't support yescrypt hashing scheme,
attempting run run crypt.crypt locally using a yescrypt hash
from a Jammmy /etc/shadow file will result in failure to produce an
encrypted password. For "unsupported" hash schemes, crypt.crypt
returns None.
To avoid inconsistencies of python cryptographic libs across Linux
releases, perform the password encryption on the system under test.
Diffstat (limited to 'tests/integration_tests/modules')
-rw-r--r-- | tests/integration_tests/modules/test_set_password.py | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/tests/integration_tests/modules/test_set_password.py b/tests/integration_tests/modules/test_set_password.py index e0f8b692..0e35cd26 100644 --- a/tests/integration_tests/modules/test_set_password.py +++ b/tests/integration_tests/modules/test_set_password.py @@ -8,8 +8,6 @@ other tests chpasswd's list being a string. Both expect the same results, so they use a mixin to share their test definitions, because we can (of course) only specify one user-data per instance. """ -import crypt - import pytest import yaml @@ -162,9 +160,13 @@ class Mixin: shadow_users, _ = self._fetch_and_parse_etc_shadow(class_client) fmt_and_salt = shadow_users["tom"].rsplit("$", 1)[0] - expected_value = crypt.crypt("mypassword123!", fmt_and_salt) - - assert expected_value == shadow_users["tom"] + GEN_CRYPT_CONTENT = ( + "import crypt\n" + f"print(crypt.crypt('mypassword123!', '{fmt_and_salt}'))\n" + ) + class_client.write_to_file("/gen_crypt.py", GEN_CRYPT_CONTENT) + result = class_client.execute("python3 /gen_crypt.py") + assert result.stdout == shadow_users["tom"] def test_shadow_expected_users(self, class_client): """Test that the right set of users is in /etc/shadow.""" |