[arch-commits] Commit in python-pg8000/trunk (PKGBUILD scram.diff)

Chih-Hsuan Yen yan12125 at archlinux.org
Tue Feb 9 09:52:45 UTC 2021 

    Date: Tuesday, February 9, 2021 @ 09:52:45
  Author: yan12125
Revision: 850896

upgpkg: python-pg8000 1.17.0-2; rework on check() and backport a fix for SCRAM authentication

Added:
  python-pg8000/trunk/scram.diff
Modified:
  python-pg8000/trunk/PKGBUILD

------------+
 PKGBUILD   |   51 ++++++++++++++++++++++++++++++++++++++-------------
 scram.diff |   13 +++++++++++++
 2 files changed, 51 insertions(+), 13 deletions(-)

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2021-02-09 09:51:40 UTC (rev 850895)
+++ PKGBUILD	2021-02-09 09:52:45 UTC (rev 850896)
@@ -3,7 +3,7 @@
 
 pkgname=python-pg8000
 pkgver=1.17.0
-pkgrel=1
+pkgrel=2
 pkgdesc="Pure-Python PostgreSQL database driver, DB-API compatible"
 arch=(any)
 url='https://github.com/tlocke/pg8000'
@@ -10,13 +10,13 @@
 license=(BSD)
 makedepends=(python-setuptools)
 checkdepends=(python-pytest python-pytest-mock python-pytest-benchmark
-              python-pytz pifpaf postgresql)
+              python-pytz postgresql)
 depends=(python python-scramp)
 source=("https://files.pythonhosted.org/packages/source/p/pg8000/pg8000-$pkgver.tar.gz"{,.asc}
-        pghost-unix-sock.patch::https://github.com/tlocke/pg8000/pull/64.patch)
+        scram.diff)
 sha256sums=('14198c5afeb289106e40ee6e5e4c0529c5369939f6ca588a028b371a75fe20dd'
             'SKIP'
-            '0a851dbbc0f8d0116795eb0d875e9178659bdf7c6964bff8b26c6b014c37e9c9')
+            '71cccb7b33863dc94f93251b8f7cbff93e9505e120e7b9213c4ede2feb4a8e1c')
 validpgpkeys=(
   'D5681B7EC7292511C4CC1450892B00AB699851E8'  # Tony Locke <tlocke at tlocke.org.uk>, proven by https://keybase.io/tlocke
 )
@@ -28,7 +28,8 @@
   sed --in-place=.orig -r 's#,?<[0-9.]+,?##;s#==([0-9.]+)#>=\1#' setup.py
   diff -u setup.py{.orig,} || true
 
-  patch -Np1 -i ../pghost-unix-sock.patch
+  # Partial backport of https://github.com/tlocke/pg8000/commit/18eee18f7525bf3026339d206790d4d5843cf055
+  patch -Np1 -i ../scram.diff
 }
 
 build() {
@@ -38,15 +39,39 @@
 
 check() {
   cd pg8000-$pkgver
-  # GSS tests: need custom pg_hba.conf, while pifpaf does not support it yet
-  # SSL tests: need TCP connections [1][2], while pifpaf uses unix domain sockets
-  # [1] https://github.com/postgres/postgres/blob/REL_13_1/src/backend/postmaster/postmaster.c#L2027
-  # [2] https://www.postgresql.org/message-id/flat/200801041713.22341.peter_e%40gmx.net
-  PYTHONPATH="$PWD" pifpaf run postgresql -- bash -c "
-    psql -c \"CREATE ROLE postgres WITH LOGIN SUPERUSER PASSWORD 'pw';\"
-    psql -c \"create extension hstore;\"
-    pytest test -k 'not testGss and not test_gss and not testSsl and not test_ssl'
+
+  export PGDATA="$srcdir/postgres-testdata"
+  export PGHOST=127.0.0.1
+  export PGPORT=$((49152+$RANDOM%10000))
+
+  # See https://github.com/tlocke/pg8000#tests about database initialization steps for testing
+  initdb --username=postgres --auth=trust
+  openssl req -subj "/CN=self-signed" -nodes -x509 -newkey rsa:4096 -days 1 -keyout "$PGDATA/self-signed.key" -out "$PGDATA/self-signed.crt"
+  cat <<EOF >> "$PGDATA/postgresql.conf"
+ssl = on
+ssl_cert_file = 'self-signed.crt'
+ssl_key_file = 'self-signed.key'
+password_encryption = 'scram-sha-256'
+EOF
+
+  pg_ctl start -o "-k '' -h $PGHOST -p $PGPORT" -l "$srcdir/postgresql.log"
+  # Change the password for postgres after password_encryption is specified, so that the role has a valid SCRAM secret
+  psql -U postgres -c "
+    CREATE EXTENSION hstore;
+    ALTER ROLE postgres PASSWORD 'pw';
   "
+
+  # should overwrite pg_hba.conf, or unexpected matches may happen against existing entries
+  cat <<EOF > "$PGDATA/pg_hba.conf"
+host    pg8000_md5      all             127.0.0.1/32            md5
+host    pg8000_gss      all             127.0.0.1/32            gss
+host    pg8000_password all             127.0.0.1/32            password
+host    pg8000_scram_sha_256 all        127.0.0.1/32            scram-sha-256
+host    all             all             127.0.0.1/32            trust
+EOF
+  pg_ctl reload
+  PYTHONPATH="$PWD" pytest test
+  pg_ctl stop
 }
 
 package() {

Added: scram.diff
===================================================================
--- scram.diff	                        (rev 0)
+++ scram.diff	2021-02-09 09:52:45 UTC (rev 850896)
@@ -0,0 +1,13 @@
+diff --git a/pg8000/core.py b/pg8000/core.py
+index 8c4c512..8c544b1 100644
+--- a/pg8000/core.py
++++ b/pg8000/core.py
+@@ -492,7 +492,7 @@ class CoreConnection():
+         elif auth_code == 10:
+             # AuthenticationSASL
+             mechanisms = [
+-                m.decode('ascii') for m in data[4:-1].split(NULL_BYTE)]
++                m.decode('ascii') for m in data[4:-2].split(NULL_BYTE)]
+ 
+             self.auth = ScramClient(
+                 mechanisms, self.user.decode('utf8'),

More information about the arch-commits mailing list