diff --git a/.circleci/config.yml b/.circleci/config.yml index 4031374a9..60673c5cf 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -99,19 +99,24 @@ commands: echo - run: - name: Installing psql client, enchant, netcat, rust - command: $SUDO apt -y install postgresql-client netcat python3-enchant rustc + name: Installing psql client, enchant, netcat + command: $SUDO apt -y install postgresql-client netcat python3-enchant python3-venv python3-dev + + - run: + name: Installing rust + command: $SUDO curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y - restore_cache: keys: - - v23-dependencies-{{ .Environment.CIRCLE_JOB }}-{{ checksum + - v24-dependencies-{{ .Environment.CIRCLE_JOB }}-{{ checksum "requirements.txt" }} # fallback to using the latest cache if no exact match is found - - v23-dependencies-{{ .Environment.CIRCLE_JOB }} + - v24-dependencies-{{ .Environment.CIRCLE_JOB }} - run: name: install latest pip command: | + rm -rf venv $PYTHON_INTERPRETER -m venv venv . venv/bin/activate pip install -U pip @@ -119,6 +124,7 @@ commands: - run: name: install dependencies command: | + rm -rf venv PATH=$PATH:/root/.cargo/bin/ $PYTHON_INTERPRETER -m venv venv . venv/bin/activate @@ -127,7 +133,7 @@ commands: - save_cache: paths: - ./venv - key: v23-dependencies-{{ .Environment.CIRCLE_JOB }}-{{ checksum + key: v24-dependencies-{{ .Environment.CIRCLE_JOB }}-{{ checksum "requirements.txt" }} wait_for_postgres: @@ -200,6 +206,7 @@ jobs: IRRD_REDIS_URL: 'redis://localhost' PYTHON_INTERPRETER: python3 SUDO: sudo + PATH: /root/.cargo/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin - image: cimg/postgres:<< parameters.postgres_version >> environment: @@ -236,6 +243,7 @@ jobs: IRRD_REDIS_URL: 'redis://localhost' PYTHON_INTERPRETER: pypy3 SUDO: '' + PATH: /root/.cargo/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin - image: cimg/postgres:<< parameters.postgres_version >> environment: @@ -274,6 +282,7 @@ jobs: IRRD_REDIS_URL_INTEGRATION_2: 'redis://localhost/5' PYTHON_INTERPRETER: python3 SUDO: sudo + PATH: /root/.cargo/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin - image: cimg/postgres:<< parameters.postgres_version >> environment: @@ -313,6 +322,7 @@ jobs: IRRD_REDIS_URL_INTEGRATION_2: 'redis://localhost/5' PYTHON_INTERPRETER: pypy3 SUDO: '' + PATH: /root/.cargo/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin - image: cimg/postgres:<< parameters.postgres_version >> environment: diff --git a/irrd/updates/tests/test_validators.py b/irrd/updates/tests/test_validators.py index 5888e0e71..03a8ed9a7 100644 --- a/irrd/updates/tests/test_validators.py +++ b/irrd/updates/tests/test_validators.py @@ -124,6 +124,44 @@ def test_valid_new_person(self, prepare_mocks): ["rpsl_pks", ({"TEST-MNT"},), {}], ] + def test_new_person_with_legacy_hash(self, prepare_mocks, config_override): + config_override( + { + "auth": {"password_hashers": {"crypt-pw": "legacy"}}, + } + ) + + validator, mock_dq, mock_dh = prepare_mocks + person = rpsl_object_from_text(SAMPLE_PERSON) + mock_dh.execute_query = lambda q: [ + {"object_class": "mntner", "object_text": SAMPLE_MNTNER}, + ] + + validator.passwords = [SAMPLE_MNTNER_CRYPT] + result = validator.process_auth(person, None) + assert result.is_valid() + + def test_new_person_with_authless_mntner(self, prepare_mocks, config_override): + # "authless" meaning: no auth lines that are currently enabled - #891 + config_override( + { + "auth": {"password_hashers": {"crypt-pw": "disabled"}}, + } + ) + + validator, mock_dq, mock_dh = prepare_mocks + person = rpsl_object_from_text(SAMPLE_PERSON) + cryptonly_maintainer = "\n".join( + line for line in SAMPLE_MNTNER.splitlines() if not line.startswith("auth:") or "CRYPT" in line + ) + mock_dh.execute_query = lambda q: [ + {"object_class": "mntner", "object_text": cryptonly_maintainer}, + ] + + validator.passwords = [SAMPLE_MNTNER_CRYPT] + result = validator.process_auth(person, None) + assert not result.is_valid() + def test_existing_person_mntner_change(self, prepare_mocks): validator, mock_dq, mock_dh = prepare_mocks # TEST-MNT is in both maintainers diff --git a/irrd/updates/validators.py b/irrd/updates/validators.py index 1123519f8..dfca658c9 100644 --- a/irrd/updates/validators.py +++ b/irrd/updates/validators.py @@ -304,7 +304,7 @@ def _check_mntners(self, mntner_pk_list: List[str], source: str) -> Tuple[bool, query = query.object_classes(["mntner"]).rpsl_pks(mntner_pks_to_resolve) results = self.database_handler.execute_query(query) - retrieved_mntner_objs: List[RPSLMntner] = [rpsl_object_from_text(r["object_text"]) for r in results] # type: ignore + retrieved_mntner_objs: List[RPSLMntner] = [rpsl_object_from_text(r["object_text"], strict_validation=False) for r in results] # type: ignore self._mntner_db_cache.update(retrieved_mntner_objs) mntner_objs += retrieved_mntner_objs diff --git a/requirements.txt b/requirements.txt index 237ed7882..b961a6766 100644 --- a/requirements.txt +++ b/requirements.txt @@ -48,11 +48,17 @@ pytest-asyncio==0.20.3 freezegun==1.2.2 pytest-freezegun==0.4.2 asyncmock==0.4.2; python_version < '3.8' +anyio==3.7.1 # Documentation generation Sphinx==4.3.2 # pyup: <4.4 # importlib-metadata conflict with flake8 sphinxcontrib-spelling==7.7.0 sphinx-material==0.0.35 +sphinxcontrib-applehelp==1.0.2 # https://github.com/googleapis/sphinx-docfx-yaml/issues/344 +sphinxcontrib-devhelp==1.0.2 +sphinxcontrib-htmlhelp==2.0.0 +sphinxcontrib-qthelp==1.0.3 +sphinxcontrib-serializinghtml==1.1.5 # Code style and type checks mypy==1.0.0; platform_python_implementation == "CPython"