diff options
author | Michael Weiss <dev.primeos@gmail.com> | 2021-08-05 18:17:49 +0200 |
---|---|---|
committer | Michael Weiss <dev.primeos@gmail.com> | 2021-08-05 18:26:59 +0200 |
commit | c4c087da21bc85cd223539077c4c5884dae2a480 (patch) | |
tree | 0f7005931eb2175625f7219baf792315a127ea21 /nixos/tests/signal-desktop.nix | |
parent | fd2bb8574e7b16cf716d2ad1e654a5ba83555ab7 (diff) |
nixos/tests/signal-desktop: Improve the DB test
The command "file ~/.config/Signal/sql/db.sqlite | grep 'db.sqlite: data'" can randomly fail because "file" sometimes recognizes the "random" (encrypted) data as something. This occasionally causes test failures, e.g. [0] were it was recognized as "PGP Secret Sub-key -" or in another instance as an ext4 filesystem [1]. [0]: https://github.com/NixOS/nixpkgs/pull/132644#issuecomment-892601504 [1]: https://social.primeos.dev/notice/A7H8VWV0KtQHUZZIsC
Diffstat (limited to 'nixos/tests/signal-desktop.nix')
-rw-r--r-- | nixos/tests/signal-desktop.nix | 26 |
1 files changed, 21 insertions, 5 deletions
diff --git a/nixos/tests/signal-desktop.nix b/nixos/tests/signal-desktop.nix index 42485cd0da7ed..379af4d3912b9 100644 --- a/nixos/tests/signal-desktop.nix +++ b/nixos/tests/signal-desktop.nix @@ -1,6 +1,16 @@ import ./make-test-python.nix ({ pkgs, ...} : -{ +let + sqlcipher-signal = pkgs.writeShellScriptBin "sqlcipher" '' + set -eu + + readonly CFG=~/.config/Signal/config.json + readonly KEY="$(${pkgs.jq}/bin/jq --raw-output '.key' $CFG)" + readonly DB="$1" + readonly SQL="SELECT * FROM sqlite_master where type='table'" + ${pkgs.sqlcipher}/bin/sqlcipher "$DB" "PRAGMA key = \"x'$KEY'\"; $SQL" + ''; +in { name = "signal-desktop"; meta = with pkgs.lib.maintainers; { maintainers = [ flokli primeos ]; @@ -16,7 +26,9 @@ import ./make-test-python.nix ({ pkgs, ...} : services.xserver.enable = true; test-support.displayManager.auto.user = "alice"; - environment.systemPackages = with pkgs; [ signal-desktop file ]; + environment.systemPackages = with pkgs; [ + signal-desktop file sqlite sqlcipher-signal + ]; virtualisation.memorySize = 1024; }; @@ -44,11 +56,15 @@ import ./make-test-python.nix ({ pkgs, ...} : # - https://github.com/NixOS/nixpkgs/issues/108772 # - https://github.com/NixOS/nixpkgs/pull/117555 print(machine.succeed("su - alice -c 'file ~/.config/Signal/sql/db.sqlite'")) - machine.succeed( - "su - alice -c 'file ~/.config/Signal/sql/db.sqlite' | grep 'db.sqlite: data'" - ) machine.fail( "su - alice -c 'file ~/.config/Signal/sql/db.sqlite' | grep -e SQLite -e database" ) + # Only SQLCipher should be able to read the encrypted DB: + machine.fail( + "su - alice -c 'sqlite3 ~/.config/Signal/sql/db.sqlite .databases'" + ) + print(machine.succeed( + "su - alice -c 'sqlcipher ~/.config/Signal/sql/db.sqlite'" + )) ''; }) |