Update String#crypt tests to work on OpenBSD

Skip the webrick httpauth tests that use crypt when testing on OpenBSD. Fixes [Bug #11363]
2022-11-09 12:17:21 -05:00 · 2019-05-23 20:07:36 -07:00 · 2019-05-23 20:07:36 -07:00 · 4b9869e7e0
commit 4b9869e7e0
parent 09c09eb0db
3 changed files with 33 additions and 8 deletions
--- a/test/ruby/test_m17n_comb.rb
+++ b/test/ruby/test_m17n_comb.rb
@ -744,6 +744,10 @@ class TestM17NComb < Test::Unit::TestCase
    }
  end

+  def crypt_supports_des_crypt?
+    /openbsd/ !~ RUBY_PLATFORM
+  end
+
  # glibc 2.16 or later denies salt contained other than [0-9A-Za-z./] #7312
  # we use this check to test strict and non-strict behavior separately #11045
  strict_crypt = if defined? Etc::CS_GNU_LIBC_VERSION
@ -760,7 +764,7 @@ class TestM17NComb < Test::Unit::TestCase
    }
  end

-  if !strict_crypt
+  if !strict_crypt && /openbsd/ !~ RUBY_PLATFORM
    def test_str_crypt_nonstrict
      combination(STRINGS, STRINGS) {|str, salt|
        # only test input other than [0-9A-Za-z./] to confirm non-strict behavior
@ -772,9 +776,14 @@ class TestM17NComb < Test::Unit::TestCase
  end

  private def confirm_crypt_result(str, salt)
-    if b(salt).length < 2
-      assert_raise(ArgumentError) { str.crypt(salt) }
-      return
+    if crypt_supports_des_crypt?
+      if b(salt).length < 2
+        assert_raise(ArgumentError) { str.crypt(salt) }
+        return
+      end
+    else
+      return if b(salt).length < 2
+      salt = "$2a$04$0WVaz0pV3jzfZ5G5tpmH#{salt}"
    end
    t = str.crypt(salt)
    assert_equal(b(str).crypt(b(salt)), t, "#{encdump(str)}.crypt(#{encdump(salt)})")
--- a/test/ruby/test_string.rb
+++ b/test/ruby/test_string.rb
@ -646,9 +646,22 @@ CODE
    assert_raise(ArgumentError) { "foo".count }
  end

+  def crypt_supports_des_crypt?
+    /openbsd/ !~ RUBY_PLATFORM
+  end
+
  def test_crypt
-    assert_equal(S('aaGUC/JkO9/Sc'), S("mypassword").crypt(S("aa")))
-    assert_not_equal(S('aaGUC/JkO9/Sc'), S("mypassword").crypt(S("ab")))
+    if crypt_supports_des_crypt?
+      pass      = "aaGUC/JkO9/Sc"
+      good_salt = "aa"
+      bad_salt  = "ab"
+    else
+      pass      = "$2a$04$0WVaz0pV3jzfZ5G5tpmHWuBQGbkjzgtSc3gJbmdy0GAGMa45MFM2."
+      good_salt = "$2a$04$0WVaz0pV3jzfZ5G5tpmHWu"
+      bad_salt  = "$2a$04$0WVaz0pV3jzfZ5G5tpmHXu"
+    end
+    assert_equal(S(pass), S("mypassword").crypt(S(good_salt)))
+    assert_not_equal(S(pass), S("mypassword").crypt(S(bad_salt)))
    assert_raise(ArgumentError) {S("mypassword").crypt(S(""))}
    assert_raise(ArgumentError) {S("mypassword").crypt(S("\0a"))}
    assert_raise(ArgumentError) {S("mypassword").crypt(S("a\0"))}
@ -660,9 +673,9 @@ CODE
    end

    @cls == String and
-      assert_no_memory_leak([], 's = ""', "#{<<~"begin;"}\n#{<<~'end;'}")
+      assert_no_memory_leak([], "s = ''; salt_proc = proc{#{(crypt_supports_des_crypt? ? '..' : good_salt).inspect}}", "#{<<~"begin;"}\n#{<<~'end;'}")
    begin;
-      1000.times { s.crypt(-"..").clear  }
+      1000.times { s.crypt(-salt_proc.call).clear  }
    end;
  end

--- a/test/webrick/test_httpauth.rb
+++ b/test/webrick/test_httpauth.rb
@ -58,6 +58,9 @@ class TestWEBrickHTTPAuth < Test::Unit::TestCase
  end

  [nil, :crypt, :bcrypt].each do |hash_algo|
+    # OpenBSD does not support insecure DES-crypt
+    next if /openbsd/ =~ RUBY_PLATFORM && hash_algo != :bcrypt
+
    begin
      case hash_algo
      when :crypt