kotovalexarian-likes-github/ruby--ruby
1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2022-11-09 12:17:21 -05:00
Code Releases Activity

Update String#crypt tests to work on OpenBSD

Browse source 
Skip the webrick httpauth tests that use crypt when testing on
OpenBSD.

Fixes [Bug #11363]
This commit is contained in:
Jeremy Evans 2019-05-23 20:07:36 -07:00
parent 09c09eb0db
commit 4b9869e7e0
3 changed files with 33 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
test/ruby/test_m17n_comb.rb
View file

@ -744,6 +744,10 @@ class TestM17NComb < Test::Unit::TestCase
} }
end end
def crypt_supports_des_crypt?
/openbsd/ !~ RUBY_PLATFORM
end
# glibc 2.16 or later denies salt contained other than [0-9A-Za-z./] #7312 # glibc 2.16 or later denies salt contained other than [0-9A-Za-z./] #7312
# we use this check to test strict and non-strict behavior separately #11045 # we use this check to test strict and non-strict behavior separately #11045
strict_crypt = if defined? Etc::CS_GNU_LIBC_VERSION strict_crypt = if defined? Etc::CS_GNU_LIBC_VERSION
@ -760,7 +764,7 @@ class TestM17NComb < Test::Unit::TestCase
} }
end end
if !strict_crypt if !strict_crypt && /openbsd/ !~ RUBY_PLATFORM
def test_str_crypt_nonstrict def test_str_crypt_nonstrict
combination(STRINGS, STRINGS) {|str, salt| combination(STRINGS, STRINGS) {|str, salt|
# only test input other than [0-9A-Za-z./] to confirm non-strict behavior # only test input other than [0-9A-Za-z./] to confirm non-strict behavior
@ -772,9 +776,14 @@ class TestM17NComb < Test::Unit::TestCase
end end
private def confirm_crypt_result(str, salt) private def confirm_crypt_result(str, salt)
if b(salt).length < 2 if crypt_supports_des_crypt?
assert_raise(ArgumentError) { str.crypt(salt) } if b(salt).length < 2
return assert_raise(ArgumentError) { str.crypt(salt) }
return
end
else
return if b(salt).length < 2
salt = "$2a$04$0WVaz0pV3jzfZ5G5tpmH#{salt}"
end end
t = str.crypt(salt) t = str.crypt(salt)
assert_equal(b(str).crypt(b(salt)), t, "#{encdump(str)}.crypt(#{encdump(salt)})") assert_equal(b(str).crypt(b(salt)), t, "#{encdump(str)}.crypt(#{encdump(salt)})")

21
test/ruby/test_string.rb
View file

@ -646,9 +646,22 @@ CODE
assert_raise(ArgumentError) { "foo".count } assert_raise(ArgumentError) { "foo".count }
end end
def crypt_supports_des_crypt?
/openbsd/ !~ RUBY_PLATFORM
end
def test_crypt def test_crypt
assert_equal(S('aaGUC/JkO9/Sc'), S("mypassword").crypt(S("aa"))) if crypt_supports_des_crypt?
assert_not_equal(S('aaGUC/JkO9/Sc'), S("mypassword").crypt(S("ab"))) pass = "aaGUC/JkO9/Sc"
good_salt = "aa"
bad_salt = "ab"
else
pass = "$2a$04$0WVaz0pV3jzfZ5G5tpmHWuBQGbkjzgtSc3gJbmdy0GAGMa45MFM2."
good_salt = "$2a$04$0WVaz0pV3jzfZ5G5tpmHWu"
bad_salt = "$2a$04$0WVaz0pV3jzfZ5G5tpmHXu"
end
assert_equal(S(pass), S("mypassword").crypt(S(good_salt)))
assert_not_equal(S(pass), S("mypassword").crypt(S(bad_salt)))
assert_raise(ArgumentError) {S("mypassword").crypt(S(""))} assert_raise(ArgumentError) {S("mypassword").crypt(S(""))}
assert_raise(ArgumentError) {S("mypassword").crypt(S("\0a"))} assert_raise(ArgumentError) {S("mypassword").crypt(S("\0a"))}
assert_raise(ArgumentError) {S("mypassword").crypt(S("a\0"))} assert_raise(ArgumentError) {S("mypassword").crypt(S("a\0"))}
@ -660,9 +673,9 @@ CODE
end end
@cls == String and @cls == String and
assert_no_memory_leak([], 's = ""', "#{<<~"begin;"}\n#{<<~'end;'}") assert_no_memory_leak([], "s = ''; salt_proc = proc{#{(crypt_supports_des_crypt? ? '..' : good_salt).inspect}}", "#{<<~"begin;"}\n#{<<~'end;'}")
begin; begin;
1000.times { s.crypt(-"..").clear } 1000.times { s.crypt(-salt_proc.call).clear }
end; end;
end end

3
test/webrick/test_httpauth.rb
View file

@ -58,6 +58,9 @@ class TestWEBrickHTTPAuth < Test::Unit::TestCase
end end
[nil, :crypt, :bcrypt].each do |hash_algo| [nil, :crypt, :bcrypt].each do |hash_algo|
# OpenBSD does not support insecure DES-crypt
next if /openbsd/ =~ RUBY_PLATFORM && hash_algo != :bcrypt
begin begin
case hash_algo case hash_algo
when :crypt when :crypt