You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
51 lines
1.6 KiB
51 lines
1.6 KiB
From 5984f005f7a08feca52509658cff1c56d768e057 Mon Sep 17 00:00:00 2001 |
|
From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com> |
|
Date: Mon, 1 Dec 2014 15:28:36 +0100 |
|
Subject: [PATCH] t/op/taint.t: Perform SHA-256 algorithm by crypt() if default |
|
one is disabled |
|
MIME-Version: 1.0 |
|
Content-Type: text/plain; charset=UTF-8 |
|
Content-Transfer-Encoding: 8bit |
|
|
|
The crypt(3) call may return NULL. This is the case on FIPS-enabled |
|
platforms. Then "tainted crypt" test would fail. |
|
|
|
See RT#121591 for similar fix in t/op/crypt.t. |
|
|
|
Signed-off-by: Petr Písař <ppisar@redhat.com> |
|
|
|
Petr Pisar: Ported to 5.16.3. |
|
|
|
Signed-off-by: Petr Písař <ppisar@redhat.com> |
|
--- |
|
t/op/taint.t | 14 +++++++++++++- |
|
1 file changed, 13 insertions(+), 1 deletion(-) |
|
|
|
diff --git a/t/op/taint.t b/t/op/taint.t |
|
index 9cea740..478e574 100644 |
|
--- a/t/op/taint.t |
|
+++ b/t/op/taint.t |
|
@@ -1868,7 +1868,19 @@ foreach my $ord (78, 163, 256) { |
|
|
|
{ |
|
# 59998 |
|
- sub cr { my $x = crypt($_[0], $_[1]); $x } |
|
+ sub cr { |
|
+ # On platforms implementing FIPS mode, using a weak algorithm |
|
+ # (including the default triple-DES algorithm) causes crypt(3) to |
|
+ # return a null pointer, which Perl converts into undef. We assume |
|
+ # for now that all such platforms support glibc-style selection of |
|
+ # a different hashing algorithm. |
|
+ my $alg = ''; # Use default algorithm |
|
+ if ( !defined(crypt("ab", "cd")) ) { |
|
+ $alg = '$5$'; # Use SHA-256 |
|
+ } |
|
+ my $x = crypt($_[0], $alg . $_[1]); |
|
+ $x |
|
+ } |
|
sub co { my $x = ~$_[0]; $x } |
|
my ($a, $b); |
|
$a = cr('hello', 'foo' . $TAINT); |
|
-- |
|
1.9.3 |
|
|
|
|