From 8de0fd45cde4826951842f80b6ce109988d47f4f Mon Sep 17 00:00:00 2001

From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>

Date: Mon, 7 Apr 2014 12:31:28 +0200

Subject: [PATCH] t/op/crypt.t: Perform SHA-256 algorithm if default one is

 disabled

MIME-Version: 1.0

Content-Type: text/plain; charset=UTF-8

Content-Transfer-Encoding: 8bit

The crypt(3) call may return NULL. This is the case of FIPS-enabled

platforms. Then "salt makes a difference" test would fail.

Signed-off-by: Petr Písař <ppisar@redhat.com>

---

 t/op/crypt.t | 14 ++++++++++----

 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/t/op/crypt.t b/t/op/crypt.t

index 27c878f..6c43992 100644

--- a/t/op/crypt.t

+++ b/t/op/crypt.t

@@ -28,19 +28,25 @@ BEGIN {

 # bets, given alternative encryption/hashing schemes like MD5,

 # C2 (or higher) security schemes, and non-UNIX platforms.

+# Platforms implementing FIPS mode return undef on weak crypto algorithms.

+my $alg = '';       # Use default algorithm

+if ( !defined(crypt("ab", "cd")) ) {

+    $alg = '$5$';   # Use SHA-256

+}

+

 SKIP: {

 	skip ("VOS crypt ignores salt.", 1) if ($^O eq 'vos');

-	ok(substr(crypt("ab", "cd"), 2) ne substr(crypt("ab", "ce"), 2), "salt makes a difference");

+	ok(substr(crypt("ab", $alg . "cd"), 2) ne substr(crypt("ab", $alg. "ce"), 2), "salt makes a difference");

 }

 $a = "a\xFF\x{100}";

-eval {$b = crypt($a, "cd")};

+eval {$b = crypt($a, $alg . "cd")};

 like($@, qr/Wide character in crypt/, "wide characters ungood");

 chop $a; # throw away the wide character

-eval {$b = crypt($a, "cd")};

+eval {$b = crypt($a, $alg . "cd")};

 is($@, '',                   "downgrade to eight bit characters");

-is($b, crypt("a\xFF", "cd"), "downgrade results agree");

+is($b, crypt("a\xFF", $alg . "cd"), "downgrade results agree");

-- 

1.9.0