diff options
| author | Petr Písař <ppisar@redhat.com> | 2014-12-01 15:28:36 +0100 |
|---|---|---|
| committer | Father Chrysostomos <sprout@cpan.org> | 2014-12-01 12:44:03 -0800 |
| commit | a2d725a2585df47821024d25ea39e658a50b9db4 (patch) | |
| tree | 15a1ad31e99c572cf4d7a50d1f4a3b223b8c2a73 | |
| parent | b3387df16a1341ea325dc9814a5b7e3a2a3b7d9f (diff) | |
| download | perl-a2d725a2585df47821024d25ea39e658a50b9db4.tar.gz | |
t/op/taint.t: Perform SHA-256 algorithm by crypt() if default one is disabled
The crypt(3) call may return NULL. This is the case on FIPS-enabled
platforms. Then "tainted crypt" test would fail.
See RT#121591 for similar fix in t/op/crypt.t.
Signed-off-by: Petr Písař <ppisar@redhat.com>
| -rw-r--r-- | t/op/taint.t | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/t/op/taint.t b/t/op/taint.t index f9e83315b1..a13fde4b06 100644 --- a/t/op/taint.t +++ b/t/op/taint.t @@ -1967,7 +1967,19 @@ foreach my $ord (78, 163, 256) { SKIP: { skip 'No crypt function, skipping crypt tests', 4 if(!$Config{d_crypt}); # 59998 - sub cr { my $x = crypt($_[0], $_[1]); $x } + sub cr { + # On platforms implementing FIPS mode, using a weak algorithm + # (including the default triple-DES algorithm) causes crypt(3) to + # return a null pointer, which Perl converts into undef. We assume + # for now that all such platforms support glibc-style selection of + # a different hashing algorithm. + my $alg = ''; # Use default algorithm + if ( !defined(crypt("ab", "cd")) ) { + $alg = '$5$'; # Use SHA-256 + } + my $x = crypt($_[0], $alg . $_[1]); + $x + } sub co { my $x = ~$_[0]; $x } my ($a, $b); $a = cr('hello', 'foo' . $TAINT); |