Feature #14915 » 0001-Deprecate-String-crypt.patch
string.c | ||
---|---|---|
* salt string. While the format and the result are system and
|
||
* implementation dependent, using a salt matching the regular
|
||
* expression <code>\A[a-zA-Z0-9./]{2}</code> should be valid and
|
||
* safe on any platform, in which only the first two characters are
|
||
* significant.
|
||
* safe on most platforms, in which only the first two characters are
|
||
* significant. However, this uses DES-crypt, an insecure form of
|
||
* password hashing.
|
||
*
|
||
* This method is for use in system specific scripts, so if you want
|
||
* a cross-platform hash function consider using Digest or OpenSSL
|
||
* instead.
|
||
*
|
||
* This method is deprecated, install the string-crypt gem and
|
||
* require 'string/crypt' to continue using it.
|
||
*/
|
||
static VALUE
|
||
rb_str_crypt(VALUE str, VALUE salt)
|
||
{
|
||
rb_warn("The String#crypt method is deprecated. " \
|
||
"Install the string-crypt gem and require \"string/crypt\" " \
|
||
"to continue using String#crypt.");
|
||
#ifdef HAVE_CRYPT_R
|
||
VALUE databuf;
|
||
struct crypt_data *data;
|
test/ruby/test_m17n_comb.rb | ||
---|---|---|
end
|
||
end
|
||
private def crypt_result(str, salt)
|
||
assert_warn(/The String#crypt core method is deprecated/) do
|
||
str.crypt(salt)
|
||
end
|
||
end
|
||
private def confirm_crypt_result(str, salt)
|
||
if b(salt).length < 2
|
||
assert_raise(ArgumentError) { str.crypt(salt) }
|
||
assert_raise(ArgumentError) { crypt_result(str, salt) }
|
||
return
|
||
end
|
||
t = str.crypt(salt)
|
||
assert_equal(b(str).crypt(b(salt)), t, "#{encdump(str)}.crypt(#{encdump(salt)})")
|
||
t = crypt_result(str, salt)
|
||
assert_equal(crypt_result(b(str), b(salt)), t, "#{encdump(str)}.crypt(#{encdump(salt)})")
|
||
assert_encoding('ASCII-8BIT', t.encoding)
|
||
end
|
||
test/ruby/test_string.rb | ||
---|---|---|
assert_raise(ArgumentError) { "foo".count }
|
||
end
|
||
def crypt(str, salt)
|
||
assert_warn(/The String#crypt core method is deprecated/) do
|
||
str.crypt(salt)
|
||
end
|
||
end
|
||
def test_crypt
|
||
if RubyVM::MJIT.enabled?
|
||
skip "This sometimes fails with -DMJIT_FORCE_ENABLE. This seems important to be fixed..."
|
||
end
|
||
assert_equal(S('aaGUC/JkO9/Sc'), S("mypassword").crypt(S("aa")))
|
||
assert_not_equal(S('aaGUC/JkO9/Sc'), S("mypassword").crypt(S("ab")))
|
||
assert_raise(ArgumentError) {S("mypassword").crypt(S(""))}
|
||
assert_raise(ArgumentError) {S("mypassword").crypt(S("\0a"))}
|
||
assert_raise(ArgumentError) {S("mypassword").crypt(S("a\0"))}
|
||
assert_raise(ArgumentError) {S("poison\u0000null").crypt(S("aa"))}
|
||
assert_equal(S('aaGUC/JkO9/Sc'), crypt(S("mypassword"), S("aa")))
|
||
assert_not_equal(S('aaGUC/JkO9/Sc'), crypt(S("mypassword"), S("ab")))
|
||
assert_raise(ArgumentError) {crypt(S("mypassword"), S(""))}
|
||
assert_raise(ArgumentError) {crypt(S("mypassword"), S("\0a"))}
|
||
assert_raise(ArgumentError) {crypt(S("mypassword"), S("a\0"))}
|
||
assert_raise(ArgumentError) {crypt(S("poison\u0000null"), S("aa"))}
|
||
[Encoding::UTF_16BE, Encoding::UTF_16LE,
|
||
Encoding::UTF_32BE, Encoding::UTF_32LE].each do |enc|
|
||
assert_raise(ArgumentError) {S("mypassword").crypt(S("aa".encode(enc)))}
|
||
assert_raise(ArgumentError) {S("mypassword".encode(enc)).crypt(S("aa"))}
|
||
assert_raise(ArgumentError) {crypt(S("mypassword"), S("aa".encode(enc)))}
|
||
assert_raise(ArgumentError) {crypt(S("mypassword".encode(enc)), S("aa"))}
|
||
end
|
||
@cls == String and
|
||
assert_no_memory_leak([], 's = ""', "#{<<~"begin;"}\n#{<<~'end;'}")
|
||
begin;
|
||
1000.times { s.crypt(-"..").clear }
|
||
1000.times { crypt(s, -"..").clear }
|
||
end;
|
||
end
|
||
test/webrick/test_httpauth.rb | ||
---|---|---|
next
|
||
end
|
||
if hash_algo == :bcrypt
|
||
warning = /\A\z/
|
||
else
|
||
warning = /The String#crypt core method is deprecated/
|
||
end
|
||
define_method(:"test_basic_auth_htpasswd_#{hash_algo}") do
|
||
log_tester = lambda {|log, access_log|
|
||
log.reject! {|line| /\A\s*\z/ =~ line }
|
||
... | ... | |
Tempfile.create("test_webrick_auth") {|tmpfile|
|
||
tmpfile.close
|
||
tmp_pass = WEBrick::HTTPAuth::Htpasswd.new(tmpfile.path, password_hash: hash_algo)
|
||
tmp_pass.set_passwd(realm, "webrick", "supersecretpassword")
|
||
tmp_pass.set_passwd(realm, "foo", "supersecretpassword")
|
||
assert_warn(warning) do
|
||
tmp_pass.set_passwd(realm, "webrick", "supersecretpassword")
|
||
tmp_pass.set_passwd(realm, "foo", "supersecretpassword")
|
||
end
|
||
tmp_pass.flush
|
||
htpasswd = WEBrick::HTTPAuth::Htpasswd.new(tmpfile.path, password_hash: hash_algo)
|
||
... | ... | |
}
|
||
http = Net::HTTP.new(addr, port)
|
||
g = Net::HTTP::Get.new(path)
|
||
g.basic_auth("webrick", "supersecretpassword")
|
||
http.request(g){|res| assert_equal("hoge", res.body, log.call)}
|
||
g.basic_auth("webrick", "not super")
|
||
http.request(g){|res| assert_not_equal("hoge", res.body, log.call)}
|
||
assert_warn(warning) do
|
||
g.basic_auth("webrick", "supersecretpassword")
|
||
http.request(g){|res| assert_equal("hoge", res.body, log.call)}
|
||
g.basic_auth("webrick", "not super")
|
||
http.request(g){|res| assert_not_equal("hoge", res.body, log.call)}
|
||
end
|
||
}
|
||
}
|
||
end
|
||
... | ... | |
Tempfile.create("test_webrick_auth") {|tmpfile|
|
||
tmpfile.close
|
||
tmp_pass = WEBrick::HTTPAuth::Htpasswd.new(tmpfile.path, password_hash: hash_algo)
|
||
tmp_pass.set_passwd(realm, "webrick", "supersecretpassword")
|
||
tmp_pass.set_passwd(realm, "foo", "supersecretpassword")
|
||
assert_warn(warning) do
|
||
tmp_pass.set_passwd(realm, "webrick", "supersecretpassword")
|
||
tmp_pass.set_passwd(realm, "foo", "supersecretpassword")
|
||
end
|
||
tmp_pass.flush
|
||
htpasswd = WEBrick::HTTPAuth::Htpasswd.new(tmpfile.path, password_hash: hash_algo)
|
||
... | ... | |
}
|
||
http = Net::HTTP.new(addr, port)
|
||
g = Net::HTTP::Get.new(path)
|
||
g.basic_auth("foo\ebar", "passwd")
|
||
assert_warn(warning) do
|
||
g.basic_auth("foo\ebar", "passwd")
|
||
end
|
||
http.request(g){|res| assert_not_equal("hoge", res.body, log.call) }
|
||
}
|
||
}
|