From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Original-To: poffice@blade.nagaokaut.ac.jp Delivered-To: poffice@blade.nagaokaut.ac.jp Received: from kankan.nagaokaut.ac.jp (kankan.nagaokaut.ac.jp [133.44.2.24]) by blade.nagaokaut.ac.jp (Postfix) with ESMTP id A549519602C8 for ; Sun, 19 Jul 2015 00:04:38 +0900 (JST) Received: from funfun.nagaokaut.ac.jp (smtp.nagaokaut.ac.jp [133.44.2.201]) by kankan.nagaokaut.ac.jp (Postfix) with ESMTP id 4E159B5D870 for ; Sun, 19 Jul 2015 00:33:52 +0900 (JST) Received: from funfun.nagaokaut.ac.jp (localhost.nagaokaut.ac.jp [127.0.0.1]) by funfun.nagaokaut.ac.jp (Postfix) with ESMTP id 3B4CD97A827 for ; Sun, 19 Jul 2015 00:33:55 +0900 (JST) X-Virus-Scanned: amavisd-new at nagaokaut.ac.jp Authentication-Results: funfun.nagaokaut.ac.jp (amavisd-new); dkim=fail (1024-bit key) reason="fail (message has been altered)" header.d=sendgrid.me Received: from funfun.nagaokaut.ac.jp ([127.0.0.1]) by funfun.nagaokaut.ac.jp (funfun.nagaokaut.ac.jp [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9cdyiSCghUsu for ; Sun, 19 Jul 2015 00:33:55 +0900 (JST) Received: from voscc.nagaokaut.ac.jp (voscc.nagaokaut.ac.jp [133.44.1.100]) by funfun.nagaokaut.ac.jp (Postfix) with ESMTP id E5EDD97A826 for ; Sun, 19 Jul 2015 00:33:54 +0900 (JST) Received: from neon.ruby-lang.org (neon.ruby-lang.org [221.186.184.75]) by voscc.nagaokaut.ac.jp (Postfix) with ESMTP id C02B6952439 for ; Sun, 19 Jul 2015 00:33:51 +0900 (JST) Received: from [221.186.184.76] (localhost [IPv6:::1]) by neon.ruby-lang.org (Postfix) with ESMTP id 2C096120495; Sun, 19 Jul 2015 00:33:50 +0900 (JST) X-Original-To: ruby-core@ruby-lang.org Delivered-To: ruby-core@ruby-lang.org Received: from o2.heroku.sendgrid.net (o2.heroku.sendgrid.net [67.228.50.55]) by neon.ruby-lang.org (Postfix) with ESMTPS id E872C120443 for ; Sun, 19 Jul 2015 00:33:46 +0900 (JST) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sendgrid.me; h=from:to:references:subject:mime-version:content-type:content-transfer-encoding:list-id; s=smtpapi; bh=eiMbtXZo/yLbCYDHWA1mUi/EU0o=; b=q8fr85xO6IYvIT+y+B x6J8V23ka8BnIqIS1L7DzX+XmDeGYgbvFopi7eEy5azXASyDWqp7o8tIEG1aK3Co EQl+4bEjPwak3/qqSWc24FQdzQbAxmXRSXRyVqL3B9gpuCzsQ4DjBMqb8nRLf9MQ fZGYFAvv/XukCZXUGBNVXHogk= Received: by filter0606p1mdw1.sendgrid.net with SMTP id filter0606p1mdw1.3061.55AA71D522 2015-07-18 15:33:41.963902425 +0000 UTC Received: from herokuapp.com (ec2-54-163-219-126.compute-1.amazonaws.com [54.163.219.126]) by ismtpd-031 (SG) with ESMTP id 14ea1ccab4b.582e.f6f6d7 for ; Sat, 18 Jul 2015 15:33:41 +0000 (UTC) Date: Sat, 18 Jul 2015 15:33:41 +0000 From: merch-redmine@jeremyevans.net To: ruby-core@ruby-lang.org Message-ID: References: Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Redmine-MailingListIntegration-Message-Ids: 44648 X-Redmine-Project: ruby-trunk X-Redmine-Issue-Id: 11363 X-Redmine-Issue-Author: jeremyevans0 X-Redmine-Sender: jeremyevans0 X-Mailer: Redmine X-Redmine-Host: bugs.ruby-lang.org X-Redmine-Site: Ruby Issue Tracking System X-Auto-Response-Suppress: All Auto-Submitted: auto-generated X-SG-EID: ync6xU2WACa70kv/Ymy4QrNMhiuLXJG8OTL2vJD1yS66aEvloEqETypqb68z+xEBTu2LEGughr+VFs A+forU4FyHF0AswdQca1kQIKdSGuNZU7ExIsiAUWHG6hKTJ79npGETnMz/1iaiB+OONWvUukcBnAOU HKWwDDMvfrfyerELSgPk7ivt5VmG2XuOPqzE X-ML-Name: ruby-core X-Mail-Count: 70031 Subject: [ruby-core:70031] [Ruby trunk - Bug #11363] Fix tests for String#crypt X-BeenThere: ruby-core@ruby-lang.org X-Mailman-Version: 2.1.15 Precedence: list Reply-To: Ruby developers List-Id: Ruby developers List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: ruby-core-bounces@ruby-lang.org Sender: "ruby-core" Issue #11363 has been updated by Jeremy Evans. Well, the tests fail on OpenBSD regardless of the patch, as OpenBSD crypt(3) does not support the historical, insecure DES-based crypt, only bcrypt, and you need to pass a bcrypt salt as the second argument. I will be adding a local patch to OpenBSD so that passing a non-bcrypt salt to String#crypt will result in a bcrypt salt being autogenerated, so that portable ruby programs using String#crypt will run on OpenBSD. I don't think that patch belongs in ruby. I think this patch improves things as it allows implementations to choose how to implement crypt(3), as long as they their crypt has the property: enc = "pass".crypt("salt") enc == "pass".crypt(enc) This isn't a big deal, I'm fine keeping this as a local OpenBSD patch, but I think it makes sense to have this in ruby. If you disagree, feel free to close this issue. ---------------------------------------- Bug #11363: Fix tests for String#crypt https://bugs.ruby-lang.org/issues/11363#change-53455 * Author: Jeremy Evans * Status: Open * Priority: Normal * Assignee: * ruby -v: ruby 2.3.0dev (2015-07-16 openbsd 51261) [x86_64-openbsd] * Backport: 2.0.0: UNKNOWN, 2.1: UNKNOWN, 2.2: UNKNOWN ---------------------------------------- The String#crypt documentation states "the format and the result are system and implementation dependent", so the tests should not be checking for specific results. We should only be checking that the method returns a string, that the results are different if you use a different password or different salt, and the results are the same if the using the encypted password as the salt results in the same encrypted password. ---Files-------------------------------- 0001-Fix-tests-for-String-crypt.patch (2.02 KB) -- https://bugs.ruby-lang.org/