* [ruby-core:70015] [Ruby trunk - Bug #11363] [Open] Fix tests for String#crypt
[not found] <redmine.issue-11363.20150717213108@ruby-lang.org>
@ 2015-07-17 21:31 ` merch-redmine
2015-07-18 12:01 ` [ruby-core:70028] [Ruby trunk - Bug #11363] " mame
` (3 subsequent siblings)
4 siblings, 0 replies; 5+ messages in thread
From: merch-redmine @ 2015-07-17 21:31 UTC (permalink / raw)
To: ruby-core
Issue #11363 has been reported by Jeremy Evans.
----------------------------------------
Bug #11363: Fix tests for String#crypt
https://bugs.ruby-lang.org/issues/11363
* Author: Jeremy Evans
* Status: Open
* Priority: Normal
* Assignee:
* ruby -v: ruby 2.3.0dev (2015-07-16 openbsd 51261) [x86_64-openbsd]
* Backport: 2.0.0: UNKNOWN, 2.1: UNKNOWN, 2.2: UNKNOWN
----------------------------------------
The String#crypt documentation states "the format and the result
are system and implementation dependent", so the tests should not
be checking for specific results. We should only be checking that
the method returns a string, that the results are different
if you use a different password or different salt, and the results
are the same if the using the encypted password as the salt
results in the same encrypted password.
---Files--------------------------------
0001-Fix-tests-for-String-crypt.patch (2.02 KB)
--
https://bugs.ruby-lang.org/
^ permalink raw reply [flat|nested] 5+ messages in thread
* [ruby-core:70028] [Ruby trunk - Bug #11363] Fix tests for String#crypt
[not found] <redmine.issue-11363.20150717213108@ruby-lang.org>
2015-07-17 21:31 ` [ruby-core:70015] [Ruby trunk - Bug #11363] [Open] Fix tests for String#crypt merch-redmine
@ 2015-07-18 12:01 ` mame
2015-07-18 15:33 ` [ruby-core:70031] " merch-redmine
` (2 subsequent siblings)
4 siblings, 0 replies; 5+ messages in thread
From: mame @ 2015-07-18 12:01 UTC (permalink / raw)
To: ruby-core
Issue #11363 has been updated by Yusuke Endoh.
Do the tests cause any actual issue? Failed on OpenBSD?
Ruby's tests are not conformance test. They should include a test of implementation-defined behavior and it is actually useful to detect an unintentional change of behavior.
--
Yusuke Endoh <mame@ruby-lang.org>
----------------------------------------
Bug #11363: Fix tests for String#crypt
https://bugs.ruby-lang.org/issues/11363#change-53453
* Author: Jeremy Evans
* Status: Open
* Priority: Normal
* Assignee:
* ruby -v: ruby 2.3.0dev (2015-07-16 openbsd 51261) [x86_64-openbsd]
* Backport: 2.0.0: UNKNOWN, 2.1: UNKNOWN, 2.2: UNKNOWN
----------------------------------------
The String#crypt documentation states "the format and the result
are system and implementation dependent", so the tests should not
be checking for specific results. We should only be checking that
the method returns a string, that the results are different
if you use a different password or different salt, and the results
are the same if the using the encypted password as the salt
results in the same encrypted password.
---Files--------------------------------
0001-Fix-tests-for-String-crypt.patch (2.02 KB)
--
https://bugs.ruby-lang.org/
^ permalink raw reply [flat|nested] 5+ messages in thread
* [ruby-core:70031] [Ruby trunk - Bug #11363] Fix tests for String#crypt
[not found] <redmine.issue-11363.20150717213108@ruby-lang.org>
2015-07-17 21:31 ` [ruby-core:70015] [Ruby trunk - Bug #11363] [Open] Fix tests for String#crypt merch-redmine
2015-07-18 12:01 ` [ruby-core:70028] [Ruby trunk - Bug #11363] " mame
@ 2015-07-18 15:33 ` merch-redmine
2019-05-24 3:28 ` [ruby-core:92811] [Ruby trunk Bug#11363] Fix tests for String#crypt so they pass on OpenBSD merch-redmine
2019-05-25 22:45 ` [ruby-core:92844] " merch-redmine
4 siblings, 0 replies; 5+ messages in thread
From: merch-redmine @ 2015-07-18 15:33 UTC (permalink / raw)
To: ruby-core
Issue #11363 has been updated by Jeremy Evans.
Well, the tests fail on OpenBSD regardless of the patch, as OpenBSD crypt(3) does not support the historical, insecure DES-based crypt, only bcrypt, and you need to pass a bcrypt salt as the second argument. I will be adding a local patch to OpenBSD so that passing a non-bcrypt salt to String#crypt will result in a bcrypt salt being autogenerated, so that portable ruby programs using String#crypt will run on OpenBSD. I don't think that patch belongs in ruby.
I think this patch improves things as it allows implementations to choose how to implement crypt(3), as long as they their crypt has the property:
enc = "pass".crypt("salt")
enc == "pass".crypt(enc)
This isn't a big deal, I'm fine keeping this as a local OpenBSD patch, but I think it makes sense to have this in ruby. If you disagree, feel free to close this issue.
----------------------------------------
Bug #11363: Fix tests for String#crypt
https://bugs.ruby-lang.org/issues/11363#change-53455
* Author: Jeremy Evans
* Status: Open
* Priority: Normal
* Assignee:
* ruby -v: ruby 2.3.0dev (2015-07-16 openbsd 51261) [x86_64-openbsd]
* Backport: 2.0.0: UNKNOWN, 2.1: UNKNOWN, 2.2: UNKNOWN
----------------------------------------
The String#crypt documentation states "the format and the result
are system and implementation dependent", so the tests should not
be checking for specific results. We should only be checking that
the method returns a string, that the results are different
if you use a different password or different salt, and the results
are the same if the using the encypted password as the salt
results in the same encrypted password.
---Files--------------------------------
0001-Fix-tests-for-String-crypt.patch (2.02 KB)
--
https://bugs.ruby-lang.org/
^ permalink raw reply [flat|nested] 5+ messages in thread
* [ruby-core:92811] [Ruby trunk Bug#11363] Fix tests for String#crypt so they pass on OpenBSD
[not found] <redmine.issue-11363.20150717213108@ruby-lang.org>
` (2 preceding siblings ...)
2015-07-18 15:33 ` [ruby-core:70031] " merch-redmine
@ 2019-05-24 3:28 ` merch-redmine
2019-05-25 22:45 ` [ruby-core:92844] " merch-redmine
4 siblings, 0 replies; 5+ messages in thread
From: merch-redmine @ 2019-05-24 3:28 UTC (permalink / raw)
To: ruby-core
Issue #11363 has been updated by jeremyevans0 (Jeremy Evans).
Subject changed from Fix tests for String#crypt to Fix tests for String#crypt so they pass on OpenBSD
I've added a GitHub pull request to fix the `String#crypt` tests on OpenBSD (https://github.com/ruby/ruby/pull/2200). It's less invasive than the previous patch, and should result in the same behavior on !OpenBSD. I plan on merging it after I can do some testing on Linux, assuming there are no objections.
----------------------------------------
Bug #11363: Fix tests for String#crypt so they pass on OpenBSD
https://bugs.ruby-lang.org/issues/11363#change-78185
* Author: jeremyevans0 (Jeremy Evans)
* Status: Open
* Priority: Normal
* Assignee:
* Target version:
* ruby -v: ruby 2.3.0dev (2015-07-16 openbsd 51261) [x86_64-openbsd]
* Backport: 2.0.0: UNKNOWN, 2.1: UNKNOWN, 2.2: UNKNOWN
----------------------------------------
The String#crypt documentation states "the format and the result
are system and implementation dependent", so the tests should not
be checking for specific results. We should only be checking that
the method returns a string, that the results are different
if you use a different password or different salt, and the results
are the same if the using the encypted password as the salt
results in the same encrypted password.
---Files--------------------------------
0001-Fix-tests-for-String-crypt.patch (2.02 KB)
--
https://bugs.ruby-lang.org/
^ permalink raw reply [flat|nested] 5+ messages in thread
* [ruby-core:92844] [Ruby trunk Bug#11363] Fix tests for String#crypt so they pass on OpenBSD
[not found] <redmine.issue-11363.20150717213108@ruby-lang.org>
` (3 preceding siblings ...)
2019-05-24 3:28 ` [ruby-core:92811] [Ruby trunk Bug#11363] Fix tests for String#crypt so they pass on OpenBSD merch-redmine
@ 2019-05-25 22:45 ` merch-redmine
4 siblings, 0 replies; 5+ messages in thread
From: merch-redmine @ 2019-05-25 22:45 UTC (permalink / raw)
To: ruby-core
Issue #11363 has been updated by jeremyevans0 (Jeremy Evans).
CI looks clean with https://github.com/ruby/ruby/pull/2200, so I'll be committing it in about a week if there are no objections.
----------------------------------------
Bug #11363: Fix tests for String#crypt so they pass on OpenBSD
https://bugs.ruby-lang.org/issues/11363#change-78225
* Author: jeremyevans0 (Jeremy Evans)
* Status: Open
* Priority: Normal
* Assignee:
* Target version:
* ruby -v: ruby 2.3.0dev (2015-07-16 openbsd 51261) [x86_64-openbsd]
* Backport: 2.0.0: UNKNOWN, 2.1: UNKNOWN, 2.2: UNKNOWN
----------------------------------------
The String#crypt documentation states "the format and the result
are system and implementation dependent", so the tests should not
be checking for specific results. We should only be checking that
the method returns a string, that the results are different
if you use a different password or different salt, and the results
are the same if the using the encypted password as the salt
results in the same encrypted password.
---Files--------------------------------
0001-Fix-tests-for-String-crypt.patch (2.02 KB)
--
https://bugs.ruby-lang.org/
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2019-05-25 22:45 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
[not found] <redmine.issue-11363.20150717213108@ruby-lang.org>
2015-07-17 21:31 ` [ruby-core:70015] [Ruby trunk - Bug #11363] [Open] Fix tests for String#crypt merch-redmine
2015-07-18 12:01 ` [ruby-core:70028] [Ruby trunk - Bug #11363] " mame
2015-07-18 15:33 ` [ruby-core:70031] " merch-redmine
2019-05-24 3:28 ` [ruby-core:92811] [Ruby trunk Bug#11363] Fix tests for String#crypt so they pass on OpenBSD merch-redmine
2019-05-25 22:45 ` [ruby-core:92844] " merch-redmine
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).