git-cvsserver: protect against NULL in crypt(3)

Some versions of crypt(3) will return NULL when passed an unsupported
hash type (ex: OpenBSD with DES), so check for undef instead of using
it directly.

Also use this to probe the system and select a better hash function in
the tests, so it can pass successfully.

Signed-off-by: Carlo Marcelo Arenas Belón <carenas@gmail.com>
[jc: <CAPUEspjqD5zy8TLuFA96usU7FYi=0wF84y7NgOVFqegtxL9zbw@mail.gmail.com>]
Signed-off-by: Junio C Hamano <gitster@pobox.com>
This commit is contained in:
Carlo Marcelo Arenas Belón 2021-09-15 01:09:47 -07:00 committed by Junio C Hamano
parent a7775c7eb8
commit bffcb4d9d6
2 changed files with 9 additions and 3 deletions

View File

@ -222,10 +222,11 @@ if ($state->{method} eq 'pserver') {
open my $passwd, "<", $authdb or die $!;
while (<$passwd>) {
if (m{^\Q$user\E:(.*)}) {
if (crypt(descramble($password), $1) eq $1) {
my $hash = crypt(descramble($password), $1);
if (defined $hash and $hash eq $1) {
$auth_ok = 1;
}
};
}
}
close $passwd;

View File

@ -36,7 +36,12 @@ CVSWORK="$PWD/cvswork"
CVS_SERVER=git-cvsserver
export CVSROOT CVS_SERVER
PWDHASH='lac2ItudM3.KM'
if perl -e 'exit(1) if not defined crypt("", "cv")'
then
PWDHASH='lac2ItudM3.KM'
else
PWDHASH='$2b$10$t8fGvE/a9eLmfOLzsZme2uOa2QtoMYwIxq9wZA6aBKtF1Yb7FJIzi'
fi
rm -rf "$CVSWORK" "$SERVERDIR"
test_expect_success 'setup' '