diff options
| author | Michael Boelen <michael.boelen@cisofy.com> | 2020-06-26 11:24:37 +0300 |
|---|---|---|
| committer | Michael Boelen <michael.boelen@cisofy.com> | 2020-06-26 11:24:37 +0300 |
| commit | e6c6fdc9a8e0ea26d42d95cbeced60a0e039e4e7 (patch) | |
| tree | 99692586a19c62dae14e26a5bcd1cc72df6bb7a3 /include/tests_authentication | |
| parent | ee3a3df60178c4bcf23a7784b8b7b3e12f3b9b3e (diff) | |
[AUTH-9229] Undo escaping exclamation mark and disabling test for AIX and macOS
Diffstat (limited to 'include/tests_authentication')
| -rw-r--r-- | include/tests_authentication | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/include/tests_authentication b/include/tests_authentication index 1a78f8a2..e8f5c834 100644 --- a/include/tests_authentication +++ b/include/tests_authentication @@ -285,15 +285,24 @@ # Test : AUTH-9229 # Description : Check password hashing methods vs. recommendations in crypt(5) # Notes : Applicable to all Unix-like OS + # Does not work correctly on AIX and macOS (unknown why) # Requires read access to /etc/shadow (if it exists) - Register --test-no AUTH-9229 --root-only YES --weight L --network NO --category security --description "Check password hashing methods" + case ${OS} in + "AIX" | "macOS") + PREQS_MET="NO" + ;; + *) + PREQS_MET="YES" + ;; + esac + Register --test-no AUTH-9229 --preqs-met ${PREQS_MET} --root-only YES --weight L --network NO --category security --description "Check password hashing methods" if [ ${SKIPTEST} -eq 0 ]; then LogText "Test: Checking password hashing methods" SHADOW=""; if [ -e ${ROOTDIR}etc/shadow ]; then SHADOW="${ROOTDIR}etc/shadow"; fi FIND=$(${CAT_BINARY} ${ROOTDIR}etc/passwd ${SHADOW} | ${AWKBINARY} -F : '{print length($2) ":" $2 }' | while read METHOD; do case ${METHOD} in - 1:\* | 1:x | 0: | *:\!* | *LOCK*) + 1:\* | 1:x | 0: | *:!* | *LOCK*) # disabled | shadowed | no password | locked account (can be literal *LOCK* or something like LOCKED) ;; *:\$5\$*| *:\$6\$*) |