From e6c6fdc9a8e0ea26d42d95cbeced60a0e039e4e7 Mon Sep 17 00:00:00 2001
From: Michael Boelen <michael.boelen@cisofy.com>
Date: Fri, 26 Jun 2020 10:24:37 +0200
Subject: [PATCH] [AUTH-9229] Undo escaping exclamation mark and disabling test
 for AIX and macOS

---
 include/tests_authentication | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/include/tests_authentication b/include/tests_authentication
index 1a78f8a2..e8f5c834 100644
--- a/include/tests_authentication
+++ b/include/tests_authentication
@@ -285,15 +285,24 @@
     # Test        : AUTH-9229
     # Description : Check password hashing methods vs. recommendations in crypt(5)
     # Notes       : Applicable to all Unix-like OS
+    #               Does not work correctly on AIX and macOS (unknown why)
     #               Requires read access to /etc/shadow (if it exists)
-    Register --test-no AUTH-9229 --root-only YES --weight L --network NO --category security --description "Check password hashing methods"
+    case ${OS} in
+        "AIX" | "macOS")
+            PREQS_MET="NO"
+        ;;
+        *)
+            PREQS_MET="YES"
+        ;;
+    esac
+    Register --test-no AUTH-9229 --preqs-met ${PREQS_MET} --root-only YES --weight L --network NO --category security --description "Check password hashing methods"
     if [ ${SKIPTEST} -eq 0 ]; then
         LogText "Test: Checking password hashing methods"
         SHADOW="";
         if [ -e ${ROOTDIR}etc/shadow ]; then SHADOW="${ROOTDIR}etc/shadow"; fi
         FIND=$(${CAT_BINARY} ${ROOTDIR}etc/passwd ${SHADOW} | ${AWKBINARY} -F : '{print length($2) ":" $2 }' | while read METHOD; do
             case ${METHOD} in
-                1:\* | 1:x | 0: | *:\!* | *LOCK*)
+                1:\* | 1:x | 0: | *:!* | *LOCK*)
                     # disabled | shadowed | no password | locked account (can be literal *LOCK* or something like LOCKED)
                     ;;
                 *:\$5\$*| *:\$6\$*)