diff options
author | Byron Jones <glob@mozilla.com> | 2014-05-20 07:26:03 +0200 |
---|---|---|
committer | Byron Jones <glob@mozilla.com> | 2014-05-20 07:26:03 +0200 |
commit | 90ceb320d6c17f5038ef79de7d0ee0e71c0cd565 (patch) | |
tree | bcc161cab84ee01518176d2c057026cc350968b8 | |
parent | 5929fb98320aa73bbd0b01bbe85a3984e5194a87 (diff) | |
download | bugzilla-90ceb320d6c17f5038ef79de7d0ee0e71c0cd565.tar.gz bugzilla-90ceb320d6c17f5038ef79de7d0ee0e71c0cd565.tar.xz |
Bug 1009017: users are unable to log in if their password needs to be re-encrypted and their password does not match the current complexity rule
-rw-r--r-- | Bugzilla/Auth/Verify/DB.pm | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/Bugzilla/Auth/Verify/DB.pm b/Bugzilla/Auth/Verify/DB.pm index 783e7490a..2840b4ab8 100644 --- a/Bugzilla/Auth/Verify/DB.pm +++ b/Bugzilla/Auth/Verify/DB.pm @@ -90,7 +90,9 @@ sub check_credentials { # whatever hashing system we're using now. my $current_algorithm = PASSWORD_DIGEST_ALGORITHM; if ($real_password_crypted !~ /{\Q$current_algorithm\E}$/) { - $user->set_password($password); + # We can't call $user->set_password because we don't want the password + # complexity rules to apply here. + $user->{cryptpassword} = bz_crypt($password); $user->update(); } |