Bug 575947: Users with passwords length less than 6 characters can't login after migration from 3.4.x or older to 3.6 or newer

r/a=mkanat
author: Frédéric Buclin <LpSolit@gmail.com> 2010-10-14 02:39:28 +0200
committer: Frédéric Buclin <LpSolit@gmail.com> 2010-10-14 02:39:28 +0200
commit: 73ea75885de78077c9528428617fa8403935d7a5 (patch)
tree: ce66faf4a7420814c392eea1837a56e33f88c144 /Bugzilla/Auth
parent: 3e06a51f060f168034ada88e40d9b60d51f8a244 (diff)
download: bugzilla-73ea75885de78077c9528428617fa8403935d7a5.tar.gz
bugzilla-73ea75885de78077c9528428617fa8403935d7a5.tar.xz
1 files changed, 6 insertions, 0 deletions
diff --git a/Bugzilla/Auth/Verify/DB.pm b/Bugzilla/Auth/Verify/DB.pm
index d8794472e..c562d1353 100644
--- a/Bugzilla/Auth/Verify/DB.pm
+++ b/Bugzilla/Auth/Verify/DB.pm
@@ -74,6 +74,12 @@ sub check_credentials {
                };
     } 
 
+    # Force the user to type a longer password if it's too short.
+    if (length($password) < USER_PASSWORD_MIN_LENGTH) {
+        return { failure => AUTH_ERROR, error => 'password_current_too_short',
+                 user_error => 1, details => { locked_user => $user } };
+    }
+
     # The user's credentials are okay, so delete any outstanding
     # password tokens or login failures they may have generated.
     Bugzilla::Token::DeletePasswordTokens($user->id, "user_logged_in");
author	Frédéric Buclin <LpSolit@gmail.com>	2010-10-14 02:39:28 +0200
committer	Frédéric Buclin <LpSolit@gmail.com>	2010-10-14 02:39:28 +0200
commit	73ea75885de78077c9528428617fa8403935d7a5 (patch)
tree	ce66faf4a7420814c392eea1837a56e33f88c144 /Bugzilla/Auth
parent	3e06a51f060f168034ada88e40d9b60d51f8a244 (diff)
download	bugzilla-73ea75885de78077c9528428617fa8403935d7a5.tar.gz bugzilla-73ea75885de78077c9528428617fa8403935d7a5.tar.xz