diff options
| author | Reed Loden <reed@reedloden.com> | 2012-12-31 22:51:11 +0100 |
|---|---|---|
| committer | Reed Loden <reed@reedloden.com> | 2012-12-31 22:51:11 +0100 |
| commit | 4663186fdcb2ac1142d3697e27a8f67ce3c92510 (patch) | |
| tree | fe2720a0c265ca480cb425b83ff6585ec081df65 /Bugzilla/Util.pm | |
| parent | a9fb9c4b84b21f01a9bfea6eea13ee1b27435ca6 (diff) | |
| download | bugzilla-4663186fdcb2ac1142d3697e27a8f67ce3c92510.tar.gz bugzilla-4663186fdcb2ac1142d3697e27a8f67ce3c92510.tar.xz | |
Bug 785283 - Support increased values for PASSWORD_SALT_LENGTH without breaking compat with old hashes
[r=LpSolit a=LpSolit]
Diffstat (limited to 'Bugzilla/Util.pm')
| -rw-r--r-- | Bugzilla/Util.pm | 7 |
1 files changed, 3 insertions, 4 deletions
diff --git a/Bugzilla/Util.pm b/Bugzilla/Util.pm index bf072e88d..cee12ee21 100644 --- a/Bugzilla/Util.pm +++ b/Bugzilla/Util.pm @@ -591,11 +591,10 @@ sub bz_crypt { } else { my $hasher = Digest->new($algorithm); - # We only want to use the first characters of the salt, no - # matter how long of a salt we may have been passed. - $salt = substr($salt, 0, PASSWORD_SALT_LENGTH); + # Newly created salts won't yet have a comma. + ($salt) = $salt =~ /^([^,]+),?/; $hasher->add($password, $salt); - $crypted_password = $salt . $hasher->b64digest . "{$algorithm}"; + $crypted_password = $salt . ',' . $hasher->b64digest . "{$algorithm}"; } # Return the crypted password. |