summaryrefslogtreecommitdiffstats
path: root/Bugzilla
diff options
context:
space:
mode:
authordkl%redhat.com <>2008-09-12 22:10:11 +0200
committerdkl%redhat.com <>2008-09-12 22:10:11 +0200
commitac1f49a8d936a91831162bafda0dd7236ee95108 (patch)
treea19bc92c504d298091ec1480f65270785987753a /Bugzilla
parent8e770628c3c39ada722c0a71348f854f29e34a6c (diff)
downloadbugzilla-ac1f49a8d936a91831162bafda0dd7236ee95108.tar.gz
bugzilla-ac1f49a8d936a91831162bafda0dd7236ee95108.tar.xz
Bug 453767 - Passwords containing wide characters causes system error
Patch by David Lawrence <dkl@redhat.com> - a/r=mkanat
Diffstat (limited to 'Bugzilla')
-rw-r--r--Bugzilla/Auth/Verify/DB.pm5
-rw-r--r--Bugzilla/Util.pm5
2 files changed, 10 insertions, 0 deletions
diff --git a/Bugzilla/Auth/Verify/DB.pm b/Bugzilla/Auth/Verify/DB.pm
index 88ad78d54..f2c008dbf 100644
--- a/Bugzilla/Auth/Verify/DB.pm
+++ b/Bugzilla/Auth/Verify/DB.pm
@@ -53,6 +53,11 @@ sub check_credentials {
"SELECT cryptpassword FROM profiles WHERE userid = ?",
undef, $user_id);
+ # Wide characters cause crypt to die
+ if (Bugzilla->params->{'utf8'}) {
+ utf8::encode($password) if utf8::is_utf8($password);
+ }
+
# Using the internal crypted password as the salt,
# crypt the password the user entered.
my $entered_password_crypted = crypt($password, $real_password_crypted);
diff --git a/Bugzilla/Util.pm b/Bugzilla/Util.pm
index 9ff810b4f..defa15270 100644
--- a/Bugzilla/Util.pm
+++ b/Bugzilla/Util.pm
@@ -480,6 +480,11 @@ sub bz_crypt {
$salt .= $saltchars[rand(64)];
}
+ # Wide characters cause crypt to die
+ if (Bugzilla->params->{'utf8'}) {
+ utf8::encode($password) if utf8::is_utf8($password);
+ }
+
# Crypt the password.
my $cryptedpassword = crypt($password, $salt);