diff --git a/mozilla/webtools/bugzilla/Bugzilla/Auth/Verify/DB.pm b/mozilla/webtools/bugzilla/Bugzilla/Auth/Verify/DB.pm index 88ad78d5449..f2c008dbf1e 100644 --- a/mozilla/webtools/bugzilla/Bugzilla/Auth/Verify/DB.pm +++ b/mozilla/webtools/bugzilla/Bugzilla/Auth/Verify/DB.pm @@ -53,6 +53,11 @@ sub check_credentials { "SELECT cryptpassword FROM profiles WHERE userid = ?", undef, $user_id); + # Wide characters cause crypt to die + if (Bugzilla->params->{'utf8'}) { + utf8::encode($password) if utf8::is_utf8($password); + } + # Using the internal crypted password as the salt, # crypt the password the user entered. my $entered_password_crypted = crypt($password, $real_password_crypted); diff --git a/mozilla/webtools/bugzilla/Bugzilla/Util.pm b/mozilla/webtools/bugzilla/Bugzilla/Util.pm index 9ff810b4f42..defa1527085 100644 --- a/mozilla/webtools/bugzilla/Bugzilla/Util.pm +++ b/mozilla/webtools/bugzilla/Bugzilla/Util.pm @@ -480,6 +480,11 @@ sub bz_crypt { $salt .= $saltchars[rand(64)]; } + # Wide characters cause crypt to die + if (Bugzilla->params->{'utf8'}) { + utf8::encode($password) if utf8::is_utf8($password); + } + # Crypt the password. my $cryptedpassword = crypt($password, $salt); diff --git a/mozilla/webtools/bugzilla/userprefs.cgi b/mozilla/webtools/bugzilla/userprefs.cgi index 3ccfe820a9c..24a6a569988 100755 --- a/mozilla/webtools/bugzilla/userprefs.cgi +++ b/mozilla/webtools/bugzilla/userprefs.cgi @@ -90,8 +90,14 @@ sub SaveAccount { undef, $user->id); $oldcryptedpwd || ThrowCodeError("unable_to_retrieve_password"); - if (crypt(scalar($cgi->param('Bugzilla_password')), $oldcryptedpwd) ne - $oldcryptedpwd) + my $oldpassword = $cgi->param('Bugzilla_password'); + + # Wide characters cause crypt to die + if (Bugzilla->params->{'utf8'}) { + utf8::encode($oldpassword) if utf8::is_utf8($oldpassword); + } + + if (crypt($oldpassword, $oldcryptedpwd) ne $oldcryptedpwd) { ThrowUserError("old_password_incorrect"); }