[pve-devel] [PATCH common] fix #1363: dont encode unicode strings in passwords

Fabian Grünbichler f.gruenbichler at proxmox.com
Tue May 2 08:46:07 CEST 2017


> Dietmar Maurer <dietmar at proxmox.com> hat am 2. Mai 2017 um 08:32 geschrieben:
> 
> 
> Are you sure this is the correct fix?
> 
> > -    return crypt(encode("utf8", $pw), "\$5\$$salt\$");
> > +    return crypt($pw, "\$5\$$salt\$");
> 
> 
> If I run this with $pw = "€" if get an exception:
> 
> "wide character in crypt at"
> 
> ?? 
> 

$ perl -e 'use strict; use warnings; my $salt="123"; my $pw="€"; print length($pw), "\n", crypt($pw, "\$5\$$salt\$");'
3
$5$123$e/xP9ad9IEVXLJEDMrIxGNuMjk.BhpqS8A.iUo0XJt4

$ perl -e 'use strict; use warnings; my $salt="123"; my $pw="漢字"; print length($pw), "\n", crypt($pw, "\$5\$$salt\$");'
6
$5$123$sfE42vYzA9Xw5j5rG7mlNjjaoSE8CmIyl9VUOLtJsuD

$ echo $LANG
en_US.UTF-8

same results in urxvt (above) and gnome-terminal with encoding and LOCALE/LANG set to ISO-8859-1

did you do some other test?




More information about the pve-devel mailing list