[pve-devel] [PATCH common] fix #1363: dont encode unicode strings in passwords

Dietmar Maurer dietmar at proxmox.com
Wed May 3 06:07:56 CEST 2017


I finally committed a fix, but it is different from your solution. 
We now decode all parameters as utf8:

https://git.proxmox.com/?p=pve-http-server.git;a=commitdiff;h=256da58194d7e8ce1e61ab4def6cdfdbb13a1673
https://git.proxmox.com/?p=pve-common.git;a=commitdiff;h=24197a9f6c698985b7255fbf7792b0b6bd8188b5

And then correctly encode them later:

https://git.proxmox.com/?p=pve-access-control.git;a=commitdiff;h=3641833bc0c3a231889ab899c3d8dfdb117847cc
https://git.proxmox.com/?p=pve-container.git;a=commitdiff;h=738076ce296a7bbda00c7ec5ec42fb2789ab44b5


> On May 2, 2017 at 8:32 AM Dietmar Maurer <dietmar at proxmox.com> wrote:
> 
> 
> Are you sure this is the correct fix?
> 
> > -    return crypt(encode("utf8", $pw), "\$5\$$salt\$");
> > +    return crypt($pw, "\$5\$$salt\$");
> 
> 
> If I run this with $pw = "€" if get an exception:
> 
> "wide character in crypt at"
> 
> ?? 




More information about the pve-devel mailing list