Reject passwords bigger than Bcrypt can handle.

author: Sadie Powell <sadie@witchery.services> 2025-01-25 17:54:49 +0000
committer: Sadie Powell <sadie@witchery.services> 2025-01-25 17:54:49 +0000
commit: d460b267e338af89bb0d3aabc3bb8c011e0d477a (patch)
tree: 1b7260936fd94dbd91e8067777a98967ca1294ad /modules/encryption/enc_bcrypt.cpp
parent: 9bab54af796e38e9ca7151e1a3de1b4e96550a51 (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/modules/encryption/enc_bcrypt.cpp b/modules/encryption/enc_bcrypt.cpp
index d0882370a..648f95834 100644
--- a/modules/encryption/enc_bcrypt.cpp
+++ b/modules/encryption/enc_bcrypt.cpp
@@ -118,6 +118,10 @@ public:
 
 	EventReturn OnEncrypt(const Anope::string &src, Anope::string &dest) override
 	{
+		// Bcrypt can not generate passwords longer than 71 characters.
+		if (src.length() > 71)
+			return EVENT_CONTINUE;
+
 		dest = "bcrypt:" + bcryptprovider.Encrypt(src);
 		Log(LOG_DEBUG_2) << "(enc_bcrypt) hashed password from [" << src << "] to [" << dest << "]";
 		return EVENT_ALLOW;
author	Sadie Powell <sadie@witchery.services>	2025-01-25 17:54:49 +0000
committer	Sadie Powell <sadie@witchery.services>	2025-01-25 17:54:49 +0000
commit	d460b267e338af89bb0d3aabc3bb8c011e0d477a (patch)
tree	1b7260936fd94dbd91e8067777a98967ca1294ad /modules/encryption/enc_bcrypt.cpp
parent	9bab54af796e38e9ca7151e1a3de1b4e96550a51 (diff)