Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[1.8.4] password is limited to 16 characters #810

Open
wilkowy opened this issue May 22, 2019 · 1 comment

Comments

Projects
None yet
2 participants
@wilkowy
Copy link

commented May 22, 2019

This was also valid for 1.6.x and is not mentioned anywhere (not in docs or during chpass). Password is just cut to the first 16 characters.

.+user testpass
.chpass testpass 123456789012345678

.tcl passwdok testpass 123456789012345
Tcl: 0
.tcl passwdok testpass 1234567890123456
Tcl: 1
.tcl passwdok testpass 1234567890123457
Tcl: 0
.tcl passwdok testpass 12345678901234567
Tcl: 0
.tcl passwdok testpass 123456789012345678
Tcl: 0

This also happens for /msg op resulting with "failed OP" for valid password.

The cause of this lies in:

static void cmd_chpass(struct userrec *u, int idx, char *par)
[...]
      l = strlen(new = newsplit(&par));
      if (l > 16)
        new[16] = 0; 
@thommey

This comment has been minimized.

Copy link
Member

commented May 24, 2019

It should at least be documented until #356, yeah

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.