From d460b267e338af89bb0d3aabc3bb8c011e0d477a Mon Sep 17 00:00:00 2001 From: Sadie Powell Date: Sat, 25 Jan 2025 17:54:49 +0000 Subject: [PATCH] Reject passwords bigger than Bcrypt can handle. --- modules/encryption/enc_bcrypt.cpp | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/modules/encryption/enc_bcrypt.cpp b/modules/encryption/enc_bcrypt.cpp index d0882370a..648f95834 100644 --- a/modules/encryption/enc_bcrypt.cpp +++ b/modules/encryption/enc_bcrypt.cpp @@ -118,6 +118,10 @@ public: EventReturn OnEncrypt(const Anope::string &src, Anope::string &dest) override { + // Bcrypt can not generate passwords longer than 71 characters. + if (src.length() > 71) + return EVENT_CONTINUE; + dest = "bcrypt:" + bcryptprovider.Encrypt(src); Log(LOG_DEBUG_2) << "(enc_bcrypt) hashed password from [" << src << "] to [" << dest << "]"; return EVENT_ALLOW;