From fdc33b0f6d0b3090cd802ec2dd1d94f7017c5688 Mon Sep 17 00:00:00 2001
From: Sadie Powell <sadie@witchery.services>
Date: Fri, 14 Mar 2025 10:39:40 +0000
Subject: [PATCH] Warn if enc_bcrypt is the first module and maxpasslen is >72.

---
 modules/encryption/enc_bcrypt.cpp | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/modules/encryption/enc_bcrypt.cpp b/modules/encryption/enc_bcrypt.cpp
index 1ac37e1fe..75d6e2c6b 100644
--- a/modules/encryption/enc_bcrypt.cpp
+++ b/modules/encryption/enc_bcrypt.cpp
@@ -104,6 +104,7 @@ class EBCrypt final
 {
 private:
 	BCryptProvider bcryptprovider;
+	static const size_t BCRYPT_MAX_LEN = 72;
 
 public:
 	EBCrypt(const Anope::string &modname, const Anope::string &creator)
@@ -118,8 +119,7 @@ public:
 
 	EventReturn OnEncrypt(const Anope::string &src, Anope::string &dest) override
 	{
-		// Bcrypt can not generate passwords longer than 71 characters.
-		if (src.length() > 71)
+		if (src.length() > BCRYPT_MAX_LEN)
 			return EVENT_CONTINUE;
 
 		dest = "bcrypt:" + bcryptprovider.Encrypt(src);
@@ -167,6 +167,10 @@ public:
 
 	void OnReload(Configuration::Conf &conf) override
 	{
+		const auto maxpasslen = conf.GetModule("nickserv").Get<unsigned>("maxpasslen", "50");
+		if (maxpasslen > BCRYPT_MAX_LEN && ModuleManager::FindFirstOf(ENCRYPTION) == this)
+			Log(this) << "Warning: {nickserv}:maxpasslen is set to " << maxpasslen << " which is longer than the bcrypt maximum length of " << BCRYPT_MAX_LEN;
+
 		auto &block = conf.GetModule(this);
 
 		auto rounds = block.Get<unsigned long>("rounds", "10");