http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=11944 --- Comment #42 from Jacek Ablewicz <abl@biblos.pk.edu.pl> --- (In reply to Paola Rossi from comment #41)
input must contain only octets at /usr/lib/perl5/Crypt/Eksblowfish/Bcrypt.pm line 84.
Hm, we can't realy expect Bcrypt to handle perl wide-characters reliably, those hashing algorithms were designed to deal with octets/bytes only.. In particular, if we want all hashes allready stored in the database still to work, the only reasonable solution IMO will be to hash passwords in utf-8 encoded form - and preferably to keep them in as much unaltered form as possible before hashing. Right now we get password params already decoded thanks to CGI qw( -utf8); I guess we can [re]encode them before hashing, but there is no guarantee result string will be allways the same after utf-8 encode(decode()). BTW, is there some way to fetch on demand a specific parameter from CGI.pm in non-decoded form, i.e. bypassing en effect of qw( -uft8)? -- You are receiving this mail because: You are watching all bug changes.