http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=11944
--- Comment #42 from Jacek Ablewicz <[email protected]> --- (In reply to Paola Rossi from comment #41) > input must contain only octets at /usr/lib/perl5/Crypt/Eksblowfish/Bcrypt.pm > line 84. Hm, we can't realy expect Bcrypt to handle perl wide-characters reliably, those hashing algorithms were designed to deal with octets/bytes only.. In particular, if we want all hashes allready stored in the database still to work, the only reasonable solution IMO will be to hash passwords in utf-8 encoded form - and preferably to keep them in as much unaltered form as possible before hashing. Right now we get password params already decoded thanks to CGI qw( -utf8); I guess we can [re]encode them before hashing, but there is no guarantee result string will be allways the same after utf-8 encode(decode()). BTW, is there some way to fetch on demand a specific parameter from CGI.pm in non-decoded form, i.e. bypassing en effect of qw( -uft8)? -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
