Dear Victor,
There is a bug in the userdb_objects.cpp in trunk. The setpassword function does not consider the Unicode and MBCS. However, I changed the code to this:
void User::setPassword(const TCHAR *password, bool clearChangePasswdFlag)
{
#ifdef UNICODE
char *mb = MBStringFromWideString(password);
CalculateSHA1Hash((BYTE *)mb, strlen(mb), m_passwordHash);
free(mb);
#else
CalculateSHA1Hash((BYTE *)password, _tcslen(password), m_passwordHash);
#endif
//CalculateSHA1Hash((BYTE *)password, _tcslen(password), m_passwordHash);
m_graceLogins = MAX_GRACE_LOGINS;
m_flags |= UF_MODIFIED;
if (clearChangePasswdFlag)
m_flags &= ~UF_CHANGE_PASSWORD;
}
Still has the problem with setting or changing the password.
Could you check?
best regards,
szll2010
Hi!
I changed both setPassword and validatePassword to use UTF-8 instead of current server's page to calculate hash:
bool User::validatePassword(const TCHAR *password)
{
BYTE hash[SHA1_DIGEST_SIZE];
#ifdef UNICODE
char mbPassword[1024];
WideCharToMultiByte(CP_UTF8, 0, password, -1, mbPassword, 1024, NULL, NULL);
mbPassword[1023] = 0;
CalculateSHA1Hash((BYTE *)mbPassword, strlen(mbPassword), hash);
#else
CalculateSHA1Hash((BYTE *)password, strlen(password), hash);
#endif
return !memcmp(hash, m_passwordHash, SHA1_DIGEST_SIZE);
}
void User::setPassword(const TCHAR *password, bool clearChangePasswdFlag)
{
#ifdef UNICODE
char mbPassword[1024];
WideCharToMultiByte(CP_UTF8, 0, password, -1, mbPassword, 1024, NULL, NULL);
mbPassword[1023] = 0;
CalculateSHA1Hash((BYTE *)mbPassword, strlen(mbPassword), m_passwordHash);
#else
CalculateSHA1Hash((BYTE *)password, strlen(password), m_passwordHash);
#endif
m_graceLogins = MAX_GRACE_LOGINS;
m_flags |= UF_MODIFIED;
if (clearChangePasswdFlag)
m_flags &= ~UF_CHANGE_PASSWORD;
}
tested it on Russian, Chinese, and Japanese characters - works fine. This solution, however, will cause problem for already set non-latin1 passwords - they will need to be reset.
Changed code already commited to svn.
Best regards,
Victor