MySql Encrypt() Function Returns NULL for WinNT

RESOLVED FIXED in Bugzilla 2.12

Status

()

Bugzilla
Bugzilla-General
P3
normal
RESOLVED FIXED
18 years ago
5 years ago

People

(Reporter: Kym Farrell, Assigned: Tara Hernandez)

Tracking

unspecified
Bugzilla 2.12
x86
Windows NT

Details

(Whiteboard: 2.16)

(Reporter)

Description

18 years ago
Testing Bugzilla under WinNT 4.0 Workstation, with ActiveState Perl 5.005_03.
Using MySQL-Shareware for Win95/98. Version 2.32.22-shareware-debug.

In CGI.pl library within subroutine "confirm_login", the use of MySql Encrypt 
function for password encryption fails. MySQL returns NULL.

Also occurs in globals.pl library within subroutine "InsertNewUser". 

Required Changes to workaround;

-------- CGI.pl ----------
#original        SendSQL("SELECT encrypt(" . SqlQuote($enteredpwd) . ", " .
#original                SqlQuote(substr($realcryptpwd, 0, 2)) . ")");
#original        my $enteredcryptpwd = FetchOneColumn();

    my $enteredcryptpwd = crypt($enteredpwd, substr($realcryptpwd, 0, 2));

-------- globals.pl ----------
#original    SendSQL("insert into profiles (login_name, realname, password,
             cryptpassword, groupset) values ($username, $realname, '$password', 
             encrypt('$password'), $groupset)");
    
             SendSQL("insert into profiles (login_name, realname, password,
             cryptpassword, groupset) values ($username, $realname,
             '$password','". crypt($password,$password)."', $groupset)");

Comment 1

18 years ago
tara@tequilarista.org is the new owner of Bugzilla and Bonsai.  (For details,
see my posting in netscape.public.mozilla.webtools,
news://news.mozilla.org/38F5D90D.F40E8C1A%40geocast.com .)
Assignee: terry → tara
This bug has not been touched for more than nine months. In most cases, that 
means it has "slipped through the net". Please could the owner take a moment to 
add a comment to the bug with current status, and/or close it.

Thank you :-)

Gerv
There are changes present so I'll put this up for 2.14.
QA Contact: matty
Whiteboard: 2.14

Updated

17 years ago
Depends on: 17566
Whiteboard: 2.14 → 2.16
moving to real milestones...
Target Milestone: --- → Bugzilla 2.16

Comment 5

17 years ago
This was resolved with the documentation update in bug 17566, detailed Windows
NT installation instructions.  I will be checking the Bugzilla Guide into CVS
tonight or tomorrow morning, which includes the workaround for Windows NT
installations that do not support the crypt() function.
Status: NEW → RESOLVED
Last Resolved: 17 years ago
Resolution: --- → FIXED
In search of accurate queries....  (sorry for the spam)
Target Milestone: Bugzilla 2.16 → Bugzilla 2.12
The current entry in the Bugzilla Guide reads:

"* Modify globals.pl and CGI.pl to remove the word "encrypt". 

    Note: I'm not sure this is all that is involved to remove crypt. Any NT 
Bugzilla hackers want to pipe up?"

Is this all that's needed? CCing barnboy.

Gerv
(Reporter)

Comment 8

17 years ago
I reported this bug, and just re-ported 2.11 to our NT box. So heres the list 
of locations to replace SQL Encrypt with perl crypt...

backdoor.cgi:
*) Acutally uses the "correct" crypt (perl version)

CGI.pl:
*) sub confirm_login: needs SQL Encrypt replaced by Perl crypt (line ~680)

checksetup.pl:
*) needs SQL encrypt replaced where it stores the initial Admin password (line 
~1355)
*) needs SQL encrypt replaced where a "fixup" is done for existing instalations  
(line  ~1700)

editusers.cgi:
*) In the "#Add the new user" section, needs SQL encrypt replaced at line ~484
*) Also in the update password section line ~820

globals.pl
*) sub InsertNewUser needs SQL encrypt replaced (line ~606)

sanitycheck.pl
*) Uses SQL Encrypt for password consistency checking (line ~160)

userperfs.pl
*) around lines ~140 & 150 uses SQL encrypt for setting verifying passwords.
Moving closed bugs to Bugzilla product
Component: Bugzilla → Bugzilla-General
Product: Webtools → Bugzilla
Version: other → unspecified
QA Contact: matty_is_a_geek → default-qa
You need to log in before you can comment on or make changes to this bug.