Page MenuHomeDevCentral

Don't truncate passwords
Open, NormalPublic

Description

Long passwords are truncated to 25 characters:

02:02:12 <Dereckson> pass […] lxmXPppJXYNGggEx0JervJ6QqKmAum0TB22
02:02:12 -Odderon- Password for dereckson@wikimedia/dereckson has been updated.

But that gives:

userlist.db
#* *@wikimedia/dereckson 3 2 lxmXPppJXYNGggEx0JervJ6Qq I haven't used ^B!SETINFO^B yet!

Event Timeline

Password truncation
Passwords are explicitly truncated to 25 characters in load_helpers functions:

helpers.c
if (strlen (pass) > 25)
    pass[25] = '\0';

When a password is set through a command:

chansrv.c
if (strlen(args[1]) > 25)
        args[1][25] = '\0';

Usual length

Most fields use STRING_SHORT as char* length, currently set at 255.

For userlist.db entries (HELPER_LIST), I've the feeling 255 characters is for everything, including setinfo part: extern char HELPER_LIST[STRING_SHORT];