From: Byron Jones <glob@mozilla.com>
Date: Tue, 20 May 2014 05:49:46 +0000 (+0800)
Subject: Bug 1009017: users are unable to log in if their password needs to be
X-Git-Tag: bugzilla-4.5.5~54
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=41b3c0cf022dc052aec35e1675dbdb13e8c7459c;p=thirdparty%2Fbugzilla.git

Bug 1009017: users are unable to log in if their password needs to be
re-encrypted and their password does not match the current complexity
rule
r=dkl, a=glob
---

diff --git a/Bugzilla/Auth/Verify/DB.pm b/Bugzilla/Auth/Verify/DB.pm
index a5b78797bc..d4a4674d3c 100644
--- a/Bugzilla/Auth/Verify/DB.pm
+++ b/Bugzilla/Auth/Verify/DB.pm
@@ -82,7 +82,9 @@ sub check_credentials {
 
     # If needed, update the user's password.
     if ($update_password) {
-        $user->set_password($password);
+        # We can't call $user->set_password because we don't want the password
+        # complexity rules to apply here.
+        $user->{cryptpassword} = bz_crypt($password);
         $user->update();
     }