From a276727f747f5ee14a840da4f5766d348282cd39 Mon Sep 17 00:00:00 2001
From: Mark Huang <mlhuang@cs.princeton.edu>
Date: Fri, 8 Sep 2006 19:44:12 +0000
Subject: [PATCH] - handle non-ascii passwords correctly

---
 PLC/Auth.py | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/PLC/Auth.py b/PLC/Auth.py
index 2b2ea02..25938c6 100644
--- a/PLC/Auth.py
+++ b/PLC/Auth.py
@@ -4,7 +4,7 @@
 # Mark Huang <mlhuang@cs.princeton.edu>
 # Copyright (C) 2006 The Trustees of Princeton University
 #
-# $Id$
+# $Id: Auth.py,v 1.1 2006/09/06 15:36:06 mlhuang Exp $
 #
 
 import crypt
@@ -95,12 +95,13 @@ class PasswordAuth(Auth):
             if auth['AuthString'] != password:
                 raise PLCAuthenticationFailure, "Maintenance account password verification failed"
         else:
-            # Get encrypted password stored in the DB
+            # Compare encrypted plaintext against encrypted password stored in the DB
+            plaintext = auth['AuthString'].encode(method.api.encoding)
             password = person['password']
 
             # Protect against blank passwords in the DB
             if password is None or password[:12] == "" or \
-               crypt.crypt(auth['AuthString'], password[:12]) != password:
+               crypt.crypt(plaintext, password[:12]) != password:
                 raise PLCAuthenticationFailure, "Password verification failed"
 
         if auth['Role'] not in person['roles']:
-- 
2.45.2