Bug #31397
Check for default password of admin account no longer works in status reports module
| Status: | Closed | Start date: | 2011-10-29 | |
|---|---|---|---|---|
| Priority: | Must have | Due date: | ||
| Assigned To: | Francois Suter | % Done: | 100% |
|
| Category: | Reports | Spent time: | - | |
| Target version: | 4.6.1 | |||
| TYPO3 Version: | 4.6 | Is Regression: | ||
| PHP Version: | Sprint Focus: | |||
| Complexity: | medium |
Description
In typo3/sysext/reports/reports/status/class.tx_reports_reports_status_securitystatus.php line 68, function getAdminAccountStatus() only looks for the md5 value of default password 'password'. As rasauth and saltedpasswords are now activated by default, status reports module no longer issues a warning if the default password of BE account 'admin' is still set.
bug_31397.diff
(2.2 kB)
Related issues
Associated revisions
[BUGFIX] Add check for salted default admin password
Check for default password of admin account no longer
works in status reports module.
Change-Id: Ibefcadb60afb2d22490fc1219559d8651d256c8a
Fixes: #31397
Releases: 4.6, 4.7
Reviewed-on: http://review.typo3.org/6392
Reviewed-by: Markus Klein
Tested-by: Philipp Gampe
Reviewed-by: Philipp Gampe
Reviewed-by: Francois Suter
Tested-by: Francois Suter
[BUGFIX] Add check for salted default admin password
Check for default password of admin account no longer
works in status reports module.
Change-Id: Ibefcadb60afb2d22490fc1219559d8651d256c8a
Fixes: #31397
Releases: 4.6, 4.7
Reviewed-on: http://review.typo3.org/6404
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
Reviewed-by: Markus Klein
Tested-by: Markus Klein
Reviewed-by: Francois Suter
Tested-by: Francois Suter
History
#1 Updated by Gregor Hermens almost 4 years ago
- File bug_31397.diff added
Attached patch bug_31397.diff checks for both plain md5 and salted hash.
#2 Updated by Mr. Hudson almost 4 years ago
- Status changed from New to Under Review
Patch set 1 of change Ibefcadb60afb2d22490fc1219559d8651d256c8a has been pushed to the review server.
It is available at http://review.typo3.org/6392
#3 Updated by Francois Suter almost 4 years ago
- Assigned To set to Francois Suter
Good catch. I'm reviewing your patch.
#4 Updated by Francois Suter almost 4 years ago
- Target version set to 4.6.1
- Complexity set to medium
#5 Updated by Mr. Hudson almost 4 years ago
Patch set 2 of change Ibefcadb60afb2d22490fc1219559d8651d256c8a has been pushed to the review server.
It is available at http://review.typo3.org/6392
#6 Updated by Mr. Hudson almost 4 years ago
Patch set 3 of change Ibefcadb60afb2d22490fc1219559d8651d256c8a has been pushed to the review server.
It is available at http://review.typo3.org/6392
#7 Updated by Mr. Hudson almost 4 years ago
Patch set 4 of change Ibefcadb60afb2d22490fc1219559d8651d256c8a has been pushed to the review server.
It is available at http://review.typo3.org/6392
#8 Updated by Mr. Hudson almost 4 years ago
Patch set 5 of change Ibefcadb60afb2d22490fc1219559d8651d256c8a has been pushed to the review server.
It is available at http://review.typo3.org/6392
#9 Updated by Mr. Hudson almost 4 years ago
Patch set 1 of change Ibefcadb60afb2d22490fc1219559d8651d256c8a has been pushed to the review server.
It is available at http://review.typo3.org/6404
#10 Updated by Gregor Hermens almost 4 years ago
- Status changed from Under Review to Resolved
- % Done changed from 0 to 100
Applied in changeset 03eb718872cdff5bc9b092903388d818eabf15a4.
#11 Updated by Xavier Perseguers over 3 years ago
- Status changed from Resolved to Closed