Bug #31397

Check for default password of admin account no longer works in status reports module

Added by Gregor Hermens about 8 years ago. Updated almost 8 years ago.

Status:
Closed
Priority:
Must have
Category:
Reports
Target version:
Start date:
2011-10-29
Due date:
% Done:

100%

TYPO3 Version:
4.6
PHP Version:
Tags:
Complexity:
medium
Is Regression:
Sprint Focus:

Description

In typo3/sysext/reports/reports/status/class.tx_reports_reports_status_securitystatus.php line 68, function getAdminAccountStatus() only looks for the md5 value of default password 'password'. As rasauth and saltedpasswords are now activated by default, status reports module no longer issues a warning if the default password of BE account 'admin' is still set.

bug_31397.diff View (2.19 KB) Gregor Hermens, 2011-10-31 09:53


Related issues

Related to TYPO3 Core - Bug #31407: Admin user creation function uses hardcoded md5() for password Closed 2011-10-30

Associated revisions

Revision 03eb7188 (diff)
Added by Gregor Hermens about 8 years ago

[BUGFIX] Add check for salted default admin password

Check for default password of admin account no longer
works in status reports module.

Change-Id: Ibefcadb60afb2d22490fc1219559d8651d256c8a
Fixes: #31397
Releases: 4.6, 4.7
Reviewed-on: http://review.typo3.org/6392
Reviewed-by: Markus Klein
Tested-by: Philipp Gampe
Reviewed-by: Philipp Gampe
Reviewed-by: Francois Suter
Tested-by: Francois Suter

Revision 1eedef16 (diff)
Added by Gregor Hermens almost 8 years ago

[BUGFIX] Add check for salted default admin password

Check for default password of admin account no longer
works in status reports module.

Change-Id: Ibefcadb60afb2d22490fc1219559d8651d256c8a
Fixes: #31397
Releases: 4.6, 4.7
Reviewed-on: http://review.typo3.org/6404
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
Reviewed-by: Markus Klein
Tested-by: Markus Klein
Reviewed-by: Francois Suter
Tested-by: Francois Suter

History

#1 Updated by Gregor Hermens about 8 years ago

Attached patch bug_31397.diff checks for both plain md5 and salted hash.

#2 Updated by Mr. Hudson about 8 years ago

  • Status changed from New to Under Review

Patch set 1 of change Ibefcadb60afb2d22490fc1219559d8651d256c8a has been pushed to the review server.
It is available at http://review.typo3.org/6392

#3 Updated by Francois Suter about 8 years ago

  • Assignee set to Francois Suter

Good catch. I'm reviewing your patch.

#4 Updated by Francois Suter about 8 years ago

  • Target version set to 4.6.1
  • Complexity set to medium

#5 Updated by Mr. Hudson about 8 years ago

Patch set 2 of change Ibefcadb60afb2d22490fc1219559d8651d256c8a has been pushed to the review server.
It is available at http://review.typo3.org/6392

#6 Updated by Mr. Hudson about 8 years ago

Patch set 3 of change Ibefcadb60afb2d22490fc1219559d8651d256c8a has been pushed to the review server.
It is available at http://review.typo3.org/6392

#7 Updated by Mr. Hudson about 8 years ago

Patch set 4 of change Ibefcadb60afb2d22490fc1219559d8651d256c8a has been pushed to the review server.
It is available at http://review.typo3.org/6392

#8 Updated by Mr. Hudson about 8 years ago

Patch set 5 of change Ibefcadb60afb2d22490fc1219559d8651d256c8a has been pushed to the review server.
It is available at http://review.typo3.org/6392

#9 Updated by Mr. Hudson about 8 years ago

Patch set 1 of change Ibefcadb60afb2d22490fc1219559d8651d256c8a has been pushed to the review server.
It is available at http://review.typo3.org/6404

#10 Updated by Gregor Hermens about 8 years ago

  • Status changed from Under Review to Resolved
  • % Done changed from 0 to 100

#11 Updated by Xavier Perseguers almost 8 years ago

  • Status changed from Resolved to Closed

Also available in: Atom PDF