Bug #31397

Check for default password of admin account no longer works in status reports module

Added by Gregor Hermens almost 11 years ago. Updated over 10 years ago.

Status:
Closed
Priority:
Must have
Category:
Reports
Target version:
Start date:
2011-10-29
Due date:
% Done:

100%

Estimated time:
TYPO3 Version:
4.6
PHP Version:
Tags:
Complexity:
medium
Is Regression:
Sprint Focus:

Description

In typo3/sysext/reports/reports/status/class.tx_reports_reports_status_securitystatus.php line 68, function getAdminAccountStatus() only looks for the md5 value of default password 'password'. As rasauth and saltedpasswords are now activated by default, status reports module no longer issues a warning if the default password of BE account 'admin' is still set.


Files

bug_31397.diff (2.19 KB) bug_31397.diff Gregor Hermens, 2011-10-31 09:53

Related issues

Related to TYPO3 Core - Bug #31407: Admin user creation function uses hardcoded md5() for passwordClosed2011-10-30

Actions
#1

Updated by Gregor Hermens almost 11 years ago

Attached patch bug_31397.diff checks for both plain md5 and salted hash.

#2

Updated by Mr. Hudson almost 11 years ago

  • Status changed from New to Under Review

Patch set 1 of change Ibefcadb60afb2d22490fc1219559d8651d256c8a has been pushed to the review server.
It is available at http://review.typo3.org/6392

#3

Updated by Francois Suter almost 11 years ago

  • Assignee set to Francois Suter

Good catch. I'm reviewing your patch.

#4

Updated by Francois Suter almost 11 years ago

  • Target version set to 4.6.1
  • Complexity set to medium
#5

Updated by Mr. Hudson almost 11 years ago

Patch set 2 of change Ibefcadb60afb2d22490fc1219559d8651d256c8a has been pushed to the review server.
It is available at http://review.typo3.org/6392

#6

Updated by Mr. Hudson almost 11 years ago

Patch set 3 of change Ibefcadb60afb2d22490fc1219559d8651d256c8a has been pushed to the review server.
It is available at http://review.typo3.org/6392

#7

Updated by Mr. Hudson almost 11 years ago

Patch set 4 of change Ibefcadb60afb2d22490fc1219559d8651d256c8a has been pushed to the review server.
It is available at http://review.typo3.org/6392

#8

Updated by Mr. Hudson almost 11 years ago

Patch set 5 of change Ibefcadb60afb2d22490fc1219559d8651d256c8a has been pushed to the review server.
It is available at http://review.typo3.org/6392

#9

Updated by Mr. Hudson almost 11 years ago

Patch set 1 of change Ibefcadb60afb2d22490fc1219559d8651d256c8a has been pushed to the review server.
It is available at http://review.typo3.org/6404

#10

Updated by Gregor Hermens almost 11 years ago

  • Status changed from Under Review to Resolved
  • % Done changed from 0 to 100
#11

Updated by Xavier Perseguers over 10 years ago

  • Status changed from Resolved to Closed

Also available in: Atom PDF