Project

General

Profile

Actions
Copy link

Bug #31407

closed

Task #49162: Rewrite install tool

Admin user creation function uses hardcoded md5() for password

Added by Markus Klein over 12 years ago. Updated over 5 years ago.

Status:
Closed
Priority:
Must have
Assignee:
-
Category:
Install Tool
Target version:
-
Start date:
2011-10-30
Due date:
% Done:

100%

Estimated time:
TYPO3 Version:
4.6
PHP Version:
Tags:
Complexity:
medium
Is Regression:
Sprint Focus:

Description

The Install Tool function for creating an admin user uses hardcoded md5() for the associated password.
This does not work together with rsaauth/saltedpasswords.

typo3/sysext/install/mod/tx_install.php, line 6082:

$insertFields = array(
    'username' => $username,
    'password' => md5($pass),
    'admin' => 1,
    'uc' => '',
    'fileoper_perms' => 0,
    'tstamp' => $GLOBALS['EXEC_TIME'],
    'crdate' => $GLOBALS['EXEC_TIME']
);

Related issues 3 (0 open3 closed)

Related to TYPO3 Core - Bug #31397: Check for default password of admin account no longer works in status reports moduleClosedFrancois Suter2011-10-29

Actions
Related to TYPO3 Core - Feature #50612: Create BE-user in installation wizard (123 step) with a salted passwordClosedNicole Cordes2013-08-26

Actions
Has duplicate TYPO3 Core - Bug #39350: Create a admin user with hashed password in Install ToolClosedHelmut Hummel2012-07-28

Actions
Actions
Copy link

Also available in: Atom PDF