Project

General

Profile

Actions

Bug #82147

closed

Security status report gives error when install tool password is empty

Added by Frans Saris over 6 years ago. Updated over 5 years ago.

Status:
Closed
Priority:
Should have
Assignee:
-
Category:
-
Target version:
-
Start date:
2017-08-21
Due date:
% Done:

100%

Estimated time:
TYPO3 Version:
8
PHP Version:
Tags:
Complexity:
Is Regression:
Sprint Focus:

Description

To complete disable the install tool you just set the install tool password to an empty string.

But when salted password is set to phpass this results in an php error in het Security status report.

#1476107295: PHP Warning: strpos(): Empty needle in vendor/typo3/cms/typo3/sysext/saltedpasswords/Classes/Salt/PhpassSalt.php line 188

This due to the fact that the report tries to create a salt on the empty password what results in an php error.

The report should mark an not set password as secure.


Related issues 2 (0 open2 closed)

Related to TYPO3 Core - Bug #81936: Installtool Empty Password ErrorClosed2017-07-20

Actions
Related to TYPO3 Core - Bug #75290: empty needle-Error on login (saltedpasswords)Closed2016-03-29

Actions
Actions

Also available in: Atom PDF