[TYPO3-core] FYI: Fixed bug #16352: [saltedpasswords] Login with bulk updated passwords from t3sec_saltedpw not working
Christian Kuhn
lolli at schwarzbu.ch
Thu Nov 11 15:59:07 CET 2010
The following patch was committed to:
trunk rev. 9333
4.4 rev. 9334
4.3 rev. 9335
Type: Bugfix
BT: http://bugs.typo3.org/view.php?id=16352
Problem:
The predecessor of saltedpasswords was the t3sec_saltedpw extenion which
allowed a bulk update of existing password records to salted passwords.
If this was done with cleartext passwords, and a migration from
t3sec_saltedpw to sysext:saltedpasswords was done, the login fails.
Solution:
Migrated cleartext password in t3sec_saltedpw where prefixed with "C$".
These are falsely handled as migrated md5 hashed passwords.
Notes:
Patch was done together with Marcus Krause who worked on both
extensions. We tested this seldom edge case.
Regards
Christian
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 16352.diff
Type: text/x-patch
Size: 783 bytes
Desc: not available
URL: <http://lists.typo3.org/pipermail/typo3-team-core/attachments/20101111/c93b8f3d/attachment.bin>
More information about the TYPO3-team-core
mailing list