Closed Bug 721624 Opened 12 years ago Closed 12 years ago

use admin_update_password for forced password update

Categories

(Cloud Services :: Server: Registration, defect)

Product:
Cloud Services
Component:
Server: Registration
Platform:
x86
Linux
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: rfkelly, Assigned: rfkelly)

References

Details

(Whiteboard: [qa+])

Attachments

(2 files)

patch to use admin_update_password
596 bytes, patch
telliott
: review+
Details | Diff | Splinter Review
patch to correct use of admin_update_password
1.95 KB, patch
telliott
: review+
Details | Diff | Splinter Review 
Currently server-reg uses admin_update_field() to forcibly reset the user's password.  That's bad news for SQL auth backends, since it writes the raw password into the database instead of the hashed-and-salted version.

Attached patch changes it to use admin_update_password().
Attachment #592034 - Flags: review?(telliott)
Comment on attachment 592034 [details] [diff] [review]
patch to use admin_update_password

Whoops. Good catch.
Attachment #592034 - Flags: review?(telliott) → review+
Applied in http://hg.mozilla.org/services/server-reg/rev/ea7aaa1f240a
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Status: RESOLVED → VERIFIED
Whiteboard: [qa+]
Blocks: 766570
Yeah, um, so...the patch committed above doesn't actually work.  It resets the password to "password" rather than the value entered by the user.  Whoops!  Attached patch fixed it and adds a test to make sure it really works.
Assignee: nobody → rfkelly
Status: VERIFIED → REOPENED
Attachment #635634 - Flags: review?(telliott)
Resolution: FIXED → ---
Comment on attachment 635634 [details] [diff] [review]
patch to correct use of admin_update_password

Whoops!
Attachment #635634 - Flags: review?(telliott) → review+
http://hg.mozilla.org/services/server-reg/rev/984937e39ac8
Status: REOPENED → RESOLVED
Closed: 12 years ago12 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: