Closed
Bug 721624
Opened 12 years ago
Closed 12 years ago
use admin_update_password for forced password update
Categories
(Cloud Services :: Server: Registration, defect)
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: rfkelly, Assigned: rfkelly)
References
Details
(Whiteboard: [qa+])
Attachments
(2 files)
596 bytes,
patch
|
telliott
:
review+
|
Details | Diff | Splinter Review |
1.95 KB,
patch
|
telliott
:
review+
|
Details | Diff | Splinter Review |
Currently server-reg uses admin_update_field() to forcibly reset the user's password. That's bad news for SQL auth backends, since it writes the raw password into the database instead of the hashed-and-salted version. Attached patch changes it to use admin_update_password().
Attachment #592034 -
Flags: review?(telliott)
Comment 1•12 years ago
|
||
Comment on attachment 592034 [details] [diff] [review] patch to use admin_update_password Whoops. Good catch.
Attachment #592034 -
Flags: review?(telliott) → review+
Assignee | ||
Comment 2•12 years ago
|
||
Applied in http://hg.mozilla.org/services/server-reg/rev/ea7aaa1f240a
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Updated•12 years ago
|
Status: RESOLVED → VERIFIED
Whiteboard: [qa+]
Assignee | ||
Comment 3•12 years ago
|
||
Yeah, um, so...the patch committed above doesn't actually work. It resets the password to "password" rather than the value entered by the user. Whoops! Attached patch fixed it and adds a test to make sure it really works.
Assignee: nobody → rfkelly
Status: VERIFIED → REOPENED
Attachment #635634 -
Flags: review?(telliott)
Resolution: FIXED → ---
Comment 4•12 years ago
|
||
Comment on attachment 635634 [details] [diff] [review] patch to correct use of admin_update_password Whoops!
Attachment #635634 -
Flags: review?(telliott) → review+
Assignee | ||
Comment 5•12 years ago
|
||
http://hg.mozilla.org/services/server-reg/rev/984937e39ac8
Status: REOPENED → RESOLVED
Closed: 12 years ago → 12 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•