Attachment 8985 Details for Bug 19318 – do not encrypt the empty string, v1

[patch] do not encrypt the empty string, v1

userdrake_fix_no_passwd.diff (text/plain), 996 bytes, created by Frédéric "LpSolit" Buclin on 2017-02-24 18:35:09 CET

(hide)

Description:

Filename:

MIME Type:

Creator: Frédéric "LpSolit" Buclin

Created: 2017-02-24 18:35:09 CET

Size: 996 bytes

patch

obsolete

>From 067d450ac07da33f3814f8d2f77753f73bf51daf Mon Sep 17 00:00:00 2001
>From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20Buclin?= <LpSolit@netscape.net>
>Date: Fri, 24 Feb 2017 18:31:30 +0100
>Subject: [PATCH] Do not encrypt the empty password (mga#19318)
>
>---
> USER/USER.xs | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
>diff --git a/USER/USER.xs b/USER/USER.xs
>index bb11612..086580b 100644
>--- a/USER/USER.xs
>+++ b/USER/USER.xs
>@@ -206,7 +206,8 @@ Admin_UserSetPass(self, ent, userPasswd)
>         char *userPasswd
>         PPCODE:
>         USER__ERR *error = NULL;
>-        gboolean crypted = FALSE;
>+        /* If no password is set, do not encrypt the empty string. (mga#19318) */
>+        gboolean crypted = (strlen(userPasswd) == 0) ? TRUE : FALSE;
> 	if (lu_user_setpass(self, ent, userPasswd, crypted, &error) == FALSE) {
>              croak(_("Failed to set password: '%s'.\n"), error ? error->string : _("unknown error"));
>                 if (error) { lu_error_free(&error); }
>-- 
>2.10.2
>

From 067d450ac07da33f3814f8d2f77753f73bf51daf Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20Buclin?= <LpSolit@netscape.net>
Date: Fri, 24 Feb 2017 18:31:30 +0100
Subject: [PATCH] Do not encrypt the empty password (mga#19318)

---
 USER/USER.xs | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/USER/USER.xs b/USER/USER.xs
index bb11612..086580b 100644
--- a/USER/USER.xs
+++ b/USER/USER.xs
@@ -206,7 +206,8 @@ Admin_UserSetPass(self, ent, userPasswd)
         char *userPasswd
         PPCODE:
         USER__ERR *error = NULL;
-        gboolean crypted = FALSE;
+        /* If no password is set, do not encrypt the empty string. (mga#19318) */
+        gboolean crypted = (strlen(userPasswd) == 0) ? TRUE : FALSE;
 	if (lu_user_setpass(self, ent, userPasswd, crypted, &error) == FALSE) {
              croak(_("Failed to set password: '%s'.\n"), error ? error->string : _("unknown error"));
                 if (error) { lu_error_free(&error); }
-- 
2.10.2

Actions: View | Diff

Attachments on bug 19318: 8427 | 8985