Project

General

Profile

Actions
Copy link

Bug #12198

closed

The password field allows storing a password without any selected hash

Bug #12198: The password field allows storing a password without any selected hash

Added by Alexis Mousset about 8 years ago. Updated over 7 years ago.

Status:
Released
Priority:
N/A
Assignee:
François ARMAND
Category:
Web - Config management
Target version:
4.1.17
Pull Request:
https://github.com/Normation/rudder/p...
Severity:
Minor - inconvenience | misleading | easy workaround
UX impact:
User visibility:
Operational - other Techniques | Technique editor | Rudder settings
Effort required:
Very Small
Priority:
0
Name check:
Fix check:
Regression:

Description

When selectig "password + hash" in a password field, and not selecting any hash, everything seems to work fine but thez resulting password is not correct. We should not allow saving the directive without a selected hash algo.

Updated by Vincent MEMBRÉ about 8 years ago Actions
Copy link
 #1

  • Target version changed from 4.1.11 to 4.1.12

Updated by Vincent MEMBRÉ almost 8 years ago Actions
Copy link
 #2

  • Target version changed from 4.1.12 to 4.1.13

Updated by Benoît PECCATTE almost 8 years ago Actions
Copy link
 #3

  • Target version changed from 4.1.13 to 411

Updated by Benoît PECCATTE almost 8 years ago Actions
Copy link
 #4

  • Target version changed from 411 to 4.1.13

Updated by Vincent MEMBRÉ almost 8 years ago Actions
Copy link
 #5

  • Target version changed from 4.1.13 to 4.1.14

Updated by François ARMAND over 7 years ago Actions
Copy link
 #6

  • Severity set to Minor - inconvenience | misleading | easy workaround
  • User visibility set to Operational - other Techniques | Technique editor | Rudder settings
  • Priority changed from 0 to 31

Updated by Benoît PECCATTE over 7 years ago Actions
Copy link
 #7

  • Target version changed from 4.1.14 to 4.1.15
  • Priority changed from 31 to 30

Updated by Vincent MEMBRÉ over 7 years ago Actions
Copy link
 #8

  • Target version changed from 4.1.15 to 4.1.16
  • Priority changed from 30 to 29

Updated by Vincent MEMBRÉ over 7 years ago Actions
Copy link
 #9

  • Target version changed from 4.1.16 to 4.1.17

Updated by François ARMAND over 7 years ago Actions
Copy link
 #10

  • Effort required set to Very Small
  • Priority changed from 29 to 55

Either we should forbid the empty hash or use the first value by default. It should be triavial.

Updated by Vincent MEMBRÉ over 7 years ago Actions
Copy link
 #11

  • Status changed from New to In progress
  • Assignee set to Vincent MEMBRÉ
  • Priority changed from 55 to 0

Updated by Vincent MEMBRÉ over 7 years ago Actions
Copy link
 #12

  • Status changed from In progress to Pending technical review
  • Assignee changed from Vincent MEMBRÉ to François ARMAND
  • Pull Request set to https://github.com/Normation/rudder/pull/2087

Updated by Vincent MEMBRÉ over 7 years ago Actions
Copy link
 #13

  • Status changed from Pending technical review to Pending release

Updated by Nicolas CHARLES over 7 years ago Actions
Copy link
 #14

the fix is suboptimal: it accepted with an empty selected hash algorithm, but we don't know which one is selected (hint: it's likely to be md5)

Updated by Vincent MEMBRÉ over 7 years ago Actions
Copy link
 #15

  • Status changed from Pending release to Released
This bug has been fixed in Rudder 4.1.17, 4.3.7 and 5.0.3 which were released today. 
Changelog
 Changelog
 Changelog
Actions
Copy link

Also available in: PDF Atom