Project

General

Profile

Bug #12198

The password field allows storing a password without any selected hash

Added by Alexis MOUSSET over 1 year ago. Updated 12 months ago.

Status:
Released
Priority:
N/A
Category:
Web - Config management
Target version:
Severity:
Minor - inconvenience | misleading | easy workaround
User visibility:
Operational - other Techniques | Technique editor | Rudder settings
Effort required:
Very Small
Priority:
0

Description

When selectig "password + hash" in a password field, and not selecting any hash, everything seems to work fine but thez resulting password is not correct. We should not allow saving the directive without a selected hash algo.

Associated revisions

Revision 84af8db5 (diff)
Added by Vincent MEMBRÉ about 1 year ago

Fixes #12198: The password field allows storing a password without any selected hash

History

#1

Updated by Vincent MEMBRÉ over 1 year ago

  • Target version changed from 4.1.11 to 4.1.12
#2

Updated by Vincent MEMBRÉ over 1 year ago

  • Target version changed from 4.1.12 to 4.1.13
#3

Updated by Benoît PECCATTE over 1 year ago

  • Target version changed from 4.1.13 to 411
#4

Updated by Benoît PECCATTE over 1 year ago

  • Target version changed from 411 to 4.1.13
#5

Updated by Vincent MEMBRÉ over 1 year ago

  • Target version changed from 4.1.13 to 4.1.14
#6

Updated by François ARMAND over 1 year ago

  • Severity set to Minor - inconvenience | misleading | easy workaround
  • User visibility set to Operational - other Techniques | Technique editor | Rudder settings
  • Priority changed from 0 to 31
#7

Updated by Benoît PECCATTE over 1 year ago

  • Target version changed from 4.1.14 to 4.1.15
  • Priority changed from 31 to 30
#8

Updated by Vincent MEMBRÉ about 1 year ago

  • Target version changed from 4.1.15 to 4.1.16
  • Priority changed from 30 to 29
#9

Updated by Vincent MEMBRÉ about 1 year ago

  • Target version changed from 4.1.16 to 4.1.17
#10

Updated by François ARMAND about 1 year ago

  • Effort required set to Very Small
  • Priority changed from 29 to 55

Either we should forbid the empty hash or use the first value by default. It should be triavial.

#11

Updated by Vincent MEMBRÉ about 1 year ago

  • Status changed from New to In progress
  • Assignee set to Vincent MEMBRÉ
  • Priority changed from 55 to 0
#12

Updated by Vincent MEMBRÉ about 1 year ago

  • Status changed from In progress to Pending technical review
  • Assignee changed from Vincent MEMBRÉ to François ARMAND
  • Pull Request set to https://github.com/Normation/rudder/pull/2087
#13

Updated by Vincent MEMBRÉ about 1 year ago

  • Status changed from Pending technical review to Pending release
#14

Updated by Nicolas CHARLES about 1 year ago

the fix is suboptimal: it accepted with an empty selected hash algorithm, but we don't know which one is selected (hint: it's likely to be md5)

#15

Updated by Vincent MEMBRÉ 12 months ago

  • Status changed from Pending release to Released
This bug has been fixed in Rudder 4.1.17, 4.3.7 and 5.0.3 which were released today.
Changelog
Changelog
Changelog

Also available in: Atom PDF