Modified:
branches/5.2/CHANGES
branches/5.2/MySql.Web/Providers/Source/MembershipProvider.cs
branches/5.2/MySql.Web/Tests/App.config
branches/5.2/MySql.Web/Tests/UserManagement.cs
Log:
- Fixed bug where retrieving passwords that are encrypted was not returning proper
passwords (bug #35336). This was caused by using the password and key bytes blend that we use for hashed passwords even though with encrypted passwords it is not required.
Modified: branches/5.2/CHANGES
===================================================================
--- branches/5.2/CHANGES 2008-03-26 16:52:54 UTC (rev 1208)
+++ branches/5.2/CHANGES 2008-03-26 17:21:10 UTC (rev 1209)
@@ -14,6 +14,8 @@
was not working correctly.
- Fixed bug where calling GetPassword on a membership user when the password answer
is null would cause an exception (bug #35332)
+- Fixed bug where retrieving passwords that are encrypted was not returning proper
+ passwords (bug #35336)
Version 5.2.1 - 2/27/2008
- Tons of fixes in providers. The actually work now. :)
Modified: branches/5.2/MySql.Web/Providers/Source/MembershipProvider.cs
===================================================================
--- branches/5.2/MySql.Web/Providers/Source/MembershipProvider.cs 2008-03-26 16:52:54 UTC (rev 1208)
+++ branches/5.2/MySql.Web/Providers/Source/MembershipProvider.cs 2008-03-26 17:21:10 UTC (rev 1209)
@@ -1213,8 +1213,8 @@
if (format == MembershipPasswordFormat.Clear)
return encodedPassword;
else if (format == MembershipPasswordFormat.Encrypted)
- return Encoding.Unicode.GetString(
- DecryptPassword(Convert.FromBase64String(password)));
+ return Encoding.Unicode.GetString(DecryptPassword(
+ Convert.FromBase64String(password)));
else if (format == MembershipPasswordFormat.Hashed)
throw new ProviderException(Resources.CannotUnencodeHashedPwd);
else
@@ -1246,7 +1246,7 @@
if (format == MembershipPasswordFormat.Encrypted)
{
- byte[] encryptedBytes = EncryptPassword(keyedBytes);
+ byte[] encryptedBytes = EncryptPassword(passwordBytes);
return Convert.ToBase64String(encryptedBytes);
}
else if (format == MembershipPasswordFormat.Hashed)
Modified: branches/5.2/MySql.Web/Tests/App.config
===================================================================
--- branches/5.2/MySql.Web/Tests/App.config 2008-03-26 16:52:54 UTC (rev 1208)
+++ branches/5.2/MySql.Web/Tests/App.config 2008-03-26 17:21:10 UTC (rev 1209)
@@ -1,6 +1,11 @@
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.web>
+ <machineKey
+ validationKey="AutoGenerate"
+ decryptionKey="ABAA84D7EC4BB56D75D217CECFFB9628809BDB8BF91CFCD64568A145BE59719F"
+ validation="SHA1" decryption="AES"/>
+
<profile defaultProvider="MySqlProfileProvider">
<providers>
<clear/>
Modified: branches/5.2/MySql.Web/Tests/UserManagement.cs
===================================================================
--- branches/5.2/MySql.Web/Tests/UserManagement.cs 2008-03-26 16:52:54 UTC (rev 1208)
+++ branches/5.2/MySql.Web/Tests/UserManagement.cs 2008-03-26 17:21:10 UTC (rev 1209)
@@ -536,5 +536,28 @@
string pw = provider.GetPassword("foo", null);
Assert.AreEqual("barbar!", pw);
}
+
+ /// <summary>
+ /// Bug #35336 GetPassword() return wrong password (when format is encrypted)
+ /// </summary>
+ [Test]
+ public void GetEncryptedPassword()
+ {
+ MembershipCreateStatus status;
+ provider = new MySQLMembershipProvider();
+ NameValueCollection config = new NameValueCollection();
+ config.Add("connectionStringName", "LocalMySqlServer");
+ config.Add("requiresQuestionAndAnswer", "false");
+ config.Add("enablePasswordRetrieval", "true");
+ config.Add("passwordFormat", "encrypted");
+ config.Add("applicationName", "/");
+ provider.Initialize(null, config);
+
+ MembershipUser user = provider.CreateUser("foo", "barbar!", "foo@stripped", null, null, true, null, out status);
+ Assert.IsNotNull(user);
+
+ string pw = provider.GetPassword("foo", null);
+ Assert.AreEqual("barbar!", pw);
+ }
}
}
| Thread |
|---|
| • Connector/NET commit: r1209 - in branches/5.2: . MySql.Web/Providers/Source MySql.Web/Tests | rburnett | 26 Mar |
