From: Date: March 26 2008 6:21pm Subject: Connector/NET commit: r1209 - in branches/5.2: . MySql.Web/Providers/Source MySql.Web/Tests List-Archive: http://lists.mysql.com/commits/44469 X-Bug: 35336 Message-Id: <200803261721.m2QHLAjL010999@bk-internal.mysql.com> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Modified: branches/5.2/CHANGES branches/5.2/MySql.Web/Providers/Source/MembershipProvider.cs branches/5.2/MySql.Web/Tests/App.config branches/5.2/MySql.Web/Tests/UserManagement.cs Log: - Fixed bug where retrieving passwords that are encrypted was not returning proper passwords (bug #35336). This was caused by using the password and key bytes blend that we use for hashed passwords even though with encrypted passwords it is not required. Modified: branches/5.2/CHANGES =================================================================== --- branches/5.2/CHANGES 2008-03-26 16:52:54 UTC (rev 1208) +++ branches/5.2/CHANGES 2008-03-26 17:21:10 UTC (rev 1209) @@ -14,6 +14,8 @@ was not working correctly. - Fixed bug where calling GetPassword on a membership user when the password answer is null would cause an exception (bug #35332) +- Fixed bug where retrieving passwords that are encrypted was not returning proper + passwords (bug #35336) Version 5.2.1 - 2/27/2008 - Tons of fixes in providers. The actually work now. :) Modified: branches/5.2/MySql.Web/Providers/Source/MembershipProvider.cs =================================================================== --- branches/5.2/MySql.Web/Providers/Source/MembershipProvider.cs 2008-03-26 16:52:54 UTC (rev 1208) +++ branches/5.2/MySql.Web/Providers/Source/MembershipProvider.cs 2008-03-26 17:21:10 UTC (rev 1209) @@ -1213,8 +1213,8 @@ if (format == MembershipPasswordFormat.Clear) return encodedPassword; else if (format == MembershipPasswordFormat.Encrypted) - return Encoding.Unicode.GetString( - DecryptPassword(Convert.FromBase64String(password))); + return Encoding.Unicode.GetString(DecryptPassword( + Convert.FromBase64String(password))); else if (format == MembershipPasswordFormat.Hashed) throw new ProviderException(Resources.CannotUnencodeHashedPwd); else @@ -1246,7 +1246,7 @@ if (format == MembershipPasswordFormat.Encrypted) { - byte[] encryptedBytes = EncryptPassword(keyedBytes); + byte[] encryptedBytes = EncryptPassword(passwordBytes); return Convert.ToBase64String(encryptedBytes); } else if (format == MembershipPasswordFormat.Hashed) Modified: branches/5.2/MySql.Web/Tests/App.config =================================================================== --- branches/5.2/MySql.Web/Tests/App.config 2008-03-26 16:52:54 UTC (rev 1208) +++ branches/5.2/MySql.Web/Tests/App.config 2008-03-26 17:21:10 UTC (rev 1209) @@ -1,6 +1,11 @@  + + Modified: branches/5.2/MySql.Web/Tests/UserManagement.cs =================================================================== --- branches/5.2/MySql.Web/Tests/UserManagement.cs 2008-03-26 16:52:54 UTC (rev 1208) +++ branches/5.2/MySql.Web/Tests/UserManagement.cs 2008-03-26 17:21:10 UTC (rev 1209) @@ -536,5 +536,28 @@ string pw = provider.GetPassword("foo", null); Assert.AreEqual("barbar!", pw); } + + /// + /// Bug #35336 GetPassword() return wrong password (when format is encrypted) + /// + [Test] + public void GetEncryptedPassword() + { + MembershipCreateStatus status; + provider = new MySQLMembershipProvider(); + NameValueCollection config = new NameValueCollection(); + config.Add("connectionStringName", "LocalMySqlServer"); + config.Add("requiresQuestionAndAnswer", "false"); + config.Add("enablePasswordRetrieval", "true"); + config.Add("passwordFormat", "encrypted"); + config.Add("applicationName", "/"); + provider.Initialize(null, config); + + MembershipUser user = provider.CreateUser("foo", "barbar!", "foo@stripped", null, null, true, null, out status); + Assert.IsNotNull(user); + + string pw = provider.GetPassword("foo", null); + Assert.AreEqual("barbar!", pw); + } } }