From: Date: September 5 2008 10:09pm
Subject: Connector/NET commit: r1406 - in branches/5.2: . MySql.Web/Providers MySql.Web/Providers/Properties MySql.Web/Providers/Source
List-Archive: http://lists.mysql.com/commits/53396
X-Bug: 38895
Message-Id: <200809052009.m85K9ZLh031636@bk-internal.mysql.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Modified:
branches/5.2/CHANGES
branches/5.2/MySql.Web/Providers/MySql.Web.csproj
branches/5.2/MySql.Web/Providers/Properties/Resources.resx
branches/5.2/MySql.Web/Providers/Source/MembershipProvider.cs
Log:
- added runtime check for the mono platform to our Membership provider. The mono runtime
as of 1.9.1 did not support the methods needed for hashed passwords (bug #38895)
Modified: branches/5.2/CHANGES
===================================================================
--- branches/5.2/CHANGES 2008-09-05 16:43:27 UTC (rev 1405)
+++ branches/5.2/CHANGES 2008-09-05 20:09:35 UTC (rev 1406)
@@ -5,6 +5,8 @@
different case then an exception would be thrown.
- fixed stored procedure parameter parsing when used inside server explorer. (bug #39252)
- fixed time data type so that negative values are handled properly (bug #39275)
+- added runtime check for the mono platform to our Membership provider. The mono runtime
+ as of 1.9.1 did not support the methods needed for hashed passwords (bug #38895)
Version 5.2.3 - 8/14/08
- Increased the speed of MySqlDataReader.GetOrdinal dramatically by using a couple
Modified: branches/5.2/MySql.Web/Providers/MySql.Web.csproj
===================================================================
--- branches/5.2/MySql.Web/Providers/MySql.Web.csproj 2008-09-05 16:43:27 UTC (rev 1405)
+++ branches/5.2/MySql.Web/Providers/MySql.Web.csproj 2008-09-05 20:09:35 UTC (rev 1406)
@@ -63,6 +63,7 @@
+
Modified: branches/5.2/MySql.Web/Providers/Properties/Resources.resx
===================================================================
--- branches/5.2/MySql.Web/Providers/Properties/Resources.resx 2008-09-05 16:43:27 UTC (rev 1405)
+++ branches/5.2/MySql.Web/Providers/Properties/Resources.resx 2008-09-05 20:09:35 UTC (rev 1406)
@@ -238,4 +238,7 @@
User names must not be null or empty.
+
+ The mono runtime did not support hashed passwords. Please use clear or encrypted passwords.
+
\ No newline at end of file
Modified: branches/5.2/MySql.Web/Providers/Source/MembershipProvider.cs
===================================================================
--- branches/5.2/MySql.Web/Providers/Source/MembershipProvider.cs 2008-09-05 16:43:27 UTC (rev 1405)
+++ branches/5.2/MySql.Web/Providers/Source/MembershipProvider.cs 2008-09-05 20:09:35 UTC (rev 1406)
@@ -119,6 +119,7 @@
requiresUniqueEmail = Convert.ToBoolean(GetConfigValue(config["requiresUniqueEmail"], "True"));
writeExceptionsToEventLog = Convert.ToBoolean(GetConfigValue(config["writeExceptionsToEventLog"], "True"));
string temp_format = config["passwordFormat"];
+
if (temp_format == null)
temp_format = "hashed";
else
@@ -135,8 +136,13 @@
// if the user is asking for the ability to retrieve hashed passwords, then let
// them know we can't
- if (PasswordFormat == MembershipPasswordFormat.Hashed && EnablePasswordRetrieval)
- throw new ProviderException(Resources.CannotRetrieveHashedPasswords);
+ if (PasswordFormat == MembershipPasswordFormat.Hashed)
+ {
+ if (EnablePasswordRetrieval)
+ throw new ProviderException(Resources.CannotRetrieveHashedPasswords);
+ if (Runtime.IsMono)
+ throw new ProviderException(Resources.MonoDoesNotSupportHash);
+ }
ConnectionStringSettings ConnectionStringSettings = ConfigurationManager.ConnectionStrings[
config["connectionStringName"]];
@@ -561,16 +567,19 @@
@failedPasswordAttemptWindowStart, @failedPasswordAnswerAttemptCount,
@failedPasswordAnswerAttemptWindowStart)",
connection);
+ Console.WriteLine("point 1");
cmd.Parameters.AddWithValue("@userId", userId);
cmd.Parameters.AddWithValue("@email", email);
cmd.Parameters.AddWithValue("@comment", "");
cmd.Parameters.AddWithValue("@password",
EncodePassword(password, passwordKey, PasswordFormat));
+ Console.WriteLine("point 2");
cmd.Parameters.AddWithValue("@passwordKey", passwordKey);
cmd.Parameters.AddWithValue("@passwordFormat", PasswordFormat);
cmd.Parameters.AddWithValue("@passwordQuestion", passwordQuestion);
cmd.Parameters.AddWithValue("@passwordAnswer",
EncodePassword(passwordAnswer, passwordKey, PasswordFormat));
+ Console.WriteLine("point 3");
cmd.Parameters.AddWithValue("@isApproved", isApproved);
cmd.Parameters.AddWithValue("@lastActivityDate", createDate);
cmd.Parameters.AddWithValue("@lastLoginDate", createDate);
@@ -1230,6 +1239,18 @@
return Convert.ToBase64String(key);
}
+ ///
+ /// this method is only necessary because early versions of Mono did not support
+ /// the HashAlgorithmType property
+ ///
+ ///
+ ///
+ private string HashPasswordBytes(byte[] bytes)
+ {
+ HashAlgorithm hash = HashAlgorithm.Create(Membership.HashAlgorithmType);
+ return Convert.ToBase64String(hash.ComputeHash(bytes));
+ }
+
private string EncodePassword(string password, string passwordKey,
MembershipPasswordFormat format)
{
@@ -1250,10 +1271,7 @@
return Convert.ToBase64String(encryptedBytes);
}
else if (format == MembershipPasswordFormat.Hashed)
- {
- HashAlgorithm hash = HashAlgorithm.Create(Membership.HashAlgorithmType);
- return Convert.ToBase64String(hash.ComputeHash(keyedBytes));
- }
+ return HashPasswordBytes(keyedBytes);
else
throw new ProviderException(Resources.UnsupportedPasswordFormat);
}