Closed GoogleCodeExporter closed 9 years ago
I've got one clue.. but it looks really weird, since change is for long time in
repository.
During creation of new Host, SetHostPassword is being called, that uses random
Salt to create a hash value.
public static void SetHostPassword(HostInfo host, string newPassword)
{
host.Salt = SecurityHelper.CreateRandomSalt();
if(Config.Settings.UseHashedPasswords)
{
string hashedPassword = SecurityHelper.HashPassword(newPassword, host.Salt);
host.Password = hashedPassword;
}
else
{
host.Password = newPassword;
}
}
During authorization on logon, it aslo calculate hash value.. but WITHOUT salt
value.
public static bool IsValidPassword(Blog blog, string password)
{
if(blog.IsPasswordHashed)
{
password = HashPassword(password);
}
string storedPassword = blog.Password;
The hash of password entered during "registration" and "logon" will never be
equal.
Please confirm is this a bug or might be some issue of my configuration?
Original comment by alexande...@gmail.com
on 27 Jul 2010 at 2:50
Original comment by haac...@gmail.com
on 27 Jul 2010 at 4:46
Maybe this is related to the problem.
It looks like the fresh installation saves data in the wrong fields of the
database. (see attached image)
Cheers
Michael
Original comment by sourceco...@gmail.com
on 28 Jul 2010 at 2:38
Attachments:
You are right.
I'm still not really awere how all codegeneration procedure works, but it turns
out that signature of StoredProcedures.UpdateHost has been changed, so
HostRepository.UpdateHost passed email intead of salt.
I've created a small patch. Please review.
Original comment by alexande...@gmail.com
on 28 Jul 2010 at 8:54
Attachments:
I guess that probably there is something wrong going on with the automatic
generation of the storedprocedure class.
I think that also the other failures might be related to that
Original comment by simone.chiaretta
on 28 Jul 2010 at 2:05
I committed the HostRepository change in r4090
Original comment by simone.chiaretta
on 28 Jul 2010 at 7:00
Hi Simone, would not you like to add a unit test for HostRepository also?
Original comment by alexande...@gmail.com
on 28 Jul 2010 at 7:27
The T4 template swapped parameters also in another storedproc.
Added another small fix in r4093.
Now unit test report is:
1497 passed, 6 failed, 4 skipped, took 39,11 seconds (MbUnit 2.4.2).
Original comment by simone.chiaretta
on 30 Jul 2010 at 9:46
I'm going to do update today.. and compare my test results with yours.
Original comment by alexande...@gmail.com
on 30 Jul 2010 at 10:23
Another test fixed with r4094
in the previous version to correctly encode C# to C%23 it was required to
replace the pound sign to {:#:}
Never seen that syntax before... probably Phil added it: why was it needed?
Now it just works without any trick
Original comment by simone.chiaretta
on 30 Jul 2010 at 10:54
Other 2 testd fixed in r4095.
The were about timezones and were probably failing even before.
Now down to:
1499 passed, 4 failed, 4 skipped
2 of which are the ones referred in issue 246, and 2 are failing randomly when
executed with all the tests, and never fail when executed inside their
textfixture
Original comment by simone.chiaretta
on 30 Jul 2010 at 11:13
The randomly failing tests are now always passing (fixed in r4097).
Test stats are now:
1501 passed, 2 failed, 4 skipped
Original comment by simone.chiaretta
on 30 Jul 2010 at 1:09
Thats great :)
Same on my machine:
1502 passed, 2 failed, 4 skipped (see 'Task List'), took 60,82 seconds (MbUnit
2.4.2).
Original comment by alexande...@gmail.com
on 30 Jul 2010 at 1:16
I forgot to apply the unit test from the patch alexander.beletsky sent.. did it
in r4098
Now the "passed" count is the same... just way faster :)
1502 passed, 2 failed, 4 skipped (see 'Task List'), took 30,71 seconds (MbUnit
2.4.2).
Original comment by simone.chiaretta
on 30 Jul 2010 at 1:25
Has this been resolved yet? I also can't log into Admin in order to start the
DB upgrade for the .NET 4 version. I'm running this on repo # 4010 currently
Original comment by dschinkel
on 20 Oct 2010 at 3:21
Disregard, I was trying to use the login for Subtext_Config instead of
Subtext_Host
Original comment by dschinkel
on 20 Oct 2010 at 3:28
All tests pass on my machine. Can you verify?
Original comment by haac...@gmail.com
on 26 Dec 2010 at 9:09
Could we open individual bugs for each of these issues. I think most of them
have been fixed and it's hard to tell which ones I need to look at. Just fixed
an issue with C# tags.
Original comment by haac...@gmail.com
on 26 Dec 2010 at 10:08
I believe all these issues have been fixed.
Original comment by haac...@gmail.com
on 27 Dec 2010 at 4:13
Original issue reported on code.google.com by
alexande...@gmail.com
on 27 Jul 2010 at 1:18Attachments: