Update of /cvsroot/monetdb/MonetDB5/src/mal
In directory sc8-pr-cvs16.sourceforge.net:/tmp/cvs-serv20225
Modified Files:
Tag: MonetDB_5-2
mal_authorize.mx
Log Message:
Fix setPassword to actually work, by decyphering the password before
comparing it to the old password.
I will manually propagate this fix to the current branch, because GDK-2
introduced some differences here that will clash.
Hence, this commit should be excluded from automatic propagation!
Index: mal_authorize.mx
===================================================================
RCS file: /cvsroot/monetdb/MonetDB5/src/mal/mal_authorize.mx,v
retrieving revision 1.50.2.3
retrieving revision 1.50.2.4
diff -u -d -r1.50.2.3 -r1.50.2.4
--- mal_authorize.mx 29 Oct 2007 08:11:09 -0000 1.50.2.3
+++ mal_authorize.mx 4 Dec 2007 14:23:05 -0000 1.50.2.4
@@ -535,6 +535,7 @@
str
AUTHchangePassword(str *oldpass, str *passwd) {
BUN p;
+ str err;
str tmp;
str hash;
oid id;
@@ -551,7 +552,9 @@
assert(p != NULL);
tmp = BUNtail(pass, p);
assert (tmp != NULL);
- if (strcmp(tmp, *oldpass) != 0)
+ /* decypher the password */
+ rethrow("setPassword", err, AUTHdecypherValue(&hash, &tmp));
+ if (strcmp(hash, *oldpass) != 0)
throw(INVCRED, "changePassword", "Access denied");
/* cypher the password */
-------------------------------------------------------------------------
SF.Net email is sponsored by: The Future of Linux Business White Paper
from Novell. From the desktop to the data center, Linux is going
mainstream. Let it simplify your IT future.
http://altfarm.mediaplex.com/ad/ck/8857-50307-18918-4
_______________________________________________
Monetdb-checkins mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/monetdb-checkins
