Greetings,
Since upgrading 1.75.2 to 1.75.4, I have noticed some oddness with
changing the admin password.
When I try to change the admin password, I get:
Traceback (most recent call last):
File "/home/rowdy/web2py/gluon/restricted.py", line 173, in restricted
exec ccode in environment
File "/home/rowdy/web2py/applications/admin/controllers/default.py",
line 1046, in <module>
File "/home/rowdy/web2py/gluon/globals.py", line 96, in <lambda>
self._caller = lambda f: f()
File "/home/rowdy/web2py/applications/admin/controllers/default.py",
line 72, in change_password
if verify_password(request.vars.current_admin_password):
File "/home/rowdy/web2py/applications/admin/models/access.py", line
54, in verify_password
return _config['password'] == CRYPT()(request.vars.password)[0]
File "/home/rowdy/web2py/gluon/validators.py", line 2267, in __call__
return (hash(value, self.digest_alg), None)
File "/home/rowdy/web2py/gluon/utils.py", line 32, in hash
h.update(text)
TypeError: update() argument 1 must be string or read-only buffer, not None
There might be a typo in admin/models/access.py in function
verify_password(). The line near the end (line 54 from the above stack
trace):
return _config['password'] == CRYPT()(request.vars.password)[0]
should probably be:
return _config['password'] == CRYPT()(password)[0]
as password is passed as a parameter to this function.
However, after changing this line, when I try to change the admin
password it does not matter what I type as the old password, even a
random string of characters. As long as the new passwords match and are
strong, the admin password is changed.
Rowdy
--
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/web2py?hl=en.
