Commit fae4865a authored by Oliver Hader's avatar Oliver Hader Committed by Oliver Hader
Browse files

[TASK] Compare hardcoded legacy password directly

This is a preparation for starting with RIPS scanner.

Resolves: #91566
Releases: master, 10.4, 9.5
Change-Id: I6f994cec9c977242c278963c8aa55cb138bdabe2
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/64794


Tested-by: default avatarTYPO3com <noreply@typo3.com>
Tested-by: Oliver Hader's avatarOliver Hader <oliver.hader@typo3.org>
Reviewed-by: Oliver Hader's avatarOliver Hader <oliver.hader@typo3.org>
parent 735693ab
......@@ -72,7 +72,8 @@ class SecurityStatusReport implements StatusProviderInterface
}
if ($installToolPassword !== '' && $hashInstance !== null) {
$isDefaultPassword = $hashInstance->checkPassword('joh316', $installToolPassword);
} elseif ($installToolPassword === md5('joh316')) {
} elseif ($installToolPassword === 'bacb98acf97e0b6112b1d1b650b84971') {
// using MD5 of legacy default password 'joh316'
$isDefaultPassword = true;
}
if ($isDefaultPassword) {
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment