Univention Bugzilla – Bug 55010
Fix UMCAndSecretAuthenticator hash comparision
Last modified: 2022-08-03 17:08:42 CEST
The password comparision in UMCAndSecretAuthenticator does not work. >>> hashlib.sha512(b'foo') == hashlib.sha512(b'foo') False >>> hashlib.sha512(b'foo').hexdigest() == hashlib.sha512(b'foo').hexdigest() True
univention-portal.yaml 655d58813a90 | Bug #55010: fix password hash comparision univention-portal (4.0.7-6) 655d58813a90 | Bug #55010: fix password hash comparision
Also the group cache contains only lowercase usernames and is not case insensitive. Therefore we have to normalize manually. univention-portal (4.0.7-7) 49553944efaa | Bug #55010: fix normalization of username
655d58813a removed the advisory content for Bug #54273
oups, sorry: 4d6e3899d1 Bug #54273: fix advisory
Code review: OK cURL test: OK YAML: OK
<https://errata.software-univention.de/#/?erratum=5.0x377>