Skip to content

[stable14] Just update password hash without validating#11580

Merged
rullzer merged 1 commit intostable14from
backport/11568/stable14
Oct 3, 2018
Merged

[stable14] Just update password hash without validating#11580
rullzer merged 1 commit intostable14from
backport/11568/stable14

Conversation

@rullzer
Copy link
Member

@rullzer rullzer commented Oct 3, 2018

Backport of #11568

@rullzer
Just update password hash without validating
5e143f1 
Fixes #11097

If your password hash changed (becuse your are on 7.2 and we moved to
ARGON2). Then we shold not 'set a new password' but just update the
hash. As else we invoke the password policy again which might lock out
users.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
@rullzer rullzer added bug 3. to review Waiting for reviews regression labels Oct 3, 2018
@rullzer rullzer added this to the Nextcloud 14.0.2 milestone Oct 3, 2018
@MorrisJobke MorrisJobke added 4. to release Ready to be released and/or waiting for tests to finish and removed 3. to review Waiting for reviews labels Oct 3, 2018
@rullzer rullzer merged commit 6734e43 into stable14 Oct 3, 2018
@rullzer rullzer deleted the backport/11568/stable14 branch October 3, 2018 11:35
@MorrisJobke MorrisJobke mentioned this pull request Oct 3, 2018
Merged
@JB1985
Copy link

JB1985 commented Oct 5, 2018

Version: 14.0.2 RC1

If I change from PHP7.2 to PHP7.0 I cant still login. I get the error Password wrong.

@MorrisJobke
Copy link
Member

MorrisJobke commented Oct 5, 2018

Downgrade of the PHP version is not supported. At least we never build it with that in mind.

@JB1985
Copy link

JB1985 commented Oct 5, 2018
edited
Loading

Interesting. That means if someone wants to test a PHP version, he can not do that because he can not go back?

never heard anything like that.

If someone changes their hoster and can not get the php version, then he has bad luck and can no longer use his cloud?

This is absolutely not user friendly. does not seem to want nc14 either.

Please update your documentation. That's an important piece of information.

👎🏼

@ChristophWurst
Copy link
Member

ChristophWurst commented Oct 6, 2018

Interesting. That means if someone wants to test a PHP version, he can not do that because he can not go back?

Wrong. You can always restore a backup. Every reasonable admin will do a backup before a major system change.

Please update your documentation. That's an important piece of information.

The documentation is actually available for everyone to improve, see https://github.com/nextcloud/documentation/. You can even use the GitHub UI to file your changes ✌️

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@MorrisJobke MorrisJobke MorrisJobke approved these changes

@ChristophWurst ChristophWurst ChristophWurst approved these changes

Assignees

No one assigned

Labels

4. to release Ready to be released and/or waiting for tests to finish bug regression

Projects

None yet

Milestone

Nextcloud 14.0.2

Development

Successfully merging this pull request may close these issues.

4 participants

@rullzer @JB1985 @MorrisJobke @ChristophWurst