projects / mono.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: cfff213)
2005-07-26 Gonzalo Paniagua Javier <gonzalo@ximian.com>
authorGonzalo Paniagua Javier <gonzalo.mono@gmail.com>
Tue, 26 Jul 2005 14:39:51 +0000 (14:39 -0000)
committerGonzalo Paniagua Javier <gonzalo.mono@gmail.com>
Tue, 26 Jul 2005 14:39:51 +0000 (14:39 -0000)
* FormsAuthentication.cs: the init_vector must be the same accross
restarts, otherwise the cookie does not work even when a decryption
key is provided. Initialize it to the bytes of the cookie name. Fixes
bug #75635.

svn path=/trunk/mcs/; revision=47700

mcs/class/System.Web/System.Web.Security/ChangeLog patch | blob | history
mcs/class/System.Web/System.Web.Security/FormsAuthentication.cs patch | blob | history

diff --git a/mcs/class/System.Web/System.Web.Security/ChangeLog b/mcs/class/System.Web/System.Web.Security/ChangeLog
index e627e49b3bbc336ba824c22e16c5f3bc038e36cf..cef1579b5cae3ad7953faeff02121dc9085acb7b 100644 (file)
--- a/mcs/class/System.Web/System.Web.Security/ChangeLog
+++ b/mcs/class/System.Web/System.Web.Security/ChangeLog
@@ -1,4 +1,12 @@
+2005-07-26 Gonzalo Paniagua Javier <gonzalo@ximian.com>
+
+       * FormsAuthentication.cs: the init_vector must be the same accross
+       restarts, otherwise the cookie does not work even when a decryption
+       key is provided. Initialize it to the bytes of the cookie name. Fixes
+       bug #75635.
+
 2005-07-25  Eyal Alaluf <eyala@mainsoft.com>
+
        * FormsAuthenticationModule.cs: Check for null config
 
 2005-07-25 Gonzalo Paniagua Javier <gonzalo@ximian.com>
diff --git a/mcs/class/System.Web/System.Web.Security/FormsAuthentication.cs b/mcs/class/System.Web/System.Web.Security/FormsAuthentication.cs
index 9bbe172d35b5efe1f8afa72cbb64264c9c9bb10e..0bb04b34e179049c02435ff269e819458402c6fb 100644 (file)
--- a/mcs/class/System.Web/System.Web.Security/FormsAuthentication.cs
+++ b/mcs/class/System.Web/System.Web.Security/FormsAuthentication.cs
@@ -347,9 +347,17 @@ namespace System.Web.Security
                                        slidingExpiration = true;
 #endif
                                }
-                               TripleDESCryptoServiceProvider tDES = new TripleDESCryptoServiceProvider ();
-                               tDES.GenerateIV ();
-                               init_vector = tDES.IV;
+
+                               // IV is 8 bytes long for 3DES
+                               init_vector = new byte [8];
+                               int len = cookieName.Length;
+                               for (int i = 0; i < 8; i++) {
+                                       if (i >= len)
+                                               break;
+
+                                       init_vector [i] = (byte) cookieName [i];
+                               }
+
                                initialized = true;
                        }
                }
my mono mirror. check out Moved to http://github.com/mono/mono