public static XmlDocument UpdateMachineKey(XmlDocument xmlConfig)
{
PortalSecurity objSecurity = new PortalSecurity();
string validationKey = objSecurity.CreateKey(20);
string decryptionKey = objSecurity.CreateKey(24);
XmlNode xmlMachineKey = xmlConfig.SelectSingleNode("configuration/system.web/machineKey");
XmlUtils.UpdateAttribute(xmlMachineKey, "validationKey", validationKey);
XmlUtils.UpdateAttribute(xmlMachineKey, "decryptionKey", decryptionKey);
xmlConfig = AddAppSetting(xmlConfig, "InstallationDate", System.DateTime.Today.ToShortDateString());
return(xmlConfig);
}
public SubscriberInfo()
{
_id = System.Guid.NewGuid().ToString();
_name = "";
_description = "";
_address = "";
PortalSecurity oPortalSecurity = new PortalSecurity();
_privateKey = oPortalSecurity.CreateKey(16);
}
public SubscriberInfo()
{
this._id = Guid.NewGuid().ToString();
this._name = "";
this._description = "";
this._address = "";
PortalSecurity portalSecurity = new PortalSecurity();
this._privateKey = portalSecurity.CreateKey(16);
}
public SubscriberInfo()
{
ID = Guid.NewGuid().ToString();
Name = "";
Description = "";
Address = "";
var oPortalSecurity = new PortalSecurity();
PrivateKey = oPortalSecurity.CreateKey(16);
}
public SubscriberInfo()
{
_id = System.Guid.NewGuid().ToString();
_name = "";
_description = "";
_address = "";
PortalSecurity oPortalSecurity = new PortalSecurity();
_privateKey = oPortalSecurity.CreateKey(16);
}
public static XmlDocument UpdateValidationKey(XmlDocument xmlConfig)
{
XmlNode xmlMachineKey = xmlConfig.SelectSingleNode("configuration/system.web/machineKey");
if (xmlMachineKey.Attributes["validationKey"].Value == "F9D1A2D3E1D3E2F7B3D9F90FF3965ABDAC304902")
{
var objSecurity = new PortalSecurity();
string validationKey = objSecurity.CreateKey(20);
XmlUtils.UpdateAttribute(xmlMachineKey, "validationKey", validationKey);
}
return(xmlConfig);
}
public void PerformStepOne()
{
IDataReader dr;
string sqlStatement;
var objLogger = new DotNetNuke.Services.Log.EventLog.EventLogController();
LogInfo objLog;
InsertLogNote("Starting Phase 1 Processing");
//Remove temporary table if needed
sqlStatement = "DROP TABLE dbo.[ICG_SMI_Passwords]";
try
{
ExecuteNonQuery(sqlStatement);
}
catch (Exception)
{
//Table didn't exist
}
//Create temporary table
sqlStatement = "CREATE TABLE dbo.[ICG_SMI_Passwords]( [UserId] [uniqueidentifier] NOT NULL, [Username] [nvarchar](256) NOT NULL, [OldPassword] [nvarchar](128) NOT NULL, [Password] [nvarchar](128) NULL, CONSTRAINT [PK_aspnet_Membership_Passwords] PRIMARY KEY CLUSTERED ( [UserId] ASC ) ON [PRIMARY] ) ON [PRIMARY]";
try
{
ExecuteNonQuery(sqlStatement);
objLog = new LogInfo();
objLog.AddProperty("SecureMyInstall", "Phase 1 Created Temp Password Table");
objLog.LogTypeKey = EventLogController.EventLogType.HOST_ALERT.ToString();
objLogger.AddLog(objLog);
}
catch (Exception ex)
{
objLog = new LogInfo();
objLog.AddProperty("SecureMyInstall", "Phase 1 Error Creating Temp Password Table " + ex);
objLog.LogTypeKey = DotNetNuke.Services.Log.EventLog.EventLogController.EventLogType.HOST_ALERT.ToString();
objLogger.AddLog(objLog);
}
InsertLogNote("Created temp password table");
//Migrate over passwords
sqlStatement = "INSERT INTO dbo.ICG_SMI_Passwords (UserId, Username, OldPassword, Password) SELECT dbo.aspnet_Users.UserId, Username, Password, NULL FROM dbo.aspnet_Users INNER JOIN dbo.aspnet_Membership ON dbo.aspnet_Users.UserId = dbo.aspnet_Membership.UserId";
try
{
ExecuteNonQuery(sqlStatement);
objLog = new DotNetNuke.Services.Log.EventLog.LogInfo();
objLog.AddProperty("SecureMyInstall", "Phase 1 Inserted User Accounts Into Temp Password Table");
objLog.LogTypeKey = DotNetNuke.Services.Log.EventLog.EventLogController.EventLogType.HOST_ALERT.ToString();
objLogger.AddLog(objLog);
}
catch (Exception ex)
{
objLog = new DotNetNuke.Services.Log.EventLog.LogInfo();
objLog.AddProperty("SecureMyInstall", "Phase 1 Error Inserting User Accounts Into Temp Password Table " + ex.ToString());
objLog.LogTypeKey = DotNetNuke.Services.Log.EventLog.EventLogController.EventLogType.HOST_ALERT.ToString();
objLogger.AddLog(objLog);
}
InsertLogNote("Migrated passwords to temporary table");
//Decrypt passwords
int processedUsers = 0;
int decryptedUsers = 0;
System.Web.Security.MembershipUser objUser;
var wasSuccessful = false;
sqlStatement = "SELECT * FROM dbo.ICG_SMI_Passwords";
try
{
dr = ExecuteReader(sqlStatement);
while (dr.Read())
{
processedUsers++;
objUser = Membership.GetUser(dr.GetString(dr.GetOrdinal("Username")));
if (objUser != null)
{
try
{
var strPassword = objUser.GetPassword();
sqlStatement = "UPDATE dbo.ICG_SMI_Passwords SET Password = '******'", "''") + "' WHERE Username = '******'";
ExecuteNonQuery(sqlStatement);
decryptedUsers++;
}
catch (Exception)
{
//Unable to get this users password
}
}
//Provide status
if (processedUsers != 0 && (processedUsers % 1000) == 0)
{
objLog = new DotNetNuke.Services.Log.EventLog.LogInfo();
objLog.AddProperty("SecureMyInstall", "Phase 1 User Accounts Processed: " + processedUsers.ToString());
objLog.LogTypeKey = DotNetNuke.Services.Log.EventLog.EventLogController.EventLogType.HOST_ALERT.ToString();
objLogger.AddLog(objLog);
}
}
dr.Close();
InsertLogNote(string.Format("Processed {0} user accounts", processedUsers.ToString()));
InsertLogNote(string.Format("Decrypted {0} user password", decryptedUsers.ToString()));
wasSuccessful = true;
}
catch (Exception)
{
//Oopsie
}
//Final eventLog entries
objLog = new DotNetNuke.Services.Log.EventLog.LogInfo();
objLog.AddProperty("SecureMyInstall", "Phase 1 User Accounts Processed: " + processedUsers.ToString());
objLog.AddProperty("SecureMyInstall", "Phase 1 User Passwords Decrypted: " + decryptedUsers.ToString());
objLog.LogTypeKey = DotNetNuke.Services.Log.EventLog.EventLogController.EventLogType.HOST_ALERT.ToString();
objLogger.AddLog(objLog);
if (wasSuccessful)
{
//Generate new keys
var objSecurity = new PortalSecurity();
var newValidationKey = objSecurity.CreateKey(20);
var newDecryptionKey = objSecurity.CreateKey(24);
objLog = new DotNetNuke.Services.Log.EventLog.LogInfo();
objLog.AddProperty("SecureMyInstall", "Phase 1 New Machine Keys Generated");
objLog.LogTypeKey = DotNetNuke.Services.Log.EventLog.EventLogController.EventLogType.HOST_ALERT.ToString();
objLogger.AddLog(objLog);
InsertLogNote("Phase 2 New Machine Keys Generated");
//Update web.config, change keys as well as password format
try
{
DotNetNuke.Common.Utilities.Config.BackupConfig();
var xmlConfig = new XmlDocument();
xmlConfig = DotNetNuke.Common.Utilities.Config.Load();
var xmlMachineKey = xmlConfig.SelectSingleNode("configuration/system.web/machineKey");
XmlUtils.UpdateAttribute(xmlMachineKey, "validationKey", newValidationKey);
XmlUtils.UpdateAttribute(xmlMachineKey, "decryptionKey", newDecryptionKey);
var xmlMembershipProvider = xmlConfig.SelectSingleNode("configuration/system.web/membership/providers/add[@name='AspNetSqlMembershipProvider']");
XmlUtils.UpdateAttribute(xmlMembershipProvider, "passwordFormat", "Hashed");
XmlUtils.UpdateAttribute(xmlMembershipProvider, "enablePasswordRetrieval", "false");
DotNetNuke.Common.Utilities.Config.Save(xmlConfig);
objLog = new DotNetNuke.Services.Log.EventLog.LogInfo();
objLog.AddProperty("SecureMyInstall", "Phase 1 Updated Web.Config With New Machine Keys and password format");
objLog.LogTypeKey = DotNetNuke.Services.Log.EventLog.EventLogController.EventLogType.HOST_ALERT.ToString();
objLogger.AddLog(objLog);
}
catch (Exception)
{
objLog = new DotNetNuke.Services.Log.EventLog.LogInfo();
objLog.AddProperty("SecureMyInstall", "Phase 1 Error Processing User Accounts");
objLog.LogTypeKey = DotNetNuke.Services.Log.EventLog.EventLogController.EventLogType.HOST_ALERT.ToString();
objLogger.AddLog(objLog);
}
}
}
public static XmlDocument UpdateValidationKey(XmlDocument xmlConfig)
{
XmlNode xmlMachineKey;
string strError = string.Empty;
xmlMachineKey = xmlConfig.SelectSingleNode("configuration/system.web/machineKey");
if (xmlMachineKey.Attributes["validationKey"].Value == "F9D1A2D3E1D3E2F7B3D9F90FF3965ABDAC304902")
{
PortalSecurity objSecurity = new PortalSecurity();
string validationKey = objSecurity.CreateKey(20);
XmlUtils.UpdateAttribute(xmlMachineKey, "validationKey", validationKey);
}
return xmlConfig;
}
public static XmlDocument UpdateMachineKey(XmlDocument xmlConfig)
{
PortalSecurity objSecurity = new PortalSecurity();
string validationKey = objSecurity.CreateKey(20);
string decryptionKey = objSecurity.CreateKey(24);
XmlNode xmlMachineKey = xmlConfig.SelectSingleNode("configuration/system.web/machineKey");
XmlUtils.UpdateAttribute(xmlMachineKey, "validationKey", validationKey);
XmlUtils.UpdateAttribute(xmlMachineKey, "decryptionKey", decryptionKey);
xmlConfig = AddAppSetting(xmlConfig, "InstallationDate", System.DateTime.Today.ToShortDateString());
return xmlConfig;
}
