aboutsummaryrefslogtreecommitdiffstats
path: root/Bugzilla/WebService
diff options
context:
space:
mode:
authorFrédéric Buclin <LpSolit@gmail.com>2011-12-28 23:11:44 +0100
committerFrédéric Buclin <LpSolit@gmail.com>2011-12-28 23:11:44 +0100
commit2d792a108434d9ea59ebf75ae09fb69cbab6fb71 (patch)
tree3da27d1b0158d793d42cf87bb3fd479de558b525 /Bugzilla/WebService
parentf8813fc6a94b4e8e6d5e77009458ed8cb5a856c7 (diff)
downloadbugs-2d792a108434d9ea59ebf75ae09fb69cbab6fb71.tar
bugs-2d792a108434d9ea59ebf75ae09fb69cbab6fb71.tar.gz
bugs-2d792a108434d9ea59ebf75ae09fb69cbab6fb71.tar.bz2
bugs-2d792a108434d9ea59ebf75ae09fb69cbab6fb71.tar.xz
bugs-2d792a108434d9ea59ebf75ae09fb69cbab6fb71.zip
Bug 711714: (CVE-2011-3667) [SECURITY] The User.offer_account_by_email WebService method lets you create new user accounts independently of the value of Bugzilla::Auth::Verify::*::user_can_create_account
r=glob a=LpSolit
Diffstat (limited to 'Bugzilla/WebService')
-rw-r--r--Bugzilla/WebService/Constants.pm1
-rw-r--r--Bugzilla/WebService/User.pm26
2 files changed, 8 insertions, 19 deletions
diff --git a/Bugzilla/WebService/Constants.pm b/Bugzilla/WebService/Constants.pm
index 123b14d68..ab3111eed 100644
--- a/Bugzilla/WebService/Constants.pm
+++ b/Bugzilla/WebService/Constants.pm
@@ -130,6 +130,7 @@ use constant WS_ERROR_CODE => {
# User errors are 500-600.
account_exists => 500,
illegal_email_address => 501,
+ auth_cant_create_account => 501,
account_creation_disabled => 501,
account_creation_restricted => 501,
password_too_short => 502,
diff --git a/Bugzilla/WebService/User.pm b/Bugzilla/WebService/User.pm
index 2d9276cc3..f8704a947 100644
--- a/Bugzilla/WebService/User.pm
+++ b/Bugzilla/WebService/User.pm
@@ -28,7 +28,6 @@ use Bugzilla::Error;
use Bugzilla::Group;
use Bugzilla::User;
use Bugzilla::Util qw(trim);
-use Bugzilla::Token;
use Bugzilla::WebService::Util qw(filter validate);
# Don't need auth to login
@@ -91,19 +90,8 @@ sub offer_account_by_email {
my $email = trim($params->{email})
|| ThrowCodeError('param_required', { param => 'email' });
- my $createexp = Bugzilla->params->{'createemailregexp'};
- if (!$createexp) {
- ThrowUserError("account_creation_disabled");
- }
- elsif ($email !~ /$createexp/i) {
- ThrowUserError("account_creation_restricted");
- }
-
- $email = Bugzilla::User->check_login_name_for_creation($email);
-
- # Create and send a token for this new account.
- Bugzilla::Token::issue_new_user_account_token($email);
-
+ Bugzilla->user->check_account_creation_enabled;
+ Bugzilla->user->check_and_send_account_creation_confirmation($email);
return undef;
}
@@ -396,14 +384,14 @@ This is the recommended way to create a Bugzilla account.
=over
-=item 500 (Illegal Email Address)
+=item 500 (Account Already Exists)
-This Bugzilla does not allow you to create accounts with the format of
-email address you specified. Account creation may be entirely disabled.
+An account with that email address already exists in Bugzilla.
-=item 501 (Account Already Exists)
+=item 501 (Illegal Email Address)
-An account with that email address already exists in Bugzilla.
+This Bugzilla does not allow you to create accounts with the format of
+email address you specified. Account creation may be entirely disabled.
=back