diff options
author | Frédéric Buclin <LpSolit@gmail.com> | 2011-12-28 23:11:44 +0100 |
---|---|---|
committer | Frédéric Buclin <LpSolit@gmail.com> | 2011-12-28 23:11:44 +0100 |
commit | 2d792a108434d9ea59ebf75ae09fb69cbab6fb71 (patch) | |
tree | 3da27d1b0158d793d42cf87bb3fd479de558b525 /Bugzilla/WebService | |
parent | f8813fc6a94b4e8e6d5e77009458ed8cb5a856c7 (diff) | |
download | bugs-2d792a108434d9ea59ebf75ae09fb69cbab6fb71.tar bugs-2d792a108434d9ea59ebf75ae09fb69cbab6fb71.tar.gz bugs-2d792a108434d9ea59ebf75ae09fb69cbab6fb71.tar.bz2 bugs-2d792a108434d9ea59ebf75ae09fb69cbab6fb71.tar.xz bugs-2d792a108434d9ea59ebf75ae09fb69cbab6fb71.zip |
Bug 711714: (CVE-2011-3667) [SECURITY] The User.offer_account_by_email WebService method lets you create new user accounts independently of the value of Bugzilla::Auth::Verify::*::user_can_create_account
r=glob a=LpSolit
Diffstat (limited to 'Bugzilla/WebService')
-rw-r--r-- | Bugzilla/WebService/Constants.pm | 1 | ||||
-rw-r--r-- | Bugzilla/WebService/User.pm | 26 |
2 files changed, 8 insertions, 19 deletions
diff --git a/Bugzilla/WebService/Constants.pm b/Bugzilla/WebService/Constants.pm index 123b14d68..ab3111eed 100644 --- a/Bugzilla/WebService/Constants.pm +++ b/Bugzilla/WebService/Constants.pm @@ -130,6 +130,7 @@ use constant WS_ERROR_CODE => { # User errors are 500-600. account_exists => 500, illegal_email_address => 501, + auth_cant_create_account => 501, account_creation_disabled => 501, account_creation_restricted => 501, password_too_short => 502, diff --git a/Bugzilla/WebService/User.pm b/Bugzilla/WebService/User.pm index 2d9276cc3..f8704a947 100644 --- a/Bugzilla/WebService/User.pm +++ b/Bugzilla/WebService/User.pm @@ -28,7 +28,6 @@ use Bugzilla::Error; use Bugzilla::Group; use Bugzilla::User; use Bugzilla::Util qw(trim); -use Bugzilla::Token; use Bugzilla::WebService::Util qw(filter validate); # Don't need auth to login @@ -91,19 +90,8 @@ sub offer_account_by_email { my $email = trim($params->{email}) || ThrowCodeError('param_required', { param => 'email' }); - my $createexp = Bugzilla->params->{'createemailregexp'}; - if (!$createexp) { - ThrowUserError("account_creation_disabled"); - } - elsif ($email !~ /$createexp/i) { - ThrowUserError("account_creation_restricted"); - } - - $email = Bugzilla::User->check_login_name_for_creation($email); - - # Create and send a token for this new account. - Bugzilla::Token::issue_new_user_account_token($email); - + Bugzilla->user->check_account_creation_enabled; + Bugzilla->user->check_and_send_account_creation_confirmation($email); return undef; } @@ -396,14 +384,14 @@ This is the recommended way to create a Bugzilla account. =over -=item 500 (Illegal Email Address) +=item 500 (Account Already Exists) -This Bugzilla does not allow you to create accounts with the format of -email address you specified. Account creation may be entirely disabled. +An account with that email address already exists in Bugzilla. -=item 501 (Account Already Exists) +=item 501 (Illegal Email Address) -An account with that email address already exists in Bugzilla. +This Bugzilla does not allow you to create accounts with the format of +email address you specified. Account creation may be entirely disabled. =back |