diff options
author | Frédéric Buclin <LpSolit@gmail.com> | 2015-12-16 22:25:29 +0100 |
---|---|---|
committer | Frédéric Buclin <LpSolit@gmail.com> | 2015-12-16 22:25:29 +0100 |
commit | b77d2178be56354b76a91c14b0dbe6bbccb1cec7 (patch) | |
tree | 23752ab32ad5c9de2db2f380c4dc0cfca44b9817 /Bugzilla | |
parent | 8a4cfa905ed78bb1f46865c5d660337e8982e385 (diff) | |
download | bugs-b77d2178be56354b76a91c14b0dbe6bbccb1cec7.tar bugs-b77d2178be56354b76a91c14b0dbe6bbccb1cec7.tar.gz bugs-b77d2178be56354b76a91c14b0dbe6bbccb1cec7.tar.bz2 bugs-b77d2178be56354b76a91c14b0dbe6bbccb1cec7.tar.xz bugs-b77d2178be56354b76a91c14b0dbe6bbccb1cec7.zip |
Bug 1232578: Don't save hashed passwords in audit_log
r/a=dkl
Diffstat (limited to 'Bugzilla')
-rw-r--r-- | Bugzilla/Install/DB.pm | 27 | ||||
-rw-r--r-- | Bugzilla/Object.pm | 20 |
2 files changed, 46 insertions, 1 deletions
diff --git a/Bugzilla/Install/DB.pm b/Bugzilla/Install/DB.pm index 96f14ec0f..ed2539251 100644 --- a/Bugzilla/Install/DB.pm +++ b/Bugzilla/Install/DB.pm @@ -729,6 +729,9 @@ sub update_table_definitions { # 2014-11-10 dkl@mozilla.com - Bug 1093928 $dbh->bz_drop_column('longdescs', 'is_markdown'); + # 2015-12-16 LpSolit@gmail.com - Bug 1232578 + _sanitize_audit_log_table(); + ################################################################ # New --TABLE-- changes should go *** A B O V E *** this point # ################################################################ @@ -3914,6 +3917,30 @@ sub _update_alias { $dbh->bz_drop_column('bugs', 'alias'); } +sub _sanitize_audit_log_table { + my $dbh = Bugzilla->dbh; + + # Replace hashed passwords by a generic comment. + my $class = 'Bugzilla::User'; + my $field = 'cryptpassword'; + + my $hashed_passwd = + $dbh->selectcol_arrayref('SELECT added FROM audit_log WHERE class = ? AND field = ? + AND ' . $dbh->sql_not_ilike('hashed_with_', 'added'), + undef, ($class, $field)); + if (@$hashed_passwd) { + say "Sanitizing hashed passwords stored in the 'audit_log' table..."; + my $sth = $dbh->prepare('UPDATE audit_log SET added = ? + WHERE class = ? AND field = ? AND added = ?'); + + foreach my $passwd (@$hashed_passwd) { + my (undef, $sanitized_passwd) = + Bugzilla::Object::_sanitize_audit_log($class, $field, [undef, $passwd]); + $sth->execute($sanitized_passwd, $class, $field, $passwd); + } + } +} + 1; __END__ diff --git a/Bugzilla/Object.pm b/Bugzilla/Object.pm index 8f25e2b20..d43c8ca34 100644 --- a/Bugzilla/Object.pm +++ b/Bugzilla/Object.pm @@ -599,11 +599,29 @@ sub audit_log { foreach my $field (keys %$changes) { # Skip private changes. next if $field =~ /^_/; - my ($from, $to) = @{ $changes->{$field} }; + my ($from, $to) = $self->_sanitize_audit_log($field, $changes->{$field}); $sth->execute($user_id, $class, $self->id, $field, $from, $to); } } +sub _sanitize_audit_log { + my ($self, $field, $changes) = @_; + my $class = ref($self) || $self; + + # Do not store hashed passwords. Only record the algorithm used to encode them. + if ($class eq 'Bugzilla::User' && $field eq 'cryptpassword') { + foreach my $passwd (@$changes) { + next unless $passwd; + my $algorithm = 'unknown_algorithm'; + if ($passwd =~ /{([^}]+)}$/) { + $algorithm = $1; + } + $passwd = "hashed_with_$algorithm"; + } + } + return @$changes; +} + sub flatten_to_hash { my $self = shift; my $class = blessed($self); |