Fixed: Redmine.pm potential security issue with cache credential enabled and subversion (#9567).
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@7809 e93f8b46-1217-0410-a6f0-8f06a7374b81
This commit is contained in:
parent
26125be6b1
commit
38089d9a56
|
@ -345,10 +345,12 @@ sub is_member {
|
||||||
|
|
||||||
my $pass_digest = Digest::SHA1::sha1_hex($redmine_pass);
|
my $pass_digest = Digest::SHA1::sha1_hex($redmine_pass);
|
||||||
|
|
||||||
|
my $access_mode = defined $read_only_methods{$r->method} ? "R" : "W";
|
||||||
|
|
||||||
my $cfg = Apache2::Module::get_config(__PACKAGE__, $r->server, $r->per_dir_config);
|
my $cfg = Apache2::Module::get_config(__PACKAGE__, $r->server, $r->per_dir_config);
|
||||||
my $usrprojpass;
|
my $usrprojpass;
|
||||||
if ($cfg->{RedmineCacheCredsMax}) {
|
if ($cfg->{RedmineCacheCredsMax}) {
|
||||||
$usrprojpass = $cfg->{RedmineCacheCreds}->get($redmine_user.":".$project_id);
|
$usrprojpass = $cfg->{RedmineCacheCreds}->get($redmine_user.":".$project_id.":".$access_mode);
|
||||||
return 1 if (defined $usrprojpass and ($usrprojpass eq $pass_digest));
|
return 1 if (defined $usrprojpass and ($usrprojpass eq $pass_digest));
|
||||||
}
|
}
|
||||||
my $query = $cfg->{RedmineQuery};
|
my $query = $cfg->{RedmineQuery};
|
||||||
|
@ -361,7 +363,7 @@ sub is_member {
|
||||||
unless ($auth_source_id) {
|
unless ($auth_source_id) {
|
||||||
my $method = $r->method;
|
my $method = $r->method;
|
||||||
my $salted_password = Digest::SHA1::sha1_hex($salt.$pass_digest);
|
my $salted_password = Digest::SHA1::sha1_hex($salt.$pass_digest);
|
||||||
if ($hashed_password eq $salted_password && ((defined $read_only_methods{$method} && $permissions =~ /:browse_repository/) || $permissions =~ /:commit_access/) ) {
|
if ($hashed_password eq $salted_password && (($access_mode eq "R" && $permissions =~ /:browse_repository/) || $permissions =~ /:commit_access/) ) {
|
||||||
$ret = 1;
|
$ret = 1;
|
||||||
last;
|
last;
|
||||||
}
|
}
|
||||||
|
@ -380,7 +382,7 @@ sub is_member {
|
||||||
filter => "(".$rowldap[6]."=%s)"
|
filter => "(".$rowldap[6]."=%s)"
|
||||||
);
|
);
|
||||||
my $method = $r->method;
|
my $method = $r->method;
|
||||||
$ret = 1 if ($ldap->authenticate($redmine_user, $redmine_pass) && ((defined $read_only_methods{$method} && $permissions =~ /:browse_repository/) || $permissions =~ /:commit_access/));
|
$ret = 1 if ($ldap->authenticate($redmine_user, $redmine_pass) && (($access_mode eq "R" && $permissions =~ /:browse_repository/) || $permissions =~ /:commit_access/));
|
||||||
|
|
||||||
}
|
}
|
||||||
$sthldap->finish();
|
$sthldap->finish();
|
||||||
|
@ -394,10 +396,10 @@ sub is_member {
|
||||||
|
|
||||||
if ($cfg->{RedmineCacheCredsMax} and $ret) {
|
if ($cfg->{RedmineCacheCredsMax} and $ret) {
|
||||||
if (defined $usrprojpass) {
|
if (defined $usrprojpass) {
|
||||||
$cfg->{RedmineCacheCreds}->set($redmine_user.":".$project_id, $pass_digest);
|
$cfg->{RedmineCacheCreds}->set($redmine_user.":".$project_id.":".$access_mode, $pass_digest);
|
||||||
} else {
|
} else {
|
||||||
if ($cfg->{RedmineCacheCredsCount} < $cfg->{RedmineCacheCredsMax}) {
|
if ($cfg->{RedmineCacheCredsCount} < $cfg->{RedmineCacheCredsMax}) {
|
||||||
$cfg->{RedmineCacheCreds}->set($redmine_user.":".$project_id, $pass_digest);
|
$cfg->{RedmineCacheCreds}->set($redmine_user.":".$project_id.":".$access_mode, $pass_digest);
|
||||||
$cfg->{RedmineCacheCredsCount}++;
|
$cfg->{RedmineCacheCredsCount}++;
|
||||||
} else {
|
} else {
|
||||||
$cfg->{RedmineCacheCreds}->clear();
|
$cfg->{RedmineCacheCreds}->clear();
|
||||||
|
|
Loading…
Reference in New Issue