diff options
| author | Dylan William Hardison <dylan@hardison.net> | 2015-07-30 18:31:50 +0200 |
|---|---|---|
| committer | Dylan William Hardison <dylan@hardison.net> | 2015-07-30 18:31:50 +0200 |
| commit | 2e5fc83cf0f921e6964ce89df7ea024ddbdf523e (patch) | |
| tree | 79ef99fd4960a084f1f761757345e30797880a01 | |
| parent | 5604742eb96f08da3403c4aad2436f91a7f7013c (diff) | |
| download | bugzilla-2e5fc83cf0f921e6964ce89df7ea024ddbdf523e.tar.gz bugzilla-2e5fc83cf0f921e6964ce89df7ea024ddbdf523e.tar.xz | |
Bug 1188339 - Backport upstream bug 1179856 (Increase length of all tokens value for greater security)
| -rw-r--r-- | Bugzilla/DB/Schema.pm | 4 | ||||
| -rw-r--r-- | Bugzilla/Install/DB.pm | 10 |
2 files changed, 8 insertions, 6 deletions
diff --git a/Bugzilla/DB/Schema.pm b/Bugzilla/DB/Schema.pm index 63bc1c034..67d7891b3 100644 --- a/Bugzilla/DB/Schema.pm +++ b/Bugzilla/DB/Schema.pm @@ -1138,7 +1138,7 @@ use constant ABSTRACT_SCHEMA => { logincookies => { FIELDS => [ - cookie => {TYPE => 'varchar(16)', NOTNULL => 1, + cookie => {TYPE => 'varchar(22)', NOTNULL => 1, PRIMARYKEY => 1}, userid => {TYPE => 'INT3', NOTNULL => 1, REFERENCES => {TABLE => 'profiles', @@ -1180,7 +1180,7 @@ use constant ABSTRACT_SCHEMA => { COLUMN => 'userid', DELETE => 'CASCADE'}}, issuedate => {TYPE => 'DATETIME', NOTNULL => 1} , - token => {TYPE => 'varchar(16)', NOTNULL => 1, + token => {TYPE => 'varchar(22)', NOTNULL => 1, PRIMARYKEY => 1}, tokentype => {TYPE => 'varchar(16)', NOTNULL => 1} , eventdata => {TYPE => 'TINYTEXT'}, diff --git a/Bugzilla/Install/DB.pm b/Bugzilla/Install/DB.pm index 0892d3293..e288cb4c3 100644 --- a/Bugzilla/Install/DB.pm +++ b/Bugzilla/Install/DB.pm @@ -447,10 +447,6 @@ sub update_table_definitions { $dbh->bz_alter_column('groups', 'userregexp', {TYPE => 'TINYTEXT', NOTNULL => 1, DEFAULT => "''"}); - # 2005-09-26 - olav@bkor.dhs.org - Bug 119524 - $dbh->bz_alter_column('logincookies', 'cookie', - {TYPE => 'varchar(16)', PRIMARYKEY => 1, NOTNULL => 1}); - _clean_control_characters_from_short_desc(); # 2005-12-07 altlst@sonic.net -- Bug 225221 @@ -734,6 +730,12 @@ sub update_table_definitions { _fix_disable_mail(); + # 2015-07-25 dylan@mozilla.com - Bug 1179856 + $dbh->bz_alter_column('tokens', 'token', + {TYPE => 'varchar(22)', NOTNULL => 1, PRIMARYKEY => 1}); + $dbh->bz_alter_column('logincookies', 'cookie', + {TYPE => 'varchar(22)', NOTNULL => 1, PRIMARYKEY => 1}); + ################################################################ # New --TABLE-- changes should go *** A B O V E *** this point # ################################################################ |