diff options
| author | Dylan William Hardison <dylan@hardison.net> | 2018-10-12 04:47:24 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2018-10-12 04:47:24 +0200 |
| commit | 706d114f14beac2f7c68b4c3a3fc7cb58691aced (patch) | |
| tree | 1ad08c183966c7d11bc61abcfced6b47dde70a18 /Bugzilla/Token.pm | |
| parent | 871fc7dd332dadd24a7e6e1db3c7f5e8ef93b00e (diff) | |
| download | bugzilla-706d114f14beac2f7c68b4c3a3fc7cb58691aced.tar.gz bugzilla-706d114f14beac2f7c68b4c3a3fc7cb58691aced.tar.xz | |
Bug 1497487 - Backport bug 767623 to BMO: Use HMAC to generate tokens and sensitive graph filenames
Diffstat (limited to 'Bugzilla/Token.pm')
| -rw-r--r-- | Bugzilla/Token.pm | 15 |
1 files changed, 7 insertions, 8 deletions
diff --git a/Bugzilla/Token.pm b/Bugzilla/Token.pm index 4b12f836b..8e51db45d 100644 --- a/Bugzilla/Token.pm +++ b/Bugzilla/Token.pm @@ -20,7 +20,6 @@ use Bugzilla::User; use Date::Format; use Date::Parse; use File::Basename; -use Digest::MD5 qw(md5_hex); use Digest::SHA qw(hmac_sha256_base64); use Encode; use JSON qw(encode_json decode_json); @@ -254,15 +253,15 @@ sub issue_hash_token { my $user_id = Bugzilla->user->id || remote_ip(); # The concatenated string is of the form - # token creation time + site-wide secret + user ID (either ID or remote IP) + data - my @args = ($time, Bugzilla->localconfig->{'site_wide_secret'}, $user_id, @$data); + # token creation time + user ID (either ID or remote IP) + data + my @args = ($time, $user_id, @$data); my $token = join('*', @args); - # Wide characters cause md5_hex() to die. - if (Bugzilla->params->{'utf8'}) { - utf8::encode($token) if utf8::is_utf8($token); - } - $token = md5_hex($token); + # $token needs to be a byte string. + utf8::encode($token); + $token = hmac_sha256_base64($token, Bugzilla->localconfig->{'site_wide_secret'}); + $token =~ s/\+/-/g; + $token =~ s/\//_/g; # Prepend the token creation time, unencrypted, so that the token # lifetime can be validated. |