summaryrefslogtreecommitdiffstats
path: root/Bugzilla
diff options
context:
space:
mode:
authorDylan William Hardison <dylan@hardison.net>2015-07-30 18:31:50 +0200
committerDylan William Hardison <dylan@hardison.net>2015-07-30 18:31:50 +0200
commit2e5fc83cf0f921e6964ce89df7ea024ddbdf523e (patch)
tree79ef99fd4960a084f1f761757345e30797880a01 /Bugzilla
parent5604742eb96f08da3403c4aad2436f91a7f7013c (diff)
downloadbugzilla-2e5fc83cf0f921e6964ce89df7ea024ddbdf523e.tar.gz
bugzilla-2e5fc83cf0f921e6964ce89df7ea024ddbdf523e.tar.xz
Bug 1188339 - Backport upstream bug 1179856 (Increase length of all tokens value for greater security)
Diffstat (limited to 'Bugzilla')
-rw-r--r--Bugzilla/DB/Schema.pm4
-rw-r--r--Bugzilla/Install/DB.pm10
2 files changed, 8 insertions, 6 deletions
diff --git a/Bugzilla/DB/Schema.pm b/Bugzilla/DB/Schema.pm
index 63bc1c034..67d7891b3 100644
--- a/Bugzilla/DB/Schema.pm
+++ b/Bugzilla/DB/Schema.pm
@@ -1138,7 +1138,7 @@ use constant ABSTRACT_SCHEMA => {
logincookies => {
FIELDS => [
- cookie => {TYPE => 'varchar(16)', NOTNULL => 1,
+ cookie => {TYPE => 'varchar(22)', NOTNULL => 1,
PRIMARYKEY => 1},
userid => {TYPE => 'INT3', NOTNULL => 1,
REFERENCES => {TABLE => 'profiles',
@@ -1180,7 +1180,7 @@ use constant ABSTRACT_SCHEMA => {
COLUMN => 'userid',
DELETE => 'CASCADE'}},
issuedate => {TYPE => 'DATETIME', NOTNULL => 1} ,
- token => {TYPE => 'varchar(16)', NOTNULL => 1,
+ token => {TYPE => 'varchar(22)', NOTNULL => 1,
PRIMARYKEY => 1},
tokentype => {TYPE => 'varchar(16)', NOTNULL => 1} ,
eventdata => {TYPE => 'TINYTEXT'},
diff --git a/Bugzilla/Install/DB.pm b/Bugzilla/Install/DB.pm
index 0892d3293..e288cb4c3 100644
--- a/Bugzilla/Install/DB.pm
+++ b/Bugzilla/Install/DB.pm
@@ -447,10 +447,6 @@ sub update_table_definitions {
$dbh->bz_alter_column('groups', 'userregexp',
{TYPE => 'TINYTEXT', NOTNULL => 1, DEFAULT => "''"});
- # 2005-09-26 - olav@bkor.dhs.org - Bug 119524
- $dbh->bz_alter_column('logincookies', 'cookie',
- {TYPE => 'varchar(16)', PRIMARYKEY => 1, NOTNULL => 1});
-
_clean_control_characters_from_short_desc();
# 2005-12-07 altlst@sonic.net -- Bug 225221
@@ -734,6 +730,12 @@ sub update_table_definitions {
_fix_disable_mail();
+ # 2015-07-25 dylan@mozilla.com - Bug 1179856
+ $dbh->bz_alter_column('tokens', 'token',
+ {TYPE => 'varchar(22)', NOTNULL => 1, PRIMARYKEY => 1});
+ $dbh->bz_alter_column('logincookies', 'cookie',
+ {TYPE => 'varchar(22)', NOTNULL => 1, PRIMARYKEY => 1});
+
################################################################
# New --TABLE-- changes should go *** A B O V E *** this point #
################################################################