Fix for bug 77473, bug 74032, and bug 85472: Passwords are no longer stored in plaintext in the database. Passwords are no longer encrypted with MySQL's ENCRYPT() function (because it doesn't work on some installs), but with Perl's crypt() function. The crypt-related routines now properly deal with salts so that they work on systems that use methods other than UNIX crypt to crypt the passwords (such as MD5). Checksetup.pl will walk through your database and re-crypt everyone's passwords based on the plaintext password entry, then drop the plaintext password column. As a consequence of no longer having a plaintext password, it is no longer possible to email someone their password, so the login screen has been changed to request a password reset instead. The user is emailed a temporary identifying token, with a link back to Bugzilla. They click on the link or paste it into their browser and Bugzilla allows them to change their password.

Patch by Myk Melez <myk@mozilla.org> r= justdave@syndicomm.com, jake@acutex.net
author: justdave%syndicomm.com <> 2001-07-11 14:29:16 +0200
committer: justdave%syndicomm.com <> 2001-07-11 14:29:16 +0200
commit: 022265211b1a3b3dad3fcf679756392c3eb6a285 (patch)
tree: 79c99d0bea86b527395b4aac32a37eef739c67dc /CGI.pl
parent: f208e298e2ac9836c8138449a0691f6deb850c4a (diff)
download: bugzilla-022265211b1a3b3dad3fcf679756392c3eb6a285.tar.gz
bugzilla-022265211b1a3b3dad3fcf679756392c3eb6a285.tar.xz
1 files changed, 71 insertions, 51 deletions
diff --git a/CGI.pl b/CGI.pl
index d7782f7e8..ede69a9ad 100644
--- a/CGI.pl
+++ b/CGI.pl
@@ -713,43 +713,54 @@ sub confirm_login {
     # to a later section.  -Joe Robins, 8/3/00
     my $enteredlogin = "";
     my $realcryptpwd = "";
-    if (defined $::FORM{"Bugzilla_login"} &&
-	defined $::FORM{"Bugzilla_password"}) {
-
-       $enteredlogin = $::FORM{"Bugzilla_login"};
-       my $enteredpwd = $::FORM{"Bugzilla_password"};
-       CheckEmailSyntax($enteredlogin);
-
-       $realcryptpwd  = PasswordForLogin($::FORM{"Bugzilla_login"});
-
-       if (defined $::FORM{"PleaseMailAPassword"}) {
-         my $realpwd;
-         if ($realcryptpwd eq "") {
-           $realpwd = InsertNewUser($enteredlogin, "");
-         } else {
-           SendSQL("select password from profiles where login_name = " .
-                   SqlQuote($enteredlogin));
-           $realpwd = FetchOneColumn();
-         }
-         print "Content-type: text/html\n\n";
-         PutHeader("Password has been emailed");
-         MailPassword($enteredlogin, $realpwd);
-         PutFooter();
-         exit;
-       }
 
-       SendSQL("SELECT encrypt(" . SqlQuote($enteredpwd) . ", " .
-               SqlQuote(substr($realcryptpwd, 0, 2)) . ")");
-       my $enteredcryptpwd = FetchOneColumn();
+    # If the form contains Bugzilla login and password fields, use Bugzilla's 
+    # built-in authentication to authenticate the user (otherwise use LDAP below).
+    if (defined $::FORM{"Bugzilla_login"} && defined $::FORM{"Bugzilla_password"}) {
+        # Make sure the user's login name is a valid email address.
+        $enteredlogin = $::FORM{"Bugzilla_login"};
+        CheckEmailSyntax($enteredlogin);
+
+        # Retrieve the user's ID and crypted password from the database.
+        my $userid;
+        SendSQL("SELECT userid, cryptpassword FROM profiles 
+                 WHERE login_name = " . SqlQuote($enteredlogin));
+        ($userid, $realcryptpwd) = FetchSQLData();
+
+        # If this is a new user, generate a password, insert a record
+        # into the database, and email their password to them.
+        if ( defined $::FORM{"PleaseMailAPassword"} && !$userid ) {
+            my $password = InsertNewUser($enteredlogin, "");
+            print "Content-Type: text/html\n\n";
+            PutHeader("Account Created");
+            MailPassword($enteredlogin, $password);
+            PutFooter();
+            exit;
+        }
+
+        # Otherwise, authenticate the user.
+        else {
+            # Get the salt from the user's crypted password.
+            my $salt = $realcryptpwd;
+
+            # Using the salt, crypt the password the user entered.
+            my $enteredCryptedPassword = crypt( $::FORM{"Bugzilla_password"} , $salt );
+
+            # Make sure the passwords match or throw an error.
+            ($enteredCryptedPassword eq $realcryptpwd)
+              || DisplayError("The username or password you entered is not valid.")
+              && exit;
+
+            # If the user has successfully logged in, delete any password tokens
+            # lying around in the system for them.
+            use Token;
+            my $token = Token::HasPasswordToken($userid);
+            while ( $token ) {
+                Token::Cancel($token, "user logged in");
+                $token = Token::HasPasswordToken($userid);
+            }
+        }
 
-       if ($realcryptpwd eq "" || $enteredcryptpwd ne $realcryptpwd) {
-         print "Content-type: text/html\n\n";
-         PutHeader("Login failed");
-         print "The username or password you entered is not valid.\n";
-         print "Please click <b>Back</b> and try again.\n";
-         PutFooter();
-         exit;
-       }
      } elsif (Param("useLDAP") &&
               defined $::FORM{"LDAP_login"} &&
               defined $::FORM{"LDAP_password"}) {
@@ -952,23 +963,32 @@ Content-type: text/html
 </tr>
 </table>
 ";
-        foreach my $i (keys %::FORM) {
-            if ($i =~ /^Bugzilla_/) {
-                next;
-            }
-            print "<input type=hidden name=$i value=\"@{[value_quote($::FORM{$i})]}\">\n";
+        # Add all the form fields into the form as hidden fields
+        # (except for Bugzilla_login and Bugzilla_password which we
+        # already added as text fields above).
+        foreach my $i ( grep( $_ !~ /^Bugzilla_/ , keys %::FORM ) ) {
+            print qq|<input type="hidden" name="$i" value="@{[value_quote($::FORM{$i})]}">\n|;
         }
-        print "
-<input type=submit value=Login name=GoAheadAndLogIn><hr>
-";
-        # If we're using LDAP, we can't request that a password be mailed...
-        unless(Param("useLDAP")) {
-          print "
-If you don't have a password, or have forgotten it, then please fill in the
-e-mail address above and click
- here:<input type=submit value=\"E-mail me a password\"
-name=PleaseMailAPassword>
-</form>\n";
+
+        print qq|
+          <input type="submit" name="GoAheadAndLogIn" value="Login">
+          </form>
+        |;
+
+        # Allow the user to request a token to change their password (unless
+        # we are using LDAP, in which case the user must use LDAP to change it).
+        unless( Param("useLDAP") ) {
+            print qq|
+              <hr>
+              <form method="get" action="token.cgi">
+                <input type="hidden" name="a" value="reqpw">
+                If you don't have a password or have forgotten it,
+                enter your login name below and submit a request 
+                to change your password.<br>
+                <input size="35" name="loginname">
+                <input type="submit" value="Submit Request">
+              </form>
+            |;
         }
 
         # This seems like as good as time as any to get rid of old
author	justdave%syndicomm.com <>	2001-07-11 14:29:16 +0200
committer	justdave%syndicomm.com <>	2001-07-11 14:29:16 +0200
commit	022265211b1a3b3dad3fcf679756392c3eb6a285 (patch)
tree	79c99d0bea86b527395b4aac32a37eef739c67dc /CGI.pl
parent	f208e298e2ac9836c8138449a0691f6deb850c4a (diff)
download	bugzilla-022265211b1a3b3dad3fcf679756392c3eb6a285.tar.gz bugzilla-022265211b1a3b3dad3fcf679756392c3eb6a285.tar.xz