diff options
-rw-r--r-- | Bugzilla/Auth.pm | 38 | ||||
-rw-r--r-- | Bugzilla/Auth/Login/Cookie.pm | 3 | ||||
-rw-r--r-- | Bugzilla/Auth/Persist/Cookie.pm | 4 | ||||
-rw-r--r-- | Bugzilla/Util.pm | 39 |
4 files changed, 40 insertions, 44 deletions
diff --git a/Bugzilla/Auth.pm b/Bugzilla/Auth.pm index 0e57371a2..daacc677a 100644 --- a/Bugzilla/Auth.pm +++ b/Bugzilla/Auth.pm @@ -199,28 +199,6 @@ sub _handle_login_result { return $user; } -# Returns the network address for a given IP -sub get_netaddr { - my $ipaddr = shift; - - # Check for a valid IPv4 addr which we know how to parse - if (!$ipaddr || $ipaddr !~ /^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/) { - return undef; - } - - my $addr = unpack("N", pack("CCCC", split(/\./, $ipaddr))); - - my $maskbits = Param('loginnetmask'); - - # Make Bugzilla ignore the IP address if loginnetmask is set to 0 - return "0.0.0.0" if ($maskbits == 0); - - $addr >>= (32-$maskbits); - - $addr <<= (32-$maskbits); - return join(".", unpack("CCCC", pack("N", $addr))); -} - 1; __END__ @@ -383,22 +361,6 @@ Returns: C<true> if users can change their own email address, =back -=head1 CLASS FUNCTIONS - -C<Bugzilla::Auth> contains several helper methods to be used by -authentication or login modules. - -=over 4 - -=item C<Bugzilla::Auth::get_netaddr($ipaddr)> - -Given an ip address, this returns the associated network address, using -C<Param('loginnetmask')> as the netmask. This can be used to obtain data -in order to restrict weak authentication methods (such as cookies) to -only some addresses. - -=back - =head1 STRUCTURE This section is mostly interesting to developers who want to implement diff --git a/Bugzilla/Auth/Login/Cookie.pm b/Bugzilla/Auth/Login/Cookie.pm index 2ca4aca72..f2a93e94e 100644 --- a/Bugzilla/Auth/Login/Cookie.pm +++ b/Bugzilla/Auth/Login/Cookie.pm @@ -19,7 +19,6 @@ package Bugzilla::Auth::Login::Cookie; use strict; use base qw(Bugzilla::Auth::Login); -use Bugzilla::Auth; use Bugzilla::Constants; use Bugzilla::Util; @@ -35,7 +34,7 @@ sub get_login_info { my $dbh = Bugzilla->dbh; my $ip_addr = $cgi->remote_addr(); - my $net_addr = Bugzilla::Auth::get_netaddr($ip_addr); + my $net_addr = get_netaddr($ip_addr); my $login_cookie = $cgi->cookie("Bugzilla_logincookie"); my $user_id = $cgi->cookie("Bugzilla_login"); diff --git a/Bugzilla/Auth/Persist/Cookie.pm b/Bugzilla/Auth/Persist/Cookie.pm index c41948e72..7d1209a0e 100644 --- a/Bugzilla/Auth/Persist/Cookie.pm +++ b/Bugzilla/Auth/Persist/Cookie.pm @@ -32,7 +32,6 @@ package Bugzilla::Auth::Persist::Cookie; use strict; use fields qw(); -use Bugzilla::Auth; use Bugzilla::Config; use Bugzilla::Constants; use Bugzilla::Util; @@ -55,8 +54,7 @@ sub persist_login { unless ($cgi->param('Bugzilla_restrictlogin') || Param('loginnetmask') == 32) { - # XXX I don't like this subclass being dependent upon its parent. - $ip_addr = Bugzilla::Auth::get_netaddr($ip_addr); + $ip_addr = get_netaddr($ip_addr); } # The IP address is valid, at least for comparing with itself in a diff --git a/Bugzilla/Util.pm b/Bugzilla/Util.pm index 28f5e71bc..98a3065cf 100644 --- a/Bugzilla/Util.pm +++ b/Bugzilla/Util.pm @@ -34,7 +34,7 @@ use base qw(Exporter); detaint_signed html_quote url_quote value_quote xml_quote css_class_quote - i_am_cgi + i_am_cgi get_netaddr lsearch max min diff_arrays diff_strings trim wrap_comment find_wrap_point @@ -396,6 +396,27 @@ sub clean_text { return trim($dtext); } +sub get_netaddr { + my $ipaddr = shift; + + # Check for a valid IPv4 addr which we know how to parse + if (!$ipaddr || $ipaddr !~ /^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/) { + return undef; + } + + my $addr = unpack("N", pack("CCCC", split(/\./, $ipaddr))); + + my $maskbits = Param('loginnetmask'); + + # Make Bugzilla ignore the IP address if loginnetmask is set to 0 + return "0.0.0.0" if ($maskbits == 0); + + $addr >>= (32-$maskbits); + + $addr <<= (32-$maskbits); + return join(".", unpack("CCCC", pack("N", $addr))); +} + 1; __END__ @@ -425,6 +446,7 @@ Bugzilla::Util - Generic utility functions for bugzilla # Functions that tell you about your environment my $is_cgi = i_am_cgi(); + $net_addr = get_netaddr($ip_addr); # Functions for searching $loc = lsearch(\@arr, $val); @@ -540,12 +562,27 @@ is kept separate from html_quote partly for compatibility with previous code Converts the %xx encoding from the given URL back to its original form. +=back + +=head2 Environment and Location + +Functions returning information about your environment or location. + +=over 4 + =item C<i_am_cgi()> Tells you whether or not you are being run as a CGI script in a web server. For example, it would return false if the caller is running in a command-line script. +=item C<get_netaddr($ipaddr)> + +Given an IP address, this returns the associated network address, using +C<Param('loginnetmask')> as the netmask. This can be used to obtain data +in order to restrict weak authentication methods (such as cookies) to +only some addresses. + =back =head2 Searching |