summaryrefslogtreecommitdiffstats
path: root/Bugzilla/Auth
AgeCommit message (Collapse)AuthorFilesLines
2010-02-01Fix the data in the bzr repo to match the data in the CVS repo.Max Kanat-Alexander1-0/+0
During the CVS imports into Bzr, there were some inconsistencies introduced (mostly that files that were deleted in CVS weren't being deleted in Bzr). So this checkin makes the bzr repo actually consistent with the CVS repo, including fixing permissions of files.
2010-01-05Bug 467992: Login fails if the user's LDAP account is denied search in LDAP ↵lpsolit%gmail.com1-5/+28
- Patch by Adam Batkin <adam@batkin.net> r/a=mkanat
2009-12-31Bug 527586: Use X-Forwarded-For instead of REMOTE_ADDR for trusted proxiesmkanat%bugzilla.org2-2/+2
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=dkl, a=mkanat
2009-12-31Bug 385606: Logincookies are recreated at each HTTP request when using the ↵lpsolit%gmail.com1-0/+1
'Env' auth method - Patch by Frédéric Buclin <LpSolit@gmail.com> r/a=mkanat
2009-12-13Bug 355283: Lock out a user account on a particular IP for 30 minutes if ↵mkanat%bugzilla.org1-16/+30
they fail to log in 5 times from that IP. Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit
2009-11-24Bug 430014: Re-write the code hooks system so that it uses modules instead ↵mkanat%bugzilla.org2-2/+2
of individual .pl files Patch by Max Kanat-Alexander <mkanat@bugzilla.org> (module owner) a=mkanat
2009-11-09Bug 525734: Allow WebService clients to authenticate using Bugzilla_login ↵mkanat%bugzilla.org2-8/+7
and Bugzilla_password Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=dkl, a=mkanat
2009-10-19Bug 399073: Remove the 'loginnetmask' parameter - Patch by Frédéric ↵lpsolit%gmail.com2-26/+14
Buclin <LpSolit@gmail.com> r/a=mkanat
2009-10-09Bug 514913: Eliminate ssl="authenticated sessions"mkanat%bugzilla.org2-16/+3
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=dkl, a=mkanat
2009-04-17Bug 488467: Verify and Login auth methods were being called in a random ↵mkanat%bugzilla.org2-2/+2
order, causing sudo sessions to frequently not need the user to re-enter their password. Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit
2009-03-02Bug 121601: Have logout display index.cgi, not just a message on relogin.cgi.mkanat%bugzilla.org1-0/+1
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit
2009-01-20Bug 134022: PERFORMANCE: deleting old login cookies locks login checksmkanat%bugzilla.org1-0/+9
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=mkanat
2009-01-02Bug 211006: Make Bugzilla use SHA-256 instead of crypt() to store hashed ↵mkanat%bugzilla.org1-0/+10
passwords in the database Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit
2008-10-23Bug 455584 - Use bz_crypt everywhere instead of the crypt() functiondkl%redhat.com1-6/+1
Patch by David Lawrence <dkl@redhat.com> = r/a=LpSolit
2008-10-21Bug 460770: Incorrect regexp when parsing the list of LDAP servers - Patch ↵lpsolit%gmail.com1-1/+1
by Frédéric Buclin <LpSolit@gmail.com> r/a=mkanat
2008-10-05Partial backout of bug 183665. It's responsible for bug 457719lpsolit%gmail.com1-1/+1
2008-09-12Bug 453767 - Passwords containing wide characters causes system errordkl%redhat.com1-0/+5
Patch by David Lawrence <dkl@redhat.com> - a/r=mkanat
2008-08-27Bug 449984: Login cookies should be created as SSL-only on installations ↵lpsolit%gmail.com1-15/+18
that require SSL - Patch by Frédéric Buclin <LpSolit@gmail.com> r/a=mkanat
2008-08-23Bug 368502 - "Bugzilla_logincookie should not be accessible via javascript" ↵reed%reedloden.com1-3/+6
[p=reed r+a=mkanat]
2008-08-18Bug 428659 – Setting SSL param to 'authenticated sessions' only ↵dkl%redhat.com1-3/+8
protects logins and param doesn't protect WebService calls at all Patch by David Lawrence <dkl@redhat.com> - r/a=LpSolit/mkanat
2008-08-07Bug 438435: Need code hooks for authenticationmkanat%bugzilla.org2-8/+24
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=mkanat
2008-07-29Backing out these patches as they cause a regression. More informationdkl%redhat.com1-3/+5
in the respective bug reports. Bug 428659 – Setting SSL param to 'authenticated sessions' only protects logins and param doesn't protect WebService calls at all Patch by Dave Lawrence <dkl@redhat.com> - r/a=mkanat Bug 445104: ssl redirects come with a 200 OK HTTP code on mod_perl Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=dkl, a=mkanat
2008-07-10Bug 428659 – Setting SSL param to 'authenticated sessions' only ↵dkl%redhat.com1-5/+3
protects logins and param doesn't protect WebService calls at all Patch by Dave Lawrence <dkl@redhat.com> - r/a=mkanat
2007-12-15Bug 408384: Set extern_id when using LDAP authmkanat%bugzilla.org1-0/+2
Patch By Emmanuel Seyman <eseyman@linagora.com> r=mkanat, a=mkanat
2007-12-15Bug 229049: Make LDAP authentication work when there are multiple mail= ↵mkanat%bugzilla.org1-1/+17
attributes for an account. Patch By Emmanuel Seyman <eseyman@linagora.com> r=mkanat, a=mkanat
2007-11-15Bug 183665: Accessing post_bug.cgi directly gives a weird error message and ↵lpsolit%gmail.com1-1/+1
should redirect to enter_bug.cgi instead - Patch by Matt Tasker <mtasker@gmail.com> (based on the original patch from victory <spam@bmo2007.rsz.jp>) r/a=LpSolit
2007-08-03Bug 380187 – Bugzilla should support RADIUS authentication.wurblzap%gmail.com1-0/+64
Patch by Marc Schumann <wurblzap@gmail.com>; r=mkanat, a=mkanat
2007-05-24Bug 380928 – Bugzilla::Auth::Verify::create_or_update_user can return ↵ghendricks%novell.com1-4/+3
stale Bugzilla::User object patch by vrb@novell.com r=mkanat a=mkanat
2007-03-08Bug 367480: [LDAP] Try a list of servers in order until we connect successfullymkanat%bugzilla.org1-4/+9
Patch By Tony Bajan <firefox@tonyb.me.uk> r=mkanat, a=mkanat
2006-10-21Bug 340538: Insecure dependency in exec while running with -T switch at ↵wurblzap%gmail.com1-3/+5
/usr/lib/perl5/site_perl/5.8.6/Mail/Mailer/sendmail.pm line 16. Patch by Marc Schumann <wurblzap@gmail.com>, r=LpSolit, a=myk
2006-08-26Bug 349349: Use ->create from Bugzilla::Object instead of insert_new_user ↵mkanat%bugzilla.org1-2/+7
for Bugzilla::User Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=myk
2006-08-20Bug 224577: Bugzilla could use a web services interface.wurblzap%gmail.com1-0/+7
Patch by Marc Schumann <wurblzap@gmail.com>; r=mkanat; a=myk
2006-07-29Bug 346245: attribute parameter 'johndoe@company.tld' is not a hash ref at ↵mkanat%bugzilla.org1-2/+2
Bugzilla/Auth/Verify.pm line 112 Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=wurblzap, a=myk
2006-07-11Bug 339731: [LDAP] URI-parsing code duplicated with Net::LDAP - Patch by ↵lpsolit%gmail.com1-28/+2
guillomovitch@zarb.org r=mkanat a=justdave
2006-07-06Bug 340967: The login form appears twice when trying to add an attachment ↵lpsolit%gmail.com1-0/+15
(due to two consecutive calls to Bugzilla->login) - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=myk
2006-07-04Bug 338375: Use Bugzilla->params everywhere instead of Param().mkanat%bugzilla.org4-4/+0
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=justdave
2006-07-04Bug 342869: Use Bugzilla->params everywhere except templatesmkanat%bugzilla.org4-16/+20
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=justdave
2006-06-19Spelling in code comments patch: 'cokie' -> 'cookie'; patch by Vlad Dascalu ↵vladd%bugzilla.org1-1/+1
<vladd@bugzilla.org>.
2006-06-03Bug 340104: Move Bugzilla::Auth::get_netaddr() in Util.pm - Patch by ↵lpsolit%gmail.com2-5/+2
Frédéric Buclin <LpSolit@gmail.com> r/a=justdave
2006-06-02Bug 282687: LDAP: TLS Support - Patch by guillomovitch@zarb.org r=mkanat ↵lpsolit%gmail.com1-0/+8
a=justdave
2006-06-01Bug 339858: Remove useless module dependencies in Bugzilla::Auth::* - Patch ↵lpsolit%gmail.com4-4/+3
by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=justdave
2006-05-31Bug 338573: Auth could throw an insecure dependency error if username is taintedmkanat%bugzilla.org1-0/+6
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=justdave
2006-05-31Bug 320751: LDAP: Ability to have Bugzilla use the LDAP username directly as ↵mkanat%bugzilla.org1-5/+10
the Bugzilla username Patch By guillomovitch@zarb.org r=mkanat, a=myk
2006-05-16Bug 337661: LDAP user login failure: Can't locate object method "realname" ↵lpsolit%gmail.com1-1/+1
via package "Bugzilla::User" - Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit a=justdave
2006-05-12Bug 300410: Bugzilla::Auth needs to be restructured to not require a BEGIN blockmkanat%bugzilla.org15-1008/+1002
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=myk
2006-03-04Patch for bug 216902: support LDAPS connections; patch by Christian Krause ↵jocuri%softhome.net1-3/+22
<chkr@plauener.de>, r=vladd, a=justdave.
2006-03-03Patch for bug 161369: Strip trailing whitespace from login usernames; patch ↵jocuri%softhome.net1-1/+1
by Paul <pdemarco@zoominternet.net>, r=vladd, a=justdave.
2006-03-01Fix invalid POD formatting (patch for fixing broken tree - runtests.pl, test ↵jocuri%softhome.net1-1/+1
11).
2006-02-22Bug 327355: Email preferences are not set correctly when the user account is ↵lpsolit%gmail.com1-101/+63
created by Env.pm - Patch by Frédéric Buclin <LpSolit@gmail.com> r=joel a=justdave
2006-01-10Bug 322620: Logging in with 'Remember my Login' deselected gives: Use of ↵lpsolit%gmail.com1-0/+1
uninitialized value in string eq at Bugzilla/Auth/Login/WWW/CGI.pm line 83 - Patch by Olav Vitters <bugzilla-mozilla@bkor.dhs.org> r=LpSolit a=justdave