From 779252b143809c134aae82333e8456b566b054be Mon Sep 17 00:00:00 2001 From: Dylan William Hardison Date: Fri, 4 May 2018 15:41:39 -0400 Subject: no bug - untaint default values in localconfig --- Bugzilla/Install/Localconfig.pm | 1 + 1 file changed, 1 insertion(+) (limited to 'Bugzilla/Install/Localconfig.pm') diff --git a/Bugzilla/Install/Localconfig.pm b/Bugzilla/Install/Localconfig.pm index 7a913358c..55394bc2e 100644 --- a/Bugzilla/Install/Localconfig.pm +++ b/Bugzilla/Install/Localconfig.pm @@ -211,6 +211,7 @@ sub _read_localconfig_from_env { else { my $default = $var->{default}; $localconfig{$name} = ref($default) eq 'CODE' ? $default->() : $default; + untaint($localconfig{$name}); } } -- cgit v1.2.3-24-g4f1b From dcb3506da0be31ec92950e85f51688cecef1b0f8 Mon Sep 17 00:00:00 2001 From: Dylan William Hardison Date: Mon, 7 May 2018 18:52:29 -0400 Subject: Bug 1413328 - Use tct (tocotrienol on npm) to encrypt bugmail --- Bugzilla/Install/Localconfig.pm | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'Bugzilla/Install/Localconfig.pm') diff --git a/Bugzilla/Install/Localconfig.pm b/Bugzilla/Install/Localconfig.pm index 55394bc2e..e1a8e0909 100644 --- a/Bugzilla/Install/Localconfig.pm +++ b/Bugzilla/Install/Localconfig.pm @@ -125,6 +125,10 @@ use constant LOCALCONFIG_VARS => ( name => 'diffpath', default => sub { dirname( bin_loc('diff') ) }, }, + { + name => 'tct_bin', + default => sub { bin_loc('tct') }, + }, { name => 'site_wide_secret', -- cgit v1.2.3-24-g4f1b From 404dc5496967203c5f99755340f43d712420446a Mon Sep 17 00:00:00 2001 From: Dylan William Hardison Date: Thu, 14 Jun 2018 17:50:08 -0700 Subject: Bug 1468848 - Change presentation of show_bug.cgi urls to be /bug/ID or /bug/ALIAS. --- Bugzilla/Install/Localconfig.pm | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) (limited to 'Bugzilla/Install/Localconfig.pm') diff --git a/Bugzilla/Install/Localconfig.pm b/Bugzilla/Install/Localconfig.pm index e1a8e0909..f6333f218 100644 --- a/Bugzilla/Install/Localconfig.pm +++ b/Bugzilla/Install/Localconfig.pm @@ -163,6 +163,10 @@ use constant LOCALCONFIG_VARS => ( name => 'urlbase', default => _migrate_param( "urlbase", "" ), }, + { + name => 'canonical_urlbase', + default => '', + }, { name => 'attachment_base', default => _migrate_param( "attachment_base", '' ), @@ -286,13 +290,16 @@ sub _read_localconfig_from_file { sub read_localconfig { my ($include_deprecated) = @_; - + my $lc; if ($ENV{LOCALCONFIG_ENV}) { - return _read_localconfig_from_env(); + $lc = _read_localconfig_from_env(); } else { - return _read_localconfig_from_file($include_deprecated); + $lc = _read_localconfig_from_file($include_deprecated); } + $lc->{canonical_urlbase} //= $lc->{urlbase}; + + return $lc; } # -- cgit v1.2.3-24-g4f1b From de80a6c015fb0d63040a111288be26b2118684a4 Mon Sep 17 00:00:00 2001 From: Dylan William Hardison Date: Tue, 26 Jun 2018 16:59:30 -0400 Subject: Revert "Bug 1468848 - Change presentation of show_bug.cgi urls to be /bug/ID or /bug/ALIAS." This reverts commit 404dc5496967203c5f99755340f43d712420446a. --- Bugzilla/Install/Localconfig.pm | 13 +++---------- 1 file changed, 3 insertions(+), 10 deletions(-) (limited to 'Bugzilla/Install/Localconfig.pm') diff --git a/Bugzilla/Install/Localconfig.pm b/Bugzilla/Install/Localconfig.pm index f6333f218..e1a8e0909 100644 --- a/Bugzilla/Install/Localconfig.pm +++ b/Bugzilla/Install/Localconfig.pm @@ -163,10 +163,6 @@ use constant LOCALCONFIG_VARS => ( name => 'urlbase', default => _migrate_param( "urlbase", "" ), }, - { - name => 'canonical_urlbase', - default => '', - }, { name => 'attachment_base', default => _migrate_param( "attachment_base", '' ), @@ -290,16 +286,13 @@ sub _read_localconfig_from_file { sub read_localconfig { my ($include_deprecated) = @_; - my $lc; + if ($ENV{LOCALCONFIG_ENV}) { - $lc = _read_localconfig_from_env(); + return _read_localconfig_from_env(); } else { - $lc = _read_localconfig_from_file($include_deprecated); + return _read_localconfig_from_file($include_deprecated); } - $lc->{canonical_urlbase} //= $lc->{urlbase}; - - return $lc; } # -- cgit v1.2.3-24-g4f1b