From e16ca48833e9dd774a61eaab7ca32c44ce6a4276 Mon Sep 17 00:00:00 2001
From: "lpsolit%gmail.com" <>
Date: Tue, 3 Jan 2006 22:44:53 +0000
Subject: Bug 119524: SECURITY: predictable sessionid (Use a token instead of
 logincookie) - Patch by Olav Vitters <bugzilla-mozilla@bkor.dhs.org> r=mkanat
 a=justdave

---
 checksetup.pl | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'checksetup.pl')

diff --git a/checksetup.pl b/checksetup.pl
index 7522d994c..e8528aee1 100755
--- a/checksetup.pl
+++ b/checksetup.pl
@@ -4233,6 +4233,12 @@ $dbh->bz_add_column('namedqueries', 'query_type',
 $dbh->bz_alter_column('groups', 'userregexp', 
                       {TYPE => 'TINYTEXT', NOTNULL => 1, DEFAULT => "''"});
 
+# 2005-09-26 - olav@bkor.dhs.org - Bug 119524
+# Convert logincookies into a varchar
+# this allows to store a random token instead of a guessable auto_increment
+$dbh->bz_alter_column('logincookies', 'cookie',
+                      {TYPE => 'varchar(16)', PRIMARYKEY => 1, NOTNULL => 1});
+
 
 # If you had to change the --TABLE-- definition in any way, then add your
 # differential change code *** A B O V E *** this comment.
-- 
cgit v1.2.3-24-g4f1b