]> source.dussan.org Git - redmine.git/commitdiff
projects / redmine.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 26125be)
Fixed: Redmine.pm potential security issue with cache credential enabled and subversi...
authorJean-Philippe Lang <jp_lang@yahoo.fr>
Mon, 14 Nov 2011 22:11:24 +0000 (22:11 +0000)
committerJean-Philippe Lang <jp_lang@yahoo.fr>
Mon, 14 Nov 2011 22:11:24 +0000 (22:11 +0000)
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@7809 e93f8b46-1217-0410-a6f0-8f06a7374b81

extra/svn/Redmine.pm patch | blob | history

diff --git a/extra/svn/Redmine.pm b/extra/svn/Redmine.pm
index 6169f734ad218bd5f36b3b4050b84fa47a837291..5c470d47dc56b5b7042b38bc8f47a4db9de8fccd 100644 (file)
--- a/extra/svn/Redmine.pm
+++ b/extra/svn/Redmine.pm
@@ -344,11 +344,13 @@ sub is_member {
   my $project_id  = get_project_identifier($r);
 
   my $pass_digest = Digest::SHA1::sha1_hex($redmine_pass);
+  
+  my $access_mode = defined $read_only_methods{$r->method} ? "R" : "W";
 
   my $cfg = Apache2::Module::get_config(__PACKAGE__, $r->server, $r->per_dir_config);
   my $usrprojpass;
   if ($cfg->{RedmineCacheCredsMax}) {
-    $usrprojpass = $cfg->{RedmineCacheCreds}->get($redmine_user.":".$project_id);
+    $usrprojpass = $cfg->{RedmineCacheCreds}->get($redmine_user.":".$project_id.":".$access_mode);
     return 1 if (defined $usrprojpass and ($usrprojpass eq $pass_digest));
   }
   my $query = $cfg->{RedmineQuery};
@@ -361,7 +363,7 @@ sub is_member {
       unless ($auth_source_id) {
                                my $method = $r->method;
           my $salted_password = Digest::SHA1::sha1_hex($salt.$pass_digest);
-                                       if ($hashed_password eq $salted_password && ((defined $read_only_methods{$method} && $permissions =~ /:browse_repository/) || $permissions =~ /:commit_access/) ) {
+                                       if ($hashed_password eq $salted_password && (($access_mode eq "R" && $permissions =~ /:browse_repository/) || $permissions =~ /:commit_access/) ) {
               $ret = 1;
               last;
           }
@@ -380,7 +382,7 @@ sub is_member {
                 filter  =>      "(".$rowldap[6]."=%s)"
             );
             my $method = $r->method;
-            $ret = 1 if ($ldap->authenticate($redmine_user, $redmine_pass) && ((defined $read_only_methods{$method} && $permissions =~ /:browse_repository/) || $permissions =~ /:commit_access/));
+            $ret = 1 if ($ldap->authenticate($redmine_user, $redmine_pass) && (($access_mode eq "R" && $permissions =~ /:browse_repository/) || $permissions =~ /:commit_access/));
 
           }
           $sthldap->finish();
@@ -394,10 +396,10 @@ sub is_member {
 
   if ($cfg->{RedmineCacheCredsMax} and $ret) {
     if (defined $usrprojpass) {
-      $cfg->{RedmineCacheCreds}->set($redmine_user.":".$project_id, $pass_digest);
+      $cfg->{RedmineCacheCreds}->set($redmine_user.":".$project_id.":".$access_mode, $pass_digest);
     } else {
       if ($cfg->{RedmineCacheCredsCount} < $cfg->{RedmineCacheCredsMax}) {
-        $cfg->{RedmineCacheCreds}->set($redmine_user.":".$project_id, $pass_digest);
+        $cfg->{RedmineCacheCreds}->set($redmine_user.":".$project_id.":".$access_mode, $pass_digest);
         $cfg->{RedmineCacheCredsCount}++;
       } else {
         $cfg->{RedmineCacheCreds}->clear();
Mirror of redmine code source: https://github.com/redmine/redmine