diff options
| author | James Moger <james.moger@gitblit.com> | 2012-02-09 08:33:16 -0500 |
|---|---|---|
| committer | James Moger <james.moger@gitblit.com> | 2012-02-09 08:33:16 -0500 |
| commit | e7883877a98dfcae3f75f1c1a562120d89aed22a (patch) | |
| tree | d1091c1b9f972b652860a9bc122a035a94bb29cd | |
| parent | ccab3a2abf1f4c3b61e6955afa50b03efdcc707c (diff) | |
| download | gitblit-e7883877a98dfcae3f75f1c1a562120d89aed22a.tar.gz gitblit-e7883877a98dfcae3f75f1c1a562120d89aed22a.zip | |
Fixed session fixation vulnerability (issue 62)
| -rw-r--r-- | docs/04_releases.mkd | 4 | ||||
| -rw-r--r-- | src/com/gitblit/wicket/pages/BasePage.java | 5 | ||||
| -rw-r--r-- | src/com/gitblit/wicket/pages/RootPage.java | 5 |
3 files changed, 12 insertions, 2 deletions
diff --git a/docs/04_releases.mkd b/docs/04_releases.mkd index e1dcb400..2b64eaed 100644 --- a/docs/04_releases.mkd +++ b/docs/04_releases.mkd @@ -4,6 +4,10 @@ **%VERSION%** ([go](http://code.google.com/p/gitblit/downloads/detail?name=%GO%) | [war](http://code.google.com/p/gitblit/downloads/detail?name=%WAR%) | [express](http://code.google.com/p/gitblit/downloads/detail?name=%EXPRESS%) | [fedclient](http://code.google.com/p/gitblit/downloads/detail?name=%FEDCLIENT%) | [manager](http://code.google.com/p/gitblit/downloads/detail?name=%MANAGER%) | [api](http://code.google.com/p/gitblit/downloads/detail?name=%API%)) based on [%JGIT%][jgit] *released %BUILDDATE%*
+#### security
+
+- Fixed session fixation vulnerability where the session identifier was not reset during the login process (issue 62)
+
#### changes
- block pushes to a repository with a working copy (i.e. non-bare repository) (issue-49)
diff --git a/src/com/gitblit/wicket/pages/BasePage.java b/src/com/gitblit/wicket/pages/BasePage.java index 80bff167..ca940071 100644 --- a/src/com/gitblit/wicket/pages/BasePage.java +++ b/src/com/gitblit/wicket/pages/BasePage.java @@ -80,7 +80,10 @@ public abstract class BasePage extends WebPage { // Login the user
if (user != null) {
// Set the user into the session
- GitBlitWebSession.get().setUser(user);
+ GitBlitWebSession session = GitBlitWebSession.get();
+ // issue 62: fix session fixation vulnerability
+ session.replaceSession();
+ session.setUser(user);
// Set Cookie
WebResponse response = (WebResponse) getRequestCycle().getResponse();
diff --git a/src/com/gitblit/wicket/pages/RootPage.java b/src/com/gitblit/wicket/pages/RootPage.java index cbf9cfe1..bad0140b 100644 --- a/src/com/gitblit/wicket/pages/RootPage.java +++ b/src/com/gitblit/wicket/pages/RootPage.java @@ -195,7 +195,10 @@ public abstract class RootPage extends BasePage { private void loginUser(UserModel user) {
if (user != null) {
// Set the user into the session
- GitBlitWebSession.get().setUser(user);
+ GitBlitWebSession session = GitBlitWebSession.get();
+ // issue 62: fix session fixation vulnerability
+ session.replaceSession();
+ session.setUser(user);
// Set Cookie
if (GitBlit.getBoolean(Keys.web.allowCookieAuthentication, false)) {
|