diff options
author | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2011-11-14 22:11:24 +0000 |
---|---|---|
committer | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2011-11-14 22:11:24 +0000 |
commit | 38089d9a56060227d5059c61d64e3a839e741263 (patch) | |
tree | 023802eeb636cf565ff7c7ececbd593094e837c3 /extra | |
parent | 26125be6b120c1196251ae8f42eddffc012b541a (diff) | |
download | redmine-38089d9a56060227d5059c61d64e3a839e741263.tar.gz redmine-38089d9a56060227d5059c61d64e3a839e741263.zip |
Fixed: Redmine.pm potential security issue with cache credential enabled and subversion (#9567).
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@7809 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'extra')
-rw-r--r-- | extra/svn/Redmine.pm | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/extra/svn/Redmine.pm b/extra/svn/Redmine.pm index 6169f734a..5c470d47d 100644 --- a/extra/svn/Redmine.pm +++ b/extra/svn/Redmine.pm @@ -344,11 +344,13 @@ sub is_member { my $project_id = get_project_identifier($r); my $pass_digest = Digest::SHA1::sha1_hex($redmine_pass); + + my $access_mode = defined $read_only_methods{$r->method} ? "R" : "W"; my $cfg = Apache2::Module::get_config(__PACKAGE__, $r->server, $r->per_dir_config); my $usrprojpass; if ($cfg->{RedmineCacheCredsMax}) { - $usrprojpass = $cfg->{RedmineCacheCreds}->get($redmine_user.":".$project_id); + $usrprojpass = $cfg->{RedmineCacheCreds}->get($redmine_user.":".$project_id.":".$access_mode); return 1 if (defined $usrprojpass and ($usrprojpass eq $pass_digest)); } my $query = $cfg->{RedmineQuery}; @@ -361,7 +363,7 @@ sub is_member { unless ($auth_source_id) { my $method = $r->method; my $salted_password = Digest::SHA1::sha1_hex($salt.$pass_digest); - if ($hashed_password eq $salted_password && ((defined $read_only_methods{$method} && $permissions =~ /:browse_repository/) || $permissions =~ /:commit_access/) ) { + if ($hashed_password eq $salted_password && (($access_mode eq "R" && $permissions =~ /:browse_repository/) || $permissions =~ /:commit_access/) ) { $ret = 1; last; } @@ -380,7 +382,7 @@ sub is_member { filter => "(".$rowldap[6]."=%s)" ); my $method = $r->method; - $ret = 1 if ($ldap->authenticate($redmine_user, $redmine_pass) && ((defined $read_only_methods{$method} && $permissions =~ /:browse_repository/) || $permissions =~ /:commit_access/)); + $ret = 1 if ($ldap->authenticate($redmine_user, $redmine_pass) && (($access_mode eq "R" && $permissions =~ /:browse_repository/) || $permissions =~ /:commit_access/)); } $sthldap->finish(); @@ -394,10 +396,10 @@ sub is_member { if ($cfg->{RedmineCacheCredsMax} and $ret) { if (defined $usrprojpass) { - $cfg->{RedmineCacheCreds}->set($redmine_user.":".$project_id, $pass_digest); + $cfg->{RedmineCacheCreds}->set($redmine_user.":".$project_id.":".$access_mode, $pass_digest); } else { if ($cfg->{RedmineCacheCredsCount} < $cfg->{RedmineCacheCredsMax}) { - $cfg->{RedmineCacheCreds}->set($redmine_user.":".$project_id, $pass_digest); + $cfg->{RedmineCacheCreds}->set($redmine_user.":".$project_id.":".$access_mode, $pass_digest); $cfg->{RedmineCacheCredsCount}++; } else { $cfg->{RedmineCacheCreds}->clear(); |