Commit b77d2178 authored by Frédéric Buclin's avatar Frédéric Buclin

Bug 1232578: Don't save hashed passwords in audit_log

r/a=dkl
parent 8a4cfa90
......@@ -729,6 +729,9 @@ sub update_table_definitions {
# 2014-11-10 dkl@mozilla.com - Bug 1093928
$dbh->bz_drop_column('longdescs', 'is_markdown');
# 2015-12-16 LpSolit@gmail.com - Bug 1232578
_sanitize_audit_log_table();
################################################################
# New --TABLE-- changes should go *** A B O V E *** this point #
################################################################
......@@ -3914,6 +3917,30 @@ sub _update_alias {
$dbh->bz_drop_column('bugs', 'alias');
}
sub _sanitize_audit_log_table {
my $dbh = Bugzilla->dbh;
# Replace hashed passwords by a generic comment.
my $class = 'Bugzilla::User';
my $field = 'cryptpassword';
my $hashed_passwd =
$dbh->selectcol_arrayref('SELECT added FROM audit_log WHERE class = ? AND field = ?
AND ' . $dbh->sql_not_ilike('hashed_with_', 'added'),
undef, ($class, $field));
if (@$hashed_passwd) {
say "Sanitizing hashed passwords stored in the 'audit_log' table...";
my $sth = $dbh->prepare('UPDATE audit_log SET added = ?
WHERE class = ? AND field = ? AND added = ?');
foreach my $passwd (@$hashed_passwd) {
my (undef, $sanitized_passwd) =
Bugzilla::Object::_sanitize_audit_log($class, $field, [undef, $passwd]);
$sth->execute($sanitized_passwd, $class, $field, $passwd);
}
}
}
1;
__END__
......
......@@ -599,11 +599,29 @@ sub audit_log {
foreach my $field (keys %$changes) {
# Skip private changes.
next if $field =~ /^_/;
my ($from, $to) = @{ $changes->{$field} };
my ($from, $to) = $self->_sanitize_audit_log($field, $changes->{$field});
$sth->execute($user_id, $class, $self->id, $field, $from, $to);
}
}
sub _sanitize_audit_log {
my ($self, $field, $changes) = @_;
my $class = ref($self) || $self;
# Do not store hashed passwords. Only record the algorithm used to encode them.
if ($class eq 'Bugzilla::User' && $field eq 'cryptpassword') {
foreach my $passwd (@$changes) {
next unless $passwd;
my $algorithm = 'unknown_algorithm';
if ($passwd =~ /{([^}]+)}$/) {
$algorithm = $1;
}
$passwd = "hashed_with_$algorithm";
}
}
return @$changes;
}
sub flatten_to_hash {
my $self = shift;
my $class = blessed($self);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment