From: terry%netscape.com <>
Date: Thu, 3 Sep 1998 01:52:48 +0000 (+0000)
Subject: Changed the way password validation works.  We now keep a
X-Git-Tag: bugzilla-1.3~20
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=968e9d7a88eeb91e635b88b7e5ae5b795e0b4225;p=thirdparty%2Fbugzilla.git

Changed the way password validation works.  We now keep a
crypt'd version of the password in the database, and check against
that.  (This is silly, because we're also keeping the plaintext
version there, but I have plans...)  Stop passing the plaintext
password around as a cookie; instead, we have a cookie that references
a record in a new database table, logincookies.

IMPORTANT: if updating from an older version of Bugzilla, you must run
the following commands to keep things working:

 ./makelogincookiestable.sh
 echo "alter table profiles add column cryptpassword varchar(64);" | mysql bugs
 echo "update profiles set cryptpassword = encrypt(password,substring(rand(),3, 4));" | mysql bugs
---

diff --git a/CGI.tcl b/CGI.tcl
index 9dd1232405..b2c8398653 100755
--- a/CGI.tcl
+++ b/CGI.tcl
@@ -171,7 +171,7 @@ proc make_options { src default {isregexp 0} } {
 
 
 proc PasswordForLogin {login} {
-    SendSQL "select password from profiles where login_name = '[SqlQuote $login]'"
+    SendSQL "select cryptpassword from profiles where login_name = '[SqlQuote $login]'"
     return [FetchSQLData]
 }
     
@@ -179,7 +179,7 @@ proc PasswordForLogin {login} {
 
 proc confirm_login {{nexturl ""}} {
 #    puts "Content-type: text/plain\n"
-    global FORM COOKIE argv0
+    global FORM COOKIE argv0 env
     ConnectToDatabase
     if { [info exists FORM(Bugzilla_login)] && 
          [info exists FORM(Bugzilla_password)] } {
@@ -194,10 +194,18 @@ proc confirm_login {{nexturl ""}} {
             puts "<p>Please click <b>back</b> and try again."
             exit
         }
-        set realpwd [PasswordForLogin $FORM(Bugzilla_login)]
+        set realcryptpwd [PasswordForLogin $FORM(Bugzilla_login)]
+        set enteredpwd $FORM(Bugzilla_password);
+        SendSQL "select encrypt('[SqlQuote $enteredpwd]','[crange $realcryptpwd 0 1]')";
+        set enteredcryptpwd [lindex [FetchSQLData] 0]
+        
+        
         if {[info exists FORM(PleaseMailAPassword)]} {
-            if {[cequal $realpwd ""]} {
+            if {[cequal $realcryptpwd ""]} {
                 set realpwd [InsertNewUser $FORM(Bugzilla_login)]
+            } else {
+                SendSQL "select password from profiles where login_name = '[SqlQuote $FORM(Bugzilla_login)]'"
+                set realpwd [lindex [FetchSQLData] 0]
             }
             set template "From: bugzilla-daemon
 To: %s
@@ -205,15 +213,16 @@ Subject: Your bugzilla password.
 
 To use the wonders of bugzilla, you can use the following:
 
-E-mail address: %s
-      Password: %s
+ E-mail address: %s
+       Password: %s
 
-To change your password, go to:
-[Param urlbase]changepassword.cgi
+ To change your password, go to:
+ [Param urlbase]changepassword.cgi
 
-(Your bugzilla and CVS password, if any, are not currently synchronized.
-Top hackers are working around the clock to fix this, as you read this.)
+ (Your bugzilla and CVS password, if any, are not currently synchronized.
+ Top hackers are working around the clock to fix this, as you read this.)
 "
+
             set msg [format $template $FORM(Bugzilla_login) \
                          $FORM(Bugzilla_login) $realpwd]
             
@@ -227,7 +236,7 @@ Top hackers are working around the clock to fix this, as you read this.)
             exit
         }
                 
-        if {[cequal $realpwd ""] || ![cequal $realpwd $FORM(Bugzilla_password)]} {
+        if {[cequal $realcryptpwd ""] || ![cequal $enteredcryptpwd $realcryptpwd]} {
             puts "Content-type: text/html\n"
             puts "<H1>Login failed.</H1>"
             puts "The username or password you entered is not valid.  Please"
@@ -235,19 +244,33 @@ Top hackers are working around the clock to fix this, as you read this.)
             exit
         }
         set COOKIE(Bugzilla_login) $FORM(Bugzilla_login)
-        set COOKIE(Bugzilla_password) $FORM(Bugzilla_password)
+	SendSQL "insert into logincookies (userid,cryptpassword,hostname) values ([DBNameToIdAndCheck $FORM(Bugzilla_login)], '[SqlQuote $realcryptpwd]', '[SqlQuote $env(REMOTE_HOST)]')"
+        SendSQL "select LAST_INSERT_ID()"
+        set logincookie [FetchSQLData]
+        
+        
+
+
+        set COOKIE(Bugzilla_logincookie) $logincookie
         puts "Set-Cookie: Bugzilla_login=$COOKIE(Bugzilla_login) ; path=/; expires=Sun, 30-Jun-2029 00:00:00 GMT"
-        puts "Set-Cookie: Bugzilla_password=$COOKIE(Bugzilla_password) ; path=/; expires=Sun, 30-Jun-2029 00:00:00 GMT"
+        puts "Set-Cookie: Bugzilla_logincookie=$COOKIE(Bugzilla_logincookie) ; path=/; expires=Sun, 30-Jun-2029 00:00:00 GMT"
+
+        # This next one just cleans out any old bugzilla passwords that may
+        # be sitting around in the cookie files, from the bad old days when
+        # we actually stored the password there.
+        puts "Set-Cookie: Bugzilla_password= ; path=/; expires=Sun, 30-Jun-80 00:00:00 GMT"
+
     }
 
 
-    set realpwd {}
+    set loginok 0
 
-    if { [info exists COOKIE(Bugzilla_login)] && [info exists COOKIE(Bugzilla_password)] } {
-        set realpwd [PasswordForLogin $COOKIE(Bugzilla_login)]
+    if { [info exists COOKIE(Bugzilla_login)] && [info exists COOKIE(Bugzilla_logincookie)] } {
+        SendSQL "select profiles.login_name = '[SqlQuote $COOKIE(Bugzilla_login)]' and profiles.cryptpassword = logincookies.cryptpassword and logincookies.hostname = '[SqlQuote $env(REMOTE_HOST)]' from profiles,logincookies where logincookies.cookie = $COOKIE(Bugzilla_logincookie) and profiles.userid = logincookies.userid"
+        set loginok [FetchSQLData]
     }
 
-    if {[cequal $realpwd ""] || ![cequal $realpwd $COOKIE(Bugzilla_password)]} {
+    if {$loginok != "1"} {
         puts "Content-type: text/html\n"
         puts "<H1>Please log in.</H1>"
         puts "I need a legitimate e-mail address and password to continue."
@@ -284,9 +307,18 @@ e-mail address above and click
  here:<input type=submit value=\"E-mail me a password\"
 name=PleaseMailAPassword>
 </form>"
+
+        # This seems like as good as time as any to get rid of old
+        # crufty junk in the logincookies table.  Get rid of any entry
+        # that hasn't been used in a month.
+        SendSQL "delete from logincookies where to_days(now()) - to_days(lastused) > 30"
+
         
         exit
     }
+
+    # Update the timestamp on our logincookie, so it'll keep on working.
+    SendSQL "update logincookies set lastused = null where cookie = $COOKIE(Bugzilla_logincookie)"
 }
 
 
diff --git a/changepassword.cgi b/changepassword.cgi
index 2e0a4f06a0..9e031bb162 100755
--- a/changepassword.cgi
+++ b/changepassword.cgi
@@ -66,7 +66,11 @@ Please click <b>Back</b> and try again."
 
 puts "Content-type: text/html\n"
 
-SendSQL "update profiles set password='$pwd' where login_name='[SqlQuote $COOKIE(Bugzilla_login)]'"
+SendSQL "select encrypt('$pwd')"
+set encrypted [lindex [FetchSQLData] 0]
+
+SendSQL "update profiles set password='$pwd',cryptpassword='$encrypted' where login_name='[SqlQuote $COOKIE(Bugzilla_login)]'"
+SendSQL "update logincookies set cryptpassword = '$encrypted' where cookie = $COOKIE(Bugzilla_logincookie)"
 
 puts "<H1>OK, done.</H1>
 Your new password has been set.
diff --git a/globals.tcl b/globals.tcl
index b8997102c9..2327f21149 100644
--- a/globals.tcl
+++ b/globals.tcl
@@ -49,14 +49,6 @@ proc ConnectToDatabase {} {
     }
 }
 
-# Useful for my stand-alone debugging
-proc DebugConnect {} {
-    global COOKIE
-    set COOKIE(Bugzilla_login) terry
-    set COOKIE(Bugzilla_password) terry
-    ConnectToDatabase
-}
-
 
 proc SendSQL { str } {
 # puts $str
@@ -71,7 +63,12 @@ proc SendSQL { str } {
 proc MoreSQLData {} {
     global mysqlhandle
     set result [mysqlresult $mysqlhandle "rows?"]
-    return [expr ![cequal $result ""] && $result > 0]
+    if {![cequal $result ""]} {
+        if {$result > 0} {
+            return 1
+        }
+    }
+    return 0
 }
 
 proc FetchSQLData {} {
@@ -286,7 +283,7 @@ proc InsertNewUser {username} {
     loop i 0 8 {
         append pwd [cindex "abcdefghijklmnopqrstuvwxyz" [random 26]]
     }
-    SendSQL "insert into profiles (login_name, password) values ('[SqlQuote $username]', '$pwd')"
+    SendSQL "insert into profiles (login_name, password, cryptpassword) values ('[SqlQuote $username]', '$pwd', encrypt('$pwd'))"
     return $pwd
 }
 
diff --git a/makelogincookiestable.sh b/makelogincookiestable.sh
new file mode 100755
index 0000000000..be0c465b1b
--- /dev/null
+++ b/makelogincookiestable.sh
@@ -0,0 +1,40 @@
+#!/bin/sh
+#
+# The contents of this file are subject to the Mozilla Public License
+# Version 1.0 (the "License"); you may not use this file except in
+# compliance with the License. You may obtain a copy of the License at
+# http://www.mozilla.org/MPL/
+# 
+# Software distributed under the License is distributed on an "AS IS"
+# basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See the
+# License for the specific language governing rights and limitations
+# under the License.
+# 
+# The Original Code is the Bugzilla Bug Tracking System.
+# 
+# The Initial Developer of the Original Code is Netscape Communications
+# Corporation. Portions created by Netscape are Copyright (C) 1998
+# Netscape Communications Corporation. All Rights Reserved.
+# 
+# Contributor(s): Terry Weissman <terry@mozilla.org>
+
+mysql bugs > /dev/null 2>/dev/null << OK_ALL_DONE
+
+drop table logincookies;
+OK_ALL_DONE
+
+mysql bugs << OK_ALL_DONE
+
+create table logincookies (
+    cookie mediumint not null auto_increment primary key,
+    userid mediumint not null,
+    cryptpassword varchar(64),
+    hostname varchar(128),
+    lastused timestamp,
+    index(lastused)
+);
+
+show columns from logincookies;
+show index from logincookies;
+
+OK_ALL_DONE
diff --git a/makeprofilestable.sh b/makeprofilestable.sh
index 2780d61345..76ce65c312 100755
--- a/makeprofilestable.sh
+++ b/makeprofilestable.sh
@@ -31,6 +31,7 @@ create table profiles (
 userid mediumint not null auto_increment primary key,
 login_name varchar(255) not null,
 password varchar(16),
+cryptpassword varchar(64),
 realname varchar(255),
 index(login_name)
 );
diff --git a/query.cgi b/query.cgi
index 992a232acc..9bf5dfd1d9 100755
--- a/query.cgi
+++ b/query.cgi
@@ -234,11 +234,9 @@ if {[info exists COOKIE(Bugzilla_login)]} {
     if {[cequal $COOKIE(Bugzilla_login) [Param maintainer]]} {
         puts "<a href=editparams.cgi>Edit Bugzilla operating parameters</a><br>"
     }
-    puts "
-<a href=relogin.cgi>Log in as someone besides <b>$COOKIE(Bugzilla_login)</b></a><br>
-<a href=changepassword.cgi>Change my password.</a><br>"
+    puts "<a href=relogin.cgi>Log in as someone besides <b>$COOKIE(Bugzilla_login)</b></a><br>"
 }
-
+puts "<a href=changepassword.cgi>Change your password.</a><br>"
 puts "<a href=\"enter_bug.cgi\">Create a new bug.</a><br>"
 
 }]} {
diff --git a/relogin.cgi b/relogin.cgi
index e569496040..4bc1a394c5 100755
--- a/relogin.cgi
+++ b/relogin.cgi
@@ -26,6 +26,7 @@ source CGI.tcl
 
 
 puts "Set-Cookie: Bugzilla_login= ; path=/; expires=Sun, 30-Jun-80 00:00:00 GMT
+Set-Cookie: Bugzilla_logincookie= ; path=/; expires=Sun, 30-Jun-80 00:00:00 GMT
 Set-Cookie: Bugzilla_password= ; path=/; expires=Sun, 30-Jun-80 00:00:00 GMT
 Content-type: text/html