Closed Bug 1221423 Opened 9 years ago Closed 9 years ago

unable to impersonate users when 2fa is enabled

Categories

(bugzilla.mozilla.org :: General, defect)

Product:
bugzilla.mozilla.org
Component:
General
Version:
Production
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED

People

(Reporter: glob, Assigned: dkl)

References

Details

Attachments

(1 file, 1 obsolete file)

1221423_2.patch
5.41 KB, patch
glob
: review+
Details | Diff | Splinter Review 
unable to impersonate users when 2fa is enabled - the following error is displayed after providing the 2fa code:

> Your Bugzilla password is required to begin a sudo session. Please go back and enter your password.
Blocks: 1221428
Assignee: nobody → dkl
Status: NEW → ASSIGNED
Attached patch 1221423_1.patch (obsolete) — Splinter Review 
Had to refactor how sudo works in relogin.cgi quite a bit to make this work with mfa unfortunately.
Attachment #8683453 - Flags: review?(glob)
Comment on attachment 8683453 [details] [diff] [review]
1221423_1.patch

Review of attachment 8683453 [details] [diff] [review]:
-----------------------------------------------------------------

::: relogin.cgi
@@ +103,5 @@
> +    my $crypt_password = $user->cryptpassword;
> +    if (!$mfa_token
> +        && (!$current_password
> +            || (bz_crypt($current_password, $crypt_password) ne $crypt_password)))
> +    {

passing a mfa_token param for a user that doesn't have mfa enabled bypasses the password check (because $mfa_token will be true, and $user->mfa will be false).
Attachment #8683453 - Flags: review?(glob) → review-
Attached patch 1221423_2.patchSplinter Review 
Thanks for the review. Hopefully logic is better in this version.
Attachment #8683453 - Attachment is obsolete: true
Attachment #8683734 - Flags: review?(glob)
Comment on attachment 8683734 [details] [diff] [review]
1221423_2.patch

Review of attachment 8683734 [details] [diff] [review]:
-----------------------------------------------------------------

r=glob
Attachment #8683734 - Flags: review?(glob) → review+
To ssh://gitolite3@git.mozilla.org/webtools/bmo/bugzilla.git
   4c8b7b1..4f66eb9  master -> master
Status: ASSIGNED → RESOLVED
Closed: 9 years ago
Resolution: --- → FIXED
Fix test bustage

To ssh://gitolite3@git.mozilla.org/webtools/bmo/bugzilla.git
   4f66eb9..2038430  master -> master
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: