Closed Bug 1221423 Opened 10 years ago Closed 10 years ago

unable to impersonate users when 2fa is enabled

Categories

(bugzilla.mozilla.org :: General, defect)

Production
defect
Not set
normal

Tracking

()

RESOLVED FIXED

People

(Reporter: glob, Assigned: dkl)

References

Details

Attachments

(1 file, 1 obsolete file)

unable to impersonate users when 2fa is enabled - the following error is displayed after providing the 2fa code: > Your Bugzilla password is required to begin a sudo session. Please go back and enter your password.
Blocks: 1221428
Assignee: nobody → dkl
Status: NEW → ASSIGNED
Attached patch 1221423_1.patch (obsolete) — Splinter Review
Had to refactor how sudo works in relogin.cgi quite a bit to make this work with mfa unfortunately.
Attachment #8683453 - Flags: review?(glob)
Comment on attachment 8683453 [details] [diff] [review] 1221423_1.patch Review of attachment 8683453 [details] [diff] [review]: ----------------------------------------------------------------- ::: relogin.cgi @@ +103,5 @@ > + my $crypt_password = $user->cryptpassword; > + if (!$mfa_token > + && (!$current_password > + || (bz_crypt($current_password, $crypt_password) ne $crypt_password))) > + { passing a mfa_token param for a user that doesn't have mfa enabled bypasses the password check (because $mfa_token will be true, and $user->mfa will be false).
Attachment #8683453 - Flags: review?(glob) → review-
Attached patch 1221423_2.patchSplinter Review
Thanks for the review. Hopefully logic is better in this version.
Attachment #8683453 - Attachment is obsolete: true
Attachment #8683734 - Flags: review?(glob)
Comment on attachment 8683734 [details] [diff] [review] 1221423_2.patch Review of attachment 8683734 [details] [diff] [review]: ----------------------------------------------------------------- r=glob
Attachment #8683734 - Flags: review?(glob) → review+
To ssh://gitolite3@git.mozilla.org/webtools/bmo/bugzilla.git 4c8b7b1..4f66eb9 master -> master
Status: ASSIGNED → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Fix test bustage To ssh://gitolite3@git.mozilla.org/webtools/bmo/bugzilla.git 4f66eb9..2038430 master -> master
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: