All new accounts created on Gitlab now require administrator approval. If you invite any collaborators, please let Flux staff know so they can approve the accounts.

Commit a4e8ca5b authored by Robert Ricci's avatar Robert Ricci

Change user verification keys. Verification key is now an md5 hash

of a random number, as suggested in the php manual. This number
is stashed in the database, in the new verify_key column in the
users table.

Rename the functions that generate and get the keys, and move from
defs.php3 to dbdefs.php3, since they're now DB operations.
parent 0063513f
......@@ -990,6 +990,7 @@ CREATE TABLE users (
emulab_pubkey text,
home_pubkey text,
adminoff tinyint(4) default '0',
verify_key varchar(32) default NULL,
PRIMARY KEY (uid),
KEY unix_uid (unix_uid)
) TYPE=MyISAM;
......
......@@ -1161,6 +1161,30 @@ function TBHasSerialConsole($node_id) {
return mysql_num_rows($query_result);
}
#
# Generate a verification key, and stash it in the database
#
function TBGenVerificationKey($name) {
$key = md5(uniqid(rand(),1));
DBQueryFatal("update users set verify_key='$key' where uid='$name'");
return $key;
}
#
# Get a verification key from the database
#
function TBGetVerificationKey($name) {
$query_result =
DBQueryFatal("select verify_key from users where uid='$name'");
if (mysql_num_rows($query_result) == 0) {
# Can we signal error somehow?
return "";
}
$row = mysql_fetch_array($query_result);
return $row[verify_key];
}
#
# DB Interface.
#
......
......@@ -54,13 +54,6 @@ $TBMAILADDR = "<a href=\"mailto:$TBMAILADDR_OPS\">
#
include("dbdefs.php3");
#
# Generate the KEY from a name
#
function GENKEY ($name) {
return crypt("TB_"."$name"."_USR", strlen($name) + 13);
}
#
# Wrap up the mail function so we can prepend a tag to the subject
# line that indicates what testbed. Useful when multiple testbed
......
......@@ -583,7 +583,7 @@ if (! $returning) {
"'$encoding', NULL, 'newuser', ".
"date_add(now(), interval 1 year), now())");
$key = GENKEY($joining_uid);
$key = TBGenVerificationKey($joining_uid);
TBMAIL("$usr_name '$joining_uid' <$usr_email>",
"Your New User Key",
......
......@@ -836,7 +836,7 @@ if (! $returning) {
"'$usr_phone', '$encoding', NULL, 'newuser', ".
"date_add(now(), interval 1 year), now())");
$key = GENKEY($proj_head_uid);
$key = TBGenVerificationKey($proj_head_uid);
TBMAIL("$usr_name '$proj_head_uid' <$usr_email>",
"Your New User Key",
......
......@@ -49,7 +49,7 @@ if (! strcmp($status, TBDB_USERSTATUS_ACTIVE) ||
# The user is logged in, so all we need to do is confirm the key.
# Make sure it matches.
#
$keymatch = GENKEY($uid);
$keymatch = TBGetVerificationKey($uid);
if (strcmp($key, $keymatch)) {
USERERROR("The given key \"$key\" is incorrect. ".
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment