Opened 13 years ago

Closed 13 years ago

#427 closed defect (fixed)

login to linked account causes db corruption

Reported by: dmorton Owned by: dmorton
Priority: high Milestone: 1.0.3
Component: PHP scripts Version: 1.0.2
Severity: major Keywords:
Cc:

Description

GD reports that when he logs into an account that was linked to another,

it creates a duplicate policy in the policy table, which causes errors.

external auth, autocreate on, address_rewriting_type 4

Change History (7)

comment:1 Changed 13 years ago by anonymous

some code from GD:

/*

These changes, made to xlogin.php, prevent logging in with a non-primary
email address.
This prevents db corruption which comes from logging in with an address
which is linked
to another account as non-primary.

*/

      /* This is placed right after elseif ($auth_method == "external)
clause in xlogin.php ~line 184
       * This is a fix for the problem of logging into a primary account
which has been linked
       * which in turn causes database corruption. It looks up the current
address being used
       * to login and will not authenticate if it is not the primary
address for that account.
       * It is based of the valid assumption in my use case that the
$user_name is an email address.
       */
      // Only do our little transformations for email_addresses which
already exist
      if ($current_emailid = get_email_address_id($user_name)) {
          // Got the id of the email used to login with
          // Get the actual owner of that email address
          $owner_id = get_email_address_owner($current_emailid);
          // Get the owners primary e-mail address
          $primary_emailid = get_primary_email_id($owner_id);
          // If the owners primary emailid is different from the current
one, prevent login
          if ($primary_emailid != $current_emailid) {
              // Set a var with the actually primary address for that user
              // This lets the later output know what error this was and
what to tell the user
              $primary_login_uname =
get_email_address_by_id($primary_emailid);
          }
          // Otherwise perform the default authentication action
          else {
              list($authenticated, $email) = auth($user_name, $pwd,
$address, $nt_domain);
              if ($authenticated === true) {
                  $uid = get_user_id($user_name, $email);
              }
          }
      }
      // Otherwise perform the default authentication action
      else {
          list($authenticated, $email) = auth($user_name, $pwd, $address,
$nt_domain);
          if ($authenticated === true) {
              $uid = get_user_id($user_name, $email);
          }
      }


   /* This is placed right after $admin_link = "<...>" in xlogin.php ~line
240
    * This uses the previously set $primary_login_uname which is only
    * This should be integrated with the locale files when someone has the
chance
    */
   if (isset($primary_login_uname)) {
        $lang['text_login_failed1'] = "The e-mail address used to login,
".htmlentities($user_name).", is not the primary for your account.<br
/>Please login with your primary address which is currently:
".htmlentities($primary_login_uname).". ";
   }
   else {
        $lang['text_login_failed1'] = sprintf($lang['text_login_failed1'],
htmlentities($user_name));
   }

comment:2 Changed 13 years ago by anonymous

Confirmed problem with imap and a.r.t =4

It creates a policy row and a maia_users row, but does not create a users row to match.

Possible routes:

1) disable logging in except from primary account. 2) assume identity of primary account. 3) strip alias away from linked account and make it a regular user.

I don't like opion 2 because it could be a potential security/privacy problem.

comment:3 Changed 13 years ago by anonymous

To make matters worse... we have to apply address rewriting rules to find

the right user_name to compare in the users table. This mean a seperate solution for 1.1 per-address stats since we may not know that until after authentication.

comment:4 Changed 13 years ago by anonymous

[1169] addresses this by blocking the login of a linked account.

comment:5 Changed 13 years ago by anonymous

Replying to dmorton:

[1169] addresses this by blocking the login of a linked account.

ugh. Sorry for the pun.... ;)

comment:6 Changed 13 years ago by anonymous

need to test this with new internal-init type account.

comment:7 Changed 13 years ago by dmorton

  • Resolution set to fixed
  • Status changed from new to closed

fixed for 1.0.3 milestone, but needs a new look for 1.1... generating a new ticket for that milestone.

Note: See TracTickets for help on using tickets.