diff --git a/webtools/bugzilla/CGI.pl b/webtools/bugzilla/CGI.pl index 84c54ad6d69..24f92c072fd 100644 --- a/webtools/bugzilla/CGI.pl +++ b/webtools/bugzilla/CGI.pl @@ -219,7 +219,14 @@ sub get_netaddr { return join(".", unpack("CCCC", pack("N", $addr))); } -sub quietly_check_login() { +my $login_cookie_set = 0; +# If quietly_check_login is called with no arguments and logins are +# required, it will prompt for a login. +sub quietly_check_login { + if (Param('requirelogin') && !(@_)) { + confirm_login(); + return; + } $::disabledreason = ''; my $userid = 0; my $ipaddr = $ENV{'REMOTE_ADDR'}; @@ -561,11 +568,19 @@ sub confirm_login { $::COOKIE{"Bugzilla_logincookie"} = $logincookie; my $cookiepath = Param("cookiepath"); - print "Set-Cookie: Bugzilla_login= " . url_quote($enteredlogin) . " ; path=$cookiepath; expires=Sun, 30-Jun-2029 00:00:00 GMT\n"; - print "Set-Cookie: Bugzilla_logincookie=$logincookie ; path=$cookiepath; expires=Sun, 30-Jun-2029 00:00:00 GMT\n"; + if ($login_cookie_set == 0) { + $login_cookie_set = 1; + print "Set-Cookie: Bugzilla_login= " . url_quote($enteredlogin) . " ; path=$cookiepath; expires=Sun, 30-Jun-2029 00:00:00 GMT\n"; + print "Set-Cookie: Bugzilla_logincookie=$logincookie ; path=$cookiepath; expires=Sun, 30-Jun-2029 00:00:00 GMT\n"; + } } - $userid = quietly_check_login(); + # If anonymous logins are disabled, quietly_check_login will force + # the user to log in by calling confirm_login() when called by any + # code that does not call it with an argument. When confirm_login + # calls quietly_check_login, it must not result in confirm_login + # being called back. + $userid = quietly_check_login('do_not_recurse_here'); if (!$userid) { if ($::disabledreason) { diff --git a/webtools/bugzilla/defparams.pl b/webtools/bugzilla/defparams.pl index b0567c78304..ae092329512 100644 --- a/webtools/bugzilla/defparams.pl +++ b/webtools/bugzilla/defparams.pl @@ -963,6 +963,15 @@ Reason: %reason% checker => \&check_netmask }, + { + name => 'requirelogin', + desc => 'If this option is set, all access to the system beyond the ' . + ' front page will require a login. No anonymous users will ' . + ' be permitted.', + type => 'b', + default => '0' + }, + { name => 'usermatchmode', desc => 'Allow match strings to be entered for user names when entering ' . diff --git a/webtools/bugzilla/index.cgi b/webtools/bugzilla/index.cgi index 7e9fb5aab84..f6e11ac2190 100755 --- a/webtools/bugzilla/index.cgi +++ b/webtools/bugzilla/index.cgi @@ -45,7 +45,7 @@ use vars qw( ConnectToDatabase(); # Check whether or not the user is logged in and, if so, set the $::userid -quietly_check_login(); +quietly_check_login('permit_anonymous'); ############################################################################### # Main Body Execution diff --git a/webtools/bugzilla/token.cgi b/webtools/bugzilla/token.cgi index d4055d058d0..9a7efb5c5a2 100755 --- a/webtools/bugzilla/token.cgi +++ b/webtools/bugzilla/token.cgi @@ -36,7 +36,7 @@ require "CGI.pl"; # Establish a connection to the database backend. ConnectToDatabase(); -quietly_check_login(); +quietly_check_login('permit_anonymous'); # Use the "Token" module that contains functions for doing various # token-related tasks.