stable
Clone or download
Read-only
Existing cleartext keys are marked as such in DB and Tuleap try to remove the cleartext version when the configuration of a Bugzilla reference is edited. A future contribution will add a warning in the web UI for the keys that has been stored in cleartext to encourage administrators to rotate these credentials. This is part of story #10606: encrypt bugzilla credentials (API key) before storing in the DB Change-Id: I26208666f2ad3961021e3c12d4ba9926c3d6ae44
Modified Files
| Name | ||||
|---|---|---|---|---|
| M | plugins/bugzilla_reference/db/install.sql | +1 | −0 | Go to diff View file |
| A | plugins/bugzilla_reference/db/updates/2017/201709280900_mark_cleartext_api_key.php | +64 | −0 | Go to diff View file |
| M | plugins/bugzilla_reference/include/Bugzilla/Reference/Dao.php | +13 | −13 | Go to diff View file |
| M | plugins/bugzilla_reference/include/Bugzilla/Reference/RESTReferenceCreator.php | +1 | −1 | Go to diff View file |
| M | plugins/bugzilla_reference/include/Bugzilla/Reference/Reference.php | +9 | −1 | Go to diff View file |
| M | plugins/bugzilla_reference/include/Bugzilla/Reference/ReferenceRetriever.php | +17 | −3 | Go to diff View file |
| M | plugins/bugzilla_reference/include/Bugzilla/Reference/ReferenceSaver.php | +23 | −10 | Go to diff View file |
| M | plugins/bugzilla_reference/include/bugzilla_referencePlugin.class.php | +1 | −1 | Go to diff View file |
| A | src/common/Cryptography/Exception/InvalidCiphertextException.php | +29 | −0 | Go to diff View file |
| A | src/common/Cryptography/Exception/UnexpectedOperationFailureException.php | +29 | −0 | Go to diff View file |
| M | src/common/Cryptography/Symmetric/SymmetricCrypto.php | +26 | −0 | Go to diff View file |
| M | src/common/autoload.php | +4 | −2 | Go to diff View file |
| M | tests/simpletest/common/Cryptography/Symmetric/SymmetricCryptoTest.php | +52 | −0 | Go to diff View file |