SYSTEM WARNING: 'date_default_timezone_get(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone.' in '/usr/share/mantis/www/core.php' line 264

0002028: Broken user management for local authentication - MantisBT Endian Bugtracker
Endian Issue Tracker





Please see now our new Bugtracker system: JIRA








View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0002028Endian FirewallProxy HTTPpublic2009-07-23 09:292010-11-22 12:04
Reportergm2x 
Assigned Tosimon-endian 
PrioritynormalSeverityminorReproducibilityalways
StatusclosedResolutionfixed 
PlatformOSOS Version
Product Version2.2 
Target Version2.3.1Fixed in Version2.3.1 
Summary0002028: Broken user management for local authentication
DescriptionVarious glitches occur if some username is substring of another username.
Steps To Reproduce- add user "test1"
- add user "test10"
- remove user "test1"

* OR/AND *

- add user "test1"
- add user "test10"
- add user "test"
Additional InformationThis bug didn't exist in 2.1.2
Tagspurple
Attached Filespng file icon Endian Firewall - Authentication_12.png [^] (87,262 bytes) 2009-07-23 11:36

- Relationships

-  Notes
(0002772)
gm2x (reporter)
2009-07-23 09:31

Steps to reproduce is in advanced view.
(0002773)
luca-endian (developer)
2009-07-23 09:51

Can you gently give us a more detailed description of the issue and the steps to reproduce it?

Thanks
(0002774)
gm2x (reporter)
2009-07-23 11:19

Ok, i followed like this:
0. I've done clean install of EFW 2.2 Community.
1. Enable HTTP Proxy.
2. Enable authentication in proxy configuration.
3. Go to User Management page (Proxy > HTTP > Authentication > User management button).
4. Add first user with name "abc"
5. Add second user with name "abcd"
6. Remove first user (second user will disappear too).
7. Add another user with name "abc"
8. Add user with name "ab" (first user will disappear).

The same behavior on demo.endian.com site.
(0002775)
gm2x (reporter)
2009-07-23 11:37

Screenshot uploaded.
(0003208)
gm2x (reporter)
2009-11-02 10:56

EFW 2.3 is also affected.
(0003213)
luca-endian (developer)
2009-11-02 13:28

really? did you restore a 2.2 backup?
because it should be fixed in 2.3..
(0003221)
gm2x (reporter)
2009-11-03 14:48

Clean install of community release in virtual machine. First part...

> 4. Add first user with name "abc"
> 5. Add second user with name "abcd"
> 6. Remove first user (second user will disappear too).

... sometimes works as it should, but when i tryed to repeat those steps, it doesn't. Second part...

> 7. Add another user with name "abc"
> 8. Add user with name "ab" (first user will disappear).

... still doesn't work. Also, can't create proxy users in demo system (demo.endian.com)
(0003222)
peter-endian (administrator)
2009-11-03 14:57

is this bug also fixed but not deployed on the iso?
can you confirm this, simon?
(0003223)
gm2x (reporter)
2009-11-03 15:51

I didn't understand last message. The buggy installation was deployed from ISO, if you mean that. The user management is still broken. What additional information i should provide?
(0003224)
peter-endian (administrator)
2009-11-03 16:50

last message was intended for *simon*, which is the developer of this part, to whom i assigned the ticket.

I think this bug has already been fixed before release of 2.3 (#2030) but has not been deployed in order to have it on the 2.3 iso.
correct, simon?
(0003225)
simon-endian (developer)
2009-11-03 17:05

i can confirm that it still exist, but is not allways reproduceable :-/ which is the reason i closed #2030 (i could not reproduce when i tested it back then with an development version of 2.3)

will fix it ASAP
(0003420)
simon-endian (developer)
2009-11-27 11:56

this happens because id for new user is 0 which will overwrite the first user in the user list :-/
(0003422)
simon-endian (developer)
2009-11-27 12:03

now first user is not deleted when a new user is created

- Issue History
Date Modified Username Field Change
2009-07-23 09:29 gm2x New Issue
2009-07-23 09:31 gm2x Note Added: 0002772
2009-07-23 09:51 luca-endian Note Added: 0002773
2009-07-23 11:19 gm2x Note Added: 0002774
2009-07-23 11:36 gm2x File Added: Endian Firewall - Authentication_12.png
2009-07-23 11:37 gm2x Note Added: 0002775
2009-07-23 12:48 luca-endian Status new => confirmed
2009-07-23 12:48 luca-endian Tag Attached: purple
2009-07-23 12:49 luca-endian Relationship added related to 0002030
2009-11-02 10:56 gm2x Note Added: 0003208
2009-11-02 13:28 luca-endian Note Added: 0003213
2009-11-03 14:48 gm2x Note Added: 0003221
2009-11-03 14:57 peter-endian Status confirmed => new
2009-11-03 14:57 peter-endian Assigned To => simon-endian
2009-11-03 14:57 peter-endian Status new => confirmed
2009-11-03 14:57 peter-endian Note Added: 0003222
2009-11-03 15:51 gm2x Note Added: 0003223
2009-11-03 16:50 peter-endian Note Added: 0003224
2009-11-03 17:05 simon-endian Note Added: 0003225
2009-11-25 10:16 christian-endian Status confirmed => new
2009-11-25 10:16 christian-endian Status new => confirmed
2009-11-25 10:16 christian-endian Relationship added child of 0002435
2009-11-25 17:36 peter-endian Target Version => 2.3.1
2009-11-27 11:56 simon-endian Note Added: 0003420
2009-11-27 12:03 simon-endian Note Added: 0003422
2009-11-27 12:03 simon-endian Status confirmed => resolved
2009-11-27 12:03 simon-endian Fixed in Version => 2.3.1
2009-11-27 12:03 simon-endian Resolution open => fixed
2010-11-22 12:04 peter-endian Status resolved => closed

Copyright © 2005-2008 Endian, SRL. All rights reserved.


Copyright © 2000 - 2012 MantisBT Group
Powered by Mantis Bugtracker