[Koha-patches] [PATCH] Check for Change in Remote IP address for Session Security. Disable when remote ip address changes frequently.
Amit Gupta
amit.gupta at osslabs.biz
Thu Dec 16 11:26:11 CET 2010
---
C4/Auth.pm | 5 +++--
installer/data/mysql/en/mandatory/sysprefs.sql | 2 ++
installer/data/mysql/updatedatabase.pl | 6 ++++++
.../prog/en/modules/admin/preferences/admin.pref | 9 ++++++++-
kohaversion.pl | 2 +-
5 files changed, 20 insertions(+), 4 deletions(-)
diff --git a/C4/Auth.pm b/C4/Auth.pm
index 2f13b86..7b0233b 100644
--- a/C4/Auth.pm
+++ b/C4/Auth.pm
@@ -913,6 +913,7 @@ sub checkauth {
login => 1,
INPUTS => \@inputs,
casAuthentication => C4::Context->preference("casAuthentication"),
+ remoteipcheck => C4::Context->preference("remoteipcheck"),
suggestion => C4::Context->preference("suggestion"),
virtualshelves => C4::Context->preference("virtualshelves"),
LibraryName => C4::Context->preference("LibraryName"),
@@ -1061,7 +1062,7 @@ sub check_api_auth {
$userid = undef;
$sessionID = undef;
return ("expired", undef, undef);
- } elsif ( $ip ne $ENV{'REMOTE_ADDR'} ) {
+ } elsif ( C4::Context->preference('remoteipcheck') && $ip ne $ENV{'REMOTE_ADDR'} ) {
# IP address changed
$session->delete();
C4::Context->_unset_userenv($sessionID);
@@ -1287,7 +1288,7 @@ sub check_cookie_auth {
$userid = undef;
$sessionID = undef;
return ("expired", undef);
- } elsif ( $ip ne $ENV{'REMOTE_ADDR'} ) {
+ } elsif ( C4::Context->preference('remoteipcheck') && $ip ne $ENV{'REMOTE_ADDR'} ) {
# IP address changed
$session->delete();
C4::Context->_unset_userenv($sessionID);
diff --git a/installer/data/mysql/en/mandatory/sysprefs.sql b/installer/data/mysql/en/mandatory/sysprefs.sql
index 1806657..48415f5 100644
--- a/installer/data/mysql/en/mandatory/sysprefs.sql
+++ b/installer/data/mysql/en/mandatory/sysprefs.sql
@@ -278,3 +278,5 @@ INSERT INTO `systempreferences` (variable,value,explanation,options,type) VALUES
INSERT INTO `systempreferences` (variable,value,explanation,options,type) VALUES('ILS-DI:AuthorizedIPs','','.','Restricts usage of ILS-DI to some IPs','Free');
INSERT INTO `systempreferences` (variable,value,explanation,options,type) VALUES ('OverduesBlockCirc','noblock','When checking out an item should overdues block checkout, generate a confirmation dialogue, or allow checkout','noblock|confirmation|block','Choice');
INSERT INTO `systempreferences` (variable,value,explanation,options,type) VALUES ('DisplayMultiPlaceHold','1','Display the ability to place multiple holds or not','','YesNo');
+INSERT INTO `systempreferences` (variable,value,explanation,options,type) VALUES('remoteipcheck','0','Check for Change in Remote IP address for Session Security . Disable when remote ip address changes frequently.','','YesNo');
+
diff --git a/installer/data/mysql/updatedatabase.pl b/installer/data/mysql/updatedatabase.pl
index ac272ce..093ddfb 100755
--- a/installer/data/mysql/updatedatabase.pl
+++ b/installer/data/mysql/updatedatabase.pl
@@ -3915,6 +3915,12 @@ if (C4::Context->preference("Version") < TransformToNum($DBversion)) {
SetVersion ($DBversion);
}
+$DBversion = '3.03.00.010';
+if (C4::Context->preference("Version") < TransformToNum($DBversion)) {
+ $dbh->do("INSERT INTO `systempreferences` (variable,value,explanation,options,type) VALUES('remoteipcheck','0','Check for Change in Remote IP address for Session Security. Disable when remote ip address changes frequently.','','YesNo')");
+ print "Upgrade to $DBversion done adding syspref Check for Change in Remote IP address for Session Security. Disable when remote ip address changes frequently.";
+ SetVersion ($DBversion);
+}
=head1 FUNCTIONS
diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/admin/preferences/admin.pref b/koha-tmpl/intranet-tmpl/prog/en/modules/admin/preferences/admin.pref
index 3ef972b..dd1dac2 100644
--- a/koha-tmpl/intranet-tmpl/prog/en/modules/admin/preferences/admin.pref
+++ b/koha-tmpl/intranet-tmpl/prog/en/modules/admin/preferences/admin.pref
@@ -41,7 +41,14 @@ Administration:
no: "Don't allow"
- staff and patrons to create and view saved lists of books.
Login options:
- -
+ -
+ - pref: remoteipcheck
+ default: 0
+ choices:
+ yes: Enable
+ no: "Disable"
+ - Check for Change in Remote IP address for Session Security. Disable when remote ip address changes frequently.
+ -
- pref: insecure
default: 0
choices:
diff --git a/kohaversion.pl b/kohaversion.pl
index a6e56b3..ad61294 100644
--- a/kohaversion.pl
+++ b/kohaversion.pl
@@ -16,7 +16,7 @@ the kohaversion is divided in 4 parts :
use strict;
sub kohaversion {
- our $VERSION = '3.03.00.009';
+ our $VERSION = '3.03.00.010';
# version needs to be set this way
# so that it can be picked up by Makefile.PL
# during install
--
1.6.4.2
More information about the Koha-patches
mailing list