Page MenuHomePhabricator
Files F15334508

D21635.diff
No OneTemporary
Actions

D21635.diff
View Options

diff --git a/scripts/ssh/ssh-exec.php b/scripts/ssh/ssh-exec.php
--- a/scripts/ssh/ssh-exec.php
+++ b/scripts/ssh/ssh-exec.php
@@ -146,6 +146,14 @@
$device_name));
}
+ if ($device->isDisabled()) {
+ throw new Exception(
+ pht(
+ 'This request has authenticated as a device ("%s"), but this '.
+ 'device is disabled.',
+ $device->getName()));
+ }
+
// We're authenticated as a device, but we're going to read the user out of
// the command below.
$is_cluster_request = true;
diff --git a/src/applications/conduit/controller/PhabricatorConduitAPIController.php b/src/applications/conduit/controller/PhabricatorConduitAPIController.php
--- a/src/applications/conduit/controller/PhabricatorConduitAPIController.php
+++ b/src/applications/conduit/controller/PhabricatorConduitAPIController.php
@@ -238,6 +238,16 @@
if ($object instanceof PhabricatorUser) {
$user = $object;
} else {
+ if ($object->isDisabled()) {
+ return array(
+ 'ERR-INVALID-AUTH',
+ pht(
+ 'The key which signed this request is associated with a '.
+ 'disabled device ("%s").',
+ $object->getName()),
+ );
+ }
+
if (!$stored_key->getIsTrusted()) {
return array(
'ERR-INVALID-AUTH',

File Metadata

Mime Type
text/plain
Expires
Sun, Mar 9, 10:05 AM (2 w, 1 d ago)
Storage Engine
blob
Storage Format
Encrypted (AES-256-CBC)
Storage Handle
7388175
Default Alt Text
D21635.diff (1 KB)

Event Timeline

Phabricator · Built by Phacility