r5 - 2008-01-22 - 03:21:35 - TWikiContributorYou are here: NTP >  TWiki Web > TWikiUIRegisterDotPm
NTP users are strongly urged to take immediate action to ensure that their NTP daemons are not susceptible to being used in distributed denial-of-service (DDoS) attacks. Please also take this opportunity to defeat denial-of-service attacks by implementing Ingress and Egress filtering through BCP38.

ntp-4.2.8p15 was released on 23 June 2020. It addresses 1 medium-severity security issue in ntpd, and provides 13 non-security bugfixes over 4.2.8p13.

Please see the NTP Security Notice for vulnerability and mitigation details.

Are you using Autokey in production? If so, please contact Harlan - he's got some questions for you.

Package TWiki::UI::Register

User registration handling.

StaticMethod register_cgi ($session)

register command handler. This method is designed to be invoked via the UI::run method.

StaticMethod bulkRegister ($session)

Called by ManageCgiScript ::bulkRegister (requires authentication) with topic = the page with the entries on it.

StaticMethod registerAndNext ($session)

This is called when action = register or action = ""

It calls register and either Verify or Finish.

Hopefully we will get workflow integrated and rewrite this to be table driven

StaticMethod register ($session)

This is called through: TWikiRegistration -> RegisterCgiScript -> here

StaticMethod resetPassword ($session)

Generates a password. Mails it to them and asks them to change it. Entry point intended to be called from UI::run

StaticMethod changePassword ($session)

Change the user's password and/or email. Details of the user and password are passed in CGI parameters.

  1. Checks required fields have values
  2. get wikiName and userName from getUserByEitherLoginOrWikiName(username)
  3. check passwords match each other, and that the password is correct, otherwise 'wrongpassword'
  4. TWiki::User::updateUserPassword
  5. 'oopschangepasswd'

The NoPasswdUser case is not handled.

An admin user can change other user's passwords.

StaticMethod verifyEmailAddress ($session)

This is called: on receipt of the activation password -> RegisterCgiScript -> here

  1. calls _loadPendingRegistration(activation password)
  2. throws oops if appropriate
  3. calls emailRegistrationConfirmations
  4. still calls 'oopssendmailerr' if a problem, but this is not done uniformly

Edit | WYSIWYG | Attach | Printable | Raw View | Backlinks: Web, All Webs | History: r5 < r4 < r3 < r2 < r1 | More topic actions
This site is powered by the TWiki collaboration platformCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding NTP? Send feedback
Note: Please contribute updates to this topic on TWiki.org at TWiki:TWiki.TWikiUIRegisterDotPm