NTP users are strongly urged to take immediate action to ensure that their NTP daemons are not susceptible to being used in distributed denial-of-service (DDoS) attacks. Please also take this opportunity to defeat denial-of-service attacks by implementing Ingress and Egress filtering through BCP38.
ntp-4.2.8p15 was released on 23 June 2020. It addresses 1 medium-severity security issue in ntpd, and provides 13 non-security bugfixes over 4.2.8p13.
Are you using Autokey in production? If so, please contact Harlan - he's got some questions for you.
User registration handling.
This method is designed to be
invoked via the
Called by ManageCgiScript
::bulkRegister (requires authentication) with topic = the page with the entries on it.
StaticMethod registerAndNext ($session)
This is called when action = register or action = ""
It calls register and either Verify or Finish.
Hopefully we will get workflow integrated and rewrite this to be table driven
This is called through: TWikiRegistration
StaticMethod resetPassword ($session)
Generates a password. Mails it to them and asks them to change it. Entry
point intended to be called from UI::run
StaticMethod changePassword ($session)
Change the user's password and/or email. Details of the user and password
are passed in CGI parameters.
- Checks required fields have values
- get wikiName and userName from getUserByEitherLoginOrWikiName(username)
- check passwords match each other, and that the password is correct, otherwise 'wrongpassword'
case is not handled.
An admin user can change other user's passwords.
StaticMethod verifyEmailAddress ($session)
This is called: on receipt of the activation password -> RegisterCgiScript
- calls _loadPendingRegistration(activation password)
- throws oops if appropriate
- calls emailRegistrationConfirmations
- still calls 'oopssendmailerr' if a problem, but this is not done uniformly