[SECURITY] Fix open redirection in openid extension 20/26220/2
authorHelmut Hummel <helmut.hummel@typo3.org>
Tue, 10 Dec 2013 09:54:48 +0000 (10:54 +0100)
committerOliver Hader <oliver.hader@typo3.org>
Tue, 10 Dec 2013 09:54:52 +0000 (10:54 +0100)
commit5f32f0a47174d8e5fb8e301c265d772be72b5c72
tree4d1f9077c566b749a6291f38f867692d1220f4bc
parent5eae4a875b66c7dda6e53e75d34fe126b9ed55fd
[SECURITY] Fix open redirection in openid extension

The eID script of the openid extension does not
validate the given redirect url, leading to
an open redirection vulnerability.

Add and verify hmac of the redirect url.

Change-Id: I0d65390b61dd5cf92151d36e490a194624b98b8f
Fixes: #54099
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Security-Commit: 5c6a45c0f843a93ab048a3df4bb352b8e02099b2
Security-Bulletin: TYPO3-CORE-SA-2013-004
Reviewed-on: https://review.typo3.org/26220
Reviewed-by: Oliver Hader
Tested-by: Oliver Hader
typo3/sysext/openid/Classes/OpenidEid.php
typo3/sysext/openid/Classes/OpenidService.php