From a4d1d44bd2354a1ea85f4be4dcc3cbe365a8939e Mon Sep 17 00:00:00 2001
From: "bzrmirror%bugzilla.org"
 <bzrmirror%bugzilla.org@18797224-902f-48f8-a5cc-f745e15eee43>
Date: Tue, 17 Feb 2015 20:46:42 +0000
Subject: [PATCH] Bug 1132887: When starting a sudo session, the password is
 not validated r=dkl a=glob

git-svn-id: svn://10.0.0.236/trunk@265812 18797224-902f-48f8-a5cc-f745e15eee43
---
 mozilla/webtools/bugzilla/.bzrrev     | 2 +-
 mozilla/webtools/bugzilla/.gitrev     | 2 +-
 mozilla/webtools/bugzilla/relogin.cgi | 3 +++
 3 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/mozilla/webtools/bugzilla/.bzrrev b/mozilla/webtools/bugzilla/.bzrrev
index 6b6d39337a2..5d1e2fa842d 100644
--- a/mozilla/webtools/bugzilla/.bzrrev
+++ b/mozilla/webtools/bugzilla/.bzrrev
@@ -1 +1 @@
-9296
\ No newline at end of file
+9297
\ No newline at end of file
diff --git a/mozilla/webtools/bugzilla/.gitrev b/mozilla/webtools/bugzilla/.gitrev
index 6a3e01b2480..00b1c6a94de 100644
--- a/mozilla/webtools/bugzilla/.gitrev
+++ b/mozilla/webtools/bugzilla/.gitrev
@@ -1 +1 @@
-9f76caa9e3493c2df055bed736463659770c0798
\ No newline at end of file
+10aa3f02a861c50fc89867dfb04cab72de14922f
\ No newline at end of file
diff --git a/mozilla/webtools/bugzilla/relogin.cgi b/mozilla/webtools/bugzilla/relogin.cgi
index 6f0c970f1fb..c4aae8d0bac 100755
--- a/mozilla/webtools/bugzilla/relogin.cgi
+++ b/mozilla/webtools/bugzilla/relogin.cgi
@@ -64,6 +64,9 @@ elsif ($action eq 'prepare-sudo') {
                           -httponly => 1,
                           %args);
 
+        # The user ID must not be set when generating the token, because
+        # that information will not be available when validating it.
+        local Bugzilla->user->{userid} = 0;
         $vars->{'login_request_token'} = issue_hash_token(['login_request', $value]);
     }