freeside/FS/FS Record.pm,1.97,1.98 cust_main.pm,1.175,1.176
Peter Bowen
pbowen at pouncequick.420.am
Fri Mar 18 16:12:27 PST 2005
Update of /home/cvs/cvsroot/freeside/FS/FS
In directory pouncequick:/tmp/cvs-serv18096/FS/FS
Modified Files:
Record.pm cust_main.pm
Log Message:
Fixed a few things: -PB
1. Fixed a nasty bug that would clear the payinfo if the private key was not available.
2. Set the default module for encrypt/decrypt to be Crypt::OpenSSL::RSA.
3. Added a die and error message so that it doesn't just pass around plaintext if the encryption engine is broken or missing.
4. Added code so that the masked payinfo is handled correctly in the case that it is blank and it cannot be generated (encrypted payinfo)
Index: Record.pm
===================================================================
RCS file: /home/cvs/cvsroot/freeside/FS/FS/Record.pm,v
retrieving revision 1.97
retrieving revision 1.98
diff -u -d -r1.97 -r1.98
--- Record.pm 18 Mar 2005 19:21:28 -0000 1.97
+++ Record.pm 19 Mar 2005 00:12:24 -0000 1.98
@@ -1707,13 +1707,21 @@
sub encrypt {
my ($self, $value) = @_;
my $encrypted;
- if ($conf->exists('encryption') && !$self->is_encrypted($value)) {
- $self->loadRSA;
- if (ref($rsa_encrypt) =~ /::RSA/) { # We Can Encrypt
- # RSA doesn't like the empty string so let's pack it up
- # The database doesn't like the RSA data so uuencode it
- my $length = length($value)+1;
- $encrypted = pack("u*",$rsa_encrypt->encrypt(pack("Z$length",$value)));
+
+ if ($conf->exists('encryption')) {
+ if ($self->is_encrypted($value)) {
+ # Return the original value if it isn't plaintext.
+ $encrypted = $value;
+ } else {
+ $self->loadRSA;
+ if (ref($rsa_encrypt) =~ /::RSA/) { # We Can Encrypt
+ # RSA doesn't like the empty string so let's pack it up
+ # The database doesn't like the RSA data so uuencode it
+ my $length = length($value)+1;
+ $encrypted = pack("u*",$rsa_encrypt->encrypt(pack("Z$length",$value)));
+ } else {
+ die ("You can't encrypt w/o a valid RSA engine - Check your installation or disable encryption");
+ }
}
}
return $encrypted;
@@ -1744,13 +1752,14 @@
}
sub loadRSA {
- my $self = shift;;
+ my $self = shift;
#Initialize the Module
- if (!$conf->exists('encryptionmodule')) {
- carp "warning: There is no Encryption Module Defined!";
- return;
+ $rsa_module = 'Crypt::OpenSSL::RSA'; # The Default
+
+ if ($conf->exists('encryptionmodule') && $conf->config('encryptionmodule') ne '') {
+ $rsa_module = $conf->config('encryptionmodule');
}
- $rsa_module = $conf->config('encryptionmodule');
+
if (!$rsa_loaded) {
eval ("require $rsa_module"); # No need to import the namespace
$rsa_loaded++;
Index: cust_main.pm
===================================================================
RCS file: /home/cvs/cvsroot/freeside/FS/FS/cust_main.pm,v
retrieving revision 1.175
retrieving revision 1.176
diff -u -d -r1.175 -r1.176
--- cust_main.pm 18 Mar 2005 19:21:29 -0000 1.175
+++ cust_main.pm 19 Mar 2005 00:12:24 -0000 1.176
@@ -247,7 +247,7 @@
$paymask = $payinfo;
}
$self->setfield('paymask', $paymask); # This is okay since we are the 'setter'
- } else {
+ } elsif (defined($value) && $self->is_encrypted($value)) {
$paymask = 'N/A';
}
return $paymask;
@@ -678,7 +678,7 @@
local $SIG{PIPE} = 'IGNORE';
# If the mask is blank then try to set it - if we can...
- if (!defined($self->paymask) && $self->paymask eq '') {
+ if (!defined($self->getfield('paymask')) || $self->getfield('paymask') eq '') {
$self->paymask($self->payinfo);
}
@@ -936,7 +936,7 @@
return gettext('unknown_card_type')
if cardtype($self->payinfo) eq "Unknown";
if ( defined $self->dbdef_table->column('paycvv') ) {
- if ( length($self->paycvv) ) {
+ if (length($self->paycvv) && !$self->is_encrypted($self->paycvv)) {
if ( cardtype($self->payinfo) eq 'American Express card' ) {
$self->paycvv =~ /^(\d{4})$/
or return "CVV2 (CID) for American Express cards is four digits.";
More information about the freeside-commits
mailing list