[freeside-commits] branch FREESIDE_3_BRANCH updated. 52cf92b8969a3187b1615c557d650362ef702497

Mark Wells mark at 420.am
Tue Mar 8 13:41:33 PST 2016 

The branch, FREESIDE_3_BRANCH has been updated
       via  52cf92b8969a3187b1615c557d650362ef702497 (commit)
       via  eef47827c287da562ef36ccbb120e64bee798879 (commit)
      from  74e5191ab9f4b6454f7d7870cf9a36f088e3b7cd (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 52cf92b8969a3187b1615c557d650362ef702497
Author: Mark Wells <mark at freeside.biz>
Date:   Tue Mar 8 13:41:17 2016 -0800

    bugfix to #40792

diff --git a/FS/FS/Password_Mixin.pm b/FS/FS/Password_Mixin.pm
index 65bd3d2..fc2e03e 100644
--- a/FS/FS/Password_Mixin.pm
+++ b/FS/FS/Password_Mixin.pm
@@ -276,9 +276,10 @@ sub pw_set {
       && $pw_set =~ /[[:digit:]]/
       && $pw_set =~ /[[:punct:]]/ ) {
       @pw_set = split('', $pw_set);
+    } else {
+      warn "password-generated-characters set is insufficient; using default.";
+      @pw_set = split('', 'abcdefghijkmnpqrstuvwxyzABCDEFGHIJKLMNPQRSTUVWXYZ23456789()#.,');
     }
-    warn "password-generated-characters set is insufficient; using default.";
-    @pw_set = split('', 'abcdefghijkmnpqrstuvwxyzABCDEFGHIJKLMNPQRSTUVWXYZ23456789()#.,');
   }
   return @pw_set;
 }

commit eef47827c287da562ef36ccbb120e64bee798879
Author: Mark Wells <mark at freeside.biz>
Date:   Tue Mar 8 13:23:35 2016 -0800

    option to limit the set of characters in random passwords, #40792

diff --git a/FS/FS/Conf.pm b/FS/FS/Conf.pm
index 3736074..9ff75de 100644
--- a/FS/FS/Conf.pm
+++ b/FS/FS/Conf.pm
@@ -4293,10 +4293,10 @@ and customer address. Include units.',
   },
 
   {
-    'key'         => 'password-generated-allcaps',
+    'key'         => 'password-generated-characters',
     'section'     => 'password',
-    'description' => 'Causes passwords automatically generated to consist entirely of capital letters',
-    'type'        => 'checkbox',
+    'description' => 'Set of characters to use when generating random passwords. This must contain at least one lowercase letter, uppercase letter, digit, and punctuation mark.',
+    'type'        => 'textarea',
   },
 
   {
diff --git a/FS/FS/Password_Mixin.pm b/FS/FS/Password_Mixin.pm
index f07f772..65bd3d2 100644
--- a/FS/FS/Password_Mixin.pm
+++ b/FS/FS/Password_Mixin.pm
@@ -16,6 +16,8 @@ FS::UID->install_callback( sub {
     #eval "use Authen::Passphrase::BlowfishCrypt;";
 });
 
+our @pw_set;
+
 our $me = '[' . __PACKAGE__ . ']';
 
 our $BLOWFISH_COST = 10;
@@ -253,6 +255,36 @@ sub _blowfishcrypt {
 
 =back
 
+=head1 CLASS METHODS
+
+=over 4
+
+=item pw_set
+
+Returns the list of characters allowed in random passwords (from the
+C<password-generated-characters> config).
+
+=cut
+
+sub pw_set {
+  my $class = shift;
+  if (!@pw_set) {
+    my $pw_set = $conf->config('password-generated-characters');
+    $pw_set =~ s/\s//g; # don't ever allow whitespace
+    if ( $pw_set =~ /[[:lower:]]/
+      && $pw_set =~ /[[:upper:]]/
+      && $pw_set =~ /[[:digit:]]/
+      && $pw_set =~ /[[:punct:]]/ ) {
+      @pw_set = split('', $pw_set);
+    }
+    warn "password-generated-characters set is insufficient; using default.";
+    @pw_set = split('', 'abcdefghijkmnpqrstuvwxyzABCDEFGHIJKLMNPQRSTUVWXYZ23456789()#.,');
+  }
+  return @pw_set;
+}
+
+=back
+
 =head1 SEE ALSO
 
 L<FS::password_history>
diff --git a/FS/FS/Upgrade.pm b/FS/FS/Upgrade.pm
index 9f7edcf..05881b9 100644
--- a/FS/FS/Upgrade.pm
+++ b/FS/FS/Upgrade.pm
@@ -150,6 +150,12 @@ If you need to continue using the old Form 477 report, turn on the
     $conf->delete('voip-cust_email_csv_cdr') ;
   }
 
+  if ( !$conf->config('password-generated-characters') ) {
+    my $pw_set = 
+      'abcdefghijkmnpqrstuvwxyzABCDEFGHIJKLMNPQRSTUVWXYZ23456789()#.,' ;
+    $conf->set('password-generated-characters', $pw_set);
+  }
+
 }
 
 sub upgrade_overlimit_groups {
diff --git a/FS/FS/part_export/broadband_sqlradius.pm b/FS/FS/part_export/broadband_sqlradius.pm
index 522c637..e58c641 100644
--- a/FS/FS/part_export/broadband_sqlradius.pm
+++ b/FS/FS/part_export/broadband_sqlradius.pm
@@ -6,16 +6,20 @@ use Tie::IxHash;
 use FS::Conf;
 use FS::Record qw( dbh str2time_sql ); #qsearch qsearchs );
 use FS::part_export::sqlradius qw(sqlradius_connect);
+use FS::Password_Mixin;
 use NEXT;
 
-FS::UID->install_callback(sub { $conf = new FS::Conf });
+FS::UID->install_callback(
+  sub {
+    $conf = new FS::Conf;
+    @pw_set = FS::Password_Mixin->pw_set;
+  }
+);
 
 @ISA = qw(FS::part_export::sqlradius);
 
 $DEBUG = 0;
 
- at pw_set = ( 'a'..'z', 'A'..'Z', '0'..'9', '(', ')', '#', '.', ',' );
-
 tie %options, 'Tie::IxHash',
   'datasrc'  => { label=>'DBI data source ' },
   'username' => { label=>'Database username' },
diff --git a/FS/FS/svc_acct.pm b/FS/FS/svc_acct.pm
index 8b852f1..8e5859e 100644
--- a/FS/FS/svc_acct.pm
+++ b/FS/FS/svc_acct.pm
@@ -114,12 +114,11 @@ FS::UID->install_callback( sub {
   $smtpmachine = $conf->config('smtpmachine');
   $radius_password = $conf->config('radius-password') || 'Password';
   $radius_ip = $conf->config('radius-ip') || 'Framed-IP-Address';
-  @pw_set = ( 'A'..'Z' ) if $conf->exists('password-generated-allcaps');
+  @pw_set = FS::svc_acct->pw_set;
 }
 );
 
 @saltset = ( 'a'..'z' , 'A'..'Z' , '0'..'9' , '.' , '/' );
- at pw_set = ( 'a'..'z', 'A'..'Z', '0'..'9', '(', ')', '#', '.', ',' );
 
 sub _cache {
   my $self = shift;
diff --git a/FS/FS/svc_phone.pm b/FS/FS/svc_phone.pm
index 5527436..0c42832 100644
--- a/FS/FS/svc_phone.pm
+++ b/FS/FS/svc_phone.pm
@@ -13,6 +13,7 @@ use FS::Conf;
 use FS::Record qw( qsearch qsearchs dbh );
 use FS::PagedSearch qw( psearch );
 use FS::Msgcat qw(gettext);
+use FS::Password_Mixin; # for pw_set
 use FS::part_svc;
 use FS::phone_device;
 use FS::svc_pbx;
@@ -23,15 +24,13 @@ use FS::phone_avail;
 $me = '[' . __PACKAGE__ . ']';
 $DEBUG = 0;
 
-#avoid l 1 and o O 0
- at pw_set = ( 'a'..'k', 'm','n', 'p-z', 'A'..'N', 'P'..'Z' , '2'..'9' );
-
 #ask FS::UID to run this stuff for us later
 FS::UID->install_callback( sub { 
   $conf = new FS::Conf;
   $phone_name_max = $conf->config('svc_phone-phone_name-max_length');
   $passwordmin = $conf->config('sip_passwordmin') || 0;
   $passwordmax = $conf->config('sip_passwordmax') || 80;
+  @pw_set = FS::Password_Mixin->pw_set;
 }
 );
 
diff --git a/conf/password-generated-characters b/conf/password-generated-characters
new file mode 100644
index 0000000..57aa935
--- /dev/null
+++ b/conf/password-generated-characters
@@ -0,0 +1 @@
+abcdefghijkmnpqrstuvwxyzABCDEFGHIJKLMNPQRSTUVWXYZ23456789()#.,
diff --git a/httemplate/elements/random_pass.html b/httemplate/elements/random_pass.html
index 14bbb58..1517a55 100644
--- a/httemplate/elements/random_pass.html
+++ b/httemplate/elements/random_pass.html
@@ -1,16 +1,16 @@
 <INPUT TYPE="button" VALUE="<% emt($label) %>" onclick="randomPass()">
 <SCRIPT TYPE="text/javascript">
 function randomPass() {
-  var lower='<% join('', 'a'..'z') %>';
-  var upper='<% join('', 'A'..'Z') %>';
-  var number='<% join('', '0'..'9') %>';
-  var symbol='`~!@#$%^&*-_=+:;<>,.?';
-  var pw_set=lower+upper+number+symbol;
+  var pw_set = <% $pw_set |js_string %>;
+  var lower = <% $lower |js_string %>;
+  var upper = <% $upper |js_string %>;
+  var digit = <% $digit |js_string %>;
+  var punct = <% $punct |js_string %>;
   var pass=[];
   pass.push(lower.charAt(Math.floor(Math.random() * lower.length)));
-  pass.push(upper.charAt(Math.floor(Math.random() * lower.length)));
-  pass.push(number.charAt(Math.floor(Math.random() * number.length)));
-  pass.push(symbol.charAt(Math.floor(Math.random() * symbol.length)));
+  pass.push(upper.charAt(Math.floor(Math.random() * upper.length)));
+  pass.push(digit.charAt(Math.floor(Math.random() * digit.length)));
+  pass.push(punct.charAt(Math.floor(Math.random() * punct.length)));
   var i=0;
   while(i < 4) {
     i++;
@@ -24,4 +24,10 @@ function randomPass() {
 <%init>
 my $id = shift;
 my $label = shift || 'Generate';
+my $pw_set = join('', FS::Password_Mixin->pw_set);
+my $lower = join('', $pw_set =~ /[[:lower:]]/g);
+my $upper = join('', $pw_set =~ /[[:upper:]]/g);
+my $digit = join('', $pw_set =~ /[[:digit:]]/g);
+my $punct = join('', $pw_set =~ /[[:punct:]]/g);
+
 </%init>

-----------------------------------------------------------------------

Summary of changes:
 FS/FS/Conf.pm                            |    6 +++---
 FS/FS/Password_Mixin.pm                  |   33 ++++++++++++++++++++++++++++++
 FS/FS/Upgrade.pm                         |    6 ++++++
 FS/FS/part_export/broadband_sqlradius.pm |   10 ++++++---
 FS/FS/svc_acct.pm                        |    3 +--
 FS/FS/svc_phone.pm                       |    5 ++---
 conf/password-generated-characters       |    1 +
 httemplate/elements/random_pass.html     |   22 ++++++++++++--------
 8 files changed, 67 insertions(+), 19 deletions(-)
 create mode 100644 conf/password-generated-characters

More information about the freeside-commits mailing list