[freeside-commits] branch FREESIDE_4_BRANCH updated. b744896ab5fbab5d9af3f17836615f428d2d8cc2
Mark Wells
mark at 420.am
Wed Mar 23 13:36:22 PDT 2016
The branch, FREESIDE_4_BRANCH has been updated
via b744896ab5fbab5d9af3f17836615f428d2d8cc2 (commit)
from e99c5d8493912f1b8e7d6a4806bf1964730c6795 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit b744896ab5fbab5d9af3f17836615f428d2d8cc2
Author: Mark Wells <mark at freeside.biz>
Date: Wed Mar 23 13:35:54 2016 -0700
switch to a hard list of allowed password characters, #40792
diff --git a/FS/FS/Conf.pm b/FS/FS/Conf.pm
index dd31c3d..3ab0e8f 100644
--- a/FS/FS/Conf.pm
+++ b/FS/FS/Conf.pm
@@ -4052,14 +4052,16 @@ and customer address. Include units.',
'select_enum' => [ '1 hour', '2 hours', '4 hours', '8 hours', '1 day', '1 week', ],
},
- {
- 'key' => 'password-generated-characters',
- 'section' => 'password',
- 'description' => 'Set of characters to use when generating random passwords. This must contain at least one lowercase letter, uppercase letter, digit, and punctuation mark.',
- 'type' => 'textarea',
- },
+ # 3.x-only options for a more tolerant password policy
# {
+# 'key' => 'password-generated-characters',
+# 'section' => 'password',
+# 'description' => 'Set of characters to use when generating random passwords. This must contain at least one lowercase letter, uppercase letter, digit, and punctuation mark.',
+# 'type' => 'textarea',
+# },
+#
+# {
# 'key' => 'password-no_reuse',
# 'section' => 'password',
# 'description' => 'Minimum number of password changes before a password can be reused. By default, passwords can be reused without restriction.',
diff --git a/FS/FS/Password_Mixin.pm b/FS/FS/Password_Mixin.pm
index da80cd2..27da57f 100644
--- a/FS/FS/Password_Mixin.pm
+++ b/FS/FS/Password_Mixin.pm
@@ -14,8 +14,6 @@ FS::UID->install_callback( sub {
$conf = FS::Conf->new;
});
-our @pw_set;
-
our $me = '[' . __PACKAGE__ . ']';
our $BLOWFISH_COST = 10;
@@ -262,27 +260,19 @@ sub _blowfishcrypt {
=item pw_set
-Returns the list of characters allowed in random passwords (from the
-C<password-generated-characters> config).
+Returns the list of characters allowed in random passwords. This is now
+hardcoded.
=cut
sub pw_set {
- my $class = shift;
- if (!@pw_set) {
- my $pw_set = $conf->config('password-generated-characters');
- $pw_set =~ s/\s//g; # don't ever allow whitespace
- if ( $pw_set =~ /[[:lower:]]/
- && $pw_set =~ /[[:upper:]]/
- && $pw_set =~ /[[:digit:]]/
- && $pw_set =~ /[[:punct:]]/ ) {
- @pw_set = split('', $pw_set);
- } else {
- warn "password-generated-characters set is insufficient; using default.";
- @pw_set = split('', 'abcdefghijkmnpqrstuvwxyzABCDEFGHIJKLMNPQRSTUVWXYZ23456789()#.,');
- }
- }
- return @pw_set;
+
+ # ASCII alphabet, minus easily confused stuff (l, o, O, 0, 1)
+ # and plus some "safe" punctuation
+ split('',
+ 'abcdefghijkmnpqrstuvwxyzABCDEFGHIJKLMNPQRSTUVWXYZ23456789()#.,[]-_=+'
+ );
+
}
=back
diff --git a/FS/FS/Upgrade.pm b/FS/FS/Upgrade.pm
index 82fb800..2841981 100644
--- a/FS/FS/Upgrade.pm
+++ b/FS/FS/Upgrade.pm
@@ -165,12 +165,6 @@ If you need to continue using the old Form 477 report, turn on the
$conf->delete('voip-cust_email_csv_cdr') ;
}
- if ( !$conf->config('password-generated-characters') ) {
- my $pw_set =
- 'abcdefghijkmnpqrstuvwxyzABCDEFGHIJKLMNPQRSTUVWXYZ23456789()#.,' ;
- $conf->set('password-generated-characters', $pw_set);
- }
-
if ($conf->exists('unsuspendauto') && !$conf->config('unsuspend_balance')) {
$conf->set('unsuspend_balance','Zero');
$conf->delete('unsuspendauto');
-----------------------------------------------------------------------
Summary of changes:
FS/FS/Conf.pm | 14 ++++++++------
FS/FS/Password_Mixin.pm | 28 +++++++++-------------------
FS/FS/Upgrade.pm | 6 ------
3 files changed, 17 insertions(+), 31 deletions(-)
More information about the freeside-commits
mailing list