[freeside-commits] branch master updated. b57faabe2aab0d5272101c16385ddb252efa697d
Mark Wells
mark at 420.am
Wed Mar 23 13:36:22 PDT 2016
The branch, master has been updated
via b57faabe2aab0d5272101c16385ddb252efa697d (commit)
from 871700058406b65d66bfcf645e4546fafb132246 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit b57faabe2aab0d5272101c16385ddb252efa697d
Author: Mark Wells <mark at freeside.biz>
Date: Wed Mar 23 13:35:54 2016 -0700
switch to a hard list of allowed password characters, #40792
diff --git a/FS/FS/Conf.pm b/FS/FS/Conf.pm
index a8ececd..e88ee68 100644
--- a/FS/FS/Conf.pm
+++ b/FS/FS/Conf.pm
@@ -4052,14 +4052,16 @@ and customer address. Include units.',
'select_enum' => [ '1 hour', '2 hours', '4 hours', '8 hours', '1 day', '1 week', ],
},
- {
- 'key' => 'password-generated-characters',
- 'section' => 'password',
- 'description' => 'Set of characters to use when generating random passwords. This must contain at least one lowercase letter, uppercase letter, digit, and punctuation mark.',
- 'type' => 'textarea',
- },
+ # 3.x-only options for a more tolerant password policy
# {
+# 'key' => 'password-generated-characters',
+# 'section' => 'password',
+# 'description' => 'Set of characters to use when generating random passwords. This must contain at least one lowercase letter, uppercase letter, digit, and punctuation mark.',
+# 'type' => 'textarea',
+# },
+#
+# {
# 'key' => 'password-no_reuse',
# 'section' => 'password',
# 'description' => 'Minimum number of password changes before a password can be reused. By default, passwords can be reused without restriction.',
diff --git a/FS/FS/Password_Mixin.pm b/FS/FS/Password_Mixin.pm
index da80cd2..27da57f 100644
--- a/FS/FS/Password_Mixin.pm
+++ b/FS/FS/Password_Mixin.pm
@@ -14,8 +14,6 @@ FS::UID->install_callback( sub {
$conf = FS::Conf->new;
});
-our @pw_set;
-
our $me = '[' . __PACKAGE__ . ']';
our $BLOWFISH_COST = 10;
@@ -262,27 +260,19 @@ sub _blowfishcrypt {
=item pw_set
-Returns the list of characters allowed in random passwords (from the
-C<password-generated-characters> config).
+Returns the list of characters allowed in random passwords. This is now
+hardcoded.
=cut
sub pw_set {
- my $class = shift;
- if (!@pw_set) {
- my $pw_set = $conf->config('password-generated-characters');
- $pw_set =~ s/\s//g; # don't ever allow whitespace
- if ( $pw_set =~ /[[:lower:]]/
- && $pw_set =~ /[[:upper:]]/
- && $pw_set =~ /[[:digit:]]/
- && $pw_set =~ /[[:punct:]]/ ) {
- @pw_set = split('', $pw_set);
- } else {
- warn "password-generated-characters set is insufficient; using default.";
- @pw_set = split('', 'abcdefghijkmnpqrstuvwxyzABCDEFGHIJKLMNPQRSTUVWXYZ23456789()#.,');
- }
- }
- return @pw_set;
+
+ # ASCII alphabet, minus easily confused stuff (l, o, O, 0, 1)
+ # and plus some "safe" punctuation
+ split('',
+ 'abcdefghijkmnpqrstuvwxyzABCDEFGHIJKLMNPQRSTUVWXYZ23456789()#.,[]-_=+'
+ );
+
}
=back
diff --git a/FS/FS/Upgrade.pm b/FS/FS/Upgrade.pm
index bfb218f..2a480f8 100644
--- a/FS/FS/Upgrade.pm
+++ b/FS/FS/Upgrade.pm
@@ -165,12 +165,6 @@ If you need to continue using the old Form 477 report, turn on the
$conf->delete('voip-cust_email_csv_cdr') ;
}
- if ( !$conf->config('password-generated-characters') ) {
- my $pw_set =
- 'abcdefghijkmnpqrstuvwxyzABCDEFGHIJKLMNPQRSTUVWXYZ23456789()#.,' ;
- $conf->set('password-generated-characters', $pw_set);
- }
-
if ($conf->exists('unsuspendauto') && !$conf->config('unsuspend_balance')) {
$conf->set('unsuspend_balance','Zero');
$conf->delete('unsuspendauto');
-----------------------------------------------------------------------
Summary of changes:
FS/FS/Conf.pm | 14 ++++++++------
FS/FS/Password_Mixin.pm | 28 +++++++++-------------------
FS/FS/Upgrade.pm | 6 ------
3 files changed, 17 insertions(+), 31 deletions(-)
More information about the freeside-commits
mailing list