diff options
author | Jonathan Prykop <jonathan@freeside.biz> | 2016-12-17 16:41:45 -0600 |
---|---|---|
committer | Jonathan Prykop <jonathan@freeside.biz> | 2016-12-17 16:41:45 -0600 |
commit | dbb1f2c9894385044ed85b64d9016b2eeb06d649 (patch) | |
tree | 1e090590df43f30ae8ccda37481cf1cb8e297b0c /FS/FS | |
parent | 61e54f288c3b6c93bcfdf128c8117f66965f463b (diff) |
73085: Enable credit card/ach encryption on a live system
Diffstat (limited to 'FS/FS')
-rw-r--r-- | FS/FS/Setup.pm | 7 | ||||
-rw-r--r-- | FS/FS/Upgrade.pm | 1 | ||||
-rw-r--r-- | FS/FS/cust_main.pm | 81 |
3 files changed, 88 insertions, 1 deletions
diff --git a/FS/FS/Setup.pm b/FS/FS/Setup.pm index 0c3226a..f005a36 100644 --- a/FS/FS/Setup.pm +++ b/FS/FS/Setup.pm @@ -7,7 +7,6 @@ use vars qw( @EXPORT_OK ); use Tie::IxHash; use Crypt::OpenSSL::RSA; use FS::UID qw( dbh driver_name ); -#use FS::Record; use FS::svc_domain; $FS::svc_domain::whois_hack = 1; @@ -99,6 +98,12 @@ sub enable_encryption { $conf->set('encryptionpublickey', $rsa->get_public_key_string ); $conf->set('encryptionprivatekey', $rsa->get_private_key_string ); + # reload Record globals, false laziness with FS::Record + $FS::Record::conf_encryption = $conf->exists('encryption'); + $FS::Record::conf_encryptionmodule = $conf->config('encryptionmodule'); + $FS::Record::conf_encryptionpublickey = join("\n",$conf->config('encryptionpublickey')); + $FS::Record::conf_encryptionprivatekey = join("\n",$conf->config('encryptionprivatekey')); + } sub enable_banned_pay_pad { diff --git a/FS/FS/Upgrade.pm b/FS/FS/Upgrade.pm index 41349a5..27c4b4c 100644 --- a/FS/FS/Upgrade.pm +++ b/FS/FS/Upgrade.pm @@ -367,6 +367,7 @@ sub upgrade_data { 'agent_payment_gateway' => [], #cust_main (tokenizes cards, remove paycvv from history, locations, cust_payby, etc) + # (handles payinfo encryption/tokenization across all relevant tables) 'cust_main' => [], #contact -> cust_contact / prospect_contact diff --git a/FS/FS/cust_main.pm b/FS/FS/cust_main.pm index 51bde33..493b1c6 100644 --- a/FS/FS/cust_main.pm +++ b/FS/FS/cust_main.pm @@ -5354,13 +5354,94 @@ sub _upgrade_data { #class method $class->_upgrade_otaker(%opts); + # turn on encryption as part of regular upgrade, so all new records are immediately encrypted + # existing records will be encrypted in queueable_upgrade (below) + unless ($conf->exists('encryptionpublickey') || $conf->exists('encryptionprivatekey')) { + eval "use FS::Setup"; + die $@ if $@; + FS::Setup::enable_encryption(); + } + } sub queueable_upgrade { my $class = shift; + + ### encryption gets turned on in _upgrade_data, above + + eval "use FS::upgrade_journal"; + die $@ if $@; + + # prior to 2013 (commit f16665c9) payinfo was stored in history if not encrypted, + # clear that out before encrypting/tokenizing anything else + if (!FS::upgrade_journal->is_done('clear_payinfo_history')) { + foreach my $table ('cust_payby','cust_pay_pending','cust_pay','cust_pay_void','cust_refund') { + my $sql = 'UPDATE h_'.$table.' SET payinfo = NULL WHERE payinfo IS NOT NULL'; + my $sth = dbh->prepare($sql) or die dbh->errstr; + $sth->execute or die $sth->errstr; + } + FS::upgrade_journal->set_done('clear_payinfo_history'); + } + + # encrypt old records + if ($conf->exists('encryption') && !FS::upgrade_journal->is_done('encryption_check')) { + + # allow replacement of closed cust_pay/cust_refund records + local $FS::payinfo_Mixin::allow_closed_replace = 1; + + # because it looks like nothing's changing + local $FS::Record::no_update_diff = 1; + + # commit everything immediately + local $FS::UID::AutoCommit = 1; + + # encrypt what's there + foreach my $table ('cust_payby','cust_pay_pending','cust_pay','cust_pay_void','cust_refund') { + my $tclass = 'FS::'.$table; + my $lastrecnum = 0; + my @recnums = (); + while (my $recnum = _upgrade_next_recnum(dbh,$table,\$lastrecnum,\@recnums)) { + my $record = $tclass->by_key($recnum); + next unless $record; # small chance it's been deleted, that's ok + next unless grep { $record->payby eq $_ } @FS::Record::encrypt_payby; + # window for possible conflict is practically nonexistant, + # but just in case... + $record = $record->select_for_update; + my $error = $record->replace; + die $error if $error; + } + } + + FS::upgrade_journal->set_done('encryption_check'); + } + + # now that everything's encrypted, tokenize... FS::cust_main::Billing_Realtime::token_check(@_); } +# not entirely false laziness w/ Billing_Realtime::_token_check_next_recnum +# cust_payby might get deleted while this runs +# not a method! +sub _upgrade_next_recnum { + my ($dbh,$table,$lastrecnum,$recnums) = @_; + my $recnum = shift @$recnums; + return $recnum if $recnum; + my $tclass = 'FS::'.$table; + my $sql = 'SELECT '.$tclass->primary_key. + ' FROM '.$table. + ' WHERE '.$tclass->primary_key.' > '.$$lastrecnum. + ' ORDER BY '.$tclass->primary_key.' LIMIT 500';; + my $sth = $dbh->prepare($sql) or die $dbh->errstr; + $sth->execute() or die $sth->errstr; + my @recnums; + while (my $rec = $sth->fetchrow_hashref) { + push @$recnums, $rec->{$tclass->primary_key}; + } + $sth->finish(); + $$lastrecnum = $$recnums[-1]; + return shift @$recnums; +} + =back =head1 BUGS |