diff options
| -rw-r--r-- | FS/FS/Conf.pm | 14 | ||||
| -rw-r--r-- | FS/FS/Password_Mixin.pm | 28 | ||||
| -rw-r--r-- | FS/FS/Upgrade.pm | 6 |
3 files changed, 17 insertions, 31 deletions
diff --git a/FS/FS/Conf.pm b/FS/FS/Conf.pm index a8ececd02..e88ee6840 100644 --- a/FS/FS/Conf.pm +++ b/FS/FS/Conf.pm @@ -4052,14 +4052,16 @@ and customer address. Include units.', 'select_enum' => [ '1 hour', '2 hours', '4 hours', '8 hours', '1 day', '1 week', ], }, - { - 'key' => 'password-generated-characters', - 'section' => 'password', - 'description' => 'Set of characters to use when generating random passwords. This must contain at least one lowercase letter, uppercase letter, digit, and punctuation mark.', - 'type' => 'textarea', - }, + # 3.x-only options for a more tolerant password policy # { +# 'key' => 'password-generated-characters', +# 'section' => 'password', +# 'description' => 'Set of characters to use when generating random passwords. This must contain at least one lowercase letter, uppercase letter, digit, and punctuation mark.', +# 'type' => 'textarea', +# }, +# +# { # 'key' => 'password-no_reuse', # 'section' => 'password', # 'description' => 'Minimum number of password changes before a password can be reused. By default, passwords can be reused without restriction.', diff --git a/FS/FS/Password_Mixin.pm b/FS/FS/Password_Mixin.pm index da80cd27f..27da57f28 100644 --- a/FS/FS/Password_Mixin.pm +++ b/FS/FS/Password_Mixin.pm @@ -14,8 +14,6 @@ FS::UID->install_callback( sub { $conf = FS::Conf->new; }); -our @pw_set; - our $me = '[' . __PACKAGE__ . ']'; our $BLOWFISH_COST = 10; @@ -262,27 +260,19 @@ sub _blowfishcrypt { =item pw_set -Returns the list of characters allowed in random passwords (from the -C<password-generated-characters> config). +Returns the list of characters allowed in random passwords. This is now +hardcoded. =cut sub pw_set { - my $class = shift; - if (!@pw_set) { - my $pw_set = $conf->config('password-generated-characters'); - $pw_set =~ s/\s//g; # don't ever allow whitespace - if ( $pw_set =~ /[[:lower:]]/ - && $pw_set =~ /[[:upper:]]/ - && $pw_set =~ /[[:digit:]]/ - && $pw_set =~ /[[:punct:]]/ ) { - @pw_set = split('', $pw_set); - } else { - warn "password-generated-characters set is insufficient; using default."; - @pw_set = split('', 'abcdefghijkmnpqrstuvwxyzABCDEFGHIJKLMNPQRSTUVWXYZ23456789()#.,'); - } - } - return @pw_set; + + # ASCII alphabet, minus easily confused stuff (l, o, O, 0, 1) + # and plus some "safe" punctuation + split('', + 'abcdefghijkmnpqrstuvwxyzABCDEFGHIJKLMNPQRSTUVWXYZ23456789()#.,[]-_=+' + ); + } =back diff --git a/FS/FS/Upgrade.pm b/FS/FS/Upgrade.pm index bfb218f33..2a480f872 100644 --- a/FS/FS/Upgrade.pm +++ b/FS/FS/Upgrade.pm @@ -165,12 +165,6 @@ If you need to continue using the old Form 477 report, turn on the $conf->delete('voip-cust_email_csv_cdr') ; } - if ( !$conf->config('password-generated-characters') ) { - my $pw_set = - 'abcdefghijkmnpqrstuvwxyzABCDEFGHIJKLMNPQRSTUVWXYZ23456789()#.,' ; - $conf->set('password-generated-characters', $pw_set); - } - if ($conf->exists('unsuspendauto') && !$conf->config('unsuspend_balance')) { $conf->set('unsuspend_balance','Zero'); $conf->delete('unsuspendauto'); |