X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=FS%2FFS%2FPassword_Mixin.pm;h=393b4162935b13588ff18c34cab970e2c9d86c76;hb=42ebaebeafc054ca0c3a924efd7a53154fdcf35e;hp=af4c5e2b7043cf04a67372957931aa6bed11780d;hpb=c44432a5f0f1c1841ff8b50e734a30bd9aeef945;p=freeside.git

diff --git a/FS/FS/Password_Mixin.pm b/FS/FS/Password_Mixin.pm
index af4c5e2b7..393b41629 100644
--- a/FS/FS/Password_Mixin.pm
+++ b/FS/FS/Password_Mixin.pm
@@ -4,7 +4,7 @@ use FS::Record qw(qsearch);
 use FS::Conf;
 use FS::password_history;
 use Authen::Passphrase;
-# use Authen::Passphrase::BlowfishCrypt; # ha ha, no.
+use Authen::Passphrase::BlowfishCrypt;
 # https://rt.cpan.org/Ticket/Display.html?id=72743
 
 our $DEBUG = 1;
@@ -12,7 +12,7 @@ our $conf;
 FS::UID->install_callback( sub {
     $conf = FS::Conf->new;
     # this is safe
-    eval "use Authen::Passphrase::BlowfishCrypt;";
+    #eval "use Authen::Passphrase::BlowfishCrypt;";
 });
 
 our $me = '[' . __PACKAGE__ . ']';
@@ -105,7 +105,16 @@ sub insert_password_history {
   my $password = $self->_password;
   my $auth;
 
-  if ( $encoding eq 'bcrypt' or $encoding eq 'crypt' ) {
+  if ( $encoding eq 'bcrypt' ) {
+    # our format, used for contact and access_user passwords
+    my ($cost, $salt, $hash) = split(',', $password);
+    $auth = Authen::Passphrase::BlowfishCrypt->new(
+      cost        => $cost,
+      salt_base64 => $salt,
+      hash_base64 => $hash,
+    );
+
+  } elsif ( $encoding eq 'crypt' ) {
 
     # it's smart enough to figure this out
     $auth = Authen::Passphrase->from_crypt($password);
@@ -119,7 +128,9 @@ sub insert_password_history {
       $auth = $self->_blowfishcrypt( $auth->passphrase );
     }
   
-  } elsif ( $encoding eq 'plain' ) {
+  } else {
+    warn "unrecognized password encoding '$encoding'; treating as plain text"
+      unless $encoding eq 'plain';
 
     $auth = $self->_blowfishcrypt( $password );