73085: Enable credit card/ach encryption on a live system

[freeside.git] / FS / FS / Setup.pm

diff --git a/FS/FS/Setup.pm b/FS/FS/Setup.pm
index f26e50e..f005a36 100644 (file)
--- a/FS/FS/Setup.pm
+++ b/FS/FS/Setup.pm
@@ -7,7 +7,6 @@ use vars qw( @EXPORT_OK );
 use Tie::IxHash;
 use Crypt::OpenSSL::RSA;
 use FS::UID qw( dbh driver_name );
-#use FS::Record;
 
 use FS::svc_domain;
 $FS::svc_domain::whois_hack = 1;
@@ -27,7 +26,7 @@ use FS::access_groupagent;
 use FS::Record qw(qsearch);
 use FS::msgcat;
 
-@EXPORT_OK = qw( create_initial_data enable_encryption );
+@EXPORT_OK = qw( create_initial_data enable_encryption enable_banned_pay_pad );
 
 =head1 NAME
 
@@ -71,6 +70,8 @@ sub create_initial_data {
   populate_numbering();
 
   enable_encryption();
+
+  enable_banned_pay_pad();
   
   if ( $oldAutoCommit ) {
     dbh->commit or die dbh->errstr;
@@ -97,6 +98,31 @@ sub enable_encryption {
   $conf->set('encryptionpublickey',  $rsa->get_public_key_string );
   $conf->set('encryptionprivatekey', $rsa->get_private_key_string );
 
+  # reload Record globals, false laziness with FS::Record
+  $FS::Record::conf_encryption           = $conf->exists('encryption');
+  $FS::Record::conf_encryptionmodule     = $conf->config('encryptionmodule');
+  $FS::Record::conf_encryptionpublickey  = join("\n",$conf->config('encryptionpublickey'));
+  $FS::Record::conf_encryptionprivatekey = join("\n",$conf->config('encryptionprivatekey'));
+
+}
+
+sub enable_banned_pay_pad {
+
+  eval "use FS::Conf";
+  die $@ if $@;
+
+  my $conf = new FS::Conf;
+
+  die "banned_pay-pad already in place"
+    if length( $conf->config('banned_pay-pad') );
+
+  #arbitrary but good enough... all we need is *some* per-site random padding
+  my @pw_set = ( 'a'..'z', 'A'..'Z', '0'..'9', '(', ')', '#', '.', ',' );
+
+  $conf->set('banned_pay-pad',
+    join('', map($pw_set[ int(rand($#pw_set)) ], (0..15) ) )
+  );
+
 }
 
 sub populate_numbering {