From ef2b25a7063f9e5f644cca7014c59890f5a1e918 Mon Sep 17 00:00:00 2001 From: mark Date: Wed, 23 Dec 2009 00:30:14 +0000 Subject: [PATCH] Tweak set_password per RT#6358 --- FS/FS/svc_acct.pm | 21 +++++++++++++-------- httemplate/edit/process/svc_acct.cgi | 4 ++-- httemplate/edit/svc_acct.cgi | 4 ++-- 3 files changed, 17 insertions(+), 12 deletions(-) diff --git a/FS/FS/svc_acct.pm b/FS/FS/svc_acct.pm index 649a78347..19f292157 100644 --- a/FS/FS/svc_acct.pm +++ b/FS/FS/svc_acct.pm @@ -1184,13 +1184,14 @@ sub check { # First, if _password is blank, generate one and set default encoding. if ( ! $recref->{_password} ) { - $self->set_password(''); + $error = $self->set_password(''); } # But if there's a _password but no encoding, assume it's plaintext and # set it to default encoding. elsif ( ! $recref->{_password_encoding} ) { - $self->set_password($recref->{_password}); + $error = $self->set_password($recref->{_password}); } + return $error if $error; # Next, check _password to ensure compliance with the encoding. if ( $recref->{_password_encoding} eq 'ldap' ) { @@ -1232,11 +1233,8 @@ sub check { $recref->{_password} =~ /\!/ and return gettext('illegal_password'); } } - elsif ( $recref->{_password_encoding} eq 'legacy' ) { - # this happens when set_password fails - return gettext('illegal_password'). " $passwordmin-$passwordmax ". - FS::Msgcat::_gettext('illegal_password_characters'). - ": ". $recref->{_password}; + else { + return "invalid password encoding ('".$recref->{_password_encoding}."'"; } $self->SUPER::check; @@ -1300,7 +1298,14 @@ sub set_password { my $self = shift; my $pass = shift; my ($encoding, $encryption); + my $failure = gettext('illegal_password'). " $passwordmin-$passwordmax ". + FS::Msgcat::_gettext('illegal_password_characters'). + ": ". $pass; + if(($passwordmin and length($pass) < $passwordmin) or + ($passwordmax and length($pass) > $passwordmax)) { + return $failure; + } if($self->_password_encoding) { $encoding = $self->_password_encoding; @@ -1344,7 +1349,7 @@ sub set_password { $self->_password_encoding('crypt'); } else { - # do nothing; check() will recognize this as an error + return $failure; } } } diff --git a/httemplate/edit/process/svc_acct.cgi b/httemplate/edit/process/svc_acct.cgi index c19c2a51f..515d89e91 100755 --- a/httemplate/edit/process/svc_acct.cgi +++ b/httemplate/edit/process/svc_acct.cgi @@ -11,6 +11,7 @@ die "access denied" $cgi->param('svcnum') =~ /^(\d*)$/ or die "Illegal svcnum!"; my $svcnum = $1; +my $error; my $old; if ( $svcnum ) { @@ -45,10 +46,9 @@ if( $cgi->param('clear_password') eq '*HIDDEN*' die "fatal: no previous account to recall hidden password from!" unless $old; } else { - $new->set_password($cgi->param('clear_password')); + $error = $new->set_password($cgi->param('clear_password')); } -my $error; if ( $svcnum ) { foreach (grep { $old->$_ != $new->$_ } qw( seconds upbytes downbytes totalbytes )) { my %hash = map { $_ => $new->$_ } diff --git a/httemplate/edit/svc_acct.cgi b/httemplate/edit/svc_acct.cgi index 9c3e8de03..afbd002c1 100755 --- a/httemplate/edit/svc_acct.cgi +++ b/httemplate/edit/svc_acct.cgi @@ -12,7 +12,7 @@