diff options
| author | Dylan William Hardison <dylan@hardison.net> | 2017-09-15 20:30:40 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2017-09-15 20:30:40 +0200 |
| commit | e9adcde4648b54db8d40f314ca938dca5080bb9c (patch) | |
| tree | bd826aa5f5857e063d575fec1ec16068712edd4a /Bugzilla/User.pm | |
| parent | 06c57b6e475767923f8294cf93fd746d45f3dc6f (diff) | |
| download | bugzilla-e9adcde4648b54db8d40f314ca938dca5080bb9c.tar.gz bugzilla-e9adcde4648b54db8d40f314ca938dca5080bb9c.tar.xz | |
Bug 1391702 - Replace Bugzilla::User::validate_password() with calls to Data::Password::passwdqc
Diffstat (limited to 'Bugzilla/User.pm')
| -rw-r--r-- | Bugzilla/User.pm | 58 |
1 files changed, 2 insertions, 56 deletions
diff --git a/Bugzilla/User.pm b/Bugzilla/User.pm index 84fc1fb21..2d8256080 100644 --- a/Bugzilla/User.pm +++ b/Bugzilla/User.pm @@ -34,7 +34,7 @@ use Role::Tiny::With; use base qw(Bugzilla::Object Exporter); @Bugzilla::User::EXPORT = qw(is_available_username - login_to_id user_id_to_login validate_password validate_password_check + login_to_id user_id_to_login USER_MATCH_MULTIPLE USER_MATCH_FAILED USER_MATCH_SUCCESS MATCH_SKIP_CONFIRM ); @@ -417,7 +417,7 @@ sub _check_password { # authentication. return $pass if $pass eq '*'; - validate_password($pass); + Bugzilla->assert_password_is_secure($pass); my $cryptpassword = bz_crypt($pass); return $cryptpassword; } @@ -2712,40 +2712,6 @@ sub user_id_to_login { return $login || ''; } -sub validate_password { - my $check = validate_password_check(@_); - ThrowUserError($check) if $check; - return 1; -} - -sub validate_password_check { - my ($password, $matchpassword) = @_; - - if (length($password) < USER_PASSWORD_MIN_LENGTH) { - return 'password_too_short'; - } elsif ((defined $matchpassword) && ($password ne $matchpassword)) { - return 'passwords_dont_match'; - } - - my $complexity_level = Bugzilla->params->{password_complexity}; - if ($complexity_level eq 'bmo') { - my $features = 0; - - $features++ if $password =~ /[a-z]/; - $features++ if $password =~ /[A-Z]/; - $features++ if $password =~ /[0-9]/; - $features++ if $password =~ /[^A-Za-z0-9]/; - $features++ if length($password) > 12; - - return 'password_not_complex' if $features < 3; - } - - # Having done these checks makes us consider the password untainted. - trick_taint($_[0]); - return; -} - - 1; __END__ @@ -3369,26 +3335,6 @@ Returns the login name of the user account for the given user ID. If no valid user ID is given or the user has no entry in the profiles table, we return an empty string. -=item C<validate_password($passwd1, $passwd2)> - -Returns true if a password is valid (i.e. meets Bugzilla's -requirements for length and content), else throws an error. -Untaints C<$passwd1> if successful. - -If a second password is passed in, this function also verifies that -the two passwords match. - -=item C<validate_password_check($passwd1, $passwd2)> - -This sub routine is similair to C<validate_password>, except that it allows -the calling code to handle its own errors. - -Returns undef and untaints C<$passwd1> if a password is valid (i.e. meets -Bugzilla's requirements for length and content), else returns the error. - -If a second password is passed in, this function also verifies that -the two passwords match. - =item C<match_field($data, $fields, $behavior)> =over |