diff options
Diffstat (limited to 'Bugzilla')
-rw-r--r-- | Bugzilla/Token.pm | 4 | ||||
-rw-r--r-- | Bugzilla/User.pm | 2 | ||||
-rw-r--r-- | Bugzilla/Util.pm | 16 |
3 files changed, 18 insertions, 4 deletions
diff --git a/Bugzilla/Token.pm b/Bugzilla/Token.pm index a198dda3f..1cf51a332 100644 --- a/Bugzilla/Token.pm +++ b/Bugzilla/Token.pm @@ -150,7 +150,7 @@ sub CleanTokenTable { } sub GenerateUniqueToken { - # Generates a unique random token. Uses &GenerateRandomPassword + # Generates a unique random token. Uses generate_random_password # for the tokens themselves and checks uniqueness by searching for # the token in the "tokens" table. Gives up if it can't come up # with a token after about one hundred tries. @@ -167,7 +167,7 @@ sub GenerateUniqueToken { if ($tries > 100) { ThrowCodeError("token_generation_error"); } - $token = &::GenerateRandomPassword(); + $token = generate_random_password(); $sth->execute($token); $duplicate = $sth->fetchrow_array; } diff --git a/Bugzilla/User.pm b/Bugzilla/User.pm index dfe207d7b..87f894752 100644 --- a/Bugzilla/User.pm +++ b/Bugzilla/User.pm @@ -1153,7 +1153,7 @@ sub insert_new_user { $disabledtext ||= ''; # If not specified, generate a new random password for the user. - $password ||= &::GenerateRandomPassword(); + $password ||= generate_random_password(); my $cryptpassword = bz_crypt($password); # XXX - These should be moved into is_available_username or validate_email_syntax diff --git a/Bugzilla/Util.pm b/Bugzilla/Util.pm index f5084e02c..3a9d6dae7 100644 --- a/Bugzilla/Util.pm +++ b/Bugzilla/Util.pm @@ -23,6 +23,7 @@ # Bradley Baetz <bbaetz@student.usyd.edu.au> # Christopher Aillon <christopher@aillon.com> # Max Kanat-Alexander <mkanat@bugzilla.org> +# Frédéric Buclin <LpSolit@gmail.com> package Bugzilla::Util; @@ -40,7 +41,8 @@ use base qw(Exporter); perform_substs format_time format_time_decimal validate_date file_mod_time is_7bit_clean - bz_crypt validate_email_syntax); + bz_crypt generate_random_password + validate_email_syntax); use Bugzilla::Config; use Bugzilla::Constants; @@ -356,6 +358,11 @@ sub bz_crypt { return $cryptedpassword; } +sub generate_random_password { + my $size = shift || 10; # default to 10 chars if nothing specified + return join("", map{ ('0'..'9','a'..'z','A'..'Z')[rand 62] } (1..$size)); +} + sub validate_email_syntax { my ($addr) = @_; my $match = Param('emailregexp'); @@ -435,6 +442,7 @@ Bugzilla::Util - Generic utility functions for bugzilla # Cryptographic Functions $crypted_password = bz_crypt($password); + $new_password = generate_random_password($password_length); # Validation Functions validate_email_syntax($email); @@ -689,6 +697,12 @@ characters of the password to anyone who views the encrypted version. =end undocumented +=item C<generate_random_password($password_length)> + +Returns an alphanumeric string with the specified length +(10 characters by default). Use this function to generate passwords +and tokens. + =back =head2 Validation |