From de1f16178dcae2d517e849e45ee77fd3d636005c Mon Sep 17 00:00:00 2001
From: "lpsolit%gmail.com" <>
Date: Fri, 2 Sep 2005 04:39:20 +0000
Subject: Bug 304582: Move GenerateRandomPassword() out of globals.pl - Patch
 by Frédéric Buclin <LpSolit@gmail.com> r=joel a=myk
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 Bugzilla/Token.pm |  4 ++--
 Bugzilla/User.pm  |  2 +-
 Bugzilla/Util.pm  | 16 +++++++++++++++-
 3 files changed, 18 insertions(+), 4 deletions(-)

(limited to 'Bugzilla')

diff --git a/Bugzilla/Token.pm b/Bugzilla/Token.pm
index a198dda3f..1cf51a332 100644
--- a/Bugzilla/Token.pm
+++ b/Bugzilla/Token.pm
@@ -150,7 +150,7 @@ sub CleanTokenTable {
 }
 
 sub GenerateUniqueToken {
-    # Generates a unique random token.  Uses &GenerateRandomPassword 
+    # Generates a unique random token.  Uses generate_random_password 
     # for the tokens themselves and checks uniqueness by searching for
     # the token in the "tokens" table.  Gives up if it can't come up
     # with a token after about one hundred tries.
@@ -167,7 +167,7 @@ sub GenerateUniqueToken {
         if ($tries > 100) {
             ThrowCodeError("token_generation_error");
         }
-        $token = &::GenerateRandomPassword();
+        $token = generate_random_password();
         $sth->execute($token);
         $duplicate = $sth->fetchrow_array;
     }
diff --git a/Bugzilla/User.pm b/Bugzilla/User.pm
index dfe207d7b..87f894752 100644
--- a/Bugzilla/User.pm
+++ b/Bugzilla/User.pm
@@ -1153,7 +1153,7 @@ sub insert_new_user {
     $disabledtext ||= '';
 
     # If not specified, generate a new random password for the user.
-    $password ||= &::GenerateRandomPassword();
+    $password ||= generate_random_password();
     my $cryptpassword = bz_crypt($password);
 
     # XXX - These should be moved into is_available_username or validate_email_syntax
diff --git a/Bugzilla/Util.pm b/Bugzilla/Util.pm
index f5084e02c..3a9d6dae7 100644
--- a/Bugzilla/Util.pm
+++ b/Bugzilla/Util.pm
@@ -23,6 +23,7 @@
 #                 Bradley Baetz <bbaetz@student.usyd.edu.au>
 #                 Christopher Aillon <christopher@aillon.com>
 #                 Max Kanat-Alexander <mkanat@bugzilla.org>
+#                 Frédéric Buclin <LpSolit@gmail.com>
 
 package Bugzilla::Util;
 
@@ -40,7 +41,8 @@ use base qw(Exporter);
                              perform_substs
                              format_time format_time_decimal validate_date
                              file_mod_time is_7bit_clean
-                             bz_crypt validate_email_syntax);
+                             bz_crypt generate_random_password
+                             validate_email_syntax);
 
 use Bugzilla::Config;
 use Bugzilla::Constants;
@@ -356,6 +358,11 @@ sub bz_crypt {
     return $cryptedpassword;
 }
 
+sub generate_random_password {
+    my $size = shift || 10; # default to 10 chars if nothing specified
+    return join("", map{ ('0'..'9','a'..'z','A'..'Z')[rand 62] } (1..$size));
+}
+
 sub validate_email_syntax {
     my ($addr) = @_;
     my $match = Param('emailregexp');
@@ -435,6 +442,7 @@ Bugzilla::Util - Generic utility functions for bugzilla
 
   # Cryptographic Functions
   $crypted_password = bz_crypt($password);
+  $new_password = generate_random_password($password_length);
 
   # Validation Functions
   validate_email_syntax($email);
@@ -689,6 +697,12 @@ characters of the password to anyone who views the encrypted version.
 
 =end undocumented
 
+=item C<generate_random_password($password_length)>
+
+Returns an alphanumeric string with the specified length
+(10 characters by default). Use this function to generate passwords
+and tokens.
+
 =back
 
 =head2 Validation
-- 
cgit v1.2.3-24-g4f1b