summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDavid Snopek2018-06-27 19:03:13 (GMT)
committerDavid Snopek2018-06-27 19:03:13 (GMT)
commita07b2d4aa3ad679f467f6bf937ffd7ece686b7db (patch)
tree62c30cd9c4dc9863ca1407213726165e2e5d8a1b
parentaac412f0aaa3db8e49da267ed810c12615f611e8 (diff)
Issue #2982173: [genpass] Add D6LTS patch for SA-CONTRIB-2018-042HEAD6.x
-rw-r--r--common/contrib/genpass/SA-CONTRIB-2018-042.patch52
1 files changed, 52 insertions, 0 deletions
diff --git a/common/contrib/genpass/SA-CONTRIB-2018-042.patch b/common/contrib/genpass/SA-CONTRIB-2018-042.patch
new file mode 100644
index 0000000..38553e3
--- /dev/null
+++ b/common/contrib/genpass/SA-CONTRIB-2018-042.patch
@@ -0,0 +1,52 @@
+diff --git a/genpass.module b/genpass.module
+index b35b1d9..5d31623 100644
+--- a/genpass.module
++++ b/genpass.module
+@@ -26,17 +26,16 @@ function genpass_generate() {
+ }
+
+ /**
+- * Generate a new password using genpass's internal password generation
+- * algorithm.
+- * Based on the original D6 user_password function (with more characters)
++ * Generates random password.
+ *
+- * @return a fresh password according to the settings made in /admin/user/settings
++ * @see user_password()
+ *
+- * @see genpass_form_alter()
++ * @return string
++ * The random string.
+ */
+ function genpass_password() {
+ $pass = '';
+- $length = variable_get('genpass_length', 8);
++ $length = variable_get('genpass_length', 12);
+ $allowable_characters = variable_get('genpass_entropy', _genpass_default_entropy());
+
+ // Zero-based count of characters in the allowable list:
+@@ -44,9 +43,14 @@ function genpass_password() {
+
+ // Loop the number of times specified by $length.
+ for ($i = 0; $i < $length; $i++) {
++ do {
++ // Find a secure random number within the range needed.
++ $index = ord(drupal_random_bytes(1));
++ } while ($index > $len);
++
+ // Each iteration, pick a random character from the
+ // allowable string and append it to the password:
+- $pass .= $allowable_characters[mt_rand(0, $len)];
++ $pass .= $allowable_characters[$index];
+ }
+
+ return $pass;
+@@ -90,7 +94,7 @@ function genpass_form_alter(&$form, $form_state, $form_id) {
+ $form['registration']['genpass_length'] = array(
+ '#type' => 'textfield',
+ '#title' => t('Generated password length'),
+- '#default_value' => variable_get('genpass_length', 8),
++ '#default_value' => variable_get('genpass_length', 12),
+ '#size' => 2,
+ '#maxlength' => 2,
+ '#description' => t('Set the length of generated passwords here. Allowed range: 5 to 32.'),