From 49d006287b4c46d546a80fce57d2584b88364645 Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem.moulin@fripost.org>
Date: Tue, 15 May 2012 08:32:01 +0200
Subject: New password policy.

---
 lib/Fripost/Password.pm | 17 +++++++----------
 1 file changed, 7 insertions(+), 10 deletions(-)

(limited to 'lib/Fripost/Password.pm')

diff --git a/lib/Fripost/Password.pm b/lib/Fripost/Password.pm
index fc1f7ce..0f2cf6e 100755
--- a/lib/Fripost/Password.pm
+++ b/lib/Fripost/Password.pm
@@ -77,9 +77,11 @@ sub hash {
 sub is_salted { return ( not ( defined $_[0] ) or $_[0] ne '' ) };
 
 
-# Generate (random) salt, with a (random) length of 24 to 31 bytes.
+# Generate a (random) 4 bytes salt. We only generates 4 bytes here to
+# match the other way to hash & salt passwords (`slappasswd' and the
+# RoundCube passwords).
 sub make_salt {
-    my $len   = 31 - int( rand(8) );
+    my $len   = 4;
     my @bytes = ();
     for my $i ( 1 .. $len ) {
         push( @bytes, rand(255) );
@@ -87,11 +89,6 @@ sub make_salt {
     return pack( 'C*', @bytes );
 }
 
-sub random_string {
-    my ($len, $range) = @_;
-    return join '', @$range[ map {rand $#$range} (1..$len) ];
-}
-
 
 # Add trailing `='s to the input string to ensure its length is a
 # multiple of 4.
@@ -107,9 +104,9 @@ sub pad_base64 {
 # Our policy for automatically generated passwords.
 sub mkpasswd {
     return String::MkPasswd::mkpasswd(
-        -length => 20,
-        -minnum => 5,
-        -minspecial => 3
+        -length => 12,
+        -minnum => 2,
+        -minspecial => 1
     );
 }
 
-- 
cgit v1.2.3