From 31585b2a413e0d4e385bcc1209609f708377ad06 Mon Sep 17 00:00:00 2001
From: Angelo Naselli <anaselli@linux.it>
Date: Fri, 10 Mar 2017 22:18:53 +0100
Subject: Use the right file to check security level and password lenght
 (mga#20436)

---
 userdrake | 46 +++++++++++++++++++++++++++++++++++++++++++---
 1 file changed, 43 insertions(+), 3 deletions(-)

diff --git a/userdrake b/userdrake
index 5994012..08c36b3 100755
--- a/userdrake
+++ b/userdrake
@@ -44,7 +44,7 @@ use log;
 $ugtk3::wm_icon = "userdrake";
 
 my $conffile = '/etc/sysconfig/userdrake';
-my $secfile = '/etc/sysconfig/msec';
+my $secfile = '/etc/security/msec/security.conf';
 my $pixdir = '/usr/share/userdrake/pixmaps/';
 my @pix = ($pixdir . 'selected.png', $pixdir . 'unselected.png');
 
@@ -255,6 +255,46 @@ undef $window_splash;
 $us->{wnd}->main;
 ugtk3->exit(0);
 
+#=============================================================
+
+=head2 weakPasswordForSecurityLevel
+
+=head3 INPUT
+
+    $passwd: password to check
+
+=head3 OUTPUT
+
+    1: if the password is too weak for security level
+
+=head3 DESCRIPTION
+
+    Check the security level set if /etc/security/msec/security.conf
+    exists and the level is not 'standard' and if the password
+    is not at least 6 characters return true
+
+    NOTE this function has been ported from ManaTools::Shared::Users
+
+=cut
+
+#=============================================================
+sub weakPasswordForSecurityLevel {
+    my ($password) = shift;
+
+    if (-e $secfile) {
+        my $level = $sec{BASE_LEVEL};
+        if ($level eq 'none' or $level eq 'standard') {
+            return 0;
+        }
+        elsif (length($password) < 6) {
+            return 1;
+        }
+    }
+
+    return 0;
+}
+
+
 sub is_xguest_installed() {
     -e '/etc/security/namespace.d/xguest.conf';
 }
@@ -449,7 +489,7 @@ sub AddUser() {
                            if ($u{passwd} ne $us->{o}{confpasswd}->get_text) {
                                RaiseError(N("Password Mismatch"));
                            }
-                           if ($sec{SECURE_LEVEL} > 3 && length($u{passwd}) < 6) {
+                           if (weakPasswordForSecurityLevel($u{passwd})) {
                                RaiseError(N("This password is too simple. \n Good passwords should be > 6 characters"));
                            }
                            my $userEnt = !$error && $ctx->InitUser($u{username}, $is_system);
@@ -889,7 +929,7 @@ sub UserEdit_valid {
     if ($u{pw} ne $u{confm}) {
         RaiseError(N("Password Mismatch")); 
     } elsif ($u{pw} eq $u{confm} && $u{pw} ne '     ') {
-        if ($sec{SECURE_LEVEL} > 3 && length($u{pw}) < 6) {
+        if (weakPasswordForSecurityLevel($u{pw})) {
             RaiseError(N("This password is too simple. \n Good passwords should be > 6 characters"));
         }
         !$error and $ctx->UserSetPass($userEnt, $u{pw});
-- 
cgit v1.2.1