aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAngelo Naselli <anaselli@linux.it>2017-03-10 22:18:53 +0100
committerAngelo Naselli <anaselli@linux.it>2017-03-10 22:18:53 +0100
commit31585b2a413e0d4e385bcc1209609f708377ad06 (patch)
tree1b0fba35f5785968203735829a0e41feafd12fc5
parent8ecf145a0c22a04a657bd8838ac3a30f451712f8 (diff)
downloaduserdrake-31585b2a413e0d4e385bcc1209609f708377ad06.tar
userdrake-31585b2a413e0d4e385bcc1209609f708377ad06.tar.gz
userdrake-31585b2a413e0d4e385bcc1209609f708377ad06.tar.bz2
userdrake-31585b2a413e0d4e385bcc1209609f708377ad06.tar.xz
userdrake-31585b2a413e0d4e385bcc1209609f708377ad06.zip
Use the right file to check security level and password lenght (mga#20436)
-rwxr-xr-xuserdrake46
1 files changed, 43 insertions, 3 deletions
diff --git a/userdrake b/userdrake
index 5994012..08c36b3 100755
--- a/userdrake
+++ b/userdrake
@@ -44,7 +44,7 @@ use log;
$ugtk3::wm_icon = "userdrake";
my $conffile = '/etc/sysconfig/userdrake';
-my $secfile = '/etc/sysconfig/msec';
+my $secfile = '/etc/security/msec/security.conf';
my $pixdir = '/usr/share/userdrake/pixmaps/';
my @pix = ($pixdir . 'selected.png', $pixdir . 'unselected.png');
@@ -255,6 +255,46 @@ undef $window_splash;
$us->{wnd}->main;
ugtk3->exit(0);
+#=============================================================
+
+=head2 weakPasswordForSecurityLevel
+
+=head3 INPUT
+
+ $passwd: password to check
+
+=head3 OUTPUT
+
+ 1: if the password is too weak for security level
+
+=head3 DESCRIPTION
+
+ Check the security level set if /etc/security/msec/security.conf
+ exists and the level is not 'standard' and if the password
+ is not at least 6 characters return true
+
+ NOTE this function has been ported from ManaTools::Shared::Users
+
+=cut
+
+#=============================================================
+sub weakPasswordForSecurityLevel {
+ my ($password) = shift;
+
+ if (-e $secfile) {
+ my $level = $sec{BASE_LEVEL};
+ if ($level eq 'none' or $level eq 'standard') {
+ return 0;
+ }
+ elsif (length($password) < 6) {
+ return 1;
+ }
+ }
+
+ return 0;
+}
+
+
sub is_xguest_installed() {
-e '/etc/security/namespace.d/xguest.conf';
}
@@ -449,7 +489,7 @@ sub AddUser() {
if ($u{passwd} ne $us->{o}{confpasswd}->get_text) {
RaiseError(N("Password Mismatch"));
}
- if ($sec{SECURE_LEVEL} > 3 && length($u{passwd}) < 6) {
+ if (weakPasswordForSecurityLevel($u{passwd})) {
RaiseError(N("This password is too simple. \n Good passwords should be > 6 characters"));
}
my $userEnt = !$error && $ctx->InitUser($u{username}, $is_system);
@@ -889,7 +929,7 @@ sub UserEdit_valid {
if ($u{pw} ne $u{confm}) {
RaiseError(N("Password Mismatch"));
} elsif ($u{pw} eq $u{confm} && $u{pw} ne ' ') {
- if ($sec{SECURE_LEVEL} > 3 && length($u{pw}) < 6) {
+ if (weakPasswordForSecurityLevel($u{pw})) {
RaiseError(N("This password is too simple. \n Good passwords should be > 6 characters"));
}
!$error and $ctx->UserSetPass($userEnt, $u{pw});