[users] Use libpwquality for additional password checks

- add cmake module to find libpwquality
 - move checking functions to their own file
 - some Transifex hackery
 - stub out the libpwquality check
main
Adriaan de Groot 7 years ago
parent 9a9c6da6db
commit 27e1de6548

@ -0,0 +1,37 @@
# Locate libpwquality
# https://github.com/libpwquality/libpwquality
#
# This module defines
# LibPWQuality_FOUND
# LibPWQuality_LIBRARIES, where to find the library
# LibPWQuality_INCLUDE_DIRS, where to find pwquality.h
#
include(FindPkgConfig)
include(FindPackageHandleStandardArgs)
pkg_search_module(pc_pwquality QUIET pwquality)
find_path(LibPWQuality_INCLUDE_DIR
NAMES pwquality.h
PATHS ${pc_pwquality_INCLUDE_DIRS}
)
find_library(LibPWQuality_LIBRARY
NAMES pwquality
PATHS ${pc_pwquality_LIBRARY_DIRS}
)
if(pc_pwquality_FOUND)
set(LibPWQuality_LIBRARIES ${LibPWQuality_LIBRARY})
set(LibPWQuality_INCLUDE_DIRS ${LibPWQuality_INCLUDE_DIR} ${pc_pwquality_INCLUDE_DIRS})
endif()
find_package_handle_standard_args(LibPWQuality DEFAULT_MSG
LibPWQuality_INCLUDE_DIRS
LibPWQuality_LIBRARIES
)
mark_as_advanced(LibPWQuality_INCLUDE_DIRS LibPWQuality_LIBRARIES)
set_package_properties(
LibPWQuality PROPERTIES
DESCRIPTION "Password quality checking library"
URL "https://github.com/libpwquality/libpwquality"
)

@ -6,6 +6,21 @@ endif()
find_package( Qt5 COMPONENTS Core Test REQUIRED )
find_package( Crypt REQUIRED )
# Add optional libraries here
set( USER_EXTRA_LIB )
find_package( LibPWQuality )
set_package_properties(
LibPWQuality PROPERTIES
PURPOSE "Extra checks of password quality"
)
if( LibPWQuality_FOUND )
list( APPEND USER_EXTRA_LIB ${LibPWQuality_LIBRARIES} )
include_directories( ${LibPWQuality_INCLUDE_DIRS} )
add_definitions( -DCHECK_PWQUALITY -DHAVE_LIBPWQUALITY )
endif()
include_directories( ${PROJECT_BINARY_DIR}/src/libcalamaresui )
calamares_add_plugin( users
@ -17,6 +32,7 @@ calamares_add_plugin( users
UsersViewStep.cpp
UsersPage.cpp
SetHostNameJob.cpp
CheckPWQuality.cpp
UI
page_usersetup.ui
RESOURCES
@ -24,6 +40,7 @@ calamares_add_plugin( users
LINK_PRIVATE_LIBRARIES
calamaresui
${CRYPT_LIBRARIES}
${USER_EXTRA_LIB}
SHARED_LIB
)

@ -0,0 +1,94 @@
/* === This file is part of Calamares - <https://github.com/calamares> ===
*
* Copyright 2018, Adriaan de Groot <groot@kde.org>
*
* Calamares is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Calamares is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Calamares. If not, see <http://www.gnu.org/licenses/>.
*/
#include "CheckPWQuality.h"
#include "utils/Logger.h"
#include <QWidget>
PasswordCheck::PasswordCheck()
: m_message()
, m_accept( []( const QString& s ){ return true; } )
{
}
PasswordCheck::PasswordCheck( const QString& m, AcceptFunc a )
: m_message( [m](){ return m; } )
, m_accept( a )
{
}
PasswordCheck::PasswordCheck( MessageFunc m, AcceptFunc a )
: m_message( m )
, m_accept( a )
{
}
// Try to trick Transifex into accepting these strings
#define tr parent->tr
DEFINE_CHECK_FUNC(minLength)
{
int minLength = -1;
if ( value.canConvert( QVariant::Int ) )
minLength = value.toInt();
if ( minLength > 0 )
{
cDebug() << " .. minLength set to" << minLength;
checks.push_back(
PasswordCheck(
[parent]()
{
return tr( "Password is too short" );
},
[minLength]( const QString& s )
{
return s.length() >= minLength;
}
) );
}
}
DEFINE_CHECK_FUNC(maxLength)
{
int maxLength = -1;
if ( value.canConvert( QVariant::Int ) )
maxLength = value.toInt();
if ( maxLength > 0 )
{
cDebug() << " .. maxLength set to" << maxLength;
checks.push_back(
PasswordCheck(
[parent]()
{
return tr( "Password is too long" );
}, [maxLength]( const QString& s )
{
return s.length() <= maxLength;
}
) );
}
}
#ifdef HAVE_LIBPWQUALITY
DEFINE_CHECK_FUNC(libpwquality)
{
}
#endif

@ -0,0 +1,83 @@
/* === This file is part of Calamares - <https://github.com/calamares> ===
*
* Copyright 2018, Adriaan de Groot <groot@kde.org>
*
* Calamares is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Calamares is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Calamares. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef CHECKPWQUALITY_H
#define CHECKPWQUALITY_H
#include <QString>
#include <QVariant>
#include <QVector>
#include <functional>
/**
* Support for (dynamic) checks on the password's validity.
* This can be used to implement password requirements like
* "at least 6 characters". Function addPasswordCheck()
* instantiates these and adds them to the list of checks.
*/
class PasswordCheck
{
public:
/** Return true if the string is acceptable. */
using AcceptFunc = std::function<bool( const QString& )>;
using MessageFunc = std::function<QString()>;
/** Generate a @p message if @p filter returns true */
PasswordCheck( MessageFunc message, AcceptFunc filter );
/** Yields @p message if @p filter returns true */
PasswordCheck( const QString& message, AcceptFunc filter );
/** Null check, always returns empty */
PasswordCheck();
/** Applies this check to the given password string @p s
* and returns an empty string if the password is ok
* according to this filter. Returns a message describing
* what is wrong if not.
*/
QString filter( const QString& s ) const
{
return m_accept( s ) ? QString() : m_message();
}
private:
MessageFunc m_message;
AcceptFunc m_accept;
} ;
using PasswordCheckList = QVector<PasswordCheck>;
/* Each of these functions adds a check (if possible) to the list
* of checks; they use the configuration value(s) from the
* variant. If the value doesn't make sense, each function
* may skip adding a check, and do nothing (it should log
* an error, though).
*/
#define _xDEFINE_CHECK_FUNC(x) \
add_check_##x( QWidget* parent, PasswordCheckList& checks, const QVariant& value )
#define DEFINE_CHECK_FUNC(x) void _xDEFINE_CHECK_FUNC(x)
#define DECLARE_CHECK_FUNC(x) void _xDEFINE_CHECK_FUNC(x);
DECLARE_CHECK_FUNC(minLength)
DECLARE_CHECK_FUNC(maxLength)
#ifdef HAVE_LIBPWQUALITY
DECLARE_CHECK_FUNC(libpwquality)
#endif
#endif

@ -455,68 +455,23 @@ UsersPage::setReusePasswordDefault( bool checked )
emit checkReady( isReady() );
}
UsersPage::PasswordCheck::PasswordCheck()
: m_message()
, m_accept( []( const QString& s )
{
return true;
} )
{
}
UsersPage::PasswordCheck::PasswordCheck( const QString& m, AcceptFunc a )
: m_message( [m](){ return m; } )
, m_accept( a )
{
}
UsersPage::PasswordCheck::PasswordCheck( MessageFunc m, AcceptFunc a )
: m_message( m )
, m_accept( a )
{
}
void
UsersPage::addPasswordCheck( const QString& key, const QVariant& value )
{
if ( key == "minLength" )
{
int minLength = -1;
if ( value.canConvert( QVariant::Int ) )
minLength = value.toInt();
if ( minLength > 0 )
{
cDebug() << key << " .. set to" << minLength;
m_passwordChecks.push_back(
PasswordCheck(
[]()
{
return tr( "Password is too short" );
},
[minLength]( const QString& s )
{
return s.length() >= minLength;
} ) );
}
add_check_minLength( this, m_passwordChecks, value );
}
else if ( key == "maxLength" )
{
int maxLength = -1;
if ( value.canConvert( QVariant::Int ) )
maxLength = value.toInt();
if ( maxLength > 0 )
{
cDebug() << key << " .. set to" << maxLength;
m_passwordChecks.push_back(
PasswordCheck( []()
{
return tr( "Password is too long" );
}, [maxLength]( const QString& s )
{
return s.length() <= maxLength;
} ) );
}
add_check_maxLength( this, m_passwordChecks, value );
}
#ifdef CHECK_PWQUALITY
else if ( key == "libpwquality" )
{
add_check_libpwquality( this, m_passwordChecks, value );
}
#endif
else
cDebug() << "WARNING: Unknown password-check key" << '"' << key << '"';
}

@ -26,9 +26,9 @@
#include "Typedefs.h"
#include <QWidget>
#include "CheckPWQuality.h"
#include <functional>
#include <QWidget>
namespace Ui
{
@ -70,41 +70,7 @@ signals:
private:
Ui::Page_UserSetup* ui;
/**
* Support for (dynamic) checks on the password's validity.
* This can be used to implement password requirements like
* "at least 6 characters". Function addPasswordCheck()
* instantiates these and adds them to the list of checks.
*/
class PasswordCheck
{
public:
/** Return true if the string is acceptable. */
using AcceptFunc = std::function<bool( const QString& )>;
using MessageFunc = std::function<QString()>;
/** Generate a @p message if @p filter returns true */
PasswordCheck( MessageFunc message, AcceptFunc filter );
/** Yields @p message if @p filter returns true */
PasswordCheck( const QString& message, AcceptFunc filter );
/** Null check, always returns empty */
PasswordCheck();
/** Applies this check to the given password string @p s
* and returns an empty string if the password is ok
* according to this filter. Returns a message describing
* what is wrong if not.
*/
QString filter( const QString& s ) const
{
return m_accept( s ) ? QString() : m_message();
}
private:
MessageFunc m_message;
AcceptFunc m_accept;
} ;
QVector<PasswordCheck> m_passwordChecks;
PasswordCheckList m_passwordChecks;
const QRegExp USERNAME_RX = QRegExp( "^[a-z_][a-z0-9_-]*[$]?$" );
const QRegExp HOSTNAME_RX = QRegExp( "^[a-zA-Z0-9][-a-zA-Z0-9_]*$" );

Loading…
Cancel
Save