diff --git a/CMakeModules/FindLibPWQuality.cmake b/CMakeModules/FindLibPWQuality.cmake new file mode 100644 index 000000000..84136f5ad --- /dev/null +++ b/CMakeModules/FindLibPWQuality.cmake @@ -0,0 +1,37 @@ +# Locate libpwquality +# https://github.com/libpwquality/libpwquality +# +# This module defines +# LibPWQuality_FOUND +# LibPWQuality_LIBRARIES, where to find the library +# LibPWQuality_INCLUDE_DIRS, where to find pwquality.h +# +include(FindPkgConfig) +include(FindPackageHandleStandardArgs) + +pkg_search_module(pc_pwquality QUIET pwquality) + +find_path(LibPWQuality_INCLUDE_DIR + NAMES pwquality.h + PATHS ${pc_pwquality_INCLUDE_DIRS} +) +find_library(LibPWQuality_LIBRARY + NAMES pwquality + PATHS ${pc_pwquality_LIBRARY_DIRS} +) +if(pc_pwquality_FOUND) + set(LibPWQuality_LIBRARIES ${LibPWQuality_LIBRARY}) + set(LibPWQuality_INCLUDE_DIRS ${LibPWQuality_INCLUDE_DIR} ${pc_pwquality_INCLUDE_DIRS}) +endif() + +find_package_handle_standard_args(LibPWQuality DEFAULT_MSG + LibPWQuality_INCLUDE_DIRS + LibPWQuality_LIBRARIES +) +mark_as_advanced(LibPWQuality_INCLUDE_DIRS LibPWQuality_LIBRARIES) + +set_package_properties( + LibPWQuality PROPERTIES + DESCRIPTION "Password quality checking library" + URL "https://github.com/libpwquality/libpwquality" +) diff --git a/src/modules/users/CMakeLists.txt b/src/modules/users/CMakeLists.txt index ebff9df8c..16e235fd5 100644 --- a/src/modules/users/CMakeLists.txt +++ b/src/modules/users/CMakeLists.txt @@ -6,6 +6,21 @@ endif() find_package( Qt5 COMPONENTS Core Test REQUIRED ) find_package( Crypt REQUIRED ) +# Add optional libraries here +set( USER_EXTRA_LIB ) + +find_package( LibPWQuality ) +set_package_properties( + LibPWQuality PROPERTIES + PURPOSE "Extra checks of password quality" +) + +if( LibPWQuality_FOUND ) + list( APPEND USER_EXTRA_LIB ${LibPWQuality_LIBRARIES} ) + include_directories( ${LibPWQuality_INCLUDE_DIRS} ) + add_definitions( -DCHECK_PWQUALITY -DHAVE_LIBPWQUALITY ) +endif() + include_directories( ${PROJECT_BINARY_DIR}/src/libcalamaresui ) calamares_add_plugin( users @@ -17,6 +32,7 @@ calamares_add_plugin( users UsersViewStep.cpp UsersPage.cpp SetHostNameJob.cpp + CheckPWQuality.cpp UI page_usersetup.ui RESOURCES @@ -24,6 +40,7 @@ calamares_add_plugin( users LINK_PRIVATE_LIBRARIES calamaresui ${CRYPT_LIBRARIES} + ${USER_EXTRA_LIB} SHARED_LIB ) diff --git a/src/modules/users/CheckPWQuality.cpp b/src/modules/users/CheckPWQuality.cpp new file mode 100644 index 000000000..4ac84473f --- /dev/null +++ b/src/modules/users/CheckPWQuality.cpp @@ -0,0 +1,94 @@ +/* === This file is part of Calamares - === + * + * Copyright 2018, Adriaan de Groot + * + * Calamares is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * Calamares is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Calamares. If not, see . + */ + +#include "CheckPWQuality.h" + +#include "utils/Logger.h" + +#include + +PasswordCheck::PasswordCheck() + : m_message() + , m_accept( []( const QString& s ){ return true; } ) +{ +} + +PasswordCheck::PasswordCheck( const QString& m, AcceptFunc a ) + : m_message( [m](){ return m; } ) + , m_accept( a ) +{ +} + +PasswordCheck::PasswordCheck( MessageFunc m, AcceptFunc a ) + : m_message( m ) + , m_accept( a ) +{ +} + +// Try to trick Transifex into accepting these strings +#define tr parent->tr + +DEFINE_CHECK_FUNC(minLength) +{ + int minLength = -1; + if ( value.canConvert( QVariant::Int ) ) + minLength = value.toInt(); + if ( minLength > 0 ) + { + cDebug() << " .. minLength set to" << minLength; + checks.push_back( + PasswordCheck( + [parent]() + { + return tr( "Password is too short" ); + }, + [minLength]( const QString& s ) + { + return s.length() >= minLength; + } + ) ); + } +} + +DEFINE_CHECK_FUNC(maxLength) +{ + int maxLength = -1; + if ( value.canConvert( QVariant::Int ) ) + maxLength = value.toInt(); + if ( maxLength > 0 ) + { + cDebug() << " .. maxLength set to" << maxLength; + checks.push_back( + PasswordCheck( + [parent]() + { + return tr( "Password is too long" ); + }, [maxLength]( const QString& s ) + { + return s.length() <= maxLength; + } + ) ); + } +} + +#ifdef HAVE_LIBPWQUALITY +DEFINE_CHECK_FUNC(libpwquality) +{ + +} +#endif diff --git a/src/modules/users/CheckPWQuality.h b/src/modules/users/CheckPWQuality.h new file mode 100644 index 000000000..b9ea82ce1 --- /dev/null +++ b/src/modules/users/CheckPWQuality.h @@ -0,0 +1,83 @@ +/* === This file is part of Calamares - === + * + * Copyright 2018, Adriaan de Groot + * + * Calamares is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * Calamares is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Calamares. If not, see . + */ + +#ifndef CHECKPWQUALITY_H +#define CHECKPWQUALITY_H + +#include +#include +#include + +#include + +/** + * Support for (dynamic) checks on the password's validity. + * This can be used to implement password requirements like + * "at least 6 characters". Function addPasswordCheck() + * instantiates these and adds them to the list of checks. + */ +class PasswordCheck +{ +public: + /** Return true if the string is acceptable. */ + using AcceptFunc = std::function; + using MessageFunc = std::function; + + /** Generate a @p message if @p filter returns true */ + PasswordCheck( MessageFunc message, AcceptFunc filter ); + /** Yields @p message if @p filter returns true */ + PasswordCheck( const QString& message, AcceptFunc filter ); + /** Null check, always returns empty */ + PasswordCheck(); + + /** Applies this check to the given password string @p s + * and returns an empty string if the password is ok + * according to this filter. Returns a message describing + * what is wrong if not. + */ + QString filter( const QString& s ) const + { + return m_accept( s ) ? QString() : m_message(); + } + +private: + MessageFunc m_message; + AcceptFunc m_accept; +} ; + +using PasswordCheckList = QVector; + +/* Each of these functions adds a check (if possible) to the list + * of checks; they use the configuration value(s) from the + * variant. If the value doesn't make sense, each function + * may skip adding a check, and do nothing (it should log + * an error, though). + */ +#define _xDEFINE_CHECK_FUNC(x) \ + add_check_##x( QWidget* parent, PasswordCheckList& checks, const QVariant& value ) +#define DEFINE_CHECK_FUNC(x) void _xDEFINE_CHECK_FUNC(x) +#define DECLARE_CHECK_FUNC(x) void _xDEFINE_CHECK_FUNC(x); + +DECLARE_CHECK_FUNC(minLength) +DECLARE_CHECK_FUNC(maxLength) +#ifdef HAVE_LIBPWQUALITY +DECLARE_CHECK_FUNC(libpwquality) +#endif + +#endif + diff --git a/src/modules/users/UsersPage.cpp b/src/modules/users/UsersPage.cpp index 62f558a1e..ada0fae0f 100644 --- a/src/modules/users/UsersPage.cpp +++ b/src/modules/users/UsersPage.cpp @@ -455,68 +455,23 @@ UsersPage::setReusePasswordDefault( bool checked ) emit checkReady( isReady() ); } -UsersPage::PasswordCheck::PasswordCheck() - : m_message() - , m_accept( []( const QString& s ) -{ - return true; -} ) -{ -} - -UsersPage::PasswordCheck::PasswordCheck( const QString& m, AcceptFunc a ) - : m_message( [m](){ return m; } ) - , m_accept( a ) -{ -} - -UsersPage::PasswordCheck::PasswordCheck( MessageFunc m, AcceptFunc a ) - : m_message( m ) - , m_accept( a ) -{ -} - void UsersPage::addPasswordCheck( const QString& key, const QVariant& value ) { if ( key == "minLength" ) { - int minLength = -1; - if ( value.canConvert( QVariant::Int ) ) - minLength = value.toInt(); - if ( minLength > 0 ) - { - cDebug() << key << " .. set to" << minLength; - m_passwordChecks.push_back( - PasswordCheck( - []() - { - return tr( "Password is too short" ); - }, - [minLength]( const QString& s ) - { - return s.length() >= minLength; - } ) ); - } + add_check_minLength( this, m_passwordChecks, value ); } else if ( key == "maxLength" ) { - int maxLength = -1; - if ( value.canConvert( QVariant::Int ) ) - maxLength = value.toInt(); - if ( maxLength > 0 ) - { - cDebug() << key << " .. set to" << maxLength; - m_passwordChecks.push_back( - PasswordCheck( []() - { - return tr( "Password is too long" ); - }, [maxLength]( const QString& s ) - { - return s.length() <= maxLength; - } ) ); - } + add_check_maxLength( this, m_passwordChecks, value ); + } +#ifdef CHECK_PWQUALITY + else if ( key == "libpwquality" ) + { + add_check_libpwquality( this, m_passwordChecks, value ); } +#endif else cDebug() << "WARNING: Unknown password-check key" << '"' << key << '"'; } diff --git a/src/modules/users/UsersPage.h b/src/modules/users/UsersPage.h index 8bfcdb83b..5990d8693 100644 --- a/src/modules/users/UsersPage.h +++ b/src/modules/users/UsersPage.h @@ -26,9 +26,9 @@ #include "Typedefs.h" -#include +#include "CheckPWQuality.h" -#include +#include namespace Ui { @@ -70,41 +70,7 @@ signals: private: Ui::Page_UserSetup* ui; - /** - * Support for (dynamic) checks on the password's validity. - * This can be used to implement password requirements like - * "at least 6 characters". Function addPasswordCheck() - * instantiates these and adds them to the list of checks. - */ - class PasswordCheck - { - public: - /** Return true if the string is acceptable. */ - using AcceptFunc = std::function; - using MessageFunc = std::function; - - /** Generate a @p message if @p filter returns true */ - PasswordCheck( MessageFunc message, AcceptFunc filter ); - /** Yields @p message if @p filter returns true */ - PasswordCheck( const QString& message, AcceptFunc filter ); - /** Null check, always returns empty */ - PasswordCheck(); - - /** Applies this check to the given password string @p s - * and returns an empty string if the password is ok - * according to this filter. Returns a message describing - * what is wrong if not. - */ - QString filter( const QString& s ) const - { - return m_accept( s ) ? QString() : m_message(); - } - - private: - MessageFunc m_message; - AcceptFunc m_accept; - } ; - QVector m_passwordChecks; + PasswordCheckList m_passwordChecks; const QRegExp USERNAME_RX = QRegExp( "^[a-z_][a-z0-9_-]*[$]?$" ); const QRegExp HOSTNAME_RX = QRegExp( "^[a-zA-Z0-9][-a-zA-Z0-9_]*$" );