mirror of
https://github.com/webmin/webmin.git
synced 2026-03-20 16:50:24 +00:00
use words file to validate passwords https://www.virtualmin.com/node/25300
This commit is contained in:
Jamie Cameron
@@ -50,6 +50,7 @@ membox=Edit group members using,1,1-Text box,0-User selector
|
||||
line5=Password restrictions,11
|
||||
passwd_min=Minimum password length,3,No minimum
|
||||
passwd_dict=Prevent dictionary word passwords?,1,1-Yes,0-No
|
||||
dict_file=Files containing dictionary words,3,Use system defaults
|
||||
passwd_re=Perl regexp to check password against,3,None
|
||||
passwd_redesc=Human-readable description of regexp,3,Just use regexp
|
||||
passwd_same=Prevent passwords containing username?,1,1-Yes,0-No
|
||||
|
||||
@@ -1537,30 +1537,9 @@ if ($re && !eval { $pass =~ /^$re$/ }) {
|
||||
if ($config{'passwd_same'}) {
|
||||
return &text('usave_epasswd_same') if ($pass =~ /\Q$username\E/i);
|
||||
}
|
||||
if ($config{'passwd_dict'} && $pass =~ /^[A-Za-z\'\-]+$/ &&
|
||||
(&has_command("ispell") || &has_command("spell"))) {
|
||||
# Call spell or ispell to check for dictionary words
|
||||
local $temp = &transname();
|
||||
open(TEMP, ">$temp");
|
||||
print TEMP $pass,"\n";
|
||||
close(TEMP);
|
||||
if (&has_command("ispell")) {
|
||||
open(SPELL, "ispell -a <$temp |");
|
||||
while(<SPELL>) {
|
||||
if (/^(#|\&|\?)/) {
|
||||
$unknown++;
|
||||
}
|
||||
}
|
||||
close(SPELL);
|
||||
}
|
||||
else {
|
||||
open(SPELL, "spell <$temp |");
|
||||
local $line = <SPELL>;
|
||||
$unknown++ if ($line);
|
||||
close(SPELL);
|
||||
}
|
||||
unlink($temp);
|
||||
return &text('usave_epasswd_dict') if (!$unknown);
|
||||
if ($config{'passwd_dict'} && $pass =~ /^[A-Za-z\'\-]+$/) {
|
||||
# Check if dictionary word
|
||||
return &text('usave_epasswd_dict') if (&is_dictionary_word($pass));
|
||||
}
|
||||
if ($config{'passwd_prog'}) {
|
||||
local $out;
|
||||
@@ -1614,6 +1593,40 @@ if ($config{'passwd_mindays'} && $uinfo ne "none") {
|
||||
return undef;
|
||||
}
|
||||
|
||||
=head2 is_dictionary_word(word)
|
||||
|
||||
Returns 1 if some file can be found in a dictionary words file
|
||||
|
||||
=cut
|
||||
sub is_dictionary_word
|
||||
{
|
||||
my ($word) = @_;
|
||||
$word = lc($word);
|
||||
my @files;
|
||||
if ($config{'dict_file'}) {
|
||||
@files = split(/\s+/, $config{'dict_file'});
|
||||
}
|
||||
else {
|
||||
@files = ( "/usr/share/dict/words",
|
||||
"/usr/dict/words" );
|
||||
}
|
||||
foreach my $f (@files) {
|
||||
my $found = 0;
|
||||
&open_readfile(WORDS, $f);
|
||||
while(<WORDS>) {
|
||||
s/#.*//;
|
||||
s/\s//;
|
||||
if (lc($_) eq $word) {
|
||||
$found = 1;
|
||||
last;
|
||||
}
|
||||
}
|
||||
close(WORDS);
|
||||
return 1 if ($found);
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
=head2 check_username_restrictions(username)
|
||||
|
||||
Returns an error message if a username fails some restriction, or undef if
|
||||
|
||||
Reference in New Issue
Block a user