Author: jsuchome Date: Fri Feb 26 14:48:03 2010 New Revision: 61042 URL: http://svn.opensuse.org/viewcvs/yast?rev=61042&view=rev Log: - password warnings merged into one big message (bnc#571777) - 2.19.4 Modified: trunk/users/VERSION trunk/users/package/yast2-users.changes trunk/users/src/UsersSimple.pm trunk/users/src/dialogs.ycp trunk/users/src/inst_root.ycp trunk/users/src/inst_root_first.ycp trunk/users/src/inst_user_first.ycp trunk/users/testsuite/tests/CheckPassword.out trunk/users/testsuite/tests/CheckPassword.ycp Modified: trunk/users/VERSION URL: http://svn.opensuse.org/viewcvs/yast/trunk/users/VERSION?rev=61042&r1=61041&r2=61042&view=diff ============================================================================== --- trunk/users/VERSION (original) +++ trunk/users/VERSION Fri Feb 26 14:48:03 2010 @@ -1 +1 @@ -2.19.3 +2.19.4 Modified: trunk/users/package/yast2-users.changes URL: http://svn.opensuse.org/viewcvs/yast/trunk/users/package/yast2-users.changes?rev=61042&r1=61041&r2=61042&view=diff ============================================================================== --- trunk/users/package/yast2-users.changes (original) +++ trunk/users/package/yast2-users.changes Fri Feb 26 14:48:03 2010 @@ -1,4 +1,10 @@ ------------------------------------------------------------------- +Fri Feb 26 14:20:43 CET 2010 - jsuchome@suse.cz + +- password warnings merged into one big message (bnc#571777) +- 2.19.4 + +------------------------------------------------------------------- Tue Feb 16 14:01:20 CET 2010 - jsuchome@suse.cz - empty hash before reading, to avoid caching problems (bnc#580167) Modified: trunk/users/src/UsersSimple.pm URL: http://svn.opensuse.org/viewcvs/yast/trunk/users/src/UsersSimple.pm?rev=61042&r1=61041&r2=61042&view=diff ============================================================================== --- trunk/users/src/UsersSimple.pm (original) +++ trunk/users/src/UsersSimple.pm Fri Feb 26 14:48:03 2010 @@ -615,12 +615,10 @@ if ($pw =~ m/$name/) { if ($what eq "groups") { # popup question - return __("You have used the group name as a part of the password. -This is not a good security practice. Really use this password?"); + return __("You have used the group name as a part of the password."); } # popup question - return __("You have used the username as a part of the password. -This is not a good security practice. Really use this password?"); + return __("You have used the username as a part of the password."); } # check for lowercase @@ -628,8 +626,7 @@ $filtered =~ s/[[:lower:]]//g; if ($filtered eq "") { # popup question - return __("You have used only lowercase letters for the password. -This is not a good security practice. Really use this password?"); + return __("You have used only lowercase letters for the password."); } # check for uppercase @@ -637,16 +634,14 @@ $filtered =~ s/[[:upper:]]//g; if ($filtered eq "") { # popup question - return __("You have used only uppercase letters for the password. -This is not a good security practice. Really use this password?"); + return __("You have used only uppercase letters for the password."); } # check for palindroms $filtered = reverse $pw; if ($filtered eq $pw) { # popup question - return __("You have used a palindrom for the password. -This is not a good security practice. Really use this password?"); + return __("You have used a palindrom for the password."); } # check for numbers @@ -654,8 +649,7 @@ $filtered =~ s/[0-9]//g; if ($filtered eq "") { # popup question - return __("You have used only digits for the password. -This is not a good security practice. Really use this password?"); + return __("You have used only digits for the password."); } return ""; } @@ -678,7 +672,7 @@ if (length ($pw) > $max_length) { # popup question $ret = sprintf (__("The password is too long for the current encryption method. -Truncate it to %s characters?"), $max_length); +It will be truncated to %s characters."), $max_length); } return $ret; } @@ -736,72 +730,55 @@ return ""; } -##------------------------------------ # Check the password of given user or group: part 2, checking for # problems that may be skipped (accepted) by user # @param data map containing user/group name, password and type -# @param answer map containing all the problems that were already skipped by -# user -# @return value is map with the problem found FIXME example +# +# Merges all error reports and returns them in the list BEGIN { $TYPEINFO{CheckPasswordUI} = ["function", - ["map", "string", "string"], - ["map", "string", "any"], ["map", "string", "any"]]; + ["list", "string"], + ["map", "string", "any"]]; } sub CheckPasswordUI { - my ($self, $data, $ui_map) = @_; + my ($self, $data) = @_; my $pw = $data->{"userPassword"} || ""; my $name = $data->{"uid"}; $name = ($data->{"cn"} || "") if (!defined $name); my $type = $data->{"type"} || "local"; my $min_length = $self->GetMinPasswordLength ($type); - my %ret = (); + my @ret = (); if ($pw eq "") { - return \%ret; + return \@ret; } - if ($self->CrackLibUsed () && (($ui_map->{"crack"} || "") ne $pw)) { + if ($self->CrackLibUsed ()) { my $error = $self->CrackPassword ($pw); if ($error ne "") { - $ret{"question_id"} = "crack"; - # popup question - $ret{"question"} = sprintf (__("The password is too simple: -%s -Really use this password?"), $error); - return \%ret; + # error message + push @ret, sprintf (__("The password is too simple: +%s."), $error); } } - if ($self->ObscureChecksUsed () && (($ui_map->{"obscure"} || "") ne $pw)) { + if (1) {#$self->ObscureChecksUsed ()) { my $what = "users"; $what = "groups" if (! defined $data->{"uid"}); my $error = $self->CheckObscurity ($name, $pw, $what); - if ($error ne "") { - $ret{"question_id"} = "obscure"; - $ret{"question"} = $error; - return \%ret; - } + push @ret, $error if $error; } - if (($ui_map->{"short"} || "") ne $pw) { - if (length ($pw) < $min_length) { - $ret{"question_id"} = "short"; - # popup questionm, %i is number - $ret{"question"} = sprintf (__("The password should have at least %i characters. -Really use this shorter password?"), $min_length); - } + if (length ($pw) < $min_length) { + # popup error, %i is number + push @ret, sprintf (__("The password should have at least %i characters."), $min_length); } - if (($ui_map->{"truncate"} || "") ne $pw) { - my $error = $self->CheckPasswordMaxLength ($pw, $type); - if ($error ne "") { - $ret{"question_id"} = "truncate"; - $ret{"question"} = $error; - } - } - return \%ret; + my $error = $self->CheckPasswordMaxLength ($pw, $type); + push @ret, $error if $error; + + return \@ret; } ##------------------------------------ Modified: trunk/users/src/dialogs.ycp URL: http://svn.opensuse.org/viewcvs/yast/trunk/users/src/dialogs.ycp?rev=61042&r1=61041&r2=61042&view=diff ============================================================================== --- trunk/users/src/dialogs.ycp (original) +++ trunk/users/src/dialogs.ycp Fri Feb 26 14:48:03 2010 @@ -1046,29 +1046,22 @@ focus_tab (current, `pw1); continue; } - boolean failed = false; - do - { - error_map = UsersSimple::CheckPasswordUI ($[ + + list<string> errors = UsersSimple::CheckPasswordUI ($[ "uid" : username, "userPassword" : pw1, "type" : user_type - ], ui_map); - if (error_map != $[]) + ]); + if (errors != []) + { + string message = mergestring (errors, "\n\n") + + // last part of message popup + "\n\n" + _("Really use this password?"); + if (!Popup::YesNo (message)) { - if (!Popup::YesNo (error_map ["question"]:"")) - { - failed = true; - } - else - ui_map[ error_map["question_id"]:"" ] = pw1; + focus_tab (current, `pw1); + continue; } - } while (error_map != $[] && !failed); - - if (failed) - { - focus_tab (current, `pw1); - continue; } // now saving plain text password if (user["encrypted"]:false) @@ -2116,29 +2109,24 @@ focus_tab (current, `pw1); continue; } - boolean failed = false; - do - { - error_map = UsersSimple::CheckPasswordUI ($[ + + list<string> errors = UsersSimple::CheckPasswordUI ($[ "cn" : new_groupname, "userPassword" : pw1, "type" : group_type - ], ui_map); - if (error_map != $[]) + ]); + if (errors != []) + { + string message = mergestring (errors, "\n\n") + + // last part of message popup + "\n\n" + _("Really use this password?"); + if (!Popup::YesNo (message)) { - if (!Popup::YesNo (error_map ["question"]:"")) - { - failed = true; - } - else - ui_map[ error_map["question_id"]:"" ] = pw1; + focus_tab (current, `pw1); + continue; } - } while (error_map != $[] && !failed); - if (failed) - { - focus_tab (current, `pw1); - continue; } + password = pw1; if (group["encrypted"]:false) group["encrypted"] = false; Modified: trunk/users/src/inst_root.ycp URL: http://svn.opensuse.org/viewcvs/yast/trunk/users/src/inst_root.ycp?rev=61042&r1=61041&r2=61042&view=diff ============================================================================== --- trunk/users/src/inst_root.ycp (original) +++ trunk/users/src/inst_root.ycp Fri Feb 26 14:48:03 2010 @@ -124,10 +124,11 @@ // help text for 'test keyboard layout' entry' helptext = helptext + _("<p>To check whether your current keyboard layout is correct, try entering text into the <b>Test Keyboard Layout</b> field.</p>"); + if (Mode::normal ()) Wizard::CreateDialog (); // for testing only Wizard::SetDesktopIcon("users"); Wizard::SetContents (title, contents, helptext, - GetInstArgs::enable_back(), - GetInstArgs::enable_next()); + GetInstArgs::enable_back() || Mode::normal (), + GetInstArgs::enable_next() || Mode::normal ()); symbol ret = nil; @@ -198,53 +199,30 @@ continue; } - // map returned from CheckPasswordUI functions - map error_map = $[]; - // map with id's of confirmed questions - map ui_map = $[]; - boolean failed = false; + list<string> errors = UsersSimple::CheckPasswordUI ($[ + "uid" : "root", + "userPassword" : pw1, + "type" : "system", + ]); if (check_CA_constraints && (size (pw1) < pw_min_CA)) { - if (Popup::YesNo (sformat ( + errors = add (errors, sformat ( // yes/no popup question, %1 is a number _("If you intend to create certificates, -the password should have at least %1 characters. -Really use this shorter password?"), pw_min_CA))) - { - // skip other checks for short passwords - ui_map["short"] = 1; - } - else - { - ret = `notnext; - continue; - } +the password should have at least %1 characters."), pw_min_CA)); } - do + + if (errors != []) { - error_map = UsersSimple::CheckPasswordUI ($[ - "uid" : "root", - "userPassword" : pw1, - "type" : "system", - ], ui_map); - if (error_map != $[]) + string message = mergestring (errors, "\n\n") + + // last part of message popup + "\n\n" + _("Really use this password?"); + if (!Popup::YesNo (message)) { - if (!Popup::YesNo (error_map ["question"]:"")) - { - failed = true; - } - else - { - ui_map[ error_map["question_id"]:"" ] = pw1; - } + ret = `notnext; + continue; } - } while (error_map != $[] && !failed); - - if (failed) - { - ret = `notnext; - continue; } Users::WriteSecurity (); @@ -269,5 +247,6 @@ } } until (ret == `next || ret == `back || ret == `abort); + if (Mode::normal ()) Wizard::CloseDialog (); return ret; } Modified: trunk/users/src/inst_root_first.ycp URL: http://svn.opensuse.org/viewcvs/yast/trunk/users/src/inst_root_first.ycp?rev=61042&r1=61041&r2=61042&view=diff ============================================================================== --- trunk/users/src/inst_root_first.ycp (original) +++ trunk/users/src/inst_root_first.ycp Fri Feb 26 14:48:03 2010 @@ -100,8 +100,8 @@ Wizard::SetTitleIcon("yast-users"); Wizard::SetContents (title, contents, helptext, - GetInstArgs::enable_back(), - GetInstArgs::enable_next()); + GetInstArgs::enable_back() || Mode::normal (), + GetInstArgs::enable_next() || Mode::normal ()); symbol ret = nil; @@ -164,44 +164,33 @@ y2error ("loading cracklib failed, not used for pw check"); UsersSimple::UseCrackLib (false); } + + list<string> errors = UsersSimple::CheckPasswordUI ($[ + "uid" : "root", + "userPassword" : pw1, + "type" : "system", + ]); + if (check_CA_constraints && (size (pw1) < pw_min_CA)) { - if (Popup::YesNo (sformat ( + errors = add (errors, sformat ( // yes/no popup question, %1 is a number _("If you intend to create certificates, -the password should have at least %1 characters. -Really use this shorter password?"), pw_min_CA))) - { - // skip other checks for short passwords - ui_map["short"] = pw1; - } - else +the password should have at least %1 characters."), pw_min_CA)); + } + + if (errors != []) + { + string message = mergestring (errors, "\n\n") + + // last part of message popup + "\n\n" + _("Really use this password?"); + if (!Popup::YesNo (message)) { ret = `notnext; continue; } } - do - { - error_map = UsersSimple::CheckPasswordUI ($[ - "uid" : "root", - "userPassword" : pw1, - "type" : "system", - ], ui_map); - if (error_map != $[]) - { - if (!Popup::YesNo (error_map ["question"]:"")) - failed = true; - else - ui_map[ error_map["question_id"]:"" ] = pw1; - } - } while (error_map != $[] && !failed); - if (failed) - { - ret = `notnext; - continue; - } UsersSimple::SetRootPassword (pw1); UsersSimple::UnLoadCracklib (); } Modified: trunk/users/src/inst_user_first.ycp URL: http://svn.opensuse.org/viewcvs/yast/trunk/users/src/inst_user_first.ycp?rev=61042&r1=61041&r2=61042&view=diff ============================================================================== --- trunk/users/src/inst_user_first.ycp (original) +++ trunk/users/src/inst_user_first.ycp Fri Feb 26 14:48:03 2010 @@ -688,51 +688,40 @@ UI::SetFocus (`id (`pw1)); continue; } - boolean failed = false; - if (root_pw && check_CA_constraints && size (pw1) < pw_min_CA) - { - if (Popup::YesNo (sformat ( -// yes/no popup question, %1 is a number -_("If you intend to create certificates, -the password should have at least %1 characters. -Really use this shorter password?"), pw_min_CA))) - { - // skip other checks for short passwords - ui_map["short"] = pw1; - } - else - { - ret = `notnext; - UI::SetFocus (`id (`pw1)); - continue; - } - } + if (!UsersSimple::LoadCracklib ()) { y2error ("loading cracklib failed, not used for pw check"); UsersSimple::UseCrackLib (false); } - do - { - error_map = UsersSimple::CheckPasswordUI ($[ + + list<string> errors = UsersSimple::CheckPasswordUI ($[ "uid" : username, "userPassword" : pw1, "type" : "local", - ], ui_map); - if (error_map != $[]) - { - if (!Popup::YesNo (error_map ["question"]:"")) - failed = true; - else - ui_map[ error_map["question_id"]:"" ] = pw1; - } - } while (error_map != $[] && !failed); + ]); - if (failed) + if (root_pw && check_CA_constraints && (size (pw1) < pw_min_CA)) { - UI::SetFocus (`id (`pw1)); - continue; + errors = add (errors, sformat ( +// yes/no popup question, %1 is a number +_("If you intend to create certificates, +the password should have at least %1 characters."), pw_min_CA)); + } + + if (errors != []) + { + string message = mergestring (errors, "\n\n") + + // last part of message popup + "\n\n" + _("Really use this password?"); + if (!Popup::YesNo (message)) + { + ret = `notnext; + UI::SetFocus (`id (`pw1)); + continue; + } } + // set UID if home directory is found on future home partition password = pw1; } Modified: trunk/users/testsuite/tests/CheckPassword.out URL: http://svn.opensuse.org/viewcvs/yast/trunk/users/testsuite/tests/CheckPassword.out?rev=61042&r1=61041&r2=61042&view=diff ============================================================================== --- trunk/users/testsuite/tests/CheckPassword.out (original) +++ trunk/users/testsuite/tests/CheckPassword.out Fri Feb 26 14:48:03 2010 @@ -1,18 +1,18 @@ Execute .crack "qqqqq" "" -Return $["question":"You have used only lowercase letters for the password.\nThis is not a good security practice. Really use this password?", "question_id":"obscure"] +Return ["You have used only lowercase letters for the password."] Execute .crack "QQQQQ" "" -Return $["question":"You have used only uppercase letters for the password.\nThis is not a good security practice. Really use this password?", "question_id":"obscure"] +Return ["You have used only uppercase letters for the password."] Execute .crack "12hh5" "" -Return $["question":"You have used the username as a part of the password.\nThis is not a good security practice. Really use this password?", "question_id":"obscure"] +Return ["You have used the username as a part of the password."] Execute .crack "12345" "" -Return $["question":"You have used only digits for the password.\nThis is not a good security practice. Really use this password?", "question_id":"obscure"] +Return ["You have used only digits for the password."] Execute .crack "aaaQQaaa" "" -Return $["question":"You have used a palindrom for the password.\nThis is not a good security practice. Really use this password?", "question_id":"obscure"] +Return ["You have used a palindrom for the password."] Execute .crack "1a" "" -Return $["question":"The password should have at least 5 characters.\nReally use this shorter password?", "question_id":"short"] +Return ["The password should have at least 5 characters."] Return nil Execute .crack "1aaaaaaaaaaaaaaaaa" "" -Return $["question":"The password is too long for the current encryption method.\nTruncate it to 8 characters?", "question_id":"truncate"] +Return ["The password is too long for the current encryption method.\nIt will be truncated to 8 characters."] Dump -------- password: `!@#$%^&*()-=_+| Return Dump -------- password: [];',./{}:"<> Modified: trunk/users/testsuite/tests/CheckPassword.ycp URL: http://svn.opensuse.org/viewcvs/yast/trunk/users/testsuite/tests/CheckPassword.ycp?rev=61042&r1=61041&r2=61042&view=diff ============================================================================== --- trunk/users/testsuite/tests/CheckPassword.ycp (original) +++ trunk/users/testsuite/tests/CheckPassword.ycp Fri Feb 26 14:48:03 2010 @@ -21,7 +21,7 @@ "uid" : username, "userPassword" : pw, "type" : "local" - ], $[])), [R,W,E], 0); + ])), [R,W,E], 0); } define void test_contents (string pw) { -- To unsubscribe, e-mail: yast-commit+unsubscribe@opensuse.org For additional commands, e-mail: yast-commit+help@opensuse.org