[yast-commit] r61665 - in /branches/SuSE-Code-11-Branch/users: ./ package/ src/ testsuite/tests/

Author: jsuchome Date: Mon Apr 12 08:45:17 2010 New Revision: 61665 URL: http://svn.opensuse.org/viewcvs/yast?rev=61665&view=rev Log: - combine password warnings into one popup dialog (bnc#571777) - 2.17.28.4 Modified: branches/SuSE-Code-11-Branch/users/VERSION branches/SuSE-Code-11-Branch/users/package/yast2-users.changes branches/SuSE-Code-11-Branch/users/src/Users.pm branches/SuSE-Code-11-Branch/users/src/UsersSimple.pm branches/SuSE-Code-11-Branch/users/src/dialogs.ycp branches/SuSE-Code-11-Branch/users/src/inst_root.ycp branches/SuSE-Code-11-Branch/users/src/inst_root_first.ycp branches/SuSE-Code-11-Branch/users/src/inst_user_first.ycp branches/SuSE-Code-11-Branch/users/testsuite/tests/CheckPassword.out branches/SuSE-Code-11-Branch/users/testsuite/tests/CheckPassword.ycp Modified: branches/SuSE-Code-11-Branch/users/VERSION URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-Branch/users/VERSION?rev=61665&r1=61664&r2=61665&view=diff ============================================================================== --- branches/SuSE-Code-11-Branch/users/VERSION (original) +++ branches/SuSE-Code-11-Branch/users/VERSION Mon Apr 12 08:45:17 2010 @@ -1 +1 @@ -2.17.28.3 +2.17.28.4 Modified: branches/SuSE-Code-11-Branch/users/package/yast2-users.changes URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-Branch/users/package/yast2-users.changes?rev=61665&r1=61664&r2=61665&view=diff ============================================================================== --- branches/SuSE-Code-11-Branch/users/package/yast2-users.changes (original) +++ branches/SuSE-Code-11-Branch/users/package/yast2-users.changes Mon Apr 12 08:45:17 2010 @@ -1,4 +1,10 @@ ------------------------------------------------------------------- +Thu Apr 8 14:17:53 CEST 2010 - jsuchome@suse.cz + +- combine password warnings into one popup dialog (bnc#571777) +- 2.17.28.4 + +------------------------------------------------------------------- Wed Mar 10 13:02:43 CET 2010 - jsuchome@suse.cz - check for autologin status also during firstboot (bnc#576899) Modified: branches/SuSE-Code-11-Branch/users/src/Users.pm URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-Branch/users/src/Users.pm?rev=61665&r1=61664&r2=61665&view=diff ============================================================================== --- branches/SuSE-Code-11-Branch/users/src/Users.pm (original) +++ branches/SuSE-Code-11-Branch/users/src/Users.pm Mon Apr 12 08:45:17 2010 @@ -4949,88 +4949,6 @@ return ""; } -##------------------------------------ -# Check the password of current user for the valid characters -# This function is OBSOLETE, use UsersSimple->CheckPassword instead -# return value is error message -BEGIN { $TYPEINFO{CheckPassword} = ["function", "string", "string"]; } -sub CheckPassword { - - my $self = shift; - my $pw = shift; - my $type = UsersCache->GetUserType (); - y2warning ("This function is OBSOLETE, use UsersSimple->CheckPassword"); - return UsersSimple->CheckPassword ($pw, $type); -} - - -##------------------------------------ -# Check the password of given user or group: part 2, checking for -# problems that may be skipped (accepted) by user -# This function is OBSOLETE, it is here just for compatibility reasons, new -# function UsersSimple->CheckPasswordUI has different API) -# @return value is map with the problem found -BEGIN { $TYPEINFO{CheckPasswordUI} = ["function", - ["map", "string", "string"], - "string", "string", ["map", "string", "any"]]; -} -sub CheckPasswordUI { - - my $self = shift; - my $name = $_[0]; - my $pw = $_[1]; - my %ui_map = %{$_[2]}; - my $type = UsersCache->GetUserType (); - my $min_length = $self->GetMinPasswordLength (); - my %ret = (); - - y2warning ("this function is obsolete, use UsersSimple->CheckPasswordUI"); - if ($pw eq "") { - return \%ret; - } - - if (UsersSimple->CrackLibUsed () && (($ui_map{"crack"} || "") ne $pw)) { - my $error = UsersSimple->CrackPassword ($pw); - if ($error ne "") { - $ret{"question_id"} = "crack"; - # popup question - $ret{"question"} = sprintf (__("The password is too simple: -%s -Really use this password?"), $error); - return \%ret; - } - } - - if (UsersSimple->ObscureChecksUsed () && - (($ui_map{"obscure"} || "") ne $pw)) - { - my $error = UsersSimple->CheckObscurity ($name, $pw, UsersCache->GetCurrentSummary ()); - if ($error ne "") { - $ret{"question_id"} = "obscure"; - $ret{"question"} = $error; - return \%ret; - } - } - - if (($ui_map{"short"} || "") ne $pw) { - if (length ($pw) < $min_length) { - $ret{"question_id"} = "short"; - # popup questionm, %i is number - $ret{"question"} = sprintf (__("The password should have at least %i characters. -Really use this shorter password?"), $min_length); - } - } - - if (($ui_map{"truncate"} || "") ne $pw) { - my $error = UsersSimple->CheckPasswordMaxLength ($pw, $type); - if ($error ne "") { - $ret{"question_id"} = "truncate"; - $ret{"question"} = $error; - } - } - return \%ret; -} - ##------------------------------------ # Check if it is possible to write (=create homes) to given directory Modified: branches/SuSE-Code-11-Branch/users/src/UsersSimple.pm URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-Branch/users/src/UsersSimple.pm?rev=61665&r1=61664&r2=61665&view=diff ============================================================================== --- branches/SuSE-Code-11-Branch/users/src/UsersSimple.pm (original) +++ branches/SuSE-Code-11-Branch/users/src/UsersSimple.pm Mon Apr 12 08:45:17 2010 @@ -613,12 +613,10 @@ if ($pw =~ m/$name/) { if ($what eq "groups") { # popup question - return __("You have used the group name as a part of the password. -This is not a good security practice. Really use this password?"); + return __("You have used the group name as a part of the password."); } # popup question - return __("You have used the username as a part of the password. -This is not a good security practice. Really use this password?"); + return __("You have used the username as a part of the password."); } # check for lowercase @@ -626,8 +624,7 @@ $filtered =~ s/[[:lower:]]//g; if ($filtered eq "") { # popup question - return __("You have used only lowercase letters for the password. -This is not a good security practice. Really use this password?"); + return __("You have used only lowercase letters for the password."); } # check for uppercase @@ -635,16 +632,14 @@ $filtered =~ s/[[:upper:]]//g; if ($filtered eq "") { # popup question - return __("You have used only uppercase letters for the password. -This is not a good security practice. Really use this password?"); + return __("You have used only uppercase letters for the password."); } # check for palindroms $filtered = reverse $pw; if ($filtered eq $pw) { # popup question - return __("You have used a palindrom for the password. -This is not a good security practice. Really use this password?"); + return __("You have used a palindrom for the password."); } # check for numbers @@ -652,8 +647,7 @@ $filtered =~ s/[0-9]//g; if ($filtered eq "") { # popup question - return __("You have used only digits for the password. -This is not a good security practice. Really use this password?"); + return __("You have used only digits for the password."); } return ""; } @@ -676,7 +670,7 @@ if (length ($pw) > $max_length) { # popup question $ret = sprintf (__("The password is too long for the current encryption method. -Truncate it to %s characters?"), $max_length); +It will be truncated to %s characters."), $max_length); } return $ret; } @@ -734,72 +728,55 @@ return ""; } -##------------------------------------ # Check the password of given user or group: part 2, checking for # problems that may be skipped (accepted) by user # @param data map containing user/group name, password and type -# @param answer map containing all the problems that were already skipped by -# user -# @return value is map with the problem found FIXME example +# +# Merges all error reports and returns them in the list BEGIN { $TYPEINFO{CheckPasswordUI} = ["function", - ["map", "string", "string"], - ["map", "string", "any"], ["map", "string", "any"]]; + ["list", "string"], + ["map", "string", "any"]]; } sub CheckPasswordUI { - my ($self, $data, $ui_map) = @_; + my ($self, $data) = @_; my $pw = $data->{"userPassword"} || ""; my $name = $data->{"uid"}; $name = ($data->{"cn"} || "") if (!defined $name); my $type = $data->{"type"} || "local"; my $min_length = $self->GetMinPasswordLength ($type); - my %ret = (); + my @ret = (); if ($pw eq "") { - return \%ret; + return \@ret; } - if ($self->CrackLibUsed () && (($ui_map->{"crack"} || "") ne $pw)) { + if ($self->CrackLibUsed ()) { my $error = $self->CrackPassword ($pw); if ($error ne "") { - $ret{"question_id"} = "crack"; - # popup question - $ret{"question"} = sprintf (__("The password is too simple: -%s -Really use this password?"), $error); - return \%ret; + # error message + push @ret, sprintf (__("The password is too simple: +%s."), $error); } } - if ($self->ObscureChecksUsed () && (($ui_map->{"obscure"} || "") ne $pw)) { + if (1) {#$self->ObscureChecksUsed ()) { my $what = "users"; $what = "groups" if (! defined $data->{"uid"}); my $error = $self->CheckObscurity ($name, $pw, $what); - if ($error ne "") { - $ret{"question_id"} = "obscure"; - $ret{"question"} = $error; - return \%ret; - } + push @ret, $error if $error; } - if (($ui_map->{"short"} || "") ne $pw) { - if (length ($pw) < $min_length) { - $ret{"question_id"} = "short"; - # popup questionm, %i is number - $ret{"question"} = sprintf (__("The password should have at least %i characters. -Really use this shorter password?"), $min_length); - } + if (length ($pw) < $min_length) { + # popup error, %i is number + push @ret, sprintf (__("The password should have at least %i characters."), $min_length); } - if (($ui_map->{"truncate"} || "") ne $pw) { - my $error = $self->CheckPasswordMaxLength ($pw, $type); - if ($error ne "") { - $ret{"question_id"} = "truncate"; - $ret{"question"} = $error; - } - } - return \%ret; + my $error = $self->CheckPasswordMaxLength ($pw, $type); + push @ret, $error if $error; + + return \@ret; } ##------------------------------------ Modified: branches/SuSE-Code-11-Branch/users/src/dialogs.ycp URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-Branch/users/src/dialogs.ycp?rev=61665&r1=61664&r2=61665&view=diff ============================================================================== --- branches/SuSE-Code-11-Branch/users/src/dialogs.ycp (original) +++ branches/SuSE-Code-11-Branch/users/src/dialogs.ycp Mon Apr 12 08:45:17 2010 @@ -1034,29 +1034,22 @@ focus_tab (current, `pw1); continue; } - boolean failed = false; - do - { - error_map = UsersSimple::CheckPasswordUI ($[ + + list<string> errors = UsersSimple::CheckPasswordUI ($[ "uid" : username, "userPassword" : pw1, "type" : user_type - ], ui_map); - if (error_map != $[]) + ]); + if (errors != []) + { + string message = mergestring (errors, "\n\n") + + // last part of message popup + "\n\n" + _("Really use this password?"); + if (!Popup::YesNo (message)) { - if (!Popup::YesNo (error_map ["question"]:"")) - { - failed = true; - } - else - ui_map[ error_map["question_id"]:"" ] = pw1; + focus_tab (current, `pw1); + continue; } - } while (error_map != $[] && !failed); - - if (failed) - { - focus_tab (current, `pw1); - continue; } // now saving plain text password if (user["encrypted"]:false) @@ -2083,29 +2076,24 @@ focus_tab (current, `pw1); continue; } - boolean failed = false; - do - { - error_map = UsersSimple::CheckPasswordUI ($[ + + list<string> errors = UsersSimple::CheckPasswordUI ($[ "cn" : new_groupname, "userPassword" : pw1, "type" : group_type - ], ui_map); - if (error_map != $[]) + ]); + if (errors != []) + { + string message = mergestring (errors, "\n\n") + + // last part of message popup + "\n\n" + _("Really use this password?"); + if (!Popup::YesNo (message)) { - if (!Popup::YesNo (error_map ["question"]:"")) - { - failed = true; - } - else - ui_map[ error_map["question_id"]:"" ] = pw1; + focus_tab (current, `pw1); + continue; } - } while (error_map != $[] && !failed); - if (failed) - { - focus_tab (current, `pw1); - continue; } + password = pw1; if (group["encrypted"]:false) group["encrypted"] = false; Modified: branches/SuSE-Code-11-Branch/users/src/inst_root.ycp URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-Branch/users/src/inst_root.ycp?rev=61665&r1=61664&r2=61665&view=diff ============================================================================== --- branches/SuSE-Code-11-Branch/users/src/inst_root.ycp (original) +++ branches/SuSE-Code-11-Branch/users/src/inst_root.ycp Mon Apr 12 08:45:17 2010 @@ -198,53 +198,30 @@ continue; } - // map returned from CheckPasswordUI functions - map error_map = $[]; - // map with id's of confirmed questions - map ui_map = $[]; - boolean failed = false; + list<string> errors = UsersSimple::CheckPasswordUI ($[ + "uid" : "root", + "userPassword" : pw1, + "type" : "system", + ]); if (check_CA_constraints && (size (pw1) < pw_min_CA)) { - if (Popup::YesNo (sformat ( + errors = add (errors, sformat ( // yes/no popup question, %1 is a number _("If you intend to create certificates, -the password should have at least %1 characters. -Really use this shorter password?"), pw_min_CA))) - { - // skip other checks for short passwords - ui_map["short"] = 1; - } - else - { - ret = `notnext; - continue; - } +the password should have at least %1 characters."), pw_min_CA)); } - do + + if (errors != []) { - error_map = UsersSimple::CheckPasswordUI ($[ - "uid" : "root", - "userPassword" : pw1, - "type" : "system", - ], ui_map); - if (error_map != $[]) + string message = mergestring (errors, "\n\n") + + // last part of message popup + "\n\n" + _("Really use this password?"); + if (!Popup::YesNo (message)) { - if (!Popup::YesNo (error_map ["question"]:"")) - { - failed = true; - } - else - { - ui_map[ error_map["question_id"]:"" ] = pw1; - } + ret = `notnext; + continue; } - } while (error_map != $[] && !failed); - - if (failed) - { - ret = `notnext; - continue; } Users::WriteSecurity (); Modified: branches/SuSE-Code-11-Branch/users/src/inst_root_first.ycp URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-Branch/users/src/inst_root_first.ycp?rev=61665&r1=61664&r2=61665&view=diff ============================================================================== --- branches/SuSE-Code-11-Branch/users/src/inst_root_first.ycp (original) +++ branches/SuSE-Code-11-Branch/users/src/inst_root_first.ycp Mon Apr 12 08:45:17 2010 @@ -100,8 +100,8 @@ Wizard::SetTitleIcon("yast-users"); Wizard::SetContents (title, contents, helptext, - GetInstArgs::enable_back(), - GetInstArgs::enable_next()); + GetInstArgs::enable_back() || Mode::normal (), + GetInstArgs::enable_next() || Mode::normal ()); symbol ret = nil; @@ -160,44 +160,33 @@ boolean failed = false; UsersSimple::LoadCracklib (); + + list<string> errors = UsersSimple::CheckPasswordUI ($[ + "uid" : "root", + "userPassword" : pw1, + "type" : "system", + ]); + if (check_CA_constraints && (size (pw1) < pw_min_CA)) { - if (Popup::YesNo (sformat ( + errors = add (errors, sformat ( // yes/no popup question, %1 is a number _("If you intend to create certificates, -the password should have at least %1 characters. -Really use this shorter password?"), pw_min_CA))) - { - // skip other checks for short passwords - ui_map["short"] = pw1; - } - else +the password should have at least %1 characters."), pw_min_CA)); + } + + if (errors != []) + { + string message = mergestring (errors, "\n\n") + + // last part of message popup + "\n\n" + _("Really use this password?"); + if (!Popup::YesNo (message)) { ret = `notnext; continue; } } - do - { - error_map = UsersSimple::CheckPasswordUI ($[ - "uid" : "root", - "userPassword" : pw1, - "type" : "system", - ], ui_map); - if (error_map != $[]) - { - if (!Popup::YesNo (error_map ["question"]:"")) - failed = true; - else - ui_map[ error_map["question_id"]:"" ] = pw1; - } - } while (error_map != $[] && !failed); - if (failed) - { - ret = `notnext; - continue; - } UsersSimple::SetRootPassword (pw1); UsersSimple::UnLoadCracklib (); } Modified: branches/SuSE-Code-11-Branch/users/src/inst_user_first.ycp URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-Branch/users/src/inst_user_first.ycp?rev=61665&r1=61664&r2=61665&view=diff ============================================================================== --- branches/SuSE-Code-11-Branch/users/src/inst_user_first.ycp (original) +++ branches/SuSE-Code-11-Branch/users/src/inst_user_first.ycp Mon Apr 12 08:45:17 2010 @@ -707,47 +707,35 @@ UI::SetFocus (`id (`pw1)); continue; } - boolean failed = false; - if (root_pw && check_CA_constraints && size (pw1) < pw_min_CA) + UsersSimple::LoadCracklib (); + + list<string> errors = UsersSimple::CheckPasswordUI ($[ + "uid" : username, + "userPassword" : pw1, + "type" : "local", + ]); + + if (root_pw && check_CA_constraints && (size (pw1) < pw_min_CA)) { - if (Popup::YesNo (sformat ( + errors = add (errors, sformat ( // yes/no popup question, %1 is a number _("If you intend to create certificates, -the password should have at least %1 characters. -Really use this shorter password?"), pw_min_CA))) - { - // skip other checks for short passwords - ui_map["short"] = pw1; - } - else +the password should have at least %1 characters."), pw_min_CA)); + } + + if (errors != []) + { + string message = mergestring (errors, "\n\n") + + // last part of message popup + "\n\n" + _("Really use this password?"); + if (!Popup::YesNo (message)) { ret = `notnext; UI::SetFocus (`id (`pw1)); continue; } } - do - { - UsersSimple::LoadCracklib (); - error_map = UsersSimple::CheckPasswordUI ($[ - "uid" : username, - "userPassword" : pw1, - "type" : "local", - ], ui_map); - if (error_map != $[]) - { - if (!Popup::YesNo (error_map ["question"]:"")) - failed = true; - else - ui_map[ error_map["question_id"]:"" ] = pw1; - } - } while (error_map != $[] && !failed); - if (failed) - { - UI::SetFocus (`id (`pw1)); - continue; - } // set UID if home directory is found on future home partition password = pw1; } Modified: branches/SuSE-Code-11-Branch/users/testsuite/tests/CheckPassword.out URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-Branch/users/testsuite/tests/CheckPassword.out?rev=61665&r1=61664&r2=61665&view=diff ============================================================================== --- branches/SuSE-Code-11-Branch/users/testsuite/tests/CheckPassword.out (original) +++ branches/SuSE-Code-11-Branch/users/testsuite/tests/CheckPassword.out Mon Apr 12 08:45:17 2010 @@ -1,18 +1,18 @@ Execute .crack "qqqqq" "" -Return $["question":"You have used only lowercase letters for the password.\nThis is not a good security practice. Really use this password?", "question_id":"obscure"] +Return ["You have used only lowercase letters for the password."] Execute .crack "QQQQQ" "" -Return $["question":"You have used only uppercase letters for the password.\nThis is not a good security practice. Really use this password?", "question_id":"obscure"] +Return ["You have used only uppercase letters for the password."] Execute .crack "12hh5" "" -Return $["question":"You have used the username as a part of the password.\nThis is not a good security practice. Really use this password?", "question_id":"obscure"] +Return ["You have used the username as a part of the password."] Execute .crack "12345" "" -Return $["question":"You have used only digits for the password.\nThis is not a good security practice. Really use this password?", "question_id":"obscure"] +Return ["You have used only digits for the password."] Execute .crack "aaaQQaaa" "" -Return $["question":"You have used a palindrom for the password.\nThis is not a good security practice. Really use this password?", "question_id":"obscure"] +Return ["You have used a palindrom for the password."] Execute .crack "1a" "" -Return $["question":"The password should have at least 5 characters.\nReally use this shorter password?", "question_id":"short"] +Return ["The password should have at least 5 characters."] Return nil Execute .crack "1aaaaaaaaaaaaaaaaa" "" -Return $["question":"The password is too long for the current encryption method.\nTruncate it to 8 characters?", "question_id":"truncate"] +Return ["The password is too long for the current encryption method.\nIt will be truncated to 8 characters."] Dump -------- password: `!@#$%^&*()-=_+| Return Dump -------- password: [];',./{}:"<> Modified: branches/SuSE-Code-11-Branch/users/testsuite/tests/CheckPassword.ycp URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-Branch/users/testsuite/tests/CheckPassword.ycp?rev=61665&r1=61664&r2=61665&view=diff ============================================================================== --- branches/SuSE-Code-11-Branch/users/testsuite/tests/CheckPassword.ycp (original) +++ branches/SuSE-Code-11-Branch/users/testsuite/tests/CheckPassword.ycp Mon Apr 12 08:45:17 2010 @@ -21,7 +21,7 @@ "uid" : username, "userPassword" : pw, "type" : "local" - ], $[])), [R,W,E], 0); + ])), [R,W,E], 0); } define void test_contents (string pw) { -- To unsubscribe, e-mail: yast-commit+unsubscribe@opensuse.org For additional commands, e-mail: yast-commit+help@opensuse.org