Mailinglist Archive: yast-commit (590 mails)

< Previous Next >
[yast-commit] r61665 - in /branches/SuSE-Code-11-Branch/users: ./ package/ src/ testsuite/tests/
  • From: jsuchome@xxxxxxxxxxxxxxxx
  • Date: Mon, 12 Apr 2010 06:45:17 -0000
  • Message-id: <E1O1DOX-0006Cx-N9@xxxxxxxxxxxxxxxx>
Author: jsuchome
Date: Mon Apr 12 08:45:17 2010
New Revision: 61665

URL: http://svn.opensuse.org/viewcvs/yast?rev=61665&view=rev
Log:
- combine password warnings into one popup dialog (bnc#571777)
- 2.17.28.4


Modified:
branches/SuSE-Code-11-Branch/users/VERSION
branches/SuSE-Code-11-Branch/users/package/yast2-users.changes
branches/SuSE-Code-11-Branch/users/src/Users.pm
branches/SuSE-Code-11-Branch/users/src/UsersSimple.pm
branches/SuSE-Code-11-Branch/users/src/dialogs.ycp
branches/SuSE-Code-11-Branch/users/src/inst_root.ycp
branches/SuSE-Code-11-Branch/users/src/inst_root_first.ycp
branches/SuSE-Code-11-Branch/users/src/inst_user_first.ycp
branches/SuSE-Code-11-Branch/users/testsuite/tests/CheckPassword.out
branches/SuSE-Code-11-Branch/users/testsuite/tests/CheckPassword.ycp

Modified: branches/SuSE-Code-11-Branch/users/VERSION
URL:
http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-Branch/users/VERSION?rev=61665&r1=61664&r2=61665&view=diff
==============================================================================
--- branches/SuSE-Code-11-Branch/users/VERSION (original)
+++ branches/SuSE-Code-11-Branch/users/VERSION Mon Apr 12 08:45:17 2010
@@ -1 +1 @@
-2.17.28.3
+2.17.28.4

Modified: branches/SuSE-Code-11-Branch/users/package/yast2-users.changes
URL:
http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-Branch/users/package/yast2-users.changes?rev=61665&r1=61664&r2=61665&view=diff
==============================================================================
--- branches/SuSE-Code-11-Branch/users/package/yast2-users.changes (original)
+++ branches/SuSE-Code-11-Branch/users/package/yast2-users.changes Mon Apr 12
08:45:17 2010
@@ -1,4 +1,10 @@
-------------------------------------------------------------------
+Thu Apr 8 14:17:53 CEST 2010 - jsuchome@xxxxxxx
+
+- combine password warnings into one popup dialog (bnc#571777)
+- 2.17.28.4
+
+-------------------------------------------------------------------
Wed Mar 10 13:02:43 CET 2010 - jsuchome@xxxxxxx

- check for autologin status also during firstboot (bnc#576899)

Modified: branches/SuSE-Code-11-Branch/users/src/Users.pm
URL:
http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-Branch/users/src/Users.pm?rev=61665&r1=61664&r2=61665&view=diff
==============================================================================
--- branches/SuSE-Code-11-Branch/users/src/Users.pm (original)
+++ branches/SuSE-Code-11-Branch/users/src/Users.pm Mon Apr 12 08:45:17 2010
@@ -4949,88 +4949,6 @@
return "";
}

-##------------------------------------
-# Check the password of current user for the valid characters
-# This function is OBSOLETE, use UsersSimple->CheckPassword instead
-# return value is error message
-BEGIN { $TYPEINFO{CheckPassword} = ["function", "string", "string"]; }
-sub CheckPassword {
-
- my $self = shift;
- my $pw = shift;
- my $type = UsersCache->GetUserType ();
- y2warning ("This function is OBSOLETE, use UsersSimple->CheckPassword");
- return UsersSimple->CheckPassword ($pw, $type);
-}
-
-
-##------------------------------------
-# Check the password of given user or group: part 2, checking for
-# problems that may be skipped (accepted) by user
-# This function is OBSOLETE, it is here just for compatibility reasons, new
-# function UsersSimple->CheckPasswordUI has different API)
-# @return value is map with the problem found
-BEGIN { $TYPEINFO{CheckPasswordUI} = ["function",
- ["map", "string", "string"],
- "string", "string", ["map", "string", "any"]];
-}
-sub CheckPasswordUI {
-
- my $self = shift;
- my $name = $_[0];
- my $pw = $_[1];
- my %ui_map = %{$_[2]};
- my $type = UsersCache->GetUserType ();
- my $min_length = $self->GetMinPasswordLength ();
- my %ret = ();
-
- y2warning ("this function is obsolete, use UsersSimple->CheckPasswordUI");
- if ($pw eq "") {
- return \%ret;
- }
-
- if (UsersSimple->CrackLibUsed () && (($ui_map{"crack"} || "") ne $pw)) {
- my $error = UsersSimple->CrackPassword ($pw);
- if ($error ne "") {
- $ret{"question_id"} = "crack";
- # popup question
- $ret{"question"} = sprintf (__("The password is too simple:
-%s
-Really use this password?"), $error);
- return \%ret;
- }
- }
-
- if (UsersSimple->ObscureChecksUsed () &&
- (($ui_map{"obscure"} || "") ne $pw))
- {
- my $error = UsersSimple->CheckObscurity ($name, $pw,
UsersCache->GetCurrentSummary ());
- if ($error ne "") {
- $ret{"question_id"} = "obscure";
- $ret{"question"} = $error;
- return \%ret;
- }
- }
-
- if (($ui_map{"short"} || "") ne $pw) {
- if (length ($pw) < $min_length) {
- $ret{"question_id"} = "short";
- # popup questionm, %i is number
- $ret{"question"} = sprintf (__("The password should have at
least %i characters.
-Really use this shorter password?"), $min_length);
- }
- }
-
- if (($ui_map{"truncate"} || "") ne $pw) {
- my $error = UsersSimple->CheckPasswordMaxLength ($pw, $type);
- if ($error ne "") {
- $ret{"question_id"} = "truncate";
- $ret{"question"} = $error;
- }
- }
- return \%ret;
-}
-

##------------------------------------
# Check if it is possible to write (=create homes) to given directory

Modified: branches/SuSE-Code-11-Branch/users/src/UsersSimple.pm
URL:
http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-Branch/users/src/UsersSimple.pm?rev=61665&r1=61664&r2=61665&view=diff
==============================================================================
--- branches/SuSE-Code-11-Branch/users/src/UsersSimple.pm (original)
+++ branches/SuSE-Code-11-Branch/users/src/UsersSimple.pm Mon Apr 12 08:45:17
2010
@@ -613,12 +613,10 @@
if ($pw =~ m/$name/) {
if ($what eq "groups") {
# popup question
- return __("You have used the group name as a part of the password.
-This is not a good security practice. Really use this password?");
+ return __("You have used the group name as a part of the
password.");
}
# popup question
- return __("You have used the username as a part of the password.
-This is not a good security practice. Really use this password?");
+ return __("You have used the username as a part of the password.");
}

# check for lowercase
@@ -626,8 +624,7 @@
$filtered =~ s/[[:lower:]]//g;
if ($filtered eq "") {
# popup question
- return __("You have used only lowercase letters for the password.
-This is not a good security practice. Really use this password?");
+ return __("You have used only lowercase letters for the password.");
}

# check for uppercase
@@ -635,16 +632,14 @@
$filtered =~ s/[[:upper:]]//g;
if ($filtered eq "") {
# popup question
- return __("You have used only uppercase letters for the password.
-This is not a good security practice. Really use this password?");
+ return __("You have used only uppercase letters for the password.");
}

# check for palindroms
$filtered = reverse $pw;
if ($filtered eq $pw) {
# popup question
- return __("You have used a palindrom for the password.
-This is not a good security practice. Really use this password?");
+ return __("You have used a palindrom for the password.");
}

# check for numbers
@@ -652,8 +647,7 @@
$filtered =~ s/[0-9]//g;
if ($filtered eq "") {
# popup question
- return __("You have used only digits for the password.
-This is not a good security practice. Really use this password?");
+ return __("You have used only digits for the password.");
}
return "";
}
@@ -676,7 +670,7 @@
if (length ($pw) > $max_length) {
# popup question
$ret = sprintf (__("The password is too long for the current
encryption method.
-Truncate it to %s characters?"), $max_length);
+It will be truncated to %s characters."), $max_length);
}
return $ret;
}
@@ -734,72 +728,55 @@
return "";
}

-##------------------------------------
# Check the password of given user or group: part 2, checking for
# problems that may be skipped (accepted) by user
# @param data map containing user/group name, password and type
-# @param answer map containing all the problems that were already skipped by
-# user
-# @return value is map with the problem found FIXME example
+#
+# Merges all error reports and returns them in the list
BEGIN { $TYPEINFO{CheckPasswordUI} = ["function",
- ["map", "string", "string"],
- ["map", "string", "any"], ["map", "string", "any"]];
+ ["list", "string"],
+ ["map", "string", "any"]];
}
sub CheckPasswordUI {

- my ($self, $data, $ui_map) = @_;
+ my ($self, $data) = @_;
my $pw = $data->{"userPassword"} || "";
my $name = $data->{"uid"};
$name = ($data->{"cn"} || "") if (!defined $name);
my $type = $data->{"type"} || "local";
my $min_length = $self->GetMinPasswordLength ($type);

- my %ret = ();
+ my @ret = ();

if ($pw eq "") {
- return \%ret;
+ return \@ret;
}

- if ($self->CrackLibUsed () && (($ui_map->{"crack"} || "") ne $pw)) {
+ if ($self->CrackLibUsed ()) {
my $error = $self->CrackPassword ($pw);
if ($error ne "") {
- $ret{"question_id"} = "crack";
- # popup question
- $ret{"question"} = sprintf (__("The password is too simple:
-%s
-Really use this password?"), $error);
- return \%ret;
+ # error message
+ push @ret, sprintf (__("The password is too simple:
+%s."), $error);
}
}

- if ($self->ObscureChecksUsed () && (($ui_map->{"obscure"} || "") ne $pw)) {
+ if (1) {#$self->ObscureChecksUsed ()) {
my $what = "users";
$what = "groups" if (! defined $data->{"uid"});
my $error = $self->CheckObscurity ($name, $pw, $what);
- if ($error ne "") {
- $ret{"question_id"} = "obscure";
- $ret{"question"} = $error;
- return \%ret;
- }
+ push @ret, $error if $error;
}

- if (($ui_map->{"short"} || "") ne $pw) {
- if (length ($pw) < $min_length) {
- $ret{"question_id"} = "short";
- # popup questionm, %i is number
- $ret{"question"} = sprintf (__("The password should have at
least %i characters.
-Really use this shorter password?"), $min_length);
- }
+ if (length ($pw) < $min_length) {
+ # popup error, %i is number
+ push @ret, sprintf (__("The password should have at least %i
characters."), $min_length);
}

- if (($ui_map->{"truncate"} || "") ne $pw) {
- my $error = $self->CheckPasswordMaxLength ($pw, $type);
- if ($error ne "") {
- $ret{"question_id"} = "truncate";
- $ret{"question"} = $error;
- }
- }
- return \%ret;
+ my $error = $self->CheckPasswordMaxLength ($pw, $type);
+ push @ret, $error if $error;
+
+ return \@ret;
}

##------------------------------------

Modified: branches/SuSE-Code-11-Branch/users/src/dialogs.ycp
URL:
http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-Branch/users/src/dialogs.ycp?rev=61665&r1=61664&r2=61665&view=diff
==============================================================================
--- branches/SuSE-Code-11-Branch/users/src/dialogs.ycp (original)
+++ branches/SuSE-Code-11-Branch/users/src/dialogs.ycp Mon Apr 12 08:45:17 2010
@@ -1034,29 +1034,22 @@
focus_tab (current, `pw1);
continue;
}
- boolean failed = false;
- do
- {
- error_map = UsersSimple::CheckPasswordUI ($[
+
+ list<string> errors = UsersSimple::CheckPasswordUI ($[
"uid" : username,
"userPassword" : pw1,
"type" : user_type
- ], ui_map);
- if (error_map != $[])
+ ]);
+ if (errors != [])
+ {
+ string message = mergestring (errors, "\n\n") +
+ // last part of message popup
+ "\n\n" + _("Really use this password?");
+ if (!Popup::YesNo (message))
{
- if (!Popup::YesNo (error_map ["question"]:""))
- {
- failed = true;
- }
- else
- ui_map[ error_map["question_id"]:"" ] = pw1;
+ focus_tab (current, `pw1);
+ continue;
}
- } while (error_map != $[] && !failed);
-
- if (failed)
- {
- focus_tab (current, `pw1);
- continue;
}
// now saving plain text password
if (user["encrypted"]:false)
@@ -2083,29 +2076,24 @@
focus_tab (current, `pw1);
continue;
}
- boolean failed = false;
- do
- {
- error_map = UsersSimple::CheckPasswordUI ($[
+
+ list<string> errors = UsersSimple::CheckPasswordUI ($[
"cn" : new_groupname,
"userPassword" : pw1,
"type" : group_type
- ], ui_map);
- if (error_map != $[])
+ ]);
+ if (errors != [])
+ {
+ string message = mergestring (errors, "\n\n") +
+ // last part of message popup
+ "\n\n" + _("Really use this password?");
+ if (!Popup::YesNo (message))
{
- if (!Popup::YesNo (error_map ["question"]:""))
- {
- failed = true;
- }
- else
- ui_map[ error_map["question_id"]:"" ] = pw1;
+ focus_tab (current, `pw1);
+ continue;
}
- } while (error_map != $[] && !failed);
- if (failed)
- {
- focus_tab (current, `pw1);
- continue;
}
+
password = pw1;
if (group["encrypted"]:false)
group["encrypted"] = false;

Modified: branches/SuSE-Code-11-Branch/users/src/inst_root.ycp
URL:
http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-Branch/users/src/inst_root.ycp?rev=61665&r1=61664&r2=61665&view=diff
==============================================================================
--- branches/SuSE-Code-11-Branch/users/src/inst_root.ycp (original)
+++ branches/SuSE-Code-11-Branch/users/src/inst_root.ycp Mon Apr 12 08:45:17
2010
@@ -198,53 +198,30 @@
continue;
}

- // map returned from CheckPasswordUI functions
- map error_map = $[];
- // map with id's of confirmed questions
- map<string,any> ui_map = $[];
- boolean failed = false;
+ list<string> errors = UsersSimple::CheckPasswordUI ($[
+ "uid" : "root",
+ "userPassword" : pw1,
+ "type" : "system",
+ ]);

if (check_CA_constraints && (size (pw1) < pw_min_CA))
{
- if (Popup::YesNo (sformat (
+ errors = add (errors, sformat (
// yes/no popup question, %1 is a number
_("If you intend to create certificates,
-the password should have at least %1 characters.
-Really use this shorter password?"), pw_min_CA)))
- {
- // skip other checks for short passwords
- ui_map["short"] = 1;
- }
- else
- {
- ret = `notnext;
- continue;
- }
+the password should have at least %1 characters."), pw_min_CA));
}
- do
+
+ if (errors != [])
{
- error_map = UsersSimple::CheckPasswordUI ($[
- "uid" : "root",
- "userPassword" : pw1,
- "type" : "system",
- ], ui_map);
- if (error_map != $[])
+ string message = mergestring (errors, "\n\n") +
+ // last part of message popup
+ "\n\n" + _("Really use this password?");
+ if (!Popup::YesNo (message))
{
- if (!Popup::YesNo (error_map ["question"]:""))
- {
- failed = true;
- }
- else
- {
- ui_map[ error_map["question_id"]:"" ] = pw1;
- }
+ ret = `notnext;
+ continue;
}
- } while (error_map != $[] && !failed);
-
- if (failed)
- {
- ret = `notnext;
- continue;
}

Users::WriteSecurity ();

Modified: branches/SuSE-Code-11-Branch/users/src/inst_root_first.ycp
URL:
http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-Branch/users/src/inst_root_first.ycp?rev=61665&r1=61664&r2=61665&view=diff
==============================================================================
--- branches/SuSE-Code-11-Branch/users/src/inst_root_first.ycp (original)
+++ branches/SuSE-Code-11-Branch/users/src/inst_root_first.ycp Mon Apr 12
08:45:17 2010
@@ -100,8 +100,8 @@

Wizard::SetTitleIcon("yast-users");
Wizard::SetContents (title, contents, helptext,
- GetInstArgs::enable_back(),
- GetInstArgs::enable_next());
+ GetInstArgs::enable_back() || Mode::normal (),
+ GetInstArgs::enable_next() || Mode::normal ());

symbol ret = nil;

@@ -160,44 +160,33 @@
boolean failed = false;

UsersSimple::LoadCracklib ();
+
+ list<string> errors = UsersSimple::CheckPasswordUI ($[
+ "uid" : "root",
+ "userPassword" : pw1,
+ "type" : "system",
+ ]);
+
if (check_CA_constraints && (size (pw1) < pw_min_CA))
{
- if (Popup::YesNo (sformat (
+ errors = add (errors, sformat (
// yes/no popup question, %1 is a number
_("If you intend to create certificates,
-the password should have at least %1 characters.
-Really use this shorter password?"), pw_min_CA)))
- {
- // skip other checks for short passwords
- ui_map["short"] = pw1;
- }
- else
+the password should have at least %1 characters."), pw_min_CA));
+ }
+
+ if (errors != [])
+ {
+ string message = mergestring (errors, "\n\n") +
+ // last part of message popup
+ "\n\n" + _("Really use this password?");
+ if (!Popup::YesNo (message))
{
ret = `notnext;
continue;
}
}
- do
- {
- error_map = UsersSimple::CheckPasswordUI ($[
- "uid" : "root",
- "userPassword" : pw1,
- "type" : "system",
- ], ui_map);
- if (error_map != $[])
- {
- if (!Popup::YesNo (error_map ["question"]:""))
- failed = true;
- else
- ui_map[ error_map["question_id"]:"" ] = pw1;
- }
- } while (error_map != $[] && !failed);

- if (failed)
- {
- ret = `notnext;
- continue;
- }
UsersSimple::SetRootPassword (pw1);
UsersSimple::UnLoadCracklib ();
}

Modified: branches/SuSE-Code-11-Branch/users/src/inst_user_first.ycp
URL:
http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-Branch/users/src/inst_user_first.ycp?rev=61665&r1=61664&r2=61665&view=diff
==============================================================================
--- branches/SuSE-Code-11-Branch/users/src/inst_user_first.ycp (original)
+++ branches/SuSE-Code-11-Branch/users/src/inst_user_first.ycp Mon Apr 12
08:45:17 2010
@@ -707,47 +707,35 @@
UI::SetFocus (`id (`pw1));
continue;
}
- boolean failed = false;
- if (root_pw && check_CA_constraints && size (pw1) < pw_min_CA)
+ UsersSimple::LoadCracklib ();
+
+ list<string> errors = UsersSimple::CheckPasswordUI ($[
+ "uid" : username,
+ "userPassword" : pw1,
+ "type" : "local",
+ ]);
+
+ if (root_pw && check_CA_constraints && (size (pw1) < pw_min_CA))
{
- if (Popup::YesNo (sformat (
+ errors = add (errors, sformat (
// yes/no popup question, %1 is a number
_("If you intend to create certificates,
-the password should have at least %1 characters.
-Really use this shorter password?"), pw_min_CA)))
- {
- // skip other checks for short passwords
- ui_map["short"] = pw1;
- }
- else
+the password should have at least %1 characters."), pw_min_CA));
+ }
+
+ if (errors != [])
+ {
+ string message = mergestring (errors, "\n\n") +
+ // last part of message popup
+ "\n\n" + _("Really use this password?");
+ if (!Popup::YesNo (message))
{
ret = `notnext;
UI::SetFocus (`id (`pw1));
continue;
}
}
- do
- {
- UsersSimple::LoadCracklib ();
- error_map = UsersSimple::CheckPasswordUI ($[
- "uid" : username,
- "userPassword" : pw1,
- "type" : "local",
- ], ui_map);
- if (error_map != $[])
- {
- if (!Popup::YesNo (error_map ["question"]:""))
- failed = true;
- else
- ui_map[ error_map["question_id"]:"" ] = pw1;
- }
- } while (error_map != $[] && !failed);

- if (failed)
- {
- UI::SetFocus (`id (`pw1));
- continue;
- }
// set UID if home directory is found on future home partition
password = pw1;
}

Modified: branches/SuSE-Code-11-Branch/users/testsuite/tests/CheckPassword.out
URL:
http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-Branch/users/testsuite/tests/CheckPassword.out?rev=61665&r1=61664&r2=61665&view=diff
==============================================================================
--- branches/SuSE-Code-11-Branch/users/testsuite/tests/CheckPassword.out
(original)
+++ branches/SuSE-Code-11-Branch/users/testsuite/tests/CheckPassword.out Mon
Apr 12 08:45:17 2010
@@ -1,18 +1,18 @@
Execute .crack "qqqqq" ""
-Return $["question":"You have used only lowercase letters for the
password.\nThis is not a good security practice. Really use this password?",
"question_id":"obscure"]
+Return ["You have used only lowercase letters for the password."]
Execute .crack "QQQQQ" ""
-Return $["question":"You have used only uppercase letters for the
password.\nThis is not a good security practice. Really use this password?",
"question_id":"obscure"]
+Return ["You have used only uppercase letters for the password."]
Execute .crack "12hh5" ""
-Return $["question":"You have used the username as a part of the
password.\nThis is not a good security practice. Really use this password?",
"question_id":"obscure"]
+Return ["You have used the username as a part of the password."]
Execute .crack "12345" ""
-Return $["question":"You have used only digits for the password.\nThis is not
a good security practice. Really use this password?", "question_id":"obscure"]
+Return ["You have used only digits for the password."]
Execute .crack "aaaQQaaa" ""
-Return $["question":"You have used a palindrom for the password.\nThis is not
a good security practice. Really use this password?", "question_id":"obscure"]
+Return ["You have used a palindrom for the password."]
Execute .crack "1a" ""
-Return $["question":"The password should have at least 5 characters.\nReally
use this shorter password?", "question_id":"short"]
+Return ["The password should have at least 5 characters."]
Return nil
Execute .crack "1aaaaaaaaaaaaaaaaa" ""
-Return $["question":"The password is too long for the current encryption
method.\nTruncate it to 8 characters?", "question_id":"truncate"]
+Return ["The password is too long for the current encryption method.\nIt will
be truncated to 8 characters."]
Dump -------- password: `!@#$%^&*()-=_+|
Return
Dump -------- password: [];',./{}:"<>

Modified: branches/SuSE-Code-11-Branch/users/testsuite/tests/CheckPassword.ycp
URL:
http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-Branch/users/testsuite/tests/CheckPassword.ycp?rev=61665&r1=61664&r2=61665&view=diff
==============================================================================
--- branches/SuSE-Code-11-Branch/users/testsuite/tests/CheckPassword.ycp
(original)
+++ branches/SuSE-Code-11-Branch/users/testsuite/tests/CheckPassword.ycp Mon
Apr 12 08:45:17 2010
@@ -21,7 +21,7 @@
"uid" : username,
"userPassword" : pw,
"type" : "local"
- ], $[])), [R,W,E], 0);
+ ])), [R,W,E], 0);
}

define void test_contents (string pw) {

--
To unsubscribe, e-mail: yast-commit+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: yast-commit+help@xxxxxxxxxxxx

< Previous Next >
This Thread
  • No further messages