[node-patches] Change in ovirt-node[master]: security: Add password_check

fabiand at fedoraproject.org fabiand at fedoraproject.org
Fri May 31 10:18:35 UTC 2013 

Fabian Deutsch has uploaded a new change for review.

Change subject: security: Add password_check
......................................................................

security: Add password_check

The password_check function was migrated to the security module and is
now also used by ovirtfunctions.

Change-Id: Id111da3a61b74213eb8c254de3d8e4d7805bdcc2
Signed-off-by: Fabian Deutsch <fabiand at fedoraproject.org>
---
M src/ovirt/node/utils/security.py
M src/ovirtnode/ovirtfunctions.py
2 files changed, 63 insertions(+), 34 deletions(-)


  git pull ssh://gerrit.ovirt.org:29418/ovirt-node refs/changes/49/15249/1

diff --git a/src/ovirt/node/utils/security.py b/src/ovirt/node/utils/security.py
index 22ef934..f7c15b3 100644
--- a/src/ovirt/node/utils/security.py
+++ b/src/ovirt/node/utils/security.py
@@ -19,15 +19,65 @@
 # MA  02110-1301, USA.  A copy of the GNU General Public License is
 # also available at http://www.gnu.org/copyleft/gpl.html.
 from ovirt.node import base, valid, utils
-import process
+import PAM as _PAM # @UnresolvedImport
+import cracklib
 import os.path
-import PAM as _PAM  # @UnresolvedImport
+import process
 
 """
 Some convenience functions related to security
 """
 
 
+def password_check(password, confirmation, min_length=1):
+    '''
+    Do some password checks
+    Returns:
+        A message about a possibly weak password
+
+    >>> password_check("", "") is None
+    True
+
+    >>> msg = password_check("foo", "foo")
+    >>> "You have provided a weak password" in msg
+    True
+
+    >>> password_check("foo", "foo", 5)
+    Traceback (most recent call last):
+    ValueError: Password must be at least 5 characters
+
+    >>> password_check("foo", "bar")
+    Traceback (most recent call last):
+    ValueError: Passwords Do Not Match
+
+    >>> password_check("foo", "")
+    Traceback (most recent call last):
+    ValueError: Please Confirm Password
+    '''
+    message = None
+
+    if len(password) is 0 and min_length is not 0:
+        pass
+    elif len(password) < min_length:
+        raise ValueError("Password must be at least %d characters" %
+                         min_length)
+    elif password != "" and confirmation == "":
+        raise ValueError("Please Confirm Password")
+    elif password != confirmation:
+        raise ValueError("Passwords Do Not Match")
+    else:
+        try:
+            cracklib.FascistCheck(password)
+        except ValueError:
+            message = "You have provided a weak password!\n"
+            message += "Strong passwords contain a mix of uppercase,\n"
+            message += "lowercase, numeric and punctuation characters.\n"
+            message += "They are six or more characters long and\n"
+            message += "do not contain dictionary words"
+
+    return message
+
+
 class Passwd(base.Base):
     def set_password(self, username, password):
         import ovirtnode.password as opasswd
diff --git a/src/ovirtnode/ovirtfunctions.py b/src/ovirtnode/ovirtfunctions.py
index 26a47f5..616f13d 100644
--- a/src/ovirtnode/ovirtfunctions.py
+++ b/src/ovirtnode/ovirtfunctions.py
@@ -1419,48 +1419,27 @@
         return False
 
 def password_check(password_1, password_2, min_length=1):
-    '''
-    Do some password checks
-
-    >>> r, msg = password_check("", "")
-    >>> (r,  len(msg))
-    (1, 5)
-    >>> r, msg = password_check("foo", "bar")
-    >>> (r,  "Not Match" in msg)
-    (1, True)
-    '''
-    num_o_lines_to_expand = 7
-    accepted = False
+    from ovirt.node.utils import security
+    accepted = 0
     message = ""
+    num_o_lines_to_expand = 7
 
     if is_capslock_on():
         message = "Hint: Caps lock is on.\n"
 
-    if len(password_1) is 0 and min_length is not 0:
-        message += ""  # Intentional dummy
-    elif len(password_1) < min_length:
-        message += "Password must be at least %d characters" % min_length
-    elif password_1 != "" and password_2 == "":
-        message += "Please Confirm Password"
-    elif password_1 != password_2:
-        message += "Passwords Do Not Match"
-    else:
-        try:
-            cracklib.FascistCheck(password_1)
-            accepted = True
-        except ValueError, e:
-            message += "You have provided a weak password!\n"
-            message += "Strong passwords contain a mix of uppercase,\n"
-            message += "lowercase, numeric and punctuation characters.\n"
-            message += "They are six or more characters long and\n"
-            message += "do not contain dictionary words"
-            accepted = True
+    try:
+        msg = security.password_check(password_1, password_2, min_length)
+        if msg:
+            message += msg
+        accepted = 1
+    except ValueError as e:
+        message = e.message
 
     num_lines = message.count("\n") + 1
 
     # Modify message to span num_o_lines_to_expand lines
     message += (num_o_lines_to_expand - num_lines) * "\n"
-    accepted = 0 if accepted else 1
+
     return (accepted, message)
 
 def get_logrotate_size():


--
To view, visit http://gerrit.ovirt.org/15249
To unsubscribe, visit http://gerrit.ovirt.org/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: Id111da3a61b74213eb8c254de3d8e4d7805bdcc2
Gerrit-PatchSet: 1
Gerrit-Project: ovirt-node
Gerrit-Branch: master
Gerrit-Owner: Fabian Deutsch <fabiand at fedoraproject.org>

More information about the node-patches mailing list