Esempio n. 1
0
 def password_empty_ok_test(self):
     """Check if the empty_ok flag works correctly."""
     score, status, quality, error_message = validatePassword("",
                                                              empty_ok=True)
     self.assertEqual(score, 0)
     self.assertEqual(status, _(constants.PasswordStatus.EMPTY.value))
     self.assertEqual(quality, 0)
     self.assertIsNotNone(error_message)
     # empty_ok with password length
     score, status, quality, error_message = validatePassword("",
                                                              minlen=10,
                                                              empty_ok=True)
     self.assertEqual(score, 0)
     self.assertEqual(status, _(constants.PasswordStatus.EMPTY.value))
     self.assertEqual(quality, 0)
     self.assertIsNotNone(error_message)
     # non-empty passwords that are too short should still get a score of 0 & the "too short" message
     score, status, quality, error_message = validatePassword("123",
                                                              minlen=10,
                                                              empty_ok=True)
     self.assertEqual(score, 0)
     self.assertEqual(status, _(constants.PasswordStatus.TOO_SHORT.value))
     self.assertEqual(quality, 0)
     self.assertIsNotNone(error_message)
     # also check a long-enough password, just in case
     score, status, quality, error_message = validatePassword("1234567891",
                                                              minlen=10,
                                                              empty_ok=True)
     self.assertEqual(score, 1)
     self.assertEqual(status, _(constants.PasswordStatus.WEAK.value))
     self.assertEqual(quality, 0)
     self.assertIsNotNone(error_message)
 def password_empty_ok_test(self):
     """Check if the empty_ok flag works correctly."""
     score, status, quality, error_message = validatePassword("", empty_ok=True)
     self.assertEqual(score, 0)
     self.assertEqual(status, _(constants.PasswordStatus.EMPTY.value))
     self.assertEqual(quality, 0)
     self.assertIsNotNone(error_message)
     # empty_ok with password length
     score, status, quality, error_message = validatePassword("", minlen=10, empty_ok=True)
     self.assertEqual(score, 0)
     self.assertEqual(status, _(constants.PasswordStatus.EMPTY.value))
     self.assertEqual(quality, 0)
     self.assertIsNotNone(error_message)
     # non-empty passwords that are too short should still get a score of 0 & the "too short" message
     score, status, quality, error_message = validatePassword("123", minlen=10, empty_ok=True)
     self.assertEqual(score, 0)
     self.assertEqual(status, _(constants.PasswordStatus.TOO_SHORT.value))
     self.assertEqual(quality, 0)
     self.assertIsNotNone(error_message)
     # also check a long-enough password, just in case
     score, status, quality, error_message = validatePassword("1234567891", minlen=10, empty_ok=True)
     self.assertEqual(score, 1)
     self.assertEqual(status, _(constants.PasswordStatus.WEAK.value))
     self.assertEqual(quality, 0)
     self.assertIsNotNone(error_message)
 def password_empty_test(self):
     """Check if quality of an empty password is reported correctly."""
     score, status, quality, error_message = validatePassword("")
     self.assertEqual(score, 0)
     self.assertEqual(status, _(constants.PasswordStatus.EMPTY.value))
     self.assertEqual(quality, 0)
     self.assertIsNotNone(error_message)
     # empty password should override password-too-short messages
     score, status, quality, error_message = validatePassword("", minlen=10)
     self.assertEqual(score, 0)
     self.assertEqual(status, _(constants.PasswordStatus.EMPTY.value))
     self.assertEqual(quality, 0)
     self.assertIsNotNone(error_message)
Esempio n. 4
0
 def password_empty_test(self):
     """Check if quality of an empty password is reported correctly."""
     score, status, quality, error_message = validatePassword("")
     self.assertEqual(score, 0)
     self.assertEqual(status, _(constants.PasswordStatus.EMPTY.value))
     self.assertEqual(quality, 0)
     self.assertIsNotNone(error_message)
     # empty password should override password-too-short messages
     score, status, quality, error_message = validatePassword("", minlen=10)
     self.assertEqual(score, 0)
     self.assertEqual(status, _(constants.PasswordStatus.EMPTY.value))
     self.assertEqual(quality, 0)
     self.assertIsNotNone(error_message)
Esempio n. 5
0
    def _updatePwQuality(self):
        """This method updates the password indicators according
        to the password entered by the user.
        """
        pwtext = self.pw.get_text()
        username = self.username.get_text()

        # Reset the counters used for the "press Done twice" logic
        self._waiveStrengthClicks = 0
        self._waiveASCIIClicks = 0

        self._pwq_valid, strength, self._pwq_error = validatePassword(pwtext, username)

        if not pwtext:
            val = 0
        elif strength < 50:
            val = 1
        elif strength < 75:
            val = 2
        elif strength < 90:
            val = 3
        else:
            val = 4
        text = _(PASSWORD_STRENGTH_DESC[val])

        self.pw_bar.set_value(val)
        self.pw_label.set_text(text)
Esempio n. 6
0
    def prompt(self, entry=None):
        if not entry:
            return None

        if entry.aux == self.PASSWORD:
            pw = self._app.raw_input(_("%s: ") % entry.title, hidden=True)
            confirm = self._app.raw_input(_("%s (confirm): ") % entry.title, hidden=True)

            if (pw and not confirm) or (confirm and not pw):
                print(_("You must enter your root password and confirm it by typing"
                        " it a second time to continue."))
                return None
            if (pw != confirm):
                print(_(PASSWORD_CONFIRM_ERROR_TUI))
                return None

            # If an empty password was provided, unset the value
            if not pw:
                self.value = ""
                return None

            valid, strength, message = validatePassword(pw, user=None, minlen=self.policy.minlen)

            if not valid:
                print(message)
                return None

            if strength < self.policy.minquality:
                if self.policy.strict:
                    done_msg = ""
                else:
                    done_msg = _("\nWould you like to use it anyway?")

                if message:
                    error = _(PASSWORD_WEAK_WITH_ERROR) % message + " " + done_msg
                else:
                    error = _(PASSWORD_WEAK) % done_msg

                if not self.policy.strict:
                    question_window = YesNoDialog(self._app, error)
                    self._app.switch_screen_modal(question_window)
                    if not question_window.answer:
                        return None
                else:
                    print(error)
                    return None

            if any(char not in PW_ASCII_CHARS for char in pw):
                print(_("You have provided a password containing non-ASCII characters.\n"
                        "You may not be able to switch between keyboard layouts to login.\n"))

            self.value = cryptPassword(pw)
            return None
        else:
            return tui.Prompt(_("Enter a new value for '%(title)s' and press %(enter)s") % {
                # TRANSLATORS: 'title' as a title of the entry
                "title": entry.title,
                # TRANSLATORS: 'enter' as the key ENTER
                "enter": tui.Prompt.ENTER
            })
Esempio n. 7
0
    def _validatePassword(self):
        # Do various steps to validate the password
        # sets self._error to an error string
        # Return True if valid, False otherwise
        self._error = False
        pw = self.pw.get_text()
        confirm = self.confirm.get_text()

        if not pw and not confirm:
            if self._kickstarted:
                return True
            else:
                self._error = _("You must provide and confirm a password.")
                return False

        try:
            self._error = validatePassword(pw, confirm)
        except PWQError as (e, msg):
            if pw == self._oldweak:
                # We got a second attempt with the same weak password
                pass
            else:
                self._error = _("You have provided a weak password: %s. "
                                " Press Done again to use anyway.") % msg
                self._oldweak = pw
                return False
Esempio n. 8
0
    def prompt(self, entry):
        if entry.aux == self.PASSWORD:
            pw = self._app.raw_input(_("%s: ") % entry.title, hidden=True)
            confirm = self._app.raw_input(_("%s (confirm): ") % entry.title,
                                          hidden=True)
            error = None
            # just returning an error is either blank or mismatched
            # passwords.  Raising is because of poor quality.
            try:
                error = validatePassword(pw, confirm)
                if error:
                    print(error)
                    return None
                strength = checkPassword(pw)
                if strength < 50:
                    raise PWQError("The password you have provided is weak.")
            except PWQError as e:
                error = _("You have provided a weak password: %s. " %
                          e.message)
                error += _("\nWould you like to use it anyway?")
                question_window = YesNoDialog(self._app, error)
                self._app.switch_screen_modal(question_window)
                if not question_window.answer:
                    return None

            self.value = cryptPassword(pw)
            return None
        else:
            return _(
                "Enter new value for '%s' and press enter\n") % entry.title
Esempio n. 9
0
    def _validatePassword(self):
        """This method checks the password weakness and
        implements the Press Done twice logic. It is used from
        the on_back_clicked handler.

        It also sets the self._error of the password is not
        sufficient or does not pass the pwquality checks.

        :return: True if the password should be accepted, False otherwise
        :rtype: bool

        """

        # Do various steps to validate the password
        # sets self._error to an error string
        # Return True if valid, False otherwise
        self._error = False
        pw = self.pw.get_text()
        confirm = self.confirm.get_text()

        if not pw and not confirm:
            self._error = _("You must provide and confirm a password.")
            return False

        try:
            self._error = validatePassword(pw, confirm)
        except PWQError as (_e, msg):
            if pw == self._oldweak:
                # We got a second attempt with the same weak password
                pass
            else:
                self._error = _("You have provided a weak password: %s. "
                                " Press Done again to use anyway.") % msg
                self._oldweak = pw
                return False
Esempio n. 10
0
    def _validatePassword(self):
        """This method checks the password weakness and
        implements the Press Done twice logic. It is used from
        the on_back_clicked handler.

        It also sets the self._error of the password is not
        sufficient or does not pass the pwquality checks.

        :return: True if the password should be accepted, False otherwise
        :rtype: bool

        """

        # Do various steps to validate the password
        # sets self._error to an error string
        # Return True if valid, False otherwise
        self._error = False
        pw = self.pw.get_text()
        confirm = self.confirm.get_text()

        if not pw and not confirm:
            self._error = _("You must provide and confirm a password.")
            return False

        try:
            self._error = validatePassword(pw, confirm)
        except PWQError as (_e, msg):
            if pw == self._oldweak:
                # We got a second attempt with the same weak password
                pass
            else:
                self._error = _("You have provided a weak password: %s. "
                                " Press Done again to use anyway.") % msg
                self._oldweak = pw
                return False
Esempio n. 11
0
    def _updatePwQuality(self, editable=None, data=None):
        """Update the password quality information.

           This function is called by the ::changed signal handler on the
           password field.
        """

        pwtext = self.pw.get_text()

        # Reset the counter used for the "press Done twice" logic
        self._waivePasswordClicks = 0

        self._pwq_valid, strength, self._pwq_error = validatePassword(
            pwtext, "root")

        if not pwtext:
            val = 0
        elif strength < 50:
            val = 1
        elif strength < 75:
            val = 2
        elif strength < 90:
            val = 3
        else:
            val = 4
        text = _(PASSWORD_STRENGTH_DESC[val])

        self.pw_bar.set_value(val)
        self.pw_label.set_text(text)
Esempio n. 12
0
    def _updatePwQuality(self):
        """This method updates the password indicators according
        to the password entered by the user.
        """
        pwtext = self.pw.get_text()
        username = self.username.get_text()

        # Reset the counters used for the "press Done twice" logic
        self._waiveStrengthClicks = 0
        self._waiveASCIIClicks = 0

        self._pwq_valid, strength, self._pwq_error = validatePassword(
            pwtext, username)

        if not pwtext:
            val = 0
        elif strength < 50:
            val = 1
        elif strength < 75:
            val = 2
        elif strength < 90:
            val = 3
        else:
            val = 4
        text = _(PASSWORD_STRENGTH_DESC[val])

        self.pw_bar.set_value(val)
        self.pw_label.set_text(text)
Esempio n. 13
0
    def _validatePassword(self):
        # Do various steps to validate the password
        # sets self._error to an error string
        # Return True if valid, False otherwise
        self._error = False
        pw = self.pw.get_text()
        confirm = self.confirm.get_text()

        if not pw and not confirm:
            if self._kickstarted:
                return True
            else:
                self._error = _("You must provide and confirm a password.")
                return False

        try:
            self._error = validatePassword(pw, confirm)
        except PWQError as (e, msg):
            if pw == self._oldweak:
                # We got a second attempt with the same weak password
                pass
            else:
                self._error = _("You have provided a weak password: %s. "
                                " Press Done again to use anyway.") % msg
                self._oldweak = pw
                return False
Esempio n. 14
0
    def prompt(self, entry=None):
        if not entry:
            return None

        if entry.aux == self.PASSWORD:
            pw = self._app.raw_input(_("%s: ") % entry.title, hidden=True)
            confirm = self._app.raw_input(_("%s (confirm): ") % entry.title, hidden=True)

            if (pw and not confirm) or (confirm and not pw):
                print(_("You must enter your root password and confirm it by typing" " it a second time to continue."))
                return None
            if pw != confirm:
                print(_(PASSWORD_CONFIRM_ERROR_TUI))
                return None

            valid, strength, message = validatePassword(pw, user=None)

            if not valid:
                print(message)
                return None

            if strength < 50:
                if message:
                    error = _("You have provided a weak password: %s\n" "Would you like to use it anyway?") % message
                else:
                    error = _("You have provided a weak password.\n" "Would you like to use it anyway?")
                question_window = YesNoDialog(self._app, error)
                self._app.switch_screen_modal(question_window)
                if not question_window.answer:
                    return None

            self.value = cryptPassword(pw)
            return None
        else:
            return _("Enter new value for '%s' and press enter\n") % entry.title
    def _updatePwQuality(self):
        """Update the password quality information.

           This function is called by the ::changed signal handler on the
           password field.
        """

        pwtext = self.pw.get_text()

        # Reset the counters used for the "press Done twice" logic
        self._waiveStrengthClicks = 0
        self._waiveASCIIClicks = 0

        self._pwq_valid, strength, self._pwq_error = validatePassword(pwtext, "root", minlen=self.policy.minlen)

        if not pwtext:
            val = 0
        elif strength < 50:
            val = 1
        elif strength < 75:
            val = 2
        elif strength < 90:
            val = 3
        else:
            val = 4
        text = _(PASSWORD_STRENGTH_DESC[val])

        self.pw_bar.set_value(val)
        self.pw_label.set_text(text)
Esempio n. 16
0
    def prompt(self, entry=None):
        if not entry:
            return None

        if entry.aux == self.PASSWORD:
            pw = self._app.raw_input(_("%s: ") % entry.title, hidden=True)
            confirm = self._app.raw_input(_("%s (confirm): ") % entry.title, hidden=True)

            if (pw and not confirm) or (confirm and not pw):
                print(_("You must enter your root password and confirm it by typing" " it a second time to continue."))
                return None
            if pw != confirm:
                print(_(PASSWORD_CONFIRM_ERROR_TUI))
                return None

            # If an empty password was provided, unset the value
            if not pw:
                self.value = ""
                return None

            valid, strength, message = validatePassword(pw, user=None, minlen=self.policy.minlen)

            if not valid:
                print(message)
                return None

            if strength < self.policy.minquality:
                if self.policy.strict:
                    done_msg = ""
                else:
                    done_msg = _("\nWould you like to use it anyway?")

                if message:
                    error = _(PASSWORD_WEAK_WITH_ERROR) % message + " " + done_msg
                else:
                    error = _(PASSWORD_WEAK) % done_msg

                if not self.policy.strict:
                    question_window = YesNoDialog(self._app, error)
                    self._app.switch_screen_modal(question_window)
                    if not question_window.answer:
                        return None
                else:
                    print(error)
                    return None

            if any(char not in PW_ASCII_CHARS for char in pw):
                print(
                    _(
                        "You have provided a password containing non-ASCII characters.\n"
                        "You may not be able to switch between keyboard layouts to login.\n"
                    )
                )

            self.value = cryptPassword(pw)
            return None
        else:
            return _("Enter a new value for '%s' and press <Enter>\n") % entry.title
Esempio n. 17
0
    def password_length_test(self):
        """Check if minimal password length is checked properly."""
        # first check if the default minimal password length is checked correctly
        # (should be 6 characters at the moment)
        score, status, _quality, _error_message = validatePassword("123")
        self.assertEqual(score, 0)
        self.assertEqual(_(status), _(constants.PasswordStatus.TOO_SHORT.value))
        score, status, _quality, _error_message = validatePassword("123456")
        self.assertEqual(score, 1)
        self.assertEqual(_(status), _(constants.PasswordStatus.WEAK.value))

        # check if setting password length works correctly
        score, status, _quality, _error_message = validatePassword("12345", minlen=10)
        self.assertEqual(score, 0)
        self.assertEqual(status, _(constants.PasswordStatus.TOO_SHORT.value))
        score, status, _quality, _error_message = validatePassword("1234567891", minlen=10)
        self.assertGreater(score, 0)
        self.assertNotEqual(status, _(constants.PasswordStatus.TOO_SHORT.value))
Esempio n. 18
0
    def _checkPasswordStrength(self, inputcheck):
        """Update the error message based on password strength.

           The password strength has already been checked in _updatePwQuality, called
           previously in the signal chain. This method converts the data set from there
           into an error message.

           The password strength check can be waived by pressing "Done" twice. This
           is controlled through the self._waiveStrengthClicks counter. The counter
           is set in on_back_clicked, which also re-runs this check manually.
         """

        # Skip the check if no password is required
        if (not self.usepassword.get_active()) or \
                ((not self.pw.get_text()) and (self._user.password_kickstarted)):
            return InputCheck.CHECK_OK

        # Check for validity errors
        # pw score == 0 & errors from libpwquality
        # - ignore if the strict flag in the password policy == False
        if not self._pw_score and self._pw_error_message and self.policy.strict:
            return self._pw_error_message

        # use strength from policy, not bars
        pw = self.pw.get_text()
        username = self.username.get_text()
        _pw_score, _status_text, pw_quality, _error_message = validatePassword(
            pw,
            username,
            minlen=self.policy.minlen,
            empty_ok=self.policy.emptyok)
        if pw_quality < self.policy.minquality:
            # If Done has been clicked twice, waive the check
            if self._waiveStrengthClicks > 1:
                return InputCheck.CHECK_OK
            elif self._waiveStrengthClicks == 1:
                if self._pw_error_message:
                    return _(PASSWORD_WEAK_CONFIRM_WITH_ERROR
                             ) % self._pw_error_message
                else:
                    return _(PASSWORD_WEAK_CONFIRM)
            else:
                # non-strict allows done to be clicked twice
                if self.policy.strict:
                    done_msg = ""
                else:
                    done_msg = _(PASSWORD_DONE_TWICE)

                if self._pw_error_message:
                    return _(PASSWORD_WEAK_WITH_ERROR
                             ) % self._pw_error_message + " " + done_msg
                else:
                    return _(PASSWORD_WEAK) % done_msg
        else:
            return InputCheck.CHECK_OK
Esempio n. 19
0
    def password_length_test(self):
        """Check if minimal password length is checked properly."""
        # first check if the default minimal password length is checked correctly
        # (should be 6 characters at the moment)
        score, status, _quality, _error_message = validatePassword("123")
        self.assertEqual(score, 0)
        self.assertEqual(status, _(constants.PASSWORD_STATUS_TOO_SHORT))
        score, status, _quality, _error_message = validatePassword("123456")
        self.assertGreater(score, 0)
        self.assertNotEqual(status, _(constants.PASSWORD_STATUS_EMPTY))
        self.assertNotEqual(status, _(constants.PASSWORD_STATUS_TOO_SHORT))

        # check if setting password length works correctly
        score, status, _quality, _error_message = validatePassword("12345",
                                                                   minlen=10)
        self.assertEqual(score, 0)
        self.assertEqual(status, _(constants.PASSWORD_STATUS_TOO_SHORT))
        score, status, _quality, _error_message = validatePassword(
            "1234567891", minlen=10)
        self.assertGreater(score, 0)
        self.assertNotEqual(status, _(constants.PASSWORD_STATUS_TOO_SHORT))
Esempio n. 20
0
    def check_user_password_strength(self, inputcheck):
        """Update the error message based on password strength.

           The password strength check can be waived by pressing "Done" twice. This
           is controlled through the self.waive_clicks counter. The counter
           is set in on_back_clicked, which also re-runs this check manually.
         """
        pw = self.input

        # Don't run any check if the password is empty - there is a dedicated check for that
        if not pw:
            return InputCheck.CHECK_OK

        # determine the password strength
        # pylint: disable=no-member
        pw_check_result = validatePassword(pw,
                                           self.input_username,
                                           minlen=self.policy.minlen,
                                           empty_ok=self.policy.emptyok)
        pw_score, status_text, pw_quality, error_message = pw_check_result
        self.set_input_score(pw_score)
        self.set_input_status(status_text)

        # Skip the check if no password is required
        if not self.input_enabled or self.input_kickstarted:
            return InputCheck.CHECK_OK

        # pylint: disable=no-member
        if pw_quality < self.policy.minquality or not pw_score or not pw:
            # If Done has been clicked twice, waive the check
            if self.waive_clicks > 1:
                return InputCheck.CHECK_OK
            elif self.waive_clicks == 1:
                if error_message:
                    return _(constants.PASSWORD_WEAK_CONFIRM_WITH_ERROR
                             ) % error_message
                else:
                    return _(constants.PASSWORD_WEAK_CONFIRM)
            else:
                # non-strict allows done to be clicked twice
                # pylint: disable=no-member
                if self.policy.strict:
                    done_msg = ""
                else:
                    done_msg = _(constants.PASSWORD_DONE_TWICE)

                if error_message:
                    return _(constants.PASSWORD_WEAK_WITH_ERROR
                             ) % error_message + " " + done_msg
                else:
                    return _(constants.PASSWORD_WEAK) % done_msg
        else:
            return InputCheck.CHECK_OK
Esempio n. 21
0
    def _checkPasswordStrength(self, inputcheck):
        """Update the error message based on password strength.

           The password strength check can be waived by pressing "Done" twice. This
           is controlled through the self._waiveStrengthClicks counter. The counter
           is set in on_back_clicked, which also re-runs this check manually.
         """

        # Skip the check if no password is required
        if not self.usepassword.get_active or self._password_kickstarted:
            return InputCheck.CHECK_OK

        # If the password is empty, clear the strength bar and skip this check
        pw = self.pw.get_text()
        if not pw:
            self._updatePwQuality(True, 0)
            return InputCheck.CHECK_OK

        # determine the password strength
        username = self.username.get_text()
        valid, pwstrength, error = validatePassword(pw,
                                                    username,
                                                    minlen=self.policy.minlen)

        # set the strength bar
        self._updatePwQuality(False, pwstrength)

        # If the password failed the validity check, fail this check
        if not valid and error:
            return error

        if pwstrength < self.policy.minquality:
            # If Done has been clicked twice, waive the check
            if self._waiveStrengthClicks > 1:
                return InputCheck.CHECK_OK
            elif self._waiveStrengthClicks == 1:
                if error:
                    return _(PASSWORD_WEAK_CONFIRM_WITH_ERROR) % error
                else:
                    return _(PASSWORD_WEAK_CONFIRM)
            else:
                # non-strict allows done to be clicked twice
                if self.policy.strict:
                    done_msg = ""
                else:
                    done_msg = _(PASSWORD_DONE_TWICE)

                if error:
                    return _(PASSWORD_WEAK_WITH_ERROR) % error + " " + done_msg
                else:
                    return _(PASSWORD_WEAK) % done_msg
        else:
            return InputCheck.CHECK_OK
Esempio n. 22
0
    def _checkPasswordStrength(self, inputcheck):
        """Update the error message based on password strength.

           Update the password strength bar and set an error message.
        """

        pw = self.pw.get_text()
        confirm = self.confirm.get_text()

        # Skip the check if no password is required
        if self._kickstarted:
            return InputCheck.CHECK_OK

        # If the password is empty, clear the strength bar and skip this check
        if self.lock.get_active() or (not pw and not confirm):
            self._updatePwQuality(True, 0)
            return InputCheck.CHECK_OK

        # determine the password strength
        valid, pwstrength, error = validatePassword(pw,
                                                    "root",
                                                    minlen=self.policy.minlen)

        # set the strength bar
        self._updatePwQuality(False, pwstrength)

        # If the password failed the validity check, fail this check
        if not valid and error:
            return error

        if pwstrength < self.policy.minquality:
            # If Done has been clicked twice, waive the check
            if self._waiveStrengthClicks > 1:
                return InputCheck.CHECK_OK
            elif self._waiveStrengthClicks == 1:
                if error:
                    return _(PASSWORD_WEAK_CONFIRM_WITH_ERROR) % error
                else:
                    return _(PASSWORD_WEAK_CONFIRM)
            else:
                # non-strict allows done to be clicked twice
                if self.policy.strict:
                    done_msg = ""
                else:
                    done_msg = _(PASSWORD_DONE_TWICE)

                if error:
                    return _(PASSWORD_WEAK_WITH_ERROR) % error + " " + done_msg
                else:
                    return _(PASSWORD_WEAK) % done_msg
        else:
            return InputCheck.CHECK_OK
Esempio n. 23
0
    def check_user_password_strength(self, inputcheck):
        """Update the error message based on password strength.

           The password strength check can be waived by pressing "Done" twice. This
           is controlled through the self.waive_clicks counter. The counter
           is set in on_back_clicked, which also re-runs this check manually.
         """
        pw = self.input

        # Don't run any check if the password is empty - there is a dedicated check for that
        if not pw:
            return InputCheck.CHECK_OK

        # determine the password strength
        # pylint: disable=no-member
        pw_check_result = validatePassword(pw,
                                           self.input_username,
                                           minlen=self.policy.minlen,
                                           empty_ok=self.policy.emptyok)
        pw_score, status_text, pw_quality, error_message = pw_check_result
        self.set_input_score(pw_score)
        self.set_input_status(status_text)

        # Skip the check if no password is required
        if not self.input_enabled or self.input_kickstarted:
            return InputCheck.CHECK_OK

        # pylint: disable=no-member
        if pw_quality < self.policy.minquality or not pw_score or not pw:
            # If Done has been clicked twice, waive the check
            if self.waive_clicks > 1:
                return InputCheck.CHECK_OK
            elif self.waive_clicks == 1:
                if error_message:
                    return _(constants.PASSWORD_WEAK_CONFIRM_WITH_ERROR) % error_message
                else:
                    return _(constants.PASSWORD_WEAK_CONFIRM)
            else:
                # non-strict allows done to be clicked twice
                # pylint: disable=no-member
                if self.policy.strict:
                    done_msg = ""
                else:
                    done_msg = _(constants.PASSWORD_DONE_TWICE)

                if error_message:
                    return _(constants.PASSWORD_WEAK_WITH_ERROR) % error_message + " " + done_msg
                else:
                    return _(constants.PASSWORD_WEAK) % done_msg
        else:
            return InputCheck.CHECK_OK
Esempio n. 24
0
    def _checkPasswordStrength(self, inputcheck):
        """Update the error message based on password strength.

           The password strength check can be waived by pressing "Done" twice. This
           is controlled through the self._waiveStrengthClicks counter. The counter
           is set in on_back_clicked, which also re-runs this check manually.
         """

        # Skip the check if no password is required
        if not self.usepassword.get_active or self._password_kickstarted:
            return InputCheck.CHECK_OK

        # If the password is empty, clear the strength bar and skip this check
        pw = self.pw.get_text()
        if not pw:
            self._updatePwQuality(True, 0)
            return InputCheck.CHECK_OK

        # determine the password strength
        username = self.username.get_text()
        valid, pwstrength, error = validatePassword(pw, username, minlen=self.policy.minlen)

        # set the strength bar
        self._updatePwQuality(False, pwstrength)

        # If the password failed the validity check, fail this check
        if not valid and error:
            return error

        if pwstrength < self.policy.minquality:
            # If Done has been clicked twice, waive the check
            if self._waiveStrengthClicks > 1:
                return InputCheck.CHECK_OK
            elif self._waiveStrengthClicks == 1:
                if error:
                    return _(PASSWORD_WEAK_CONFIRM_WITH_ERROR) % error
                else:
                    return _(PASSWORD_WEAK_CONFIRM)
            else:
                # non-strict allows done to be clicked twice
                if self.policy.strict:
                    done_msg = ""
                else:
                    done_msg = _(PASSWORD_DONE_TWICE)

                if error:
                    return _(PASSWORD_WEAK_WITH_ERROR) % error + " " + done_msg
                else:
                    return _(PASSWORD_WEAK) % done_msg
        else:
            return InputCheck.CHECK_OK
Esempio n. 25
0
    def _checkPasswordStrength(self, inputcheck):
        """Update the error message based on password strength.

           Convert the strength set by _updatePwQuality into an error message.
        """

        pw = self.pw.get_text()
        confirm = self.confirm.get_text()

        # Skip the check if no password is required
        if (not pw and not confirm) and self._kickstarted:
            return InputCheck.CHECK_OK

        # Check for validity errors
        # pw score == 0 & errors from libpwquality
        # - ignore if the strict flag in the password policy == False
        if not self._pw_score and self._pw_error_message and self.policy.strict:
            return self._pw_error_message

        # use strength from policy, not bars
        _pw_score, _status_text, pw_quality, _error_message = validatePassword(
            pw,
            "root",
            minlen=self.policy.minlen,
            empty_ok=self.policy.emptyok)

        if pw_quality < self.policy.minquality:
            # If Done has been clicked twice, waive the check
            if self._waiveStrengthClicks > 1:
                return InputCheck.CHECK_OK
            elif self._waiveStrengthClicks == 1:
                if self._pw_error_message:
                    return _(PASSWORD_WEAK_CONFIRM_WITH_ERROR
                             ) % self._pw_error_message
                else:
                    return _(PASSWORD_WEAK_CONFIRM)
            else:
                # non-strict allows done to be clicked twice
                if self.policy.strict:
                    done_msg = ""
                else:
                    done_msg = _(PASSWORD_DONE_TWICE)

                if self._pw_error_message:
                    return _(PASSWORD_WEAK_WITH_ERROR
                             ) % self._pw_error_message + " " + done_msg
                else:
                    return _(PASSWORD_WEAK) % done_msg
        else:
            return InputCheck.CHECK_OK
Esempio n. 26
0
    def _checkPasswordStrength(self, inputcheck):
        """Update the error message based on password strength.

           Update the password strength bar and set an error message.
        """

        pw = self.pw.get_text()
        confirm = self.confirm.get_text()

        # Skip the check if no password is required
        if self._kickstarted:
            return InputCheck.CHECK_OK

        # If the password is empty, clear the strength bar and skip this check
        if not pw and not confirm:
            self._updatePwQuality(True, 0)
            return InputCheck.CHECK_OK

        # determine the password strength
        valid, pwstrength, error = validatePassword(pw, "root", minlen=self.policy.minlen)

        # set the strength bar
        self._updatePwQuality(False, pwstrength)

        # If the password failed the validity check, fail this check
        if not valid and error:
            return error

        if pwstrength < self.policy.minquality:
            # If Done has been clicked twice, waive the check
            if self._waiveStrengthClicks > 1:
                return InputCheck.CHECK_OK
            elif self._waiveStrengthClicks == 1:
                if error:
                    return _(PASSWORD_WEAK_CONFIRM_WITH_ERROR) % error
                else:
                    return _(PASSWORD_WEAK_CONFIRM)
            else:
                # non-strict allows done to be clicked twice
                if self.policy.strict:
                    done_msg = ""
                else:
                    done_msg = _(PASSWORD_DONE_TWICE)

                if error:
                    return _(PASSWORD_WEAK_WITH_ERROR) % error + " " + done_msg
                else:
                    return _(PASSWORD_WEAK) % done_msg
        else:
            return InputCheck.CHECK_OK
Esempio n. 27
0
    def _checkPasswordStrength(self, inputcheck):
        """Update the error message based on password strength.

           The password strength has already been checked in _updatePwQuality, called
           previously in the signal chain. This method converts the data set from there
           into an error message.

           The password strength check can be waived by pressing "Done" twice. This
           is controlled through the self._waiveStrengthClicks counter. The counter
           is set in on_back_clicked, which also re-runs this check manually.
         """

        # Skip the check if no password is required
        if (not self.usepassword.get_active()) or \
                ((not self.pw.get_text()) and (self._user.password_kickstarted)):
            return InputCheck.CHECK_OK

        # If the password failed the validity check, fail this check
        if (not self._pwq_valid) and (self._pwq_error):
            return self._pwq_error

        # use strength from policy, not bars
        pw = self.pw.get_text()
        username = self.username.get_text()
        _valid, pwstrength, _error = validatePassword(pw, username, minlen=self.policy.minlen)

        if pwstrength < self.policy.minquality:
            # If Done has been clicked twice, waive the check
            if self._waiveStrengthClicks > 1:
                return InputCheck.CHECK_OK
            elif self._waiveStrengthClicks == 1:
                if self._pwq_error:
                    return _(PASSWORD_WEAK_CONFIRM_WITH_ERROR) % self._pwq_error
                else:
                    return _(PASSWORD_WEAK_CONFIRM)
            else:
                # non-strict allows done to be clicked twice
                if self.policy.strict:
                    done_msg = ""
                else:
                    done_msg = _(PASSWORD_DONE_TWICE)

                if self._pwq_error:
                    return _(PASSWORD_WEAK_WITH_ERROR) % self._pwq_error + " " + done_msg
                else:
                    return _(PASSWORD_WEAK) % done_msg
        else:
            return InputCheck.CHECK_OK
Esempio n. 28
0
    def _validate_password(self, password, confirm):
        """Validate and process user password."""
        if (password and not confirm) or (confirm and not password):
            self._report(_("You must enter your root password and confirm it by typing"
                           " it a second time to continue."))
            return None
        if password != confirm:
            self._report(_(PASSWORD_CONFIRM_ERROR_TUI))
            return None

        # If an empty password was provided, unset the value
        if not password:
            return ""

        pw_score, _status_text, pw_quality, error_message = validatePassword(password,
                                                                             user=None,
                                                                             minlen=self._policy.minlen)

        # if the score is equal to 0 and we have an error message set
        if not pw_score and error_message:
            self._report(error_message)
            return None

        if pw_quality < self._policy.minquality:
            if self._policy.strict:
                done_msg = ""
            else:
                done_msg = _("\nWould you like to use it anyway?")

            if error_message:
                error = _(PASSWORD_WEAK_WITH_ERROR) % error_message + " " + done_msg
            else:
                error = _(PASSWORD_WEAK) % done_msg

            if not self._policy.strict:
                question_window = YesNoDialog(error)
                ScreenHandler.push_screen_modal(question_window)
                if not question_window.answer:
                    return None
            else:
                self._report(error)
                return None

        if any(char not in PW_ASCII_CHARS for char in password):
            self._report(_("You have provided a password containing non-ASCII characters.\n"
                           "You may not be able to switch between keyboard layouts to login.\n"))

        return cryptPassword(password)
Esempio n. 29
0
    def _checkPasswordStrength(self, inputcheck):
        """Update the error message based on password strength.

           Convert the strength set by _updatePwQuality into an error message.
        """

        pw = self.pw.get_text()
        confirm = self.confirm.get_text()

        # Skip the check if no password is required
        if (not pw and not confirm) and self._kickstarted:
            return InputCheck.CHECK_OK

        # Check for validity errors
        if (not self._pwq_valid) and (self._pwq_error):
            return self._pwq_error

        # use strength from policy, not bars
        _valid, pwstrength, _error = validatePassword(
            pw, "root", minlen=self.policy.minlen)

        if pwstrength < self.policy.minquality:
            # If Done has been clicked twice, waive the check
            if self._waiveStrengthClicks > 1:
                return InputCheck.CHECK_OK
            elif self._waiveStrengthClicks == 1:
                if self._pwq_error:
                    return _(
                        PASSWORD_WEAK_CONFIRM_WITH_ERROR) % self._pwq_error
                else:
                    return _(PASSWORD_WEAK_CONFIRM)
            else:
                # non-strict allows done to be clicked twice
                if self.policy.strict:
                    done_msg = ""
                else:
                    done_msg = _(PASSWORD_DONE_TWICE)

                if self._pwq_error:
                    return _(PASSWORD_WEAK_WITH_ERROR
                             ) % self._pwq_error + " " + done_msg
                else:
                    return _(PASSWORD_WEAK) % done_msg
        else:
            return InputCheck.CHECK_OK
Esempio n. 30
0
    def _updatePwQuality(self):
        """This method updates the password indicators according
        to the password entered by the user.
        """
        pwtext = self.pw.get_text()
        username = self.username.get_text()

        # Reset the counters used for the "press Done twice" logic
        self._waiveStrengthClicks = 0
        self._waiveASCIIClicks = 0

        self._pw_score, status_text, _pw_quality, self._pw_error_message = validatePassword(
            pwtext,
            username,
            minlen=self.policy.minlen,
            empty_ok=self.policy.emptyok)
        self.pw_bar.set_value(self._pw_score)
        self.pw_label.set_text(status_text)
    def _checkPasswordStrength(self, inputcheck):
        """Update the error message based on password strength.

           Convert the strength set by _updatePwQuality into an error message.
        """

        pw = self.pw.get_text()
        confirm = self.confirm.get_text()

        # Skip the check if no password is required
        if (not pw and not confirm) and self._kickstarted:
            return InputCheck.CHECK_OK

        # Check for validity errors
        if (not self._pwq_valid) and (self._pwq_error):
            return self._pwq_error

        # use strength from policy, not bars
        _valid, pwstrength, _error = validatePassword(pw, "root", minlen=self.policy.minlen)

        if pwstrength < self.policy.minquality:
            # If Done has been clicked twice, waive the check
            if self._waiveStrengthClicks > 1:
                return InputCheck.CHECK_OK
            elif self._waiveStrengthClicks == 1:
                if self._pwq_error:
                    return _(PASSWORD_WEAK_CONFIRM_WITH_ERROR) % self._pwq_error
                else:
                    return _(PASSWORD_WEAK_CONFIRM)
            else:
                # non-strict allows done to be clicked twice
                if self.policy.strict:
                    done_msg = ""
                else:
                    done_msg = _(PASSWORD_DONE_TWICE)

                if self._pwq_error:
                    return _(PASSWORD_WEAK_WITH_ERROR) % self._pwq_error + " " + done_msg
                else:
                    return _(PASSWORD_WEAK) % done_msg
        else:
            return InputCheck.CHECK_OK
Esempio n. 32
0
    def _updatePwQuality(self, editable=None, data=None):
        """Update the password quality information.

           This function is called by the ::changed signal handler on the
           password field.
        """

        pwtext = self.pw.get_text()

        # Reset the counters used for the "press Done twice" logic
        self._waiveStrengthClicks = 0
        self._waiveASCIIClicks = 0

        self._pw_score, status_text, _pw_quality, self._pw_error_message = validatePassword(
            pwtext,
            "root",
            minlen=self.policy.minlen,
            empty_ok=self.policy.emptyok)
        self.pw_bar.set_value(self._pw_score)
        self.pw_label.set_text(status_text)
Esempio n. 33
0
    def prompt(self, entry=None):
        if not entry:
            return None

        if entry.aux == self.PASSWORD:
            pw = self._app.raw_input(_("%s: ") % entry.title, hidden=True)
            confirm = self._app.raw_input(_("%s (confirm): ") % entry.title,
                                          hidden=True)

            if (pw and not confirm) or (confirm and not pw):
                print(
                    _("You must enter your root password and confirm it by typing"
                      " it a second time to continue."))
                return None
            if (pw != confirm):
                print(_(PASSWORD_CONFIRM_ERROR_TUI))
                return None

            valid, strength, message = validatePassword(pw, user=None)

            if not valid:
                print(message)
                return None

            if strength < 50:
                if message:
                    error = _("You have provided a weak password: %s\n"
                              "Would you like to use it anyway?") % message
                else:
                    error = _("You have provided a weak password.\n"
                              "Would you like to use it anyway?")
                question_window = YesNoDialog(self._app, error)
                self._app.switch_screen_modal(question_window)
                if not question_window.answer:
                    return None

            self.value = cryptPassword(pw)
            return None
        else:
            return _(
                "Enter new value for '%s' and press enter\n") % entry.title
Esempio n. 34
0
    def prompt(self, entry):
        if entry.aux == self.PASSWORD:
            pw = self._app.raw_input(_("%s: ") % entry.title, hidden=True)
            confirm = self._app.raw_input(_("%s (confirm): ") % entry.title, hidden=True)
            error = None
            # just returning an error is either blank or mismatched
            # passwords.  Raising is because of poor quality.
            try:
                error = validatePassword(pw, confirm)
                if error:
                    print(error)
                    return None
            except PWQError as (e, msg):
                error = _("You have provided a weak password: %s. " % msg)
                error += _("\nWould you like to use it anyway?")
                question_window = YesNoDialog(self._app, error)
                self._app.switch_screen_modal(question_window)
                if not question_window.answer:
                    return None

            self.value = pw
            return None
Esempio n. 35
0
    def password_quality_test(self):
        """Check if libpwquality gives reasonable numbers & score is assigned correctly."""
        # " " should give score 0 (<6 chars) & quality 0
        score, status, quality, error_message = validatePassword(" ")
        self.assertEqual(score, 0)
        self.assertEqual(status, _(constants.PasswordStatus.TOO_SHORT.value))
        self.assertEqual(quality, 0)
        self.assertIsNotNone(error_message)

        # "anaconda" is a dictionary word
        score, status, quality, error_message = validatePassword("anaconda")
        self.assertGreater(score, 0)
        self.assertNotEqual(status, _(constants.PasswordStatus.EMPTY.value))
        self.assertNotEqual(status, _(constants.PasswordStatus.TOO_SHORT.value))
        self.assertEqual(quality, 0)
        self.assertIsNotNone(error_message)

        # "jelenovipivonelej" is a palindrome
        score, status, quality, error_message = validatePassword("jelenovipivonelej")
        self.assertGreater(score, 0)
        self.assertNotEqual(status, _(constants.PasswordStatus.EMPTY.value))
        self.assertNotEqual(status, _(constants.PasswordStatus.TOO_SHORT.value))
        self.assertEqual(quality, 0)
        self.assertIsNotNone(error_message)

        # "4naconda-" gives a quality of 27 on RHEL7
        score, status, quality, error_message = validatePassword("4naconda-")
        if ON_RHEL:
            self.assertEqual(score, 1)  # quality < 50
            self.assertEqual(status, _(constants.PasswordStatus.WEAK.value))
            self.assertEqual(quality, 27)
        self.assertIsNone(error_message)

        # "4naconda----" gives a quality of 52 on RHEL7
        score, status, quality, error_message = validatePassword("4naconda----")
        if ON_RHEL:
            self.assertEqual(score, 2)  # quality > 50 & < 75
            self.assertEqual(status, _(constants.PasswordStatus.FAIR.value))
            self.assertEqual(quality, 52)
        self.assertIsNone(error_message)

        # "----4naconda----" gives a quality of 80 on RHEL7
        score, status, quality, error_message = validatePassword("----4naconda----")
        if ON_RHEL:
            self.assertEqual(score, 3)  # quality > 75 & < 90
            self.assertEqual(status, _(constants.PasswordStatus.GOOD.value))
            self.assertEqual(quality, 80)
        self.assertIsNone(error_message)

        # "?----4naconda----?" gives a quality of 100 on RHEL7
        score, status, quality, error_message = validatePassword("?----4naconda----?")
        # this should (hopefully) give quality 100 everywhere
        self.assertEqual(score, 4)  # quality > 90
        self.assertEqual(status, _(constants.PasswordStatus.STRONG.value))
        self.assertEqual(quality, 100)
        self.assertIsNone(error_message)

        # a long enough strong password with minlen set
        score, status, quality, error_message = validatePassword("?----4naconda----?", minlen=10)
        # this should (hopefully) give quality 100 everywhere
        self.assertEqual(score, 4)  # quality > 90
        self.assertEqual(status, _(constants.PasswordStatus.STRONG.value))
        self.assertEqual(quality, 100)
        self.assertIsNone(error_message)

        # minimum password length overrides strong passwords for score and status
        score, status, quality, error_message = validatePassword("?----4naconda----?", minlen=30)
        # this should (hopefully) give quality 100 everywhere
        self.assertEqual(score, 0)  # too short
        self.assertEqual(status, _(constants.PasswordStatus.TOO_SHORT.value))
        self.assertEqual(quality, 100)  # independent on password length
        self.assertIsNone(error_message)
Esempio n. 36
0
    def prompt(self, args=None):
        entry = args
        if not entry:
            return None

        if entry.aux == self.PASSWORD:
            pw = self.get_user_input(_("%s: ") % entry.title, hidden=True)
            confirm = self.get_user_input(_("%s (confirm): ") % entry.title, hidden=True)

            if (pw and not confirm) or (confirm and not pw):
                print(_("You must enter your root password and confirm it by typing"
                        " it a second time to continue."))
                return None
            if pw != confirm:
                print(_(PASSWORD_CONFIRM_ERROR_TUI))
                return None

            # If an empty password was provided, unset the value
            if not pw:
                self.value = ""
                return None

            pw_score, _status_text, pw_quality, error_message = validatePassword(pw, user=None, minlen=self.policy.minlen)

            # if the score is equal to 0 and we have an error message set
            if not pw_score and error_message:
                print(error_message)
                return None

            if pw_quality < self.policy.minquality:
                if self.policy.strict:
                    done_msg = ""
                else:
                    done_msg = _("\nWould you like to use it anyway?")

                if error_message:
                    error = _(PASSWORD_WEAK_WITH_ERROR) % error_message + " " + done_msg
                else:
                    error = _(PASSWORD_WEAK) % done_msg

                if not self.policy.strict:
                    question_window = YesNoDialog(error)
                    ScreenHandler.push_screen_modal(question_window)
                    if not question_window.answer:
                        return None
                else:
                    print(error)
                    return None

            if any(char not in PW_ASCII_CHARS for char in pw):
                print(_("You have provided a password containing non-ASCII characters.\n"
                        "You may not be able to switch between keyboard layouts to login.\n"))

            self.value = cryptPassword(pw)
            return None
        else:
            return Prompt(_("Enter a new value for '%(title)s' and press %(enter)s") % {
                # TRANSLATORS: 'title' as a title of the entry
                "title": entry.title,
                # TRANSLATORS: 'enter' as the key ENTER
                "enter": Prompt.ENTER
            })
Esempio n. 37
0
    def password_quality_test(self):
        """Check if libpwquality gives reasonable numbers & score is assigned correctly."""
        # " " should give score 0 (<6 chars) & quality 0
        score, status, quality, error_message = validatePassword(" ")
        self.assertEqual(score, 0)
        self.assertEqual(status, _(constants.PasswordStatus.TOO_SHORT.value))
        self.assertEqual(quality, 0)
        self.assertIsNotNone(error_message)

        # "anaconda" is a dictionary word
        score, status, quality, error_message = validatePassword("anaconda")
        self.assertGreater(score, 0)
        self.assertNotEqual(status, _(constants.PasswordStatus.EMPTY.value))
        self.assertNotEqual(status,
                            _(constants.PasswordStatus.TOO_SHORT.value))
        self.assertEqual(quality, 0)
        self.assertIsNotNone(error_message)

        # "jelenovipivonelej" is a palindrome
        score, status, quality, error_message = validatePassword(
            "jelenovipivonelej")
        self.assertGreater(score, 0)
        self.assertNotEqual(status, _(constants.PasswordStatus.EMPTY.value))
        self.assertNotEqual(status,
                            _(constants.PasswordStatus.TOO_SHORT.value))
        self.assertEqual(quality, 0)
        self.assertIsNotNone(error_message)

        # "4naconda-" gives a quality of 27 on RHEL7
        score, status, quality, error_message = validatePassword("4naconda-")
        if ON_RHEL:
            self.assertEqual(score, 1)  # quality < 50
            self.assertEqual(status, _(constants.PasswordStatus.WEAK.value))
            self.assertEqual(quality, 27)
        self.assertIsNone(error_message)

        # "4naconda----" gives a quality of 52 on RHEL7
        score, status, quality, error_message = validatePassword(
            "4naconda----")
        if ON_RHEL:
            self.assertEqual(score, 2)  # quality > 50 & < 75
            self.assertEqual(status, _(constants.PasswordStatus.FAIR.value))
            self.assertEqual(quality, 52)
        self.assertIsNone(error_message)

        # "----4naconda----" gives a quality of 80 on RHEL7
        score, status, quality, error_message = validatePassword(
            "----4naconda----")
        if ON_RHEL:
            self.assertEqual(score, 3)  # quality > 75 & < 90
            self.assertEqual(status, _(constants.PasswordStatus.GOOD.value))
            self.assertEqual(quality, 80)
        self.assertIsNone(error_message)

        # "?----4naconda----?" gives a quality of 100 on RHEL7
        score, status, quality, error_message = validatePassword(
            "?----4naconda----?")
        # this should (hopefully) give quality 100 everywhere
        self.assertEqual(score, 4)  # quality > 90
        self.assertEqual(status, _(constants.PasswordStatus.STRONG.value))
        self.assertEqual(quality, 100)
        self.assertIsNone(error_message)

        # a long enough strong password with minlen set
        score, status, quality, error_message = validatePassword(
            "?----4naconda----?", minlen=10)
        # this should (hopefully) give quality 100 everywhere
        self.assertEqual(score, 4)  # quality > 90
        self.assertEqual(status, _(constants.PasswordStatus.STRONG.value))
        self.assertEqual(quality, 100)
        self.assertIsNone(error_message)

        # minimum password length overrides strong passwords for score and status
        score, status, quality, error_message = validatePassword(
            "?----4naconda----?", minlen=30)
        # this should (hopefully) give quality 100 everywhere
        self.assertEqual(score, 0)  # too short
        self.assertEqual(status, _(constants.PasswordStatus.TOO_SHORT.value))
        self.assertEqual(quality, 100)  # independent on password length
        self.assertIsNone(error_message)
Esempio n. 38
0
    def prompt(self, entry=None):
        if not entry:
            return None

        if entry.aux == self.PASSWORD:
            pw = self._app.raw_input(_("%s: ") % entry.title, hidden=True)
            confirm = self._app.raw_input(_("%s (confirm): ") % entry.title,
                                          hidden=True)

            if (pw and not confirm) or (confirm and not pw):
                print(
                    _("You must enter your root password and confirm it by typing"
                      " it a second time to continue."))
                return None
            if (pw != confirm):
                print(_(PASSWORD_CONFIRM_ERROR_TUI))
                return None

            # If an empty password was provided, unset the value
            if not pw:
                self.value = ""
                return None

            pw_score, _status_text, pw_quality, error_message = validatePassword(
                pw, user=None, minlen=self.policy.minlen)

            # if the score is equal to 0 and we have an error message set
            # - ignore if the strict flag in the password policy == False
            if not pw_score and error_message and self.policy.strict:
                print(error_message)
                return None

            if pw_quality < self.policy.minquality:
                if self.policy.strict:
                    done_msg = ""
                else:
                    done_msg = _("\nWould you like to use it anyway?")

                if error_message:
                    error = _(PASSWORD_WEAK_WITH_ERROR
                              ) % error_message + " " + done_msg
                else:
                    error = _(PASSWORD_WEAK) % done_msg

                if not self.policy.strict:
                    question_window = YesNoDialog(self._app, error)
                    self._app.switch_screen_modal(question_window)
                    if not question_window.answer:
                        return None
                else:
                    print(error)
                    return None

            if any(char not in PW_ASCII_CHARS for char in pw):
                print(
                    _("You have provided a password containing non-ASCII characters.\n"
                      "You may not be able to switch between keyboard layouts to login.\n"
                      ))

            self.value = cryptPassword(pw)
            return None
        else:
            return _(
                "Enter new value for '%s' and press enter\n") % entry.title