YunoHost/yunohost
1
0
Fork 0
mirror of https://github.com/YunoHost/yunohost.git synced 2024-09-03 20:06:10 +02:00
Code Issues Projects Releases Packages Wiki Activity

We aint using that online thing :|

Browse source
This commit is contained in:
Alexandre Aubin 2018-10-25 16:51:40 +00:00
parent 4a1363489a
commit aac9b78c03
1 changed files with 2 additions and 30 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

32
src/yunohost/utils/password.py
View file

@ -30,7 +30,6 @@ PWDDICT_PATH = '/usr/local/share/dict/cracklib/'
SMALL_PWD_LIST = ["yunohost", "olinuxino", "olinux", "raspberry", "admin", SMALL_PWD_LIST = ["yunohost", "olinuxino", "olinux", "raspberry", "admin",
"root", "test", "rpi"] "root", "test", "rpi"]
PWD_LIST_FILE = '100000-most-used' PWD_LIST_FILE = '100000-most-used'
ACTIVATE_ONLINE_PWNED_LIST = False
class PasswordValidator(object): class PasswordValidator(object):
""" """
@ -55,7 +54,7 @@ class PasswordValidator(object):
if self.validation_strength <= 0: if self.validation_strength <= 0:
return ("success", "") return ("success", "")
self.strength = self.compute(password, ACTIVATE_ONLINE_PWNED_LIST) self.strength = self.compute(password)
if self.strength < self.validation_strength: if self.strength < self.validation_strength:
if self.listed: if self.listed:
return ("error", "password_listed_" + str(self.validation_strength)) return ("error", "password_listed_" + str(self.validation_strength))
@ -66,7 +65,7 @@ class PasswordValidator(object):
return ("warning", 'password_advice') return ("warning", 'password_advice')
return ("success", "") return ("success", "")
def compute(self, password, online=False): def compute(self, password):
# Indicators # Indicators
length = len(password) length = len(password)
digits = 0 digits = 0
@ -92,10 +91,6 @@ class PasswordValidator(object):
# Check big list # Check big list
size_list = 100000 size_list = 100000
if unlisted > 0 and not self.is_in_cracklib_list(password, PWD_LIST_FILE): if unlisted > 0 and not self.is_in_cracklib_list(password, PWD_LIST_FILE):
unlisted = size_list if online else 320000000
# Check online big list
if unlisted > size_list and online and not self.is_in_online_pwned_list(password):
unlisted = 320000000 unlisted = 320000000
self.listed = unlisted < 320000000 self.listed = unlisted < 320000000
@ -112,29 +107,6 @@ class PasswordValidator(object):
strength = i + 1 strength = i + 1
return strength return strength
def is_in_online_pwned_list(self, password, silent=True):
"""
Check if a password is in the list of breached passwords from
haveibeenpwned.com
"""
from hashlib import sha1
import requests
hash = sha1(password).hexdigest()
range = hash[:5]
needle = (hash[5:].upper())
try:
hash_list =requests.get('https://api.pwnedpasswords.com/range/' +
range, timeout=30)
except e:
if not silent:
raise
else:
if hash_list.find(needle) != -1:
return True
return False
def is_in_cracklib_list(self, password, pwd_dict): def is_in_cracklib_list(self, password, pwd_dict):
try: try:
cracklib.VeryFascistCheck(password, None, cracklib.VeryFascistCheck(password, None,