YunoHost/yunohost
1
0
Fork 0
mirror of https://github.com/YunoHost/yunohost.git synced 2024-09-03 20:06:10 +02:00
Code Issues Projects Releases Packages Wiki Activity

[fix] Be able to redo postinstall after 128+ chars password

Browse source
This commit is contained in:
ljf 2022-07-16 01:12:54 +02:00
parent ee29d2e476
commit fdca9e1041
3 changed files with 26 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
src/tools.py
View file

@ -50,7 +50,7 @@ from yunohost.utils.packages import (
_list_upgradable_apt_packages, _list_upgradable_apt_packages,
ynh_packages_version, ynh_packages_version,
) )
from yunohost.utils.error import YunohostError, YunohostValidationError from yunohost.utils.error import yunohosterror, yunohostvalidationerror
from yunohost.log import is_unit_operation, OperationLogger from yunohost.log import is_unit_operation, OperationLogger
MIGRATIONS_STATE_PATH = "/etc/yunohost/migrations.yaml" MIGRATIONS_STATE_PATH = "/etc/yunohost/migrations.yaml"
@ -77,10 +77,7 @@ def tools_adminpw(new_password, check_strength=True):
if check_strength: if check_strength:
assert_password_is_strong_enough("admin", new_password) assert_password_is_strong_enough("admin", new_password)
# UNIX seems to not like password longer than 127 chars ... assert_password_is_compatible(new_password)
# e.g. SSH login gets broken (or even 'su admin' when entering the password)
if len(new_password) >= 127:
raise YunohostValidationError("admin_password_too_long")
new_hash = _hash_user_password(new_password) new_hash = _hash_user_password(new_password)
@ -226,6 +223,8 @@ def tools_postinstall(
raise YunohostValidationError("postinstall_low_rootfsspace") raise YunohostValidationError("postinstall_low_rootfsspace")
# Check password # Check password
assert_password_is_compatible(password)
if not force_password: if not force_password:
assert_password_is_strong_enough("admin", password) assert_password_is_strong_enough("admin", password)

6
src/user.py
View file

@ -146,7 +146,8 @@ def user_create(
from yunohost.utils.password import assert_password_is_strong_enough from yunohost.utils.password import assert_password_is_strong_enough
from yunohost.utils.ldap import _get_ldap_interface from yunohost.utils.ldap import _get_ldap_interface
# Ensure sufficiently complex password # Ensure compatibility and sufficiently complex password
assert_password_is_compatible(password)
assert_password_is_strong_enough("user", password) assert_password_is_strong_enough("user", password)
# Validate domain used for email address/xmpp account # Validate domain used for email address/xmpp account
@ -414,7 +415,8 @@ def user_update(
change_password = Moulinette.prompt( change_password = Moulinette.prompt(
m18n.n("ask_password"), is_password=True, confirm=True m18n.n("ask_password"), is_password=True, confirm=True
) )
# Ensure sufficiently complex password # Ensure compatibility and sufficiently complex password
assert_password_is_compatible(password)
assert_password_is_strong_enough("user", change_password) assert_password_is_strong_enough("user", change_password)
new_attr_dict["userPassword"] = [_hash_user_password(change_password)] new_attr_dict["userPassword"] = [_hash_user_password(change_password)]

18
src/utils/password.py
View file

@ -47,7 +47,25 @@ STRENGTH_LEVELS = [
] ]
def assert_password_is_compatible(password):
"""
UNIX seems to not like password longer than 127 chars ...
e.g. SSH login gets broken (or even 'su admin' when entering the password)
"""
if len(password) >= 127:
# Note that those imports are made here and can't be put
# on top (at least not the moulinette ones)
# because the moulinette needs to be correctly initialized
# as well as modules available in python's path.
from yunohost.utils.error import YunohostValidationError
raise YunohostValidationError("admin_password_too_long")
def assert_password_is_strong_enough(profile, password): def assert_password_is_strong_enough(profile, password):
PasswordValidator(profile).validate(password) PasswordValidator(profile).validate(password)