Include accountname in totp url

[mirror/userdir-ldap-cgi.git] / password-qualify-check

diff --git a/password-qualify-check b/password-qualify-check
index 45fd18d..95af588 100755 (executable)
--- a/password-qualify-check
+++ b/password-qualify-check
@@ -6,7 +6,8 @@
 
 # Copyright (c) 2008 Peter Palfrader
 
-import crack, sys, tempfile, os
+import sys, tempfile, os
+import cracklib
 
 def cleanup(dir):
   if not dir.startswith('/tmp/pwcheck-'):
@@ -20,6 +21,21 @@ def cleanup(dir):
 
 
 
+crack_mkdict = None
+crack_packer = None
+for b in "/usr/sbin/crack_mkdict /usr/sbin/cracklib-format".split(' '):
+  if os.path.exists(b):
+    crack_mkdict = b
+    break
+for b in "/usr/sbin/crack_packer /usr/sbin/cracklib-packer".split(' '):
+  if os.path.exists(b):
+    crack_packer = b
+    break
+if crack_mkdict is None or crack_packer is None:
+  print "Could not find crack formater or packer"
+  sys.exit(1)
+
+
 newpass = sys.stdin.readline().strip()
 oldpass = sys.stdin.readline().strip()
 ldapwords = map( lambda x: x.strip(), sys.stdin.readlines())
@@ -28,17 +44,24 @@ if oldpass == "":
   oldpass = None
 
 
-crack.min_length = 11
+cracklib.min_length = 11
 
 # check against the default dictionary
 try:
-  crack.VeryFascistCheck(newpass, oldpass)
+  cracklib.VeryFascistCheck(newpass, oldpass, '/var/cache/cracklib/cracklib_dict')
 except ValueError, e:
   print e
   sys.exit(1)
 
 # and against a dictionary created from the ldap info on this user
 if len(ldapwords) > 0:
+  # squeeze's cracklib-packer complains about '*' on input - it
+  # says 'skipping line: 1'
+  while '-' in ldapwords:
+    ldapwords.remove('-')
+  while '*' in ldapwords:
+    ldapwords.remove('*')
+
   tmpdir = tempfile.mkdtemp('', 'pwcheck-')
   F = open(tmpdir+'/wordlist', "w")
   for w in ldapwords:
@@ -49,19 +72,19 @@ if len(ldapwords) > 0:
       F.write(w1[0]+w2+"\n");
   F.close()
 
-  r = os.system("/usr/sbin/crack_mkdict "+tmpdir+"/wordlist > "+tmpdir+"/wordlist-cleaned")
+  r = os.system(crack_mkdict+" "+tmpdir+"/wordlist > "+tmpdir+"/wordlist-cleaned")
   if r != 0:
     print "crack_mkdict returned non-zero exit status %d."%(r)
     cleanup(tmpdir)
     sys.exit(1)
-  r = os.system("/usr/sbin/crack_packer "+tmpdir+"/dict < "+tmpdir+"/wordlist-cleaned > /dev/null")
+  r = os.system(crack_packer+" "+tmpdir+"/dict < "+tmpdir+"/wordlist-cleaned > /dev/null")
   if r != 0:
     print "crack_packer returned non-zero exit status %d."%(r)
     cleanup(tmpdir)
     sys.exit(1)
 
   try:
-    crack.VeryFascistCheck(newpass, None, tmpdir+"/dict")
+    cracklib.VeryFascistCheck(newpass, None, tmpdir+"/dict")
   except ValueError, e:
     print "ldap data based check: "+str(e)
     cleanup(tmpdir)