Tickets :: Comment on [#10611] adapt passwd-h3 / passwd-h4 to solaris defaults

* Your Email Address
* Spam protection	Enter the letters below: .___..___.___..__ __ \| [__ _/ [__)/ ` \| [___./__.\| \__.
Comment	> on solaris, default passwd policy is: > minimum length = 6 > minimum alpha characters = 2 > minimum non-alpha (that is numeric and special) = 1 > minimum differences required between an old and a new password = 3 > > to match this, in my horde installation, i have made the following > obvious changes to passwd-h3-3.1.3/main.php : > > ====== > --- main.php__dist Sun Jul 5 19:13:32 2009 > +++ main.php Fri May 28 17:42:05 2010 > @@ -101,10 +101,28 @@ > $notification->push(sprintf(_("Your new password is too > long; passwords may not be more than %d characters long!"), > $password_policy['maxLength']), 'horde.warning'); > break; > } > + if (isset($password_policy['minDiff'])) { > + $n = strlen($new_password0); > + $o = strlen($old_password); > + if (isset($password_policy['maxLength']) && $o > > $password_policy['maxLength']) { > + $o = $password_policy['maxLength']; > + } > + if ( $n < $o ) { $k = $n; $d = $o - $n; } > + else { $k = $o; $d = $n - $o; } > + $i = 0; > + while ($d < $password_policy['minDiff'] && $i < $k) { > + if (substr($new_password0, $i, 1) != > substr($old_password, $i, 1)) { $d++; } > + $i++; > + } > + if ($d < $password_policy['minDiff']) { > + $notification->push(sprintf(_("Your new password must > have at least %d differences to your current password"), > $password_policy['minDiff']), 'horde.warning'); > + break; > + } > + } > > // Disect the password in a localised way. > $classes = array(); > - $alpha = $alnum = $num = $upper = $lower = $space = $symbol = 0; > + $alpha = $nonalpha = $alnum = $num = $upper = $lower = $space = > $symbol = 0; > for ($i = 0; $i < strlen($new_password0); $i++) { > $char = substr($new_password0, $i, 1); > if (ctype_lower($char)) { > @@ -112,9 +130,9 @@ > } elseif (ctype_upper($char)) { > $upper++; $alpha++; $alnum++; $classes['upper'] = 1; > } elseif (ctype_digit($char)) { > - $num++; $alnum++; $classes['number'] = 1; > + $num++; $nonalpha++; $alnum++; $classes['number'] = 1; > } elseif (ctype_punct($char)) { > - $symbol++; $classes['symbol'] = 1; > + $symbol++; $nonalpha++; $classes['symbol'] = 1; > } elseif (ctype_space($char)) { > $space++; $classes['symbol'] = 1; > } > @@ -146,6 +164,11 @@ > $notification->push(sprintf(ngettext("Your new password must > contain at least %d alphanumeric character.", "Your new password must > contain at least %d alphanumeric characters.", > $password_policy['minAlphaNum']), $password_policy['minAlphaNum']), > 'horde.warning'); > break; > } > + if (isset($password_policy['minNonAlpha']) && > + $password_policy['minNonAlpha'] > $nonalpha) { > + $notification->push(sprintf(ngettext("Your new password must > contain at least %d numeric or special character.", "Your new > password must contain at least %d numeric or special characters.", > $password_policy['minNonAlpha']), $password_policy['minNonAlpha']), > 'horde.warning'); > + break; > + } > if (isset($password_policy['minClasses']) && > $password_policy['minClasses'] > array_sum($classes)) { > $notification->push(sprintf(_("Your new password must > contain at least %d different types of characters. The types are: > lower, upper, numeric, and symbols."), > $password_policy['minClasses']), 'horde.warning'); > ====== > > using $backends['sudo_expect'], after configuring sudo as documented in > scripts/passwd_expect, this works on my solaris server(s). > > well, i didn't bother localizing the messages, as we're running a pure > english installation... > > i would love to see these changes in passwd-h4 (resp., in > Horde_Auth, the code > seems to have moved there). > > btw., for my horde4 test installation, i grabbed passwd from > git://github.com/horde/horde on july 20, and could apply the above > patch, and it works, using backends.local.php to disable hordesql, > enable sudo_expect, and set the 'password policy' parameters. >
Attachment
Watch this ticket

Saved Queries