security-and-privacy/ldapcherry
security-and-privacy
/
ldapcherry
mirror of https://github.com/kakwa/ldapcherry
1
0
Fork 0
Code Releases Activity

add more possibility for validation of password 

Add possibility to check for a certain number of lower, punctuation
characters and a number of rule to check among min_lower, min_upper,
min_digit, min_punct.
This commit is contained in:
Thomas BURGUIERE 2019-02-11 19:46:50 +01:00
parent 245bafb01c
commit 5b28b68040
6 changed files with 56 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
conf/ldapcherry.ini
View File

@ -185,8 +185,12 @@ ppolicy.module = 'ldapcherry.ppolicy.simple'
# parameters of the module
min_length = 8
min_lower = 1
min_upper = 1
min_digit = 1
min_punct = 1
# number of rules (among: min_lower, min_upper, min_digit, min_punct) to respect for a correct password
min_point = 4
# authentification parameters
[auth]

2
goodies/gen-dev-conf.sh
View File

@ -16,3 +16,5 @@ sed -i "s|ldap.admin.groups.*|ldap.admin.groups = '$GROUPS'|" $ROOT/ldapcherry-d
sed -i "s|^min_length.*|min_length = 3|" $ROOT/ldapcherry-dev.ini
sed -i "s|^min_upper.*|min_upper = 0|" $ROOT/ldapcherry-dev.ini
sed -i "s|^min_digit.*|min_digit = 0|" $ROOT/ldapcherry-dev.ini
sed -i "s|^min_punct.*|min_punct = 0|" $ROOT/ldapcherry-dev.ini
sed -i "s|^min_point.*|min_point = 0|" $ROOT/ldapcherry-dev.ini

45
ldapcherry/ppolicy/simple.py
View File

@ -7,6 +7,7 @@
import ldapcherry.ppolicy
import re
import string
class PPolicy(ldapcherry.ppolicy.PPolicy):
@ -14,27 +15,57 @@ class PPolicy(ldapcherry.ppolicy.PPolicy):
def __init__(self, config, logger):
self.config = config
self.min_length = self.get_param('min_length')
self.min_lower = self.get_param('min_lower')
self.min_upper = self.get_param('min_upper')
self.min_digit = self.get_param('min_digit')
self.min_punct = self.get_param('min_punct')
self.min_point = self.get_param('min_point')
def check(self, password):
point = 0
reason = 'Not enough complexity'
if len(password) < self.min_length:
return {'match': False, 'reason': 'Password too short'}
if len(re.findall(r'[a-z]', password)) < self.min_lower:
reason = 'Not enough lower case characters'
else:
point += 1
if len(re.findall(r'[A-Z]', password)) < self.min_upper:
return {
'match': False,
'reason': 'Not enough upper case characters'
}
reason = 'Not enough upper case characters'
else:
point += 1
if len(re.findall(r'[0-9]', password)) < self.min_digit:
return {'match': False, 'reason': 'Not enough digits'}
reason = 'Not enough digits'
else:
point += 1
punctuation = 0
for char in password:
if char in string.punctuation:
punctuation += 1
if punctuation < self.min_punct:
reason = 'Not enough special caracter'
else:
point += 1
if point < self.min_point:
return {'match': False, 'reason': reason}
return {'match': True, 'reason': 'password ok'}
def info(self):
return \
"* Minimum length: %(len)d\n" \
"* Minimum number of lowercase characters: %(lower)d\n" \
"* Minimum number of uppercase characters: %(upper)d\n" \
"* Minimum number of digits: %(digit)d" % {
'upper': self.min_upper,
"* Minimum number of digits: %(digit)d\n" \
"* Minimum number of punctuation characters: %(punct)d" % {
'len': self.min_length,
'lower': self.min_lower,
'upper': self.min_upper,
'digit': self.min_digit
'punct': self.min_punct,
}

4
tests/cfg/ldapcherry.ini
View File

@ -108,8 +108,12 @@ ppolicy.module = 'ldapcherry.ppolicy.simple'
# parameters of the module
min_length = 8
min_lower = 1
min_upper = 1
min_digit = 1
min_punct = 1
# number of rules (among: min_lower, min_upper, min_digit, min_punct) to respect for a correct password
min_point = 4
# resources parameters
[resources]

4
tests/cfg/ldapcherry_adldap.cfg
View File

@ -145,8 +145,12 @@ ppolicy.module = 'ldapcherry.ppolicy.simple'
# parameters of the module
min_length = 8
min_lower = 1
min_upper = 1
min_digit = 1
min_punct = 1
# number of rules (among: min_lower, min_upper, min_digit, min_punct) to respect for a correct password
min_point = 4
# authentification parameters
[auth]

4
tests/test_env/etc/ldapcherry/ldapcherry.ini
View File

@ -112,8 +112,12 @@ ppolicy.module = 'ldapcherry.ppolicy.simple'
# parameters of the module
min_length = 2
min_lower = 0
min_upper = 0
min_digit = 0
min_punct = 0
# number of rules (among: min_lower, min_upper, min_digit, min_punct) to respect for a correct password
min_point = 0
# resources parameters
[resources]