Commit f2809260 authored by Paul Cammish's avatar Paul Cammish
Browse files

Merge branch 'common_remove-cracklib' into 'stretch'

removes cracklib requirement but raises issues

See merge request sympl.host/sympl!8
parents bf8e774b ec97eb86
......@@ -111,7 +111,7 @@ ALGORITHMS = {
"6" => "SHA-512"
}
require 'cracklib'
require 'password'
password = nil
......@@ -153,8 +153,9 @@ else
password = ARGV.first
end
c = CrackLib::Fascist(password)
warn "This is a weak password -- #{c.reason}." unless c.ok?
# TODO Replace this with updated version from ruby-password
#c = CrackLib::Fascist(password)
#warn "This is a weak password -- #{c.reason}." unless c.ok?
#
# Collect some salt.
......
......@@ -10,7 +10,7 @@ XS-Ruby-Versions: all
Package: symbiosis-common
Architecture: all
XB-Ruby-Versions: ${ruby:Versions}
Depends: ruby | ruby-interpreter, ruby-acme-client (>= 0.3.5), ruby-linux-netlink, ruby-cracklib, ruby-diffy, ruby-erubis, ruby-mocha, ruby-webmock, ruby-test-unit, gnutls-bin, openssl, sudo, adduser, cracklib-runtime, ssl-cert, ${misc:Depends}
Depends: ruby | ruby-interpreter, ruby-acme-client (>= 0.3.5), ruby-linux-netlink, ruby-password, ruby-diffy, ruby-erubis, ruby-mocha, ruby-webmock, ruby-test-unit, gnutls-bin, openssl, sudo, adduser, ssl-cert, ${misc:Depends}
Replaces: symbiosis-firewall (<< 2011:1214), symbiosis-range, symbiosis-test, bytemark-vhost-range, bytemark-vhost-test, symbiosis-crack
Breaks: symbiosis-firewall (<< 2011:1214), symbiosis-email (<< 2012:0215)
Conflicts: symbiosis-range, symbiosis-test, symbiosis-crack, bytemark-vhost-range, bytemark-vhost-test, symbiosis-email (<< 2012:0215)
......
......@@ -118,7 +118,7 @@ rescue LoadError
do_test_mailboxes = false
end
require 'cracklib'
require 'password'
Symbiosis::Domains.each(prefix) do |domain|
verbose "Checking #{domain}"
......@@ -161,18 +161,22 @@ Symbiosis::Domains.each(prefix) do |domain|
next
end
c = CrackLib::Fascist(u.password)
if c.ok?
verbose "\tFTP password for #{u.username} is OK"
else
verbose "\tFTP password for #{u.username} is weak -- #{c.reason}"
if u.username.include?('@')
weak << "#{domain.ftp_users_file} (#{u.username}): #{c.reason}"
else
weak << "#{domain.ftp_password_file} (#{u.username}): #{c.reason}"
end
end
# TODO: Again, repalce this with the updated calls to ruby-password.
# And yes, this means this doesn't really do anything now.
#
# c = CrackLib::Fascist(u.password)
#
# if c.ok?
# verbose "\tFTP password for #{u.username} is OK"
# else
# verbose "\tFTP password for #{u.username} is weak -- #{c.reason}"
# if u.username.include?('@')
# weak << "#{domain.ftp_users_file} (#{u.username}): #{c.reason}"
# else
# weak << "#{domain.ftp_password_file} (#{u.username}): #{c.reason}"
# end
# end
end
end
......@@ -197,14 +201,16 @@ Symbiosis::Domains.each(prefix) do |domain|
next
end
c = CrackLib::Fascist(mailbox.password)
if c.ok?
verbose "\tPassword for #{mailbox.local_part} is OK"
else
verbose "\tPassword for #{mailbox.local_part} is weak -- #{c.reason}"
weak << "#{mailbox.password_file}: #{c.reason}"
end
# TODO: Replace this with ruby-password calls
# Beating in mind, this pretty much means this does nothing now.
#c = CrackLib::Fascist(mailbox.password)
#
#if c.ok?
# verbose "\tPassword for #{mailbox.local_part} is OK"
#else
# verbose "\tPassword for #{mailbox.local_part} is weak -- #{c.reason}"
# weak << "#{mailbox.password_file}: #{c.reason}"
#end
end
end
......
  • Paul Cammish @kelduum

    mentioned in merge request !10 (merged)

    By Paul Cammish on 2019-04-03T22:54:50 (imported from GitLab project)

    ·

    mentioned in merge request !10 (merged)

    By Paul Cammish on 2019-04-03T22:54:50 (imported from GitLab project)

    Toggle commit list
  • Paul Cammish @kelduum

    mentioned in issue #6 (closed)

    By Paul Cammish on 2019-04-03T23:08:53 (imported from GitLab project)

    ·

    mentioned in issue #6 (closed)

    By Paul Cammish on 2019-04-03T23:08:53 (imported from GitLab project)

    Toggle commit list
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment