You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficcontrol.apache.org by de...@apache.org on 2017/05/30 16:07:14 UTC
[2/4] incubator-trafficcontrol git commit: Add TO password blacklist
http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/blob/fa957985/traffic_ops/app/lib/API/User.pm
----------------------------------------------------------------------
diff --git a/traffic_ops/app/lib/API/User.pm b/traffic_ops/app/lib/API/User.pm
index 1d771e7..20d92ba 100644
--- a/traffic_ops/app/lib/API/User.pm
+++ b/traffic_ops/app/lib/API/User.pm
@@ -583,6 +583,10 @@ sub is_good_password {
return "Password must be greater than 7 chars.";
}
+ if ( defined($self->app->{invalid_passwords}->{$value}) ) {
+ return "Password is too common.";
+ }
+
# At this point we're happy with the password
return undef;
}
http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/blob/fa957985/traffic_ops/app/lib/MojoPlugins/Validation.pm
----------------------------------------------------------------------
diff --git a/traffic_ops/app/lib/MojoPlugins/Validation.pm b/traffic_ops/app/lib/MojoPlugins/Validation.pm
index e9e3482..6d35a92 100755
--- a/traffic_ops/app/lib/MojoPlugins/Validation.pm
+++ b/traffic_ops/app/lib/MojoPlugins/Validation.pm
@@ -77,6 +77,17 @@ sub register {
}
}
);
+
+ $app->renderer->add_helper(
+ is_password_uncommon => sub {
+ my $self = shift;
+ my $pass = $self->param('tm_user.local_passwd');
+ my %blacklist = %{$self->app->{invalid_passwords}};
+ if ( defined($pass) && defined(%blacklist->{$pass}) ) {
+ $self->field('tm_user.local_passwd')->is_like( qr/ . $pass . /, "Password is too common." );
+ }
+ }
+ );
}
package MojoPlugins::Validation::Functions;
http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/blob/fa957985/traffic_ops/app/lib/TrafficOps.pm
----------------------------------------------------------------------
diff --git a/traffic_ops/app/lib/TrafficOps.pm b/traffic_ops/app/lib/TrafficOps.pm
index b2aeca2..89db9bf 100644
--- a/traffic_ops/app/lib/TrafficOps.pm
+++ b/traffic_ops/app/lib/TrafficOps.pm
@@ -94,6 +94,7 @@ sub startup {
$self->validate_cdn_conf();
$self->setup_mojo_plugins();
$self->set_secrets();
+ $self->load_password_blacklist();
$self->log->info("-------------------------------------------------------------");
$self->log->info( "TrafficOps version: " . Utils::Helper::Version->current() . " is starting." );
@@ -349,6 +350,19 @@ sub setup_mojo_plugins {
}
+sub load_password_blacklist {
+ my $self = shift;
+ my $path = find_conf_path("invalid_passwords.txt");
+ open( my $fn, '<', $path ) || die("invalid_passwords.txt $!\n");
+ my $invalid_passwords = {};
+ while ( my $line = <$fn> ) {
+ chomp($line);
+ $invalid_passwords->{$line} = 1;
+ }
+ close($fn);
+ $self->{invalid_passwords} = $invalid_passwords;
+}
+
sub check_token {
my $self = shift;
my $token = shift;
http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/blob/fa957985/traffic_ops/app/lib/UI/User.pm
----------------------------------------------------------------------
diff --git a/traffic_ops/app/lib/UI/User.pm b/traffic_ops/app/lib/UI/User.pm
index d21cbd9..c0ce087 100644
--- a/traffic_ops/app/lib/UI/User.pm
+++ b/traffic_ops/app/lib/UI/User.pm
@@ -271,6 +271,7 @@ sub is_valid {
$self->field('tm_user.local_passwd')->is_equal( 'tm_user.confirm_local_passwd', "The 'Password' and 'Confirm Password' must match." );
$self->field('tm_user.local_passwd')->is_like( qr/^.{8,100}$/, "Password must be greater than 7 chars." );
+ $self->is_password_uncommon();
return $self->valid;
}