From 02e52f810b396c5f367dc18b162d6a6724cab754 Mon Sep 17 00:00:00 2001 From: rojanu Date: Fri, 7 Jan 2011 15:14:40 +0100 Subject: Bug 558803: Add a parameter to specify the password complexity for new passwords r/a=LpSolit --- Bugzilla/Config/Auth.pm | 9 +++++++++ Bugzilla/User.pm | 13 +++++++++++++ 2 files changed, 22 insertions(+) (limited to 'Bugzilla') diff --git a/Bugzilla/Config/Auth.pm b/Bugzilla/Config/Auth.pm index c7d921ed5..a61cab5a2 100644 --- a/Bugzilla/Config/Auth.pm +++ b/Bugzilla/Config/Auth.pm @@ -121,6 +121,15 @@ sub get_param_list { type => 't', default => q:.*:, checker => \&check_regexp + }, + + { + name => 'password_complexity', + type => 's', + choices => [ 'no_constraints', 'mixed_letters', 'letters_numbers', + 'letters_numbers_specialchars' ], + default => 'no_constraints', + checker => \&check_multi } ); return @param_list; } diff --git a/Bugzilla/User.pm b/Bugzilla/User.pm index d15113959..eafda6563 100644 --- a/Bugzilla/User.pm +++ b/Bugzilla/User.pm @@ -1946,6 +1946,19 @@ sub validate_password { } elsif ((defined $matchpassword) && ($password ne $matchpassword)) { ThrowUserError('passwords_dont_match'); } + + my $complexity_level = Bugzilla->params->{password_complexity}; + if ($complexity_level eq 'letters_numbers_specialchars') { + ThrowUserError('password_not_complex') + if ($password !~ /\w/ || $password !~ /\d/ || $password !~ /[[:punct:]]/); + } elsif ($complexity_level eq 'letters_numbers') { + ThrowUserError('password_not_complex') + if ($password !~ /[[:lower:]]/ || $password !~ /[[:upper:]]/ || $password !~ /\d/); + } elsif ($complexity_level eq 'mixed_letters') { + ThrowUserError('password_not_complex') + if ($password !~ /[[:lower:]]/ || $password !~ /[[:upper:]]/); + } + # Having done these checks makes us consider the password untainted. trick_taint($_[0]); return 1; -- cgit v1.2.3-24-g4f1b