[geeklog-cvs] Auth_Enterprise/Server AEPasswordGenerator.class.php,1.2,1.3
tony at iowaoutdoors.org
tony at iowaoutdoors.org
Thu Jul 1 14:18:11 EDT 2004
Update of /var/cvs/Auth_Enterprise/Server
In directory www:/tmp/cvs-serv19115
Modified Files:
AEPasswordGenerator.class.php
Log Message:
Added Vinny's updates
Index: AEPasswordGenerator.class.php
===================================================================
RCS file: /var/cvs/Auth_Enterprise/Server/AEPasswordGenerator.class.php,v
retrieving revision 1.2
retrieving revision 1.3
diff -C2 -d -r1.2 -r1.3
*** AEPasswordGenerator.class.php 17 Jun 2004 05:31:49 -0000 1.2
--- AEPasswordGenerator.class.php 1 Jul 2004 18:18:09 -0000 1.3
***************
*** 11,14 ****
--- 11,15 ----
*
* @author Tony Bibbs <tony at geeklog.net>
+ * @author Vincent Furia <vinny01 at users.sf.net>
* @copyright 2004
* @version $Id$
***************
*** 17,31 ****
/**
! * Class that generates random passwords
*
! * @author Tony Bibbs <tony at geeklog.net>
* @package net.geeklog.auth_enterprise.server
*
*/
class AEPasswordGenerator {
/**
* Generates a random password
*
! * @author Tony Bibbs <tony at geeklog.net>
* @access public
* @return string Radomnly generated passsword
--- 18,43 ----
/**
! * The Auth_Enterprise server configuration file
! */
! require_once 'Auth_Enterprise/Server/AEServerConfig.php';
!
! /**
! * Pull in Auth_Enterprise Exceptions
! */
! require_once 'Auth_Enterprise/Common/AEExceptions.php';
!
! /**
! * Class that validates and generates passwords
*
! * @author Vincent Furia <vinny01 at users.sf.net>
* @package net.geeklog.auth_enterprise.server
*
*/
class AEPasswordGenerator {
+
/**
* Generates a random password
*
! * @author Vincent Furia <vinny01 at users.sf.net>
* @access public
* @return string Radomnly generated passsword
***************
*** 35,131 ****
{
global $gConf;
!
! $randomPass = array();
!
! // Let's set a sane password length. I realize 4 may even be small but some apps of low
! // criticality may want this
! if ($gConf[AE_PROVIDER_PEAR_DB]['passwordminlength'] < 4) {
! $gConf[AE_PROVIDER_PEAR_DB]['passwordminlength'] = 4;
! }
!
! $numChars = $gConf[AE_PROVIDER_PEAR_DB]['passwordminlength'];
!
! // Generate all the characters randomly.
! for ($i = 0; $i < $numChars; $i++) {
! $tmpNum = rand(0,3);
! switch ($tmpNum) {
! case 0:
! $randomPass[] = chr(rand(65,90));
! break;
! case 1:
! // Generate lower case letter
! $randomPass[] = chr(rand(97,122));
! break;
! case 2:
! // Generate number
! $randomPass[] = rand(0,9);
! break;
! case 3:
! $randomPass[] = AEPasswordGenerator::generateSpecial();
! }
! }
!
! // Set random Upper case character
! if ($gConf['pw_require_upper']) {
! $tmpIndex = rand(0, $numChars);
! $randomPass[$tmpIndex] = chr(rand(65,90));;
! }
!
! // Set random Lower case character
! if ($gConf['pw_require_lower']) {
! $usedIndexes[] = $tmpIndex;
! $tmpIndex = rand(0, $numChars);
! while ($tmpIndex = in_array($tmpIndex, $usedIndexes)) {
! $tmpIndex = rand(0, $numChars);
! }
! $randomPass[$tmpIndex] = chr(rand(97,122));
! }
!
! // Set random Numeric character
! if ($gConf['pw_require_number']) {
! $usedIndexes[] = $tmpIndex;
! $tmpIndex = rand(0, $numChars);
! while ($tmpIndex = in_array($tmpIndex, $usedIndexes)) {
! $tmpIndex = rand(0, $numChars);
! }
! $randomPass[$tmpIndex] = rand(0,9);
}
!
! // Set random Special character
! if ($gConf['pw_require_special_char']) {
! $usedIndexes[] = $tmpIndex;
! $tmpIndex = rand(0, $numChars);
! while ($tmpIndex = in_array($tmpIndex, $usedIndexes)) {
! $tmpIndex = rand(0, $numChars);
! }
! $randomPass[$tmpIndex] = AEPasswordGenerator::generateSpecial();
}
!
! // Now return generated password
! return implode('',$randomPass);
!
! }
!
! /**
! * Generates a random special character
! *
! * NOTE: you can configure the special characters method uses by editing the AEServerConfig.php
! * be careful of the characters you use as some can cause problems with end users, particularly when
! * printed to paper (e.g. |)
! *
! * @author Tony Bibbs <tony at geeklog.net>
! * @access private
! * @return string Random number between 0 and 9
! *
! */
! private static function generateSpecial()
! {
! global $gConf;
!
! $tmpIndex = rand(0, count($gConf['pw_special_chars']) - 1);
!
! return $gConf['pw_special_chars'][$tmpIndex];
}
!
/**
* Determines if a password is valid by the configured rules
--- 47,67 ----
{
global $gConf;
!
! $password = '';
! $len = 0;
!
! if ($gConf['randompasswordlength'] >= 4) {
! $len = $gConf['randompasswordlength'];
! } else {
! $len = 4;
}
!
! for ($i = 0; $i < $len; $i++) {
! $password .= $gConf['randompasswordchars'][rand(0,count($gConf['randompasswordchars'])-1)];
}
!
! return $password;
}
!
/**
* Determines if a password is valid by the configured rules
***************
*** 134,138 ****
* server configuration
*
! * @author Tony Bibbs <tony at geeklog.net>
* @access public
* @param string $password Password to validate
--- 70,74 ----
* server configuration
*
! * @author Vincent Furia <vinny01 at users.sf.net>
* @access public
* @param string $password Password to validate
***************
*** 144,216 ****
global $gConf;
! // First check the length
! if (strlen($password) < $gConf[AE_PROVIDER_PEAR_DB]['passwordminlength']) {
! return false;
! }
!
! $hasUpper = false;
! $hasLower = false;
! $hasNum = false;
! $hasChar = false;
!
! // First convert password to string for easy searches
! for ($i = 0; $i < strlen($password); $i++) {
! $pwdArray[$i] = $password[$i];
! }
!
! // Ensure we have an upper case character if one is required
! if ($gConf['pw_require_upper']) {
! foreach ($pwdArray as $curChar) {
! if (ord($curChar) >= 65 AND ord($curChar) <= 90) {
! $hasUpper = true;
! print 'hasUpper';
! break;
}
}
}
!
! // Ensure we have a lower case character if one is required
! if ($gConf['pw_require_lower']) {
! foreach ($pwdArray as $curChar) {
! if (ord($curChar) >= 97 AND ord($curChar) <= 122) {
! $hasLower = true;
! print 'hasLower';
! break;
! }
}
! }
!
! // Ensure we have a number if one is required
! if ($gConf['pw_require_number']) {
! foreach ($pwdArray as $curChar) {
! print $curNum;
! if (is_numeric($curChar)) {
! $hasNum = true;
! print 'hasNumber';
! break;
! }
}
}
!
! // Ensure we have a special character if one is required
! if ($gConf['pw_require_special_char']) {
! foreach ($gConf['pw_special_chars'] as $curChar) {
! if (strstr($password,$curChar)) {
! $hasChar = true;
! print 'hasChar';
! break;
! }
}
! }
!
! // Now see if we got a valid password
! if ($hasUpper AND $hasLower AND $hasNum AND $hasChar) {
! return true;
}
! return false;
!
}
-
}
--- 80,131 ----
global $gConf;
! if (is_array($gConf['pw_rule'])) {
! foreach ($gConf['pw_rule'] as $rule) {
! if ($rule['enabled']) {
! if (!preg_match($rule['regex'], $password)) {
! throw new AEPasswordInvalid("The supplied password does not meet the "
! . "rule \"{$rule['description']}\"");
! }
}
}
}
!
! // Check for dictionary words
! if ($gConf['pw_spell'] && function_exists('pspell_check')) {
! // open dictionary
! if ( !($pspell_link = pspell_new("en")) ) {
! throw new AEUnableToConnect('Cannot open pspell dictionary');
}
!
! // check spelling
! if (pspell_check($pspell_link, $password)) {
! throw new AEPasswordInvalid("The supplied password is a dictionary word");
}
}
!
! // Use cracklib to determine if password is strong
! if ($gConf['pw_crack'] && function_exists('crack_check')) {
! // Open CrackLib Dictionary
! if ( !($dictionary = crack_opendict($gConf['crack_dict'])) ) {
! throw new AEUnableToConnect('Cannot open libcrack dictionary');
}
!
! // Perform password check
! if (!crack_check($dictionary, $password)) {
! // Retrieve messages
! $diag = crack_getlastmessage();
!
! // Close dictionary
! crack_closedict($dictionary);
!
! throw new AEPasswordInvalid("The supplied password is too easy to crack, $diag");
! }
!
! // Close dictionary
! crack_closedict($dictionary);
}
! return true;
}
}
More information about the geeklog-cvs
mailing list