From 7d5cb723b437f5cefcca5aeba6a849badbd576b8 Mon Sep 17 00:00:00 2001 From: Shivaram Lingamneni Date: Thu, 28 Oct 2021 19:29:55 -0400 Subject: [PATCH] make `ergo genpasswd` warn for bad passwords --- ergo.go | 4 ++++ irc/accounts.go | 8 ++++---- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/ergo.go b/ergo.go index aa53d967..c3d91e29 100644 --- a/ergo.go +++ b/ergo.go @@ -128,6 +128,10 @@ Options: } else { password = getPassword() } + if err := irc.ValidatePassphrase(password); err != nil { + log.Printf("WARNING: this password contains characters that may cause problems with your IRC client software.\n") + log.Printf("We strongly recommend choosing a different password.\n") + } hash, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.MinCost) if err != nil { log.Fatal("encoding error:", err.Error()) diff --git a/irc/accounts.go b/irc/accounts.go index b833f22a..8f8e8b45 100644 --- a/irc/accounts.go +++ b/irc/accounts.go @@ -503,8 +503,8 @@ func registrationCallbackErrorText(config *Config, client *Client, err error) st } } -// validatePassphrase checks whether a passphrase is allowed by our rules -func validatePassphrase(passphrase string) error { +// ValidatePassphrase checks whether a passphrase is allowed by our rules +func ValidatePassphrase(passphrase string) error { // sanity check the length if len(passphrase) == 0 || len(passphrase) > 300 { return errAccountBadPassphrase @@ -1122,7 +1122,7 @@ func (am *AccountManager) NsSendpass(client *Client, accountName string) (err er } func (am *AccountManager) NsResetpass(client *Client, accountName, code, password string) (err error) { - if validatePassphrase(password) != nil { + if ValidatePassphrase(password) != nil { return errAccountBadPassphrase } account, err := am.LoadAccount(accountName) @@ -2181,7 +2181,7 @@ func (ac *AccountCredentials) SetPassphrase(passphrase string, bcryptCost uint) return nil } - if validatePassphrase(passphrase) != nil { + if ValidatePassphrase(passphrase) != nil { return errAccountBadPassphrase }