3
0
mirror of https://github.com/ergochat/ergo.git synced 2024-12-23 11:12:44 +01:00

Merge pull request #1804 from slingamn/pwvalidation

make `ergo genpasswd` warn for bad passwords
This commit is contained in:
Shivaram Lingamneni 2021-10-28 22:25:45 -04:00 committed by GitHub
commit b478e93c11
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 8 additions and 4 deletions

View File

@ -128,6 +128,10 @@ Options:
} else { } else {
password = getPassword() password = getPassword()
} }
if err := irc.ValidatePassphrase(password); err != nil {
log.Printf("WARNING: this password contains characters that may cause problems with your IRC client software.\n")
log.Printf("We strongly recommend choosing a different password.\n")
}
hash, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.MinCost) hash, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.MinCost)
if err != nil { if err != nil {
log.Fatal("encoding error:", err.Error()) log.Fatal("encoding error:", err.Error())

View File

@ -503,8 +503,8 @@ func registrationCallbackErrorText(config *Config, client *Client, err error) st
} }
} }
// validatePassphrase checks whether a passphrase is allowed by our rules // ValidatePassphrase checks whether a passphrase is allowed by our rules
func validatePassphrase(passphrase string) error { func ValidatePassphrase(passphrase string) error {
// sanity check the length // sanity check the length
if len(passphrase) == 0 || len(passphrase) > 300 { if len(passphrase) == 0 || len(passphrase) > 300 {
return errAccountBadPassphrase return errAccountBadPassphrase
@ -1122,7 +1122,7 @@ func (am *AccountManager) NsSendpass(client *Client, accountName string) (err er
} }
func (am *AccountManager) NsResetpass(client *Client, accountName, code, password string) (err error) { func (am *AccountManager) NsResetpass(client *Client, accountName, code, password string) (err error) {
if validatePassphrase(password) != nil { if ValidatePassphrase(password) != nil {
return errAccountBadPassphrase return errAccountBadPassphrase
} }
account, err := am.LoadAccount(accountName) account, err := am.LoadAccount(accountName)
@ -2181,7 +2181,7 @@ func (ac *AccountCredentials) SetPassphrase(passphrase string, bcryptCost uint)
return nil return nil
} }
if validatePassphrase(passphrase) != nil { if ValidatePassphrase(passphrase) != nil {
return errAccountBadPassphrase return errAccountBadPassphrase
} }