3
0
mirror of https://github.com/ergochat/ergo.git synced 2025-01-10 20:22:40 +01:00

Merge pull request #1804 from slingamn/pwvalidation

make `ergo genpasswd` warn for bad passwords
This commit is contained in:
Shivaram Lingamneni 2021-10-28 22:25:45 -04:00 committed by GitHub
commit b478e93c11
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 8 additions and 4 deletions

View File

@ -128,6 +128,10 @@ Options:
} else {
password = getPassword()
}
if err := irc.ValidatePassphrase(password); err != nil {
log.Printf("WARNING: this password contains characters that may cause problems with your IRC client software.\n")
log.Printf("We strongly recommend choosing a different password.\n")
}
hash, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.MinCost)
if err != nil {
log.Fatal("encoding error:", err.Error())

View File

@ -503,8 +503,8 @@ func registrationCallbackErrorText(config *Config, client *Client, err error) st
}
}
// validatePassphrase checks whether a passphrase is allowed by our rules
func validatePassphrase(passphrase string) error {
// ValidatePassphrase checks whether a passphrase is allowed by our rules
func ValidatePassphrase(passphrase string) error {
// sanity check the length
if len(passphrase) == 0 || len(passphrase) > 300 {
return errAccountBadPassphrase
@ -1122,7 +1122,7 @@ func (am *AccountManager) NsSendpass(client *Client, accountName string) (err er
}
func (am *AccountManager) NsResetpass(client *Client, accountName, code, password string) (err error) {
if validatePassphrase(password) != nil {
if ValidatePassphrase(password) != nil {
return errAccountBadPassphrase
}
account, err := am.LoadAccount(accountName)
@ -2181,7 +2181,7 @@ func (ac *AccountCredentials) SetPassphrase(passphrase string, bcryptCost uint)
return nil
}
if validatePassphrase(passphrase) != nil {
if ValidatePassphrase(passphrase) != nil {
return errAccountBadPassphrase
}