SSO-in-a-Box: comparison packages/ssoinabox-webui/root/usr/local/share/ssoinabox/htdocs/includes/functions.php

equal deleted inserted replaced

-:700d61d93b1b
+:a044870a9d3d
 }
 function load_credentials()
 {
 	$config = yaml_parse_file("/usr/local/etc/ssoinabox/webcreds.yml");
-	$keys = array('LDAP_BASEDN', 'UID_MIN', 'GID_MIN', 'ldap_server', 'ldap_manager', 'ldap_user_basedn', 'ldap_group_basedn', 'kerberos_admin', 'PHONE_EXT_MIN');
+	$keys = array('LDAP_BASEDN', 'UID_MIN', 'GID_MIN', 'ldap_server', 'ldap_manager', 'ldap_user_basedn', 'ldap_group_basedn', 'kerberos_admin', 'PHONE_EXT_MIN', 'hmac_secret');
 	foreach ( $keys as $key )
 	{
 		if ( !isset($config[$key]) )
 			die("Config key $key is not set");
 			define($key, $config[$key]);
 		else
 			$GLOBALS[$key] = $config[$key];
 	}
 }
+/**
+* Test a password's policy compliance
+* @param string password
+* @return mixed true if compliant, otherwise a string describing why it isn't
+*/
+function test_password($str)
+{
+	if ( strlen($str) < 8 )
+		return 'must be at least 8 characters in length';
+	if ( countUniqueChars($str) < 6 )
+		return 'must have at least 6 unique characters';
+	if ( strlen($str) <= 16 )
+	{
+		if ( !preg_match('/[a-z]/', $str) )
+			return 'must contain at least one lowercase letter';
+		if ( !preg_match('/[A-Z]/', $str) )
+			return 'must contain at least one lowercase letter';
+		if ( !preg_match('/[0-9]/', $str) )
+			return 'must contain at least one lowercase letter';
+		if ( !preg_match('/[^A-Za-z0-9]/', $str) )
+			return 'must contain at least one lowercase letter';
+	}
+	return true;
+}
+function countUniqueChars($str)
+{
+	$count = 0;
+	$uniq = '';
+	for ( $i = 0; $i < strlen($str); $i++ )
+	{
+		if ( strpos($uniq, $str{$i}) === false )
+			$uniq .= $str{$i};
+	}
+	return strlen($uniq);
+}

changeset 3	a044870a9d3d
parent 0	3906ca745819
child 4	2212b2ded8bf