Commit 51ad0cfd authored by sikeda's avatar sikeda
Browse files

[svn] Retrieving recent modifications from sympa-6.1-branch.

git-svn-id: https://subversion.renater.fr/sympa/branches/sympa-6.2-branch@11172 05aa8bb8-cd2b-0410-b1d7-8918dfa770ce
parent 44d0da4e
......@@ -79,6 +79,7 @@
[% ELSIF u_err.msg == 'user_already_subscriber' %][%|loc(u_err.email,u_err.list)%]%1 is already subscribed to the list %2[%END%]
[% ELSIF u_err.msg == 'no_passwd' %][%|loc%]Please provide your password[%END%]
[% ELSIF u_err.msg == 'diff_passwd' %][%|loc%]The passwords you typed do not match[%END%]
[% ELSIF u_err.msg == 'passwd_validation' %][%|loc(u_err.reason)%]The password you typed does not match this sites standards of strength: %1. Please pick a stronger password.[%END%]
[% ELSIF u_err.msg == 'wrong_input_path' %][%|loc(u_err.tpl)%]Provided path is incorrect for template '%1'[%END%]
[% ELSIF u_err.msg == 'cannot_open_file' %][%|loc(u_err.path)%]Cannot open file '%1'[%END%]
[% ELSIF u_err.msg == 'listname_needed' %][%|loc%]You need to provide list name[%END%]
......
......@@ -13041,3 +13041,8 @@ msgstr ""
#~ msgid "Your Lists"
#~ msgstr "Ihre Listen"
#: ../default/web_tt2/error.tt2:77
msgid "The password you typed does not match this sites standards of strength: %1. Please pick a stronger password."
msgstr "Die von Ihnen eingegebene Passwort stimmt nicht mit diesen Seiten Normen der Stärke:% 1. Bitte wählen Sie eine stärkere Passwort."
......@@ -14380,3 +14380,8 @@ msgstr "Άγνωστος παροχέας."
 
#~ msgid "The configuration file --CONFIG-- contains errors.\n"
#~ msgstr "Το αρχείο διαμόρφωσης --CONFIG-- περιέχει λάθη.\n"
#: ../default/web_tt2/error.tt2:77
msgid "The password you typed does not match this sites standards of strength: %1. Please pick a stronger password."
msgstr "Ο κωδικός πρόσβασης που πληκτρολογήσατε δεν ταιριάζει με αυτό sites πρότυπα της δύναμης:% 1. Παρακαλώ επιλέξτε μια ισχυρότερη κωδικό πρόσβασης."
......@@ -13018,3 +13018,8 @@ msgstr "Fuente desconocida."
#~ msgid "Your Lists"
#~ msgstr "Tus listas"
#: ../default/web_tt2/error.tt2:77
msgid "The password you typed does not match this sites standards of strength: %1. Please pick a stronger password."
msgstr "La contraseña que escribió no coincide con estos sitios niveles de fuerza:% 1. Por favor, escoja una contraseña fuerte."
......@@ -13317,3 +13317,8 @@ msgstr "Source inconnue."
#~ msgid "Your Lists"
#~ msgstr "Vos listes "
#: ../default/web_tt2/error.tt2:77
msgid "The password you typed does not match this sites standards of strength: %1. Please pick a stronger password."
msgstr "Le mot de passe que vous avez saisi ne correspond pas à ces sites normes de résistance:% 1. S'il vous plaît choisir un mot de passe fort."
......@@ -15957,3 +15957,8 @@ msgstr "Provider sconosciuto."
#, fuzzy
#~ msgid " %1 / %2 "
#~ msgstr "pagina %1 / %2"
#: ../default/web_tt2/error.tt2:77
msgid "The password you typed does not match this sites standards of strength: %1. Please pick a stronger password."
msgstr "La password digitata non corrisponde a questi siti norme di forza:% 1. Si prega di scegliere una password forte."
......@@ -13137,3 +13137,11 @@ msgstr ""
#~ msgid "Duration before the one time tickets are expired"
#~ msgstr "一時チケットの有効期間"
# 仮訳
#: ../web_tt2/error.tt2:77
msgid ""
"The password you typed does not match this sites standards of strength: %1. Please pick a stronger password."
msgstr ""
"入力されたパスワードは、当サイトでの安全性の基準を満たしていません。%1。より安全なパスワードを考えてください。"
......@@ -12372,3 +12372,8 @@ msgstr ""
#, fuzzy
#~ msgid "notify bouncing users"
#~ msgstr " As %1 ultimas listas "
#: ../default/web_tt2/error.tt2:77
msgid "The password you typed does not match this sites standards of strength: %1. Please pick a stronger password."
msgstr "A senha que você digitou não corresponde esse Sites padrões de força:% 1. Por favor escolha uma senha forte."
......@@ -10268,3 +10268,13 @@ msgstr ""
#: ext/OAuth1P/lib/Sympa/OAuth1/Provider/tt2/oauth_check.tt2:21
msgid "Unknown provider."
msgstr ""
#: default/mail_tt2/message_report.tt2:59
msgid "List size has exceded the limit, %1, set by the administrators."
msgstr ""
#: ../default/web_tt2/error.tt2:77
msgid "The password you typed does not match this sites standards of strength: %1. Please pick a stronger password."
msgstr ""
......@@ -6162,6 +6162,15 @@ sub do_subscribe {
$u->{'gecos'} = $param->{'user'}{'gecos'} || $in{'gecos'};
$u->{'date'} = $u->{'update_date'} = time;
$u->{'password'} = $param->{'user'}{'password'};
if (my $reason = tools::password_validation($u->{'password'})) {
report::reject_report_web('user','passwd_validation',{'reason' => $reason},$param->{'action'});
wwslog('info','do_setpasswd: password validation');
web_db_log({
'status' => 'error',
'error_type' => 'bad_parameter'
});
return undef;
}
$u->{'custom_attribute'} = $xml_custom_attribute
if (defined $xml_custom_attribute);
$u->{'lang'} = $param->{'user'}{'lang'} || $param->{'lang'};
......@@ -6861,6 +6870,13 @@ sub do_setpasswd {
return undef;
}
 
if (my $reason = tools::password_validation($in{'newpasswd1'})) {
report::reject_report_web('user','passwd_validation',{'reason' => $reason},$param->{'action'});
wwslog('info','do_setpasswd: password validation');
web_db_log({'status' => 'error', 'error_type' => 'bad_parameter'});
return undef;
}
if (Sympa::User::is_global_user($param->{'user'}{'email'})) {
 
unless (
......@@ -8169,7 +8185,15 @@ sub do_add {
$u->{'gecos'} = $user{$email} || $u2->{'gecos'};
$u->{'date'} = $u->{'update_date'} = time;
$u->{'password'} = $u2->{'password'} || tools::tmp_passwd($email);
$u->{'lang'} = $u2->{'lang'} || $list->{'admin'}{'lang'};
if (my $reason = tools::password_validation($u->{'password'})) {
report::reject_report_web('user','passwd_validation',{'reason' => $reason},$param->{'action'});
wwslog('info','do_setpasswd: password validation');
web_db_log({'status' => 'error',
'error_type' => 'bad_parameter'});
return undef;
}
$u->{'lang'} = $u2->{'lang'} || $list->{'admin'}{'lang'};
if ($comma_emails) {
$comma_emails = $comma_emails . ',' . $email;
} else {
......
......@@ -1472,11 +1472,11 @@ our @params = (
'default' => 25,
'file' => 'wwsympa.conf',
},
{
'name' => 'your_lists_size',
'gettext_id' => 'Maximum number of lists listed in "Your lists" menu. 0 lists none. negative value means unlimited.',
'vhost' => '1',
'default' => '10',
{ 'name' => 'your_lists_size',
'gettext_id' =>
'Maximum number of lists listed in "Your lists" menu. 0 lists none. negative value means unlimited.',
'vhost' => '1',
'default' => '10',
},
{ 'name' => 'http_host',
'gettext_id' => 'URL of a virtual host',
......@@ -1486,6 +1486,15 @@ our @params = (
'edit' => '1',
'file' => 'sympa.conf',
},
{ 'name' => 'password_validation',
'gettext_id' =>
'The password validation techniques to be used against user passwords that are added to mailing lists. Options come from Data::Password (http://search.cpan.org/~razinf/Data-Password-1.07/Password.pm#VARIABLES)',
'sample' =>
'MINLEN=8,GROUPS=3,DICTIONARY=4,DICTIONARIES=/pentest/dictionaries',
'edit' => '1',
'file' => 'sympa.conf',
'optional' => '1',
},
## Not implemented yet.
## {
......
......@@ -62,6 +62,12 @@ our %cpan_modules = (
'gettext_id' =>
'this module provides reversible encryption of user passwords in the database. Useful when updating from old version with password reversible encryption, or if secure session cookies in non-SSL environments are required.',
},
'Data::Password' => {
required_version => '1.07',
package_name => 'Data-Password',
'gettext_id' =>
'Used for configureable hardening of passwords via the password_validation sympa.conf directive.',
},
# DateTime is used by DateTime::Format::Mail.
'DateTime::Format::Mail' => {
required_version => '0.28',
......
......@@ -851,11 +851,26 @@ sub add {
my $defaults = $list->get_default_user_options();
my $u2 = Sympa::User->new($email);
%{$u} = %{$defaults};
$u->{'email'} = $email;
$u->{'gecos'} = $gecos || $u2->gecos;
$u->{'date'} = $u->{'update_date'} = time;
$u->{'password'} = $u2->password || tools::tmp_passwd($email);
$u->{'lang'} = $u2->lang || $list->{'admin'}{'lang'};
$u->{'email'} = $email;
$u->{'gecos'} = $gecos || $u2->gecos;
$u->{'date'} = $u->{'update_date'} = time;
# If Password validation is enabled check the submitted password
# against the site configured constraints
if ($u2->{'password'}) {
if (my $result = tools::password_validation($u->{'password'})) {
Log::do_log('info', 'add %s@%s %s from %s : scenario error',
$listname, $robot, $email, $sender);
die SOAP::Fault->faultcode('Server')
->faultstring('Weak password')
->faultdetail('Weak password: ' . $result);
}
$u->{'password'} = $u2->{'password'};
} else {
$u->{'password'} = &tools::tmp_passwd($email);
}
$u->{'lang'} = $u2->lang || $list->{'admin'}{'lang'};
$list->add_list_member($u);
if (defined $list->{'add_outcome'}{'errors'}) {
......
......@@ -4533,6 +4533,45 @@ sub decode_header {
}
}
sub password_validation {
my ($password) = @_;
my $pv = $Conf::Conf{'password_validation'};
return undef
unless $pv
and defined $password
and eval { require Data::Password; };
local (
$Data::Password::DICTIONARY, $Data::Password::FOLLOWING,
$Data::Password::GROUPS, $Data::Password::MINLEN,
$Data::Password::MAXLEN
);
local @Data::Password::DICTIONARIES = @Data::Password::DICTIONARIES;
my @techniques = split(/\s*,\s*/, $pv);
foreach my $technique (@techniques) {
my ($key, $value) = $technique =~ /([^=]+)=(.*)/;
$key = uc $key;
if ($key eq 'DICTIONARY') {
$Data::Password::DICTIONARY = $value;
} elsif ($key eq 'FOLLOWING') {
$Data::Password::FOLLOWING = $value;
} elsif ($key eq 'GROUPS') {
$Data::Password::GROUPS = $value;
} elsif ($key eq 'MINLEN') {
$Data::Password::MINLEN = $value;
} elsif ($key eq 'MAXLEN') {
$Data::Password::MAXLEN = $value;
} elsif ($key eq 'DICTIONARIES') {
# TODO: How do we handle a list of dictionaries?
push @Data::Password::DICTIONARIES, $value;
}
}
return Data::Password::IsBadPassword($password);
}
#*******************************************
## Function : foldcase
## Description : returns "fold-case" string suitable for case-insensitive
......@@ -4700,7 +4739,7 @@ sub split_listname {
my ($name, $suffix) = ($1, $2);
my $type;
if ($suffix eq 'request') { # -request
if ($suffix eq 'request') { # -request
$type = 'owner';
} elsif ($suffix eq 'editor') {
$type = 'editor';
......@@ -4756,8 +4795,8 @@ sub unmarshal_metadata {
## Get priority
#FIXME: is this always needed?
if (exists $data->{'priority'}) {
# Priority was given by metadata.
;
# Priority was given by metadata.
;
} elsif ($type and $type eq 'listmaster') {
## highest priority
$priority = 0;
......@@ -4774,9 +4813,9 @@ sub unmarshal_metadata {
}
$data->{'robot'} = $robot_id if defined $robot_id;
$data->{'list'} = $list if $list;
$data->{'list'} = $list if $list;
$data->{'listname'} = $listname if $listname;
$data->{'listtype'} = $type if defined $type;
$data->{'listtype'} = $type if defined $type;
$data->{'priority'} = $priority if defined $priority;
Log::do_log('debug3', 'messagekey=%s, list=%s, robot=%s, priority=%s',
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment