diff options
author | Stephen Hemminger <stephen.hemminger@vyatta.com> | 2009-09-04 09:45:25 -0700 |
---|---|---|
committer | Stephen Hemminger <stephen.hemminger@vyatta.com> | 2009-09-04 09:45:25 -0700 |
commit | fd910e721e6d277f9792524c015f3d4b7f8c2473 (patch) | |
tree | 0a061ea116e59333b391c97661bc84fbdec0618b | |
parent | 02e98dc0125dfcc42ab32afff296e91b991666f1 (diff) | |
download | vyatta-cfg-system-fd910e721e6d277f9792524c015f3d4b7f8c2473.tar.gz vyatta-cfg-system-fd910e721e6d277f9792524c015f3d4b7f8c2473.zip |
Enforce syntax checking on password
Enforce syntax checks on encrypted password field to prevent user errors.
But can't check salt field because it is optional and default
config.boot doesn't use one!
Bug: 4077
-rw-r--r-- | templates/system/login/user/node.tag/authentication/encrypted-password/node.def | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/templates/system/login/user/node.tag/authentication/encrypted-password/node.def b/templates/system/login/user/node.tag/authentication/encrypted-password/node.def index 3c12bdc3..49b7fd04 100644 --- a/templates/system/login/user/node.tag/authentication/encrypted-password/node.def +++ b/templates/system/login/user/node.tag/authentication/encrypted-password/node.def @@ -1,2 +1,11 @@ type: txt help: Set encrypted password +# Allow * or ! to disable account +# DES format password (13 characters) +# MD5 format ($1) and SHA format passwords +syntax:expression: ($VAR(@) == "*" || $VAR(*) == "!" \ + || ( pattern $VAR(@) "^[a-zA-Z0-9\.\/]{13}$" ) \ + || ( pattern $VAR(@) "^\\$1\\$[a-zA-Z0-9\./]*\\$[a-zA-Z0-9\./]{22}$" ) \ + || ( pattern $VAR(@) "^\\$5\\$[a-zA-Z0-9\./]*\\$[a-zA-Z0-9\./]{43}$" ) \ + || ( pattern $VAR(@) "^\\$6\\$[a-zA-Z0-9\./]*\\$[a-zA-Z0-9\./]{86}$" )) \ + ; "Not a valid encrypted password for user $VAR(../../@)" |