mirror of
				https://github.com/asterisk/asterisk.git
				synced 2025-10-25 14:06:27 +00:00 
			
		
		
		
	(closes issue #17628) Reported by: lmadsen Tested by: russell, lmadsen Review: https://reviewboard.asterisk.org/r/774/ git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@275863 65c4cc65-6c06-0410-ace0-fbb531ad65f3
		
			
				
	
	
		
			66 lines
		
	
	
		
			1.7 KiB
		
	
	
	
		
			Python
		
	
	
		
			Executable File
		
	
	
	
	
			
		
		
	
	
			66 lines
		
	
	
		
			1.7 KiB
		
	
	
	
		
			Python
		
	
	
		
			Executable File
		
	
	
	
	
| #!/usr/bin/env python
 | |
| ''' Sample externpasscheck script for use with voicemail.conf
 | |
| 
 | |
| Copyright (C) 2010, Digium, Inc.
 | |
| Russell Bryant <russell@digium.com>
 | |
| 
 | |
| The externpasscheck option in voicemail.conf allows an external script to
 | |
| validate passwords when a user is changing it.  The script can enforce password
 | |
| strength rules.  This script is an example of doing so and implements a check
 | |
| on password length, a password with too many identical consecutive numbers, or
 | |
| a password made up of sequential digits.
 | |
| '''
 | |
| 
 | |
| import sys
 | |
| import re
 | |
| 
 | |
| 
 | |
| # Set this to the required minimum length for a password
 | |
| REQUIRED_LENGTH = 6
 | |
| 
 | |
| 
 | |
| # Regular expressions that match against invalid passwords
 | |
| REGEX_BLACKLIST = [
 | |
|     ("(?P<digit>\d)(?P=digit){%d}" % (REQUIRED_LENGTH - 1),
 | |
|         "%d consective numbers that are the same" % REQUIRED_LENGTH)
 | |
| ]
 | |
| 
 | |
| 
 | |
| # Exact passwords that are forbidden.  If the string of digits specified here
 | |
| # is found in any part of the password specified, it is considered invalid.
 | |
| PW_BLACKLIST = [
 | |
|     "123456",
 | |
|     "234567",
 | |
|     "345678",
 | |
|     "456789",
 | |
|     "567890",
 | |
|     "098765",
 | |
|     "987654",
 | |
|     "876543",
 | |
|     "765432",
 | |
|     "654321"
 | |
| ]
 | |
| 
 | |
| 
 | |
| mailbox, context, old_pw, new_pw = sys.argv[1:5]
 | |
| 
 | |
| # Enforce a password length of at least 6 characters
 | |
| if len(new_pw) < REQUIRED_LENGTH:
 | |
|     print "INVALID: Password is too short (%d) - must be at least %d" % \
 | |
|             (len(new_pw), REQUIRED_LENGTH)
 | |
|     sys.exit(0)
 | |
| 
 | |
| for regex, error in REGEX_BLACKLIST:
 | |
|     if re.search(regex, new_pw):
 | |
|         print "INVALID: %s" % error
 | |
|         sys.exit(0)
 | |
| 
 | |
| for pw in PW_BLACKLIST:
 | |
|     if new_pw.find(pw) != -1:
 | |
|         print "INVALID: %s is forbidden in a password" % pw
 | |
|         sys.exit(0)
 | |
| 
 | |
| print "VALID"
 | |
| 
 | |
| sys.exit(0)
 |