diff options
author | Ondrej Hamada <ohamada@redhat.com> | 2011-12-12 12:59:06 +0100 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2011-12-12 00:17:07 -0500 |
commit | da4b4fc4d9ef42f8ca46d5b5f405b93ba84f07d0 (patch) | |
tree | e8c744f9bac2c0a786be7bc119dcd6dec6804820 /ipapython | |
parent | 7710bfb5bdef1faa959b7f9402c2840b5ef65d7e (diff) | |
download | freeipa-da4b4fc4d9ef42f8ca46d5b5f405b93ba84f07d0.tar.gz freeipa-da4b4fc4d9ef42f8ca46d5b5f405b93ba84f07d0.tar.xz freeipa-da4b4fc4d9ef42f8ca46d5b5f405b93ba84f07d0.zip |
User-add random password support
I've used code from ipalib/plugins/host.py to add support for random
password generation. The '--random' option is now available in user-add
and user-mod commands. If both the 'password' and 'random' options are
used the 'random' option will be ignored.
Two test cases were added to unit test's module test_user_plugin.py -
they test creating and modifying user with random password. Two fuzzy tests
were added: test for password(string that doesn't start or end with
whitespace and doesn't containt other whitespace than ' ') and for whatever
string(because of krbextradata).
I've slightly modified ipa_generate_password in order to make passwords for
users more user-friendly(reduce number of non-letters). It has two optional
parameters now - first one is string of characters that should be used for
generating the passwd and second one is length of password. If none
parameter is set default values will be used so there's no need to modify
other plugins that use random password generator.
https://fedorahosted.org/freeipa/ticket/1979
Diffstat (limited to 'ipapython')
-rw-r--r-- | ipapython/ipautil.py | 32 |
1 files changed, 23 insertions, 9 deletions
diff --git a/ipapython/ipautil.py b/ipapython/ipautil.py index c06e7bbcf..44580be8e 100644 --- a/ipapython/ipautil.py +++ b/ipapython/ipautil.py @@ -550,21 +550,35 @@ def parse_generalized_time(timestr): except ValueError: return None -def ipa_generate_password(): +def ipa_generate_password(characters=None,pwd_len=None): + ''' Generates password. Password cannot start or end with a whitespace + character. It also cannot be formed by whitespace characters only. + Length of password as well as string of characters to be used by + generator could be optionaly specified by characters and pwd_len + parameters, otherwise default values will be used: characters string + will be formed by all printable non-whitespace characters and space, + pwd_len will be equal to value of GEN_PWD_LEN. + ''' + if not characters: + characters=string.digits + string.ascii_letters + string.punctuation + ' ' + else: + if characters.isspace(): + raise ValueError("password cannot be formed by whitespaces only") + if not pwd_len: + pwd_len = GEN_PWD_LEN + + upper_bound = len(characters) - 1 rndpwd = '' r = random.SystemRandom() - for x in range(GEN_PWD_LEN): - # do not generate space (chr(32)) as the first or last character - if x == 0 or x == (GEN_PWD_LEN-1): - rndchar = chr(r.randint(33,126)) - else: - rndchar = chr(r.randint(32,126)) + for x in range(pwd_len): + rndchar = characters[r.randint(0,upper_bound)] + if (x == 0) or (x == pwd_len-1): + while rndchar.isspace(): + rndchar = characters[r.randint(0,upper_bound)] rndpwd += rndchar - return rndpwd - def format_list(items, quote=None, page_width=80): '''Format a list of items formatting them so they wrap to fit the available width. The items will be sorted. |