--- smeserver-dirty-tools-0.0.9/root/sbin/e-smith/dt-pw-generate.usePasswordTools 2008-03-01 18:14:05.000000000 +0100 +++ smeserver-dirty-tools-0.0.9/root/sbin/e-smith/dt-pw-generate 2008-03-01 18:15:09.000000000 +0100 @@ -1,19 +1,12 @@ #!/usr/bin/perl -# (C) 2005-2007 Michael Weinberger -# See http://wiki.contribs.org/Dirty_Tools for full documentation - - -# Copyright 2000 - 2004 George Shaffer -# -# Anyone may use or modify this code for any purpose PROVIDED -# that as long as it is recognizably derived from this code, -# that this copyright notice, remains intact and unchanged. -# No warrantees of any kind are expressed or implied. +# (C) 2005-2008 Michael Weinberger +# See http://wiki.contribs.org/Dirty_Tools for full documentation use strict; use esmith::ConfigDB; use esmith::FormMagick; +use esmith::PasswordTools; use Getopt::Long; my %opts; @@ -30,262 +23,7 @@ print "Usage: dt-pw-generate [--length=N] [--mixed-case] [--add-consonants]\n"; exit 0; } - - - -BEGIN { - srand(time() ^ ($$ + $$ << 21)); -} - - -# siz -# Increase the default 8 to change the generated password size -# and extra letters will be added to the end. Decrease and -# you'll lose some or all of the second string of letters. -# Depending on the value of $addConsonants the actual -# password length may range from $siz to $siz + 2. -# Size interacts with other choices. If $addConsonants is false -# size will be fixed length and is achieved by truncation after -# checking for upper case and digits so short sizes (3 - 5) may -# not have the variability you desire. -# -# addConsonants yes|no -# Change $addConsonants to 'no' to prevent some extra consonants -# from being tacked on to letter sequences. Leave $addConsonants -# at 'yes' to sometimes add an extra consonant to letter sequences. -# If left at 'yes' the password size will vary from $siz to $siz+2. -# -# firstUpper yes|no -# Change $firstUpper to 'no' to prevent the first character of each -# letter sequence from being upper case. Leave it as 'yes' if you -# want some of the first characters to be upper case. -# -# mixedCase yes|no -# Change $mixedCase to 'yes' to mix the case of all letters. -# $mixedCase is not random as subsequent checks force at -# least one upper and one lower case letter in each password. -# Leave it at 'no' so all letters will be lower case or only -# the first or each letter sequence may be upper case. -# -# symbolOdds -# By changing $symbolOdds from 0 to 10 you change the likelihood -# of having two numbers or a number and a symbol. At 0 you will -# always get 2 digits. At 1 you will usually only get one digit -# but will sometimes get a second digit or a symbol. At 10 you -# will always get two numbers or a number and a symbol with the -# about even chances that one of the two characters will be a -# symbol. The odds are affected by what characters are added to -# or removed from the $sym initialization string. -# The default is 7. -# -# symbols -# Add or remove symbols to make passwords easier or harder -# to type. Delete the second set of digits to increase -# the relative frequency of symbols and punctuation. -# Add some vowels or consonants to really change the patterns -# but these will also get much harder to remember. -# The $ needs to be escaped if it is to be available as a -# password character. -# Default is ',.<>~`!@#$%^&*()-_+=' - - -sub sme_generate_password( $$$ ) - { - my ( $siz, $addConsonants, $mixedCase ) = @_; - my $symbols = ",.!@#\$%&*-+="; - my $configdb = esmith::ConfigDB->open(); - my $rec = $configdb->get('passwordstrength'); - my $check_type = ($rec ? ($rec->prop('Users') || 'none') : 'none'); - $siz = 7 if( $siz < 7 ); - my $valid = ''; - my $fm = new esmith::FormMagick(); - my $pass; - while( $valid ne 'OK' ) { - $pass = generate_password( $siz, $addConsonants, 'yes', $mixedCase, 10, $symbols ); - $valid=validate_password($fm, $check_type,$pass); - #print "$pass (invalid)\n" if( $invalid); - } - - return $pass; - } - -sub generate_password( $$$$$$ ) -{ - my ( $siz, $addConsonants, $firstUpper, $mixedCase, $symbolOdds, $symbols ) = @_; - # USER CHANGEABLE CONSTANTS FOLLOW - - # Increase the default 8 to change the generated password size - # and extra letters will be added to the end. Decrease and - # you'll lose some or all of the second string of letters. - # Depending on the value of $addConsonants the actual - # password length may range from $siz to $siz + 2. - # Size interacts with other choices. If $addConsonants is false - # size will be fixed length and is achieved by truncation after - # checking for upper case and digits so short sizes (3 - 5) may - # not have the variability you desire. - $siz = 8 unless $siz; - # A $siz less than 3 creates an endless loop. - $siz = 3 if ($siz < 3); - - # Change $addConsonats to 0 to prevent some extra consonants - # from being tacked on to letter sequences. Leave $addConsonants - # at 1 to sometimes add an extra consonant to letter sequences. - # If left at 1 the password size will vary from $siz to $siz+2. - $addConsonants = lc($addConsonants) eq "yes" ? 1 : 0; - # Change $firstUpper to 0 to prevent the first character of each - # letter sequence from being upper case. Leave it as 1 if you - # want some of the first characters to be upper case. - $firstUpper = lc($firstUpper) eq "yes" ? 1 : 0; - - # Change $mixedCase to 1 to mix the case of all letters. - # $mixedCase is not random as subsequent checks force at - # least one upper and one lower case letter in each password. - # Leave it at 0 so all letters will be lower case or only - # the first or each letter sequence may be upper case. - $mixedCase = lc($mixedCase) eq "yes" ? 1 : 0; - - # By changing $symbolOdds from 0 to 10 you change the likelihood - # of having two numbers or a number and a symbol. At 0 you will - # always get 2 digits. At 1 you will usually only get one digit - # but will sometimes get a second digit or a symbol. At 10 you - # will always get two numbers or a number and a symbol with the - # about even chances that one of the two characters will be a - # symbol. The odds are affected by what characters are added to - # or removed from the $sym initialization string. - # The default is 7. - $symbolOdds = 7 unless ($symbolOdds >= 0 and $symbolOdds <= 10); - - # Add or remove symbols to make passwords easier or harder - # to type. Delete the second set of digits to increase - # the relative frequency of symbols and punctuation. - # Add some vowels or consonants to really change the patterns - # but these will also get much harder to remember. - # The $ needs to be escaped if it is to be available as a - # password character. - my $sym = $symbols ? $symbols : ",.<>~`!@#\$%^&*()-_+="; - my $numb = "5678123490"; - while( length($numb) < length($sym) ) { - $numb .= int(rand(10)); - } - my $lsym = length($sym); - while( length($numb) > length($sym) ) { - $sym .= substr($sym,int(rand($lsym)),1) - } - $numb .= $sym; - my $lnumb = length($numb); - - # USER CHANGEABLE CONSTANTS END - Changing the constants as - # specified above has been fairly well tested. Any changes - # below here and you are changing the logic of the program. - # You should be familiar with programming if you make changes - # after this point. - - # Unless you plan to change the logic in the loop below, - # leave this next alone and control case with $firstUpper and - # $mixedCase above. $mixedCase supercedes if both are true. - my $upr = "BbCcDdFfGgHhJjKkLlMNPXYZmnpqrstvQRSTVWwxyz"; - my $cons = "bcdrstvwxyzfghjklmnpq"; - my $vowel; - if ($mixedCase) { - $vowel = "aAeEiIoOuU"; - $cons = $upr; - } else { - $vowel = "uoiea"; - } - $upr = $cons unless ($firstUpper); - my $lvowel = length($vowel); - my $lcons = length($cons); - my $lupr = length($upr); - - my $realSize = $siz; - $realSize += 2 if ($addConsonants); - my $linelen = 0; - - my $skipThisOne=1; - while ($skipThisOne) { - # Plan to use this password unless . . . - $skipThisOne = 0; - my $pass = ""; - my $k = 0; - for (my $i=0; $i<$siz; $i++) { - # The basic password structure is cvc99cvc. Depending on - # how $cons and $upr have been initialized above case will - # be all lower, first upper or random. - if ($i==0 or $i==2 or $i==5 or $i==7) { - if ($i==0 or $i==5) { - $pass .= substr($upr,int(rand($lupr)),1); - } else { - $pass .= substr($cons,int(rand($lcons)),1); - } - # The next will conditionally add up to 2 consonants - # pseudo randomly after the four "standard" consonants. - if ($addConsonants and (int(rand(4)) == 3) and $k < 2) { - $pass .= substr($cons,int(rand($lcons)),1); - $k++; - } - } - - # Pad the password with letters if $siz is over 7. - if ($i > 7) { - if (int(rand(26)) <= 5) { - $pass .= substr($vowel,int(rand($lvowel)),1); - } else { - $pass .= substr($cons,int(rand($lcons)),1); - } - } - - # Put the vowels in cvc99cvc. Case depends on how $vowel - # was initialized above. - $pass .= substr($vowel,int(rand($lvowel)),1) - if ($i==1 or $i==6); - - # Change $symbolOdds initialization above to affect the - # number of numbers and symbols and their ratio. - if ($i==3 or $i==4) { - # If $symbolOdds is non zero take any character - # from the $numb string which has digits, symbols - # and punctuation. - if ($symbolOdds) { - $pass .= substr($numb,int(rand($lnumb)),1) - if (int(rand(10)) <= $symbolOdds); - } else { - # If $symbolOdds is zero keep trying until a - # a digit is found. - my $n = ""; - until ($n =~ /[0-9]/) { - $n = substr($numb,int(rand($lnumb)),1); - } - $pass .= $n; - } - } - } - - # Check the password length. - $pass = substr($pass,0,$realSize) if (length($pass) > $realSize); - - # Include at least one digit. - $skipThisOne = 1 unless ($pass =~ /[0-9]/); - # Include at least one lower case letter. - $skipThisOne = 1 unless ($pass =~ /[a-z]/); - # Conditionally insure that first character is upper case. - $skipThisOne = 1 - if (!($pass =~ /[^a-zA-z][A-Z]/) and $firstUpper ); - $skipThisOne = 1 - if (!($pass =~ /^[A-Z]/) and $firstUpper ); - # Conditionally insure at least one upper case character. - $skipThisOne = 1 - if (!($pass =~ /[A-Z]/) and $mixedCase); - # If any test fails get another password. - if ($skipThisOne) { - next; - } - - return $pass; - } -} - -# main for(my $i=0; $i<($opts{'number'}?$opts{'number'}:1); $i++) { my $pw=sme_generate_password( @@ -295,4 +33,3 @@ ); print "$pw\n"; } -