From b4965b4cdf0500d112d0068209e73e826a38fe74 Mon Sep 17 00:00:00 2001
From: Rui Matos <tiagomatos@gmail.com>
Date: Fri, 12 May 2017 17:06:03 +0200
Subject: [PATCH] password: Make our password validation similar to anaconda's
Anaconda uses the following parameters:
* password is set but libpwquality returned an error: "password is
weak" & 1/4 of the strength meter filled in
* no error error and pwquality score <30: "password is fair" & 2/4 of
the strength meter filled in
* no error error and pwquality score <70: "password is good" & 3/4 of
the strength meter filled in
* no error error and pwquality score >70: "password is strong" & 4/4
of the strength meter filled in
* user can use a "weak password" or a too short password by overriding
the warning
* an empty user password can be used (but user has to tick in a
checkbox to enable that)
We don't have a checkbox to allow empty passwords but otherwise should
behave the same with this patch.
---
.../pages/password/gis-password-page.c | 24 ++++++++--------------
gnome-initial-setup/pages/password/pw-utils.c | 9 +++-----
2 files changed, 11 insertions(+), 22 deletions(-)
diff --git a/gnome-initial-setup/pages/password/gis-password-page.c b/gnome-initial-setup/pages/password/gis-password-page.c
index 5acd5c8..7189034 100644
--- a/gnome-initial-setup/pages/password/gis-password-page.c
+++ b/gnome-initial-setup/pages/password/gis-password-page.c
@@ -46,7 +46,6 @@ struct _GisPasswordPagePrivate
GtkWidget *password_explanation;
GtkWidget *confirm_explanation;
gboolean valid_confirm;
- gboolean valid_password;
guint timeout_id;
const gchar *username;
};
@@ -59,7 +58,7 @@ page_validate (GisPasswordPage *page)
{
GisPasswordPagePrivate *priv = gis_password_page_get_instance_private (page);
- return priv->valid_confirm && priv->valid_password;
+ return priv->valid_confirm;
}
static void
@@ -130,7 +129,7 @@ validate (GisPasswordPage *page)
gtk_level_bar_set_value (GTK_LEVEL_BAR (priv->password_strength), strength_level);
gtk_label_set_label (GTK_LABEL (priv->password_explanation), long_hint);
- if (strlen (password) > 0 && strength_level <= 0)
+ if (strength_level <= 1)
set_entry_validation_error (GTK_ENTRY (priv->password_entry), _("This is a weak password."));
else
clear_entry_validation_error (GTK_ENTRY (priv->password_entry));
@@ -138,18 +137,12 @@ validate (GisPasswordPage *page)
gtk_label_set_label (GTK_LABEL (priv->confirm_explanation), "");
priv->valid_confirm = FALSE;
- priv->valid_password = (strength_level > 0);
- if (priv->valid_password)
- set_entry_validation_checkmark (GTK_ENTRY (priv->password_entry));
-
- if (strlen (password) > 0 && strlen (verify) > 0) {
- priv->valid_confirm = (strcmp (password, verify) == 0);
- if (!priv->valid_confirm) {
- gtk_label_set_label (GTK_LABEL (priv->confirm_explanation), _("The passwords do not match."));
- }
- else {
- set_entry_validation_checkmark (GTK_ENTRY (priv->confirm_entry));
- }
+ priv->valid_confirm = (strcmp (password, verify) == 0);
+ if (!priv->valid_confirm) {
+ gtk_label_set_label (GTK_LABEL (priv->confirm_explanation), _("The passwords do not match."));
+ }
+ else {
+ set_entry_validation_checkmark (GTK_ENTRY (priv->confirm_entry));
}
update_page_validation (page);
@@ -175,7 +168,6 @@ password_changed (GtkWidget *w,
clear_entry_validation_error (GTK_ENTRY (w));
clear_entry_validation_error (GTK_ENTRY (priv->confirm_entry));
- priv->valid_password = FALSE;
update_page_validation (page);
if (priv->timeout_id != 0)
diff --git a/gnome-initial-setup/pages/password/pw-utils.c b/gnome-initial-setup/pages/password/pw-utils.c
index 6025277..f41fa8b 100644
--- a/gnome-initial-setup/pages/password/pw-utils.c
+++ b/gnome-initial-setup/pages/password/pw-utils.c
@@ -138,15 +138,12 @@ pw_strength (const gchar *password,
strength = CLAMP (0.01 * rv, 0.0, 1.0);
if (rv < 0) {
- *hint = C_("Password strength", "Strength: Weak");
- }
- else if (strength < 0.50) {
level = 1;
- *hint = C_("Password strength", "Strength: Low");
- } else if (strength < 0.75) {
+ *hint = C_("Password strength", "Strength: Weak");
+ } else if (strength < 0.30) {
level = 2;
*hint = C_("Password strength", "Strength: Medium");
- } else if (strength < 0.90) {
+ } else if (strength < 0.70) {
level = 3;
*hint = C_("Password strength", "Strength: Good");
} else {
--
2.9.3