packages/ssoinabox-webui/root/usr/local/share/ssoinabox/htdocs/includes/functions.php
changeset 3 a044870a9d3d
parent 0 3906ca745819
child 4 2212b2ded8bf
equal deleted inserted replaced
2:700d61d93b1b 3:a044870a9d3d
    27 }
    27 }
    28 
    28 
    29 function load_credentials()
    29 function load_credentials()
    30 {
    30 {
    31 	$config = yaml_parse_file("/usr/local/etc/ssoinabox/webcreds.yml");
    31 	$config = yaml_parse_file("/usr/local/etc/ssoinabox/webcreds.yml");
    32 	$keys = array('LDAP_BASEDN', 'UID_MIN', 'GID_MIN', 'ldap_server', 'ldap_manager', 'ldap_user_basedn', 'ldap_group_basedn', 'kerberos_admin', 'PHONE_EXT_MIN');
    32 	$keys = array('LDAP_BASEDN', 'UID_MIN', 'GID_MIN', 'ldap_server', 'ldap_manager', 'ldap_user_basedn', 'ldap_group_basedn', 'kerberos_admin', 'PHONE_EXT_MIN', 'hmac_secret');
    33 	
    33 	
    34 	foreach ( $keys as $key )
    34 	foreach ( $keys as $key )
    35 	{
    35 	{
    36 		if ( !isset($config[$key]) )
    36 		if ( !isset($config[$key]) )
    37 			die("Config key $key is not set");
    37 			die("Config key $key is not set");
    40 			define($key, $config[$key]);
    40 			define($key, $config[$key]);
    41 		else
    41 		else
    42 			$GLOBALS[$key] = $config[$key];
    42 			$GLOBALS[$key] = $config[$key];
    43 	}
    43 	}
    44 }
    44 }
       
    45 
       
    46 /**
       
    47  * Test a password's policy compliance
       
    48  * @param string password
       
    49  * @return mixed true if compliant, otherwise a string describing why it isn't
       
    50  */
       
    51 
       
    52 function test_password($str)
       
    53 {
       
    54 	if ( strlen($str) < 8 )
       
    55 		return 'must be at least 8 characters in length';
       
    56 	
       
    57 	if ( countUniqueChars($str) < 6 )
       
    58 		return 'must have at least 6 unique characters';
       
    59 	
       
    60 	if ( strlen($str) <= 16 )
       
    61 	{
       
    62 		if ( !preg_match('/[a-z]/', $str) )
       
    63 			return 'must contain at least one lowercase letter';
       
    64 		
       
    65 		if ( !preg_match('/[A-Z]/', $str) )
       
    66 			return 'must contain at least one lowercase letter';
       
    67 		
       
    68 		if ( !preg_match('/[0-9]/', $str) )
       
    69 			return 'must contain at least one lowercase letter';
       
    70 		
       
    71 		if ( !preg_match('/[^A-Za-z0-9]/', $str) )
       
    72 			return 'must contain at least one lowercase letter';
       
    73 	}
       
    74 	
       
    75 	return true;
       
    76 }
       
    77 
       
    78 function countUniqueChars($str)
       
    79 {
       
    80 	$count = 0;
       
    81 	$uniq = '';
       
    82 	for ( $i = 0; $i < strlen($str); $i++ )
       
    83 	{
       
    84 		if ( strpos($uniq, $str{$i}) === false )
       
    85 			$uniq .= $str{$i};
       
    86 	}
       
    87 	
       
    88 	return strlen($uniq);
       
    89 }