From 493977906be13b9d114a4d5ff429041d5a306a19 Mon Sep 17 00:00:00 2001
From: Jean-Philippe Pialasse <jpp@koozali.org>
Date: Fri, 21 Feb 2025 00:04:00 -0500
Subject: [PATCH] * Thu Feb 20 2025 Jean-Philippe Pialasse <jpp@koozali.org>
 11.0.0-10.sme - remove pptpd reference [SME: 11417] - move template-begin-ini
 [SME: 12211] - passwordstrength{length} default to 12 [SME: 12383] - more
 password granularity (none,normal,intermediate,strong) [SME: 12384]

---
 contriborbase                                 |  1 -
 .../templates-default/template-begin-ini      | 11 ++++++++++
 .../tests/10e-smith-lib/configuration.conf    |  2 +-
 .../share/perl5/vendor_perl/esmith/util.pm    | 22 ++++++++++++++++---
 smeserver-lib.spec                            |  8 ++++++-
 5 files changed, 38 insertions(+), 6 deletions(-)
 delete mode 100644 contriborbase
 create mode 100644 root/etc/e-smith/templates-default/template-begin-ini

diff --git a/contriborbase b/contriborbase
deleted file mode 100644
index ef36a67..0000000
--- a/contriborbase
+++ /dev/null
@@ -1 +0,0 @@
-sme10
diff --git a/root/etc/e-smith/templates-default/template-begin-ini b/root/etc/e-smith/templates-default/template-begin-ini
new file mode 100644
index 0000000..b36bcab
--- /dev/null
+++ b/root/etc/e-smith/templates-default/template-begin-ini
@@ -0,0 +1,11 @@
+;------------------------------------------------------------
+;              !!DO NOT MODIFY THIS FILE!!
+; 
+; Manual changes will be lost when this file is regenerated.
+;
+; Please read the developer's guide, which is available
+; at http://www.contribs.org/development/
+;
+; Copyright (C) 1999-2006 Mitel Networks Corporation
+;------------------------------------------------------------
+
diff --git a/root/etc/e-smith/tests/10e-smith-lib/configuration.conf b/root/etc/e-smith/tests/10e-smith-lib/configuration.conf
index f19f7cb..276dae3 100644
--- a/root/etc/e-smith/tests/10e-smith-lib/configuration.conf
+++ b/root/etc/e-smith/tests/10e-smith-lib/configuration.conf
@@ -87,7 +87,6 @@ ntpd=service|InitscriptOrder|55|status|disabled
 php=service|status|enabled
 popd=service|access|private|status|enabled
 pppoe=service|DemandIdleTime|no|InitscriptOrder|57|SynchronousPPP|no|status|disabled
-pptpd=service|sessions|10|status|disabled
 qmail=service|InitscriptOrder|80|status|enabled
 random=service|InitscriptOrder|20|status|enabled
 rsyslog=service|InitscriptOrder|05|status|enabled
@@ -99,5 +98,6 @@ squid=service|InitscriptOrder|90|status|enabled
 sshd=service|InitscriptOrder|85|PasswordAuthentication|yes|PermitRootLogin|yes|access|private|status|enabled
 sync=service|Host|service.e-smith.com|LastId|0|SuccessId|0|SyncFrequency|1|SyncMinute|57|status|disabled
 telnet=service|access|private|status|disabled
+vpn=configuration|sessions|10|status|disabled
 wibble=42
 xinetd=service|InitscriptOrder|50|status|enabled
diff --git a/root/usr/share/perl5/vendor_perl/esmith/util.pm b/root/usr/share/perl5/vendor_perl/esmith/util.pm
index 4032906..9d05524 100644
--- a/root/usr/share/perl5/vendor_perl/esmith/util.pm
+++ b/root/usr/share/perl5/vendor_perl/esmith/util.pm
@@ -556,6 +556,12 @@ for example /etc/passwd, /etc/samba/smbpasswd, etc.
 =head2 validatePassword($password, $strength)
 
 Validate Unix password.
+length is the minimal password length, default is 12.
+strength could be none,normal,intermediate or strong.
+- none: only check for length
+- normal: upper and lower case letters
+- intermediate: upper and lower case letters not positive to cracklib
+- strong : numbers, letter and special characters not positive to cracklib
 
 =cut
 
@@ -566,14 +572,24 @@ sub validatePassword($$)
 
     $strength ||= 'normal';
 
+    my $length = 12;
+    my $db = esmith::ConfigDB->open("/tmp/toto") || undef;
+    my $sysconfig = $db->get("passwordstrength")||  undef  if $db ;
+    $length = $sysconfig->prop("length") || "12" if $sysconfig;
+
     my $reason = 'ok';
-    $reason = 'it is too short' unless (length($password) > 6);
+    $reason = 'it is too short' unless (length($password) >= $length);
     return $reason if ($reason ne 'ok' || $strength eq 'none');
 
-    $reason = 'it does not contain numbers' if (not $password =~ /\d/);
     $reason = 'it does not contain uppercase characters' if (not $password =~ /[A-Z]/);
     $reason = 'it does not contain lowercase characters' if (not $password =~ /[a-z]/);
-    $reason = 'it does not contain special characters' if (not $password =~ /\W|_/);
+    return $reason if ($reason ne 'ok' || $strength eq 'normal');
+
+    # we are left here with intermediate and strong
+    if ($strength eq 'strong') {
+        $reason = 'it does not contain numbers' if (not $password =~ /\d/);
+        $reason = 'it does not contain special characters' if (not $password =~ /\W|_/);
+    }
     return $reason if ($reason ne 'ok' && $strength eq 'strong');
 
     if ( -f '/usr/lib64/cracklib_dict.pwd' ) {
diff --git a/smeserver-lib.spec b/smeserver-lib.spec
index 76856f2..c654519 100644
--- a/smeserver-lib.spec
+++ b/smeserver-lib.spec
@@ -6,7 +6,7 @@ Summary: smeserver server and gateway - library module
 %define name smeserver-lib
 Name: %{name}
 %define version 11.0.0
-%define release 9
+%define release 10
 Version: %{version}
 Release: %{release}%{?dist}
 License: Artistic
@@ -33,6 +33,12 @@ Provides: e-smith-lib
 smeserver server and gateway software - library module.
 
 %changelog
+* Thu Feb 20 2025 Jean-Philippe Pialasse <jpp@koozali.org> 11.0.0-10.sme
+- remove pptpd reference [SME: 11417]
+- move template-begin-ini [SME: 12211]
+- passwordstrength{length} default to 12 [SME: 12383]
+- more password granularity (none,normal,intermediate,strong) [SME: 12384]
+
 * Thu Dec 12 2024 Brian Read <brianr@koozali.org> 11.0.0-9.sme
 - add in getmyip [SME: 12810 ]