* Fri Feb 21 2025 Jean-Philippe Pialasse <jpp@koozali.org> 11.0.0-57.sme

- upgrade validate_password sub to use esmith::util [SME: 12937]
  and deduplicate code

root/usr/share/smanager/lib/SrvMngr.pm

@@ -43,7 +43,7 @@ $VERSION = eval $VERSION;
 use Exporter 'import';
 our @EXPORT_OK = qw( 
 	init_session get_mod_url theme_list
-	getNavigation ip_number is_normal_password email_simple
+	getNavigation ip_number validate_password is_normal_password email_simple
 	mac_address_or_blank mac_address ip_number_or_blank
 	lang_space get_routes_list subnet_mask get_reg_mask
 	gen_locale_date_string get_public_ip_address
@@ -788,7 +788,23 @@ sub ip_number {
     return 'OK';
 }
 
+sub validate_password {
+    my ($c, $strength, $pass) = @_;
+    use esmith::util;
+    use POSIX qw(locale_h);
+    use locale;
+    my $old_locale = setlocale(LC_ALL);
+    setlocale(LC_ALL, "en_US");
+    my $reason = esmith::util::validatePassword($pass,$strength);
+    return "OK" if ($reason eq "ok");
+    setlocale(LC_ALL, $old_locale);
+    return
+          $c->l("Bad Password Choice") . ": "
+        . $c->l("The password you have chosen is not a good choice, because") . " "
+        . $c->l($reason). ".";
+} ## end sub validate_password
 
+# to deprecate : this is not anymore a way to validate our passwords
 sub is_normal_password {
 
 #  from CGI::FormMagick::Validator qw( password );

root/usr/share/smanager/lib/SrvMngr/Controller/Ibays.pm

@@ -13,7 +13,7 @@ use warnings;
 use Mojo::Base 'Mojolicious::Controller';
 use Locale::gettext;
 use SrvMngr::I18N;
-use SrvMngr qw( theme_list init_session is_normal_password );
+use SrvMngr qw( theme_list init_session validate_password );
 use esmith::AccountsDB;
 use esmith::ConfigDB;
 use esmith::DomainsDB;
@@ -385,31 +385,6 @@ sub check_password {
     return validate_password($c, $strength, $password);
 } ## end sub check_password
 
-sub validate_password {
-    my ($c, $strength, $pass) = @_;
-    use Crypt::Cracklib;
-    my $reason;
-
-    if ($strength eq "none") {
-        return $c->l("Passwords must be at least 7 characters long") unless (length($pass) > 6);
-        return "OK";
-    }
-    $reason = is_normal_password($c, $pass, undef);
-    return $reason unless ($reason eq "OK");
-    return "OK" unless ($strength eq "strong");
-
-    if (-f '/usr/lib64/cracklib_dict.pwd') {
-        $reason = fascist_check($pass, '/usr/lib64/cracklib_dict');
-    } else {
-        $reason = fascist_check($pass, '/usr/lib/cracklib_dict');
-    }
-    $reason ||= "Software error: password check failed";
-    return "OK" if ($reason eq "ok");
-    return
-          $c->l("Bad Password Choice") . ": "
-        . $c->l("The password you have chosen is not a good choice, because") . " "
-        . $c->($reason) . ".";
-} ## end sub validate_password
 
 =head2 group_list()
 

root/usr/share/smanager/lib/SrvMngr/Controller/Useraccounts.pm

@@ -14,7 +14,7 @@ use Mojo::Base 'Mojolicious::Controller';
 use Locale::gettext;
 use SrvMngr::I18N;
 use SrvMngr qw(theme_list init_session
-    is_normal_password email_simple);
+    validate_password email_simple);
 
 #use esmith::FormMagick qw( validate_password );
 #use CGI::FormMagick::Validator qw( call_fm_validation );
@@ -434,31 +434,6 @@ sub check_password {
     return validate_password($c, $check_type, $pass1);
 } ## end sub check_password
 
-sub validate_password {
-    my ($c, $strength, $pass) = @_;
-    use Crypt::Cracklib;
-    my $reason;
-
-    if ($strength eq "none") {
-        return $c->l("Passwords must be at least 7 characters long") unless (length($pass) > 6);
-        return "OK";
-    }
-    $reason = is_normal_password($c, $pass, undef);
-    return $reason unless ($reason eq "OK");
-    return "OK" unless ($strength eq "strong");
-
-    if (-f '/usr/lib64/cracklib_dict.pwd') {
-        $reason = fascist_check($pass, '/usr/lib64/cracklib_dict');
-    } else {
-        $reason = fascist_check($pass, '/usr/lib/cracklib_dict');
-    }
-    $reason ||= "Software error: password check failed";
-    return "OK" if ($reason eq "ok");
-    return $c->l("Bad Password Choice") . ": "
-        . $c->l("The password you have chosen is not a good choice, because") . " "
-        . $c->l($reason) . ".";
-} ## end sub validate_password
-
 sub emailForward_list {
     my $c = shift;
     return [

root/usr/share/smanager/lib/SrvMngr/Controller/Userpassword.pm

@@ -16,7 +16,7 @@ use esmith::ConfigDB;
 use esmith::AccountsDB;
 use Locale::gettext;
 use SrvMngr::I18N;
-use SrvMngr qw( theme_list init_session is_normal_password );
+use SrvMngr qw( theme_list init_session validate_password );
 #our $cdb = esmith::ConfigDB->open_ro || die "Couldn't open configuration db";
 
 sub main {
@@ -200,28 +200,4 @@ sub check_password {
     return validate_password($c, $strength, $password);
 } ## end sub check_password
 
-sub validate_password {
-    my ($c, $strength, $pass) = @_;
-    use Crypt::Cracklib;
-
-    if ($strength eq "none") {
-        return $c->l("Passwords must be at least 7 characters long") unless (length($pass) > 6);
-        return "OK";
-    }
-    my $reason = is_normal_password($c, $pass, undef);
-    return $reason unless ($reason eq "OK");
-    return "OK" unless ($strength eq "strong");
-
-    if (-f '/usr/lib64/cracklib_dict.pwd') {
-        $reason = fascist_check($pass, '/usr/lib64/cracklib_dict');
-    } else {
-        $reason = fascist_check($pass, '/usr/lib/cracklib_dict');
-    }
-    $reason ||= "Software error: password check failed";
-    return "OK" if ($reason eq "ok");
-    return
-          $c->l("Bad Password Choice") . ": "
-        . $c->l("The password you have chosen is not a good choice, because") . " "
-        . $c->($reason) . ".";
-} ## end sub validate_password
 1;

smeserver-manager.spec

@@ -2,7 +2,7 @@ Summary: Sme server  navigation module : manager 2
 %define name smeserver-manager
 Name: %{name}
 %define version 11.0.0
-%define release 56
+%define release 57
 Version: %{version}
 Release: %{release}%{?dist}
 License: GPL
@@ -143,9 +143,13 @@ true
 %defattr(-,root,root)
 
 %changelog
+* Fri Feb 21 2025 Jean-Philippe Pialasse <jpp@koozali.org> 11.0.0-57.sme
+- upgrade validate_password sub to use esmith::util [SME: 12937]
+  and deduplicate code
+
 * Thu Feb 20 2025 Brian Read <brianr@koozali.org> 11.0.0-56.sme
 - open db in routes for backup controller file  [SME: 12933]
-- Fix error handling for pre-backup fail [SME: 
+- Fix error handling for pre-backup fail [SME: 12934]
 
 * Tue Feb 18 2025 Brian Read <brianr@koozali.org> 11.0.0-55.sme
 - fix public ftp access not showing on panel [SME: 12927]