Allow the sysop to configure the minimum user password length

betwen 4 (the default) and 40 (the maximum) characters

Allow the sysop to configure the minimum user password length
065a3653 · Rob Swindell · 8d865dcf · 065a3653 · 065a3653 · 065a3653
Commit 065a3653 authored 4 years ago by Rob Swindell
--- a/src/sbbs3/js_system.c
+++ b/src/sbbs3/js_system.c
@@ -176,7 +176,7 @@ static JSBool js_system_get(JSContext *cx, JSObject *obj, jsid id, jsval *vp)
 			*vp = INT_TO_JSVAL(cfg->sys_pwdays);
 			break;
 		case SYS_PROP_MINPWLEN:
-			*vp = INT_TO_JSVAL(MIN_PASS_LEN);
+			*vp = INT_TO_JSVAL(cfg->min_pwlen);
 			break;
 		case SYS_PROP_MAXPWLEN:
 			*vp = INT_TO_JSVAL(LEN_PASS);

--- a/src/sbbs3/logon.cpp
+++ b/src/sbbs3/logon.cpp
@@ -248,7 +248,7 @@ bool sbbs_t::logon()
 			if(cfg.sys_misc&SM_PWEDIT && yesno(text[NewPasswordQ]))
 				while(online) {
-					bprintf(text[NewPasswordPromptFmt], MIN_PASS_LEN, LEN_PASS);
+					bprintf(text[NewPasswordPromptFmt], cfg->min_pwlen, LEN_PASS);
 					getstr(str,LEN_PASS,K_UPPER|K_LINE|K_TRIM);
 					truncsp(str);
 					if(chkpass(str,&useron,true))

--- a/src/sbbs3/newuser.cpp
+++ b/src/sbbs3/newuser.cpp
@@ -386,7 +386,7 @@ BOOL sbbs_t::newuser()
 		if(cfg.sys_misc&SM_PWEDIT && text[NewPasswordQ][0] && yesno(text[NewPasswordQ]))
 			while(online) {
-				bprintf(text[NewPasswordPromptFmt], MIN_PASS_LEN, LEN_PASS);
+				bprintf(text[NewPasswordPromptFmt], cfg->min_pwlen, LEN_PASS);
 				getstr(str,LEN_PASS,K_UPPER|K_LINE|K_TRIM);
 				truncsp(str);
 				if(chkpass(str,&useron,true)) {

--- a/src/sbbs3/scfg/scfgsys.c
+++ b/src/sbbs3/scfg/scfgsys.c
@@ -99,15 +99,17 @@ void sys_cfg(void)
 		sprintf(opt[i++],"%-33.33s%s","Operator",cfg.sys_op);
 		sprintf(opt[i++],"%-33.33s%s","Password","**********");
-		sprintf(str,"%s Password"
+		SAFEPRINTF(str,"%s Password"
 			,cfg.sys_misc&SM_PWEDIT && cfg.sys_pwdays ? "Users Must Change"
 			: cfg.sys_pwdays ? "Users Get New Random" : "Users Can Change");
 		if(cfg.sys_pwdays)
-			sprintf(tmp,"Every %u Days",cfg.sys_pwdays);
+			SAFEPRINTF(tmp,"Every %u Days",cfg.sys_pwdays);
 		else if(cfg.sys_misc&SM_PWEDIT)
-			strcpy(tmp,"Yes");
+			SAFECOPY(tmp,"Yes");
 		else
-			strcpy(tmp,"No");
+			SAFECOPY(tmp,"No");
+		if(cfg.sys_misc&SM_PWEDIT)
+			sprintf(tmp + strlen(tmp), ", %u chars minimum", cfg.min_pwlen);
 		sprintf(opt[i++],"%-33.33s%s",str,tmp);
 		sprintf(opt[i++],"%-33.33s%u","Days to Preserve Deleted Users"
@@ -427,6 +429,20 @@ void sys_cfg(void)
 				else if(i==1 && cfg.sys_misc&SM_PWEDIT) {
 					cfg.sys_misc&=~SM_PWEDIT;
 					uifc.changes=1; 
+				} else if(i == -1)
+					break;
+				if(cfg.sys_misc&SM_PWEDIT) {
+					SAFEPRINTF(tmp, "%u", cfg.min_pwlen);
+					SAFEPRINTF2(str, "Minimum Password Length (between %u and %u)", MIN_PASS_LEN, LEN_PASS);
+					if(uifc.input(WIN_MID|WIN_SAV,0,0, str
+						,tmp, 2, K_NUMBER|K_EDIT) < 1)
+						break;
+					cfg.min_pwlen=atoi(tmp);
+					if(cfg.min_pwlen < MIN_PASS_LEN)
+						cfg.min_pwlen = MIN_PASS_LEN;
+					if(cfg.min_pwlen > LEN_PASS)
+						cfg.min_pwlen = LEN_PASS;
 				}
 				i = cfg.sys_pwdays ? 0 : 1;
 				uifc.helpbuf=

--- a/src/sbbs3/scfgdefs.h
+++ b/src/sbbs3/scfgdefs.h
@@ -456,6 +456,7 @@ typedef struct
 	char 			sys_daily[LEN_CMD+1];	   /* Daily event */
 	char 			sys_logon[LEN_CMD+1];	   /* Logon event */
 	char 			sys_logout[LEN_CMD+1];	   /* Logoff event */
+	uint8_t			min_pwlen;
 	uint16_t		sys_pwdays; 		/* Max days between password change */
 	uint16_t		sys_deldays;		/* Days to keep deleted users */
 	uint16_t		sys_autodel;		/* Autodeletion after x days inactive */

--- a/src/sbbs3/scfglib1.c
+++ b/src/sbbs3/scfglib1.c
@@ -233,7 +233,13 @@ BOOL read_main_cfg(scfg_t* cfg, char* error)
 	get_int(cfg->new_install,instream);
 	get_int(cfg->new_msgscan_init,instream);
 	get_int(cfg->guest_msgscan_init,instream);
-	for(i=0;i<5;i++)
+	get_int(cfg->min_pwlen, instream);
+	if(cfg->min_pwlen < MIN_PASS_LEN)
+		cfg->min_pwlen = MIN_PASS_LEN;
+	if(cfg->min_pwlen > LEN_PASS)
+		cfg->min_pwlen = LEN_PASS;
+	get_int(c, instream);
+	for(i=0;i<4;i++)
 		get_int(n,instream);
 	/*************************/

--- a/src/sbbs3/scfgsave.c
+++ b/src/sbbs3/scfgsave.c
@@ -220,8 +220,10 @@ BOOL DLLCALL write_main_cfg(scfg_t* cfg, int backup_level)
 	put_int(cfg->new_install,stream);
 	put_int(cfg->new_msgscan_init, stream);
 	put_int(cfg->guest_msgscan_init, stream);
+	put_int(cfg->min_pwlen, stream);
+	put_int(c, stream);
 	n=0;
-	for(i=0;i<5;i++)
+	for(i=0;i<4;i++)
 		put_int(n,stream);
 	put_int(cfg->expired_level,stream);

--- a/src/sbbs3/str.cpp
+++ b/src/sbbs3/str.cpp
@@ -702,7 +702,7 @@ bool sbbs_t::chkpass(char *passwd, user_t* user, bool unique)
 	SAFECOPY(pass,passwd);
 	strupr(pass);
-	if(strlen(pass) < MIN_PASS_LEN) {
+	if(strlen(pass) < cfg->min_pwlen) {
 		bputs(text[PasswordTooShort]);
 		return(false); 
 	}

--- a/src/sbbs3/useredit.cpp
+++ b/src/sbbs3/useredit.cpp
@@ -1112,7 +1112,7 @@ void sbbs_t::maindflts(user_t* user)
 						pause();
 						break; 
 					}
-					bprintf(text[NewPasswordPromptFmt], MIN_PASS_LEN, LEN_PASS);
+					bprintf(text[NewPasswordPromptFmt], cfg->min_pwlen, LEN_PASS);
 					if(!getstr(str,LEN_PASS,K_UPPER|K_LINE|K_TRIM))
 						break;
 					truncsp(str);