Clean-up for case for short/empty passwords.

Check for overly-long passwords too.

Clean-up for case for short/empty passwords.
91b98519 · rswindell · 960ac1c3 · 91b98519
Commit 91b98519 authored 5 years ago by rswindell
--- a/exec/chksetup.js
+++ b/exec/chksetup.js
@@ -98,19 +98,25 @@ var tests = {
 				continue;
 			if(usr.settings & (USER_DELETED|USER_INACTIVE))
 				continue;
-			if(!(usr.security.restrictions & UFLAG_G) && usr.security.password == '') {
-				output.push(format("User #%-4u has no password", usr.number));
+			if(usr.security.password == '') {
+				if(!(usr.security.restrictions & UFLAG_G))
+					output.push(format("User #%-4u has no password", usr.number));
 				continue;
 			}
 			if(!password_list[usr.security.password])
 				password_list[usr.security.password] = [];
 			password_list[usr.security.password].push(u);
-			if(system.min_password_length 
-				&& usr.security.password.length < system.min_password_length)
-				output.push(format("User #-4u has a password length (%u) < the minimum: %u"
+			if(usr.security.password.length < system.min_password_length)
+				output.push(format("User #%-4u has a password length (%u) < the minimum: %u"
 					, usr.number
 					, usr.security.password.length
 					, system.min_password_length));
+			else if(system.max_password_length 
+				&& usr.security.password.length > system.max_password_length)
+				output.push(format("User #%-4u has a password length (%u) > the maximum: %u"
+					, usr.number
+					, usr.security.password.length
+					, system.max_password_length));
 			if(!system.trashcan("password", usr.security.password))
 				continue;
 			output.push(format("User #%-4u has a disallowed password%s"