Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

randomly generated passwords must obey some constraints #519

Merged
merged 1 commit into from
Dec 11, 2020
Merged

randomly generated passwords must obey some constraints #519

merged 1 commit into from
Dec 11, 2020

Conversation

singuliere
Copy link
Contributor

@singuliere singuliere commented Dec 11, 2020
edited
Loading

The password constraints of security.py require at least one digit,
one lower case, one upper case and one special character.

https://github.com/wazuh/wazuh/blob/master/framework/wazuh/security.py#L22

Fixes: #518

The generated passwords can be verified with

import random
import re
import string

_user_password = re.compile(r'^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[^A-Za-z0-9]).{8,}$')

def t():
    specials = "@$!%*?&-_"
    random_pass = "".join(
        [
            random.choice(string.ascii_uppercase),
            random.choice(string.ascii_lowercase),        
            random.choice(string.digits),        
            random.choice(specials),
        ] +
        random.choices(
            string.ascii_uppercase
            + string.ascii_lowercase
            + string.digits
            + specials,
            k=16,
        )
    )
    if not _user_password.match(random_pass):
        print(random_pass)

while True:
    t()

@singuliere
randomly generated passwords must obey some constraints
0440e5d 
The password constraints of security.py require at least one digit,
one lower case, one upper case and one special character.

https://github.com/wazuh/wazuh/blob/master/framework/wazuh/security.py#L22

Fixes: wazuh#518
@neonmei neonmei self-requested a review December 11, 2020 13:45
@neonmei
Copy link
Contributor

neonmei commented Dec 11, 2020

Hi @singuliere, changes look good! merging 👍

@neonmei neonmei merged commit a97673c into wazuh:master Dec 11, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@neonmei neonmei neonmei approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

create_user.py generates invalid passwords
2 participants
@singuliere @neonmei