[#206] Remove is_valid_password function and provide better messages.

Close #206. See <#200 (comment)>. The is_valid_password() was checking only the password length and the fact that was made by ASCII chars. The check for the length can be done "inline" directly within a loop. Added a constant with the minimal length of the password, so that it is possible to insert a warning message for the user in the case she inputs a too short password. The system also prompts the user for a password with a message that explicitly tells her the password will not appear on the terminal. See also the initial work on #200.
agroal · Feb 21, 2022 · 279268f · 279268f
1 parent 1d58c34
commit 279268f
Showing 1 changed file with 8 additions and 41 deletions.
diff --git a/src/admin.c b/src/admin.c
@@ -45,6 +45,7 @@
 #include <sys/stat.h>
 
 #define DEFAULT_PASSWORD_LENGTH 64
+#define MIN_PASSWORD_LENGTH 8
 
 #define ACTION_UNKNOWN     0
 #define ACTION_MASTER_KEY  1
@@ -60,7 +61,6 @@ static char CHARS[] = {'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L
                        '\'', '\"', ',', '<', '.',  '>', '/', '?'};
 
 static int master_key(char* password, bool generate_pwd, int pwd_length);
-static bool is_valid_key(char* key);
 static int add_user(char* users_path, char* username, char* password, bool generate_pwd, int pwd_length);
 static int update_user(char* users_path, char* username, char* password, bool generate_pwd, int pwd_length);
 static int remove_user(char* users_path, char* username);
@@ -354,17 +354,18 @@ master_key(char* password, bool generate_pwd, int pwd_length)
    {
       if (!generate_pwd)
       {
-         while (!is_valid_key(password))
+         while( password == NULL )
          {
-            if (password != NULL)
+            printf("Master key (will not echo): ");
+            password = pgagroal_get_password();
+            printf("\n");
+
+            if (password != NULL && strlen(password) < MIN_PASSWORD_LENGTH )
             {
+               printf("Invalid key length, must be at least %d chars.\n", MIN_PASSWORD_LENGTH );
                free(password);
                password = NULL;
             }
-
-            printf("Master key: ");
-            password = pgagroal_get_password();
-            printf("\n");
          }
       }
       else
@@ -376,11 +377,6 @@ master_key(char* password, bool generate_pwd, int pwd_length)
    else
    {
       do_free = false;
-
-      if (!is_valid_key(password))
-      {
-         goto error;
-      }
    }
 
    pgagroal_base64_encode(password, strlen(password), &encoded);
@@ -415,35 +411,6 @@ master_key(char* password, bool generate_pwd, int pwd_length)
    return 1;
 }
 
-static bool
-is_valid_key(char* key)
-{
-   char c;
-
-   if (!key)
-   {
-      return false;
-   }
-
-   if (strlen(key) < 8)
-   {
-      return false;
-   }
-
-   for (int i = 0; i < strlen(key); i++)
-   {
-      c = *(key + i);
-
-      /* Only support ASCII for now */
-      if ((unsigned char)c & 0x80)
-      {
-         return false;
-      }
-   }
-
-   return true;
-}
-
 static int
 add_user(char* users_path, char* username, char* password, bool generate_pwd, int pwd_length)
 {