[users] Use libpwquality for additional password checks

- add cmake module to find libpwquality
 - move checking functions to their own file
 - some Transifex hackery
 - stub out the libpwquality check

CMakeModules/FindLibPWQuality.cmake

@@ -0,0 +1,37 @@
+# Locate libpwquality
+#   https://github.com/libpwquality/libpwquality
+#
+# This module defines
+#  LibPWQuality_FOUND
+#  LibPWQuality_LIBRARIES, where to find the library
+#  LibPWQuality_INCLUDE_DIRS, where to find pwquality.h
+#
+include(FindPkgConfig)
+include(FindPackageHandleStandardArgs)
+
+pkg_search_module(pc_pwquality QUIET pwquality)
+
+find_path(LibPWQuality_INCLUDE_DIR
+    NAMES pwquality.h
+    PATHS ${pc_pwquality_INCLUDE_DIRS}
+)
+find_library(LibPWQuality_LIBRARY
+    NAMES pwquality
+    PATHS ${pc_pwquality_LIBRARY_DIRS}
+)
+if(pc_pwquality_FOUND)
+    set(LibPWQuality_LIBRARIES ${LibPWQuality_LIBRARY})
+    set(LibPWQuality_INCLUDE_DIRS ${LibPWQuality_INCLUDE_DIR} ${pc_pwquality_INCLUDE_DIRS})
+endif()
+
+find_package_handle_standard_args(LibPWQuality DEFAULT_MSG
+    LibPWQuality_INCLUDE_DIRS
+    LibPWQuality_LIBRARIES
+)
+mark_as_advanced(LibPWQuality_INCLUDE_DIRS LibPWQuality_LIBRARIES)
+
+set_package_properties(
+    LibPWQuality PROPERTIES
+    DESCRIPTION "Password quality checking library"
+    URL "https://github.com/libpwquality/libpwquality"
+)

src/modules/users/CMakeLists.txt

@@ -6,6 +6,21 @@ endif()
 find_package( Qt5 COMPONENTS Core Test REQUIRED )
 find_package( Crypt REQUIRED )
 
+# Add optional libraries here
+set( USER_EXTRA_LIB )
+
+find_package( LibPWQuality )
+set_package_properties(
+    LibPWQuality PROPERTIES
+    PURPOSE "Extra checks of password quality"
+)
+
+if( LibPWQuality_FOUND )
+    list( APPEND USER_EXTRA_LIB ${LibPWQuality_LIBRARIES} )
+    include_directories( ${LibPWQuality_INCLUDE_DIRS} )
+    add_definitions( -DCHECK_PWQUALITY -DHAVE_LIBPWQUALITY )
+endif()
+
 include_directories( ${PROJECT_BINARY_DIR}/src/libcalamaresui )
 
 calamares_add_plugin( users
@@ -17,6 +32,7 @@ calamares_add_plugin( users
         UsersViewStep.cpp
         UsersPage.cpp
         SetHostNameJob.cpp
+        CheckPWQuality.cpp
     UI
         page_usersetup.ui
     RESOURCES
@@ -24,6 +40,7 @@ calamares_add_plugin( users
     LINK_PRIVATE_LIBRARIES
         calamaresui
         ${CRYPT_LIBRARIES}
+        ${USER_EXTRA_LIB}
     SHARED_LIB
 )
 

src/modules/users/CheckPWQuality.cpp

@@ -0,0 +1,94 @@
+/* === This file is part of Calamares - <https://github.com/calamares> ===
+ *
+ *   Copyright 2018, Adriaan de Groot <groot@kde.org>
+ *
+ *   Calamares is free software: you can redistribute it and/or modify
+ *   it under the terms of the GNU General Public License as published by
+ *   the Free Software Foundation, either version 3 of the License, or
+ *   (at your option) any later version.
+ *
+ *   Calamares is distributed in the hope that it will be useful,
+ *   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ *   GNU General Public License for more details.
+ *
+ *   You should have received a copy of the GNU General Public License
+ *   along with Calamares. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "CheckPWQuality.h"
+
+#include "utils/Logger.h"
+
+#include <QWidget>
+
+PasswordCheck::PasswordCheck()
+    : m_message()
+    , m_accept( []( const QString& s ){ return true; } )
+{
+}
+
+PasswordCheck::PasswordCheck( const QString& m, AcceptFunc a )
+    : m_message( [m](){ return m; } )
+    , m_accept( a )
+{
+}
+
+PasswordCheck::PasswordCheck( MessageFunc m, AcceptFunc a )
+    : m_message( m )
+    , m_accept( a )
+{
+}
+
+// Try to trick Transifex into accepting these strings
+#define tr parent->tr
+
+DEFINE_CHECK_FUNC(minLength)
+{
+    int minLength = -1;
+    if ( value.canConvert( QVariant::Int ) )
+        minLength = value.toInt();
+    if ( minLength > 0 )
+    {
+        cDebug() << " .. minLength set to" << minLength;
+        checks.push_back(
+            PasswordCheck(
+                [parent]()
+                {
+                    return tr( "Password is too short" );
+                },
+                [minLength]( const QString& s )
+                {
+                    return s.length() >= minLength;
+                }
+            ) );
+    }
+}
+
+DEFINE_CHECK_FUNC(maxLength)
+{
+    int maxLength = -1;
+    if ( value.canConvert( QVariant::Int ) )
+        maxLength = value.toInt();
+    if ( maxLength > 0 )
+    {
+        cDebug() << " .. maxLength set to" << maxLength;
+        checks.push_back(
+            PasswordCheck(
+                [parent]()
+                {
+                    return tr( "Password is too long" );
+                }, [maxLength]( const QString& s )
+                {
+                    return s.length() <= maxLength;
+                }
+            ) );
+    }
+}
+
+#ifdef HAVE_LIBPWQUALITY
+DEFINE_CHECK_FUNC(libpwquality)
+{
+
+}
+#endif

src/modules/users/CheckPWQuality.h

@@ -0,0 +1,83 @@
+/* === This file is part of Calamares - <https://github.com/calamares> ===
+ *
+ *   Copyright 2018, Adriaan de Groot <groot@kde.org>
+ *
+ *   Calamares is free software: you can redistribute it and/or modify
+ *   it under the terms of the GNU General Public License as published by
+ *   the Free Software Foundation, either version 3 of the License, or
+ *   (at your option) any later version.
+ *
+ *   Calamares is distributed in the hope that it will be useful,
+ *   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ *   GNU General Public License for more details.
+ *
+ *   You should have received a copy of the GNU General Public License
+ *   along with Calamares. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifndef CHECKPWQUALITY_H
+#define CHECKPWQUALITY_H
+
+#include <QString>
+#include <QVariant>
+#include <QVector>
+
+#include <functional>
+
+/**
+ * Support for (dynamic) checks on the password's validity.
+ * This can be used to implement password requirements like
+ * "at least 6 characters". Function addPasswordCheck()
+ * instantiates these and adds them to the list of checks.
+ */
+class PasswordCheck
+{
+public:
+    /** Return true if the string is acceptable. */
+    using AcceptFunc = std::function<bool( const QString& )>;
+    using MessageFunc = std::function<QString()>;
+
+    /** Generate a @p message if @p filter returns true */
+    PasswordCheck( MessageFunc message, AcceptFunc filter );
+    /** Yields @p message if @p filter returns true */
+    PasswordCheck( const QString& message, AcceptFunc filter );
+    /** Null check, always returns empty */
+    PasswordCheck();
+
+    /** Applies this check to the given password string @p s
+        *  and returns an empty string if the password is ok
+        *  according to this filter. Returns a message describing
+        *  what is wrong if not.
+        */
+    QString filter( const QString& s ) const
+    {
+        return m_accept( s ) ? QString() : m_message();
+    }
+
+private:
+    MessageFunc m_message;
+    AcceptFunc m_accept;
+} ;
+
+using PasswordCheckList = QVector<PasswordCheck>;
+
+/* Each of these functions adds a check (if possible) to the list
+ * of checks; they use the configuration value(s) from the
+ * variant. If the value doesn't make sense, each function
+ * may skip adding a check, and do nothing (it should log
+ * an error, though).
+ */
+#define _xDEFINE_CHECK_FUNC(x) \
+    add_check_##x( QWidget* parent, PasswordCheckList& checks, const QVariant& value )
+#define DEFINE_CHECK_FUNC(x) void _xDEFINE_CHECK_FUNC(x)
+#define DECLARE_CHECK_FUNC(x) void _xDEFINE_CHECK_FUNC(x);
+
+DECLARE_CHECK_FUNC(minLength)
+DECLARE_CHECK_FUNC(maxLength)
+#ifdef HAVE_LIBPWQUALITY
+DECLARE_CHECK_FUNC(libpwquality)
+#endif
+
+#endif
+

src/modules/users/UsersPage.cpp

@@ -455,68 +455,23 @@ UsersPage::setReusePasswordDefault( bool checked )
     emit checkReady( isReady() );
 }
 
-UsersPage::PasswordCheck::PasswordCheck()
-    : m_message()
-    , m_accept( []( const QString& s )
-{
-    return true;
-} )
-{
-}
-
-UsersPage::PasswordCheck::PasswordCheck( const QString& m, AcceptFunc a )
-    : m_message( [m](){ return m; } )
-    , m_accept( a )
-{
-}
-
-UsersPage::PasswordCheck::PasswordCheck( MessageFunc m, AcceptFunc a )
-    : m_message( m )
-    , m_accept( a )
-{
-}
-
 void
 UsersPage::addPasswordCheck( const QString& key, const QVariant& value )
 {
     if ( key == "minLength" )
     {
-        int minLength = -1;
-        if ( value.canConvert( QVariant::Int ) )
-            minLength = value.toInt();
-        if ( minLength > 0 )
-        {
-            cDebug() << key << " .. set to" << minLength;
-            m_passwordChecks.push_back(
-                PasswordCheck(
-                    []()
-            {
-                return tr( "Password is too short" );
-            },
-            [minLength]( const QString& s )
-            {
-                return s.length() >= minLength;
-            } ) );
-        }
+        add_check_minLength( this, m_passwordChecks, value );
     }
     else if ( key == "maxLength" )
     {
-        int maxLength = -1;
-        if ( value.canConvert( QVariant::Int ) )
-            maxLength = value.toInt();
-        if ( maxLength > 0 )
-        {
-            cDebug() << key << " .. set to" << maxLength;
-            m_passwordChecks.push_back(
-                PasswordCheck( []()
-            {
-                return tr( "Password is too long" );
-            }, [maxLength]( const QString& s )
-            {
-                return s.length() <= maxLength;
-            } ) );
-        }
+        add_check_maxLength( this, m_passwordChecks, value );
     }
+#ifdef CHECK_PWQUALITY
+    else if ( key == "libpwquality" )
+    {
+        add_check_libpwquality( this, m_passwordChecks, value );
+    }
+#endif
     else
         cDebug() << "WARNING: Unknown password-check key" << '"' << key << '"';
 }

src/modules/users/UsersPage.h

@@ -26,9 +26,9 @@
 
 #include "Typedefs.h"
 
-#include <QWidget>
+#include "CheckPWQuality.h"
 
-#include <functional>
+#include <QWidget>
 
 namespace Ui
 {
@@ -70,41 +70,7 @@ signals:
 private:
     Ui::Page_UserSetup* ui;
 
-    /**
-     * Support for (dynamic) checks on the password's validity.
-     * This can be used to implement password requirements like
-     * "at least 6 characters". Function addPasswordCheck()
-     * instantiates these and adds them to the list of checks.
-     */
-    class PasswordCheck
-    {
-    public:
-        /** Return true if the string is acceptable. */
-        using AcceptFunc = std::function<bool( const QString& )>;
-        using MessageFunc = std::function<QString()>;
-
-        /** Generate a @p message if @p filter returns true */
-        PasswordCheck( MessageFunc message, AcceptFunc filter );
-        /** Yields @p message if @p filter returns true */
-        PasswordCheck( const QString& message, AcceptFunc filter );
-        /** Null check, always returns empty */
-        PasswordCheck();
-
-        /** Applies this check to the given password string @p s
-         *  and returns an empty string if the password is ok
-         *  according to this filter. Returns a message describing
-         *  what is wrong if not.
-         */
-        QString filter( const QString& s ) const
-        {
-            return m_accept( s ) ? QString() : m_message();
-        }
-
-    private:
-        MessageFunc m_message;
-        AcceptFunc m_accept;
-    } ;
-    QVector<PasswordCheck> m_passwordChecks;
+    PasswordCheckList m_passwordChecks;
 
     const QRegExp USERNAME_RX = QRegExp( "^[a-z_][a-z0-9_-]*[$]?$" );
     const QRegExp HOSTNAME_RX = QRegExp( "^[a-zA-Z0-9][-a-zA-Z0-9_]*$" );