asterisk/contrib/scripts/voicemailpwcheck.py

#!/usr/bin/env python
''' Sample externpasscheck script for use with voicemail.conf

Copyright (C) 2010, Digium, Inc.
Russell Bryant <russell@digium.com>

The externpasscheck option in voicemail.conf allows an external script to
validate passwords when a user is changing it.  The script can enforce password
strength rules.  This script is an example of doing so and implements a check
on password length, a password with too many identical consecutive numbers, or
a password made up of sequential digits.
'''

import sys
import re


# Set this to the required minimum length for a password
REQUIRED_LENGTH = 6


# Regular expressions that match against invalid passwords
REGEX_BLACKLIST = [
    ("(?P<digit>\d)(?P=digit){%d}" % (REQUIRED_LENGTH - 1),
        "%d consecutive numbers that are the same" % REQUIRED_LENGTH)
]


# Exact passwords that are forbidden.  If the string of digits specified here
# is found in any part of the password specified, it is considered invalid.
PW_BLACKLIST = [
    "123456",
    "234567",
    "345678",
    "456789",
    "567890",
    "098765",
    "987654",
    "876543",
    "765432",
    "654321"
]


mailbox, context, old_pw, new_pw = sys.argv[1:5]

# Enforce a password length of at least 6 characters
if len(new_pw) < REQUIRED_LENGTH:
    print("INVALID: Password is too short (%d) - must be at least %d" % \
            (len(new_pw), REQUIRED_LENGTH))
    sys.exit(0)

for regex, error in REGEX_BLACKLIST:
    if re.search(regex, new_pw):
        print("INVALID: %s" % error)
        sys.exit(0)

for pw in PW_BLACKLIST:
    if new_pw.find(pw) != -1:
        print("INVALID: %s is forbidden in a password" % pw)
        sys.exit(0)

print("VALID")

sys.exit(0)
Add example script for use with the externpasscheck voicemail.conf option. (closes issue #17628) Reported by: lmadsen Tested by: russell, lmadsen Review: https://reviewboard.asterisk.org/r/774/ git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@275863 65c4cc65-6c06-0410-ace0-fbb531ad65f3 2010-07-13 11:41:54 +00:00			`#!/usr/bin/env python`
			`''' Sample externpasscheck script for use with voicemail.conf`

			`Copyright (C) 2010, Digium, Inc.`
			`Russell Bryant <russell@digium.com>`

			`The externpasscheck option in voicemail.conf allows an external script to`
			`validate passwords when a user is changing it. The script can enforce password`
			`strength rules. This script is an example of doing so and implements a check`
			`on password length, a password with too many identical consecutive numbers, or`
			`a password made up of sequential digits.`
			`'''`

			`import sys`
			`import re`


			`# Set this to the required minimum length for a password`
			`REQUIRED_LENGTH = 6`


			`# Regular expressions that match against invalid passwords`
			`REGEX_BLACKLIST = [`
			`("(?P<digit>\d)(?P=digit){%d}" % (REQUIRED_LENGTH - 1),`
contrib: Spelling fixes Correct typos of the following word families: standard increase comments valgrind promiscuous editing libtonezone storage aggressive whitespace russellbryant consecutive peternixon ASTERISK-29714 Change-Id: I9cafbf41b579c9c0c84c81719d2c4f900beec245 2021-10-30 21:04:41 -04:00			`"%d consecutive numbers that are the same" % REQUIRED_LENGTH)`
Add example script for use with the externpasscheck voicemail.conf option. (closes issue #17628) Reported by: lmadsen Tested by: russell, lmadsen Review: https://reviewboard.asterisk.org/r/774/ git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@275863 65c4cc65-6c06-0410-ace0-fbb531ad65f3 2010-07-13 11:41:54 +00:00			`]`


			`# Exact passwords that are forbidden. If the string of digits specified here`
			`# is found in any part of the password specified, it is considered invalid.`
			`PW_BLACKLIST = [`
			`"123456",`
			`"234567",`
			`"345678",`
			`"456789",`
			`"567890",`
			`"098765",`
			`"987654",`
			`"876543",`
			`"765432",`
			`"654321"`
			`]`


			`mailbox, context, old_pw, new_pw = sys.argv[1:5]`

			`# Enforce a password length of at least 6 characters`
			`if len(new_pw) < REQUIRED_LENGTH:`
Build System: Enable python3 compatibility. * Consistently use spaces in rest-api-templates/asterisk_processor.py. * Exclude third-party from docs/full-en_US.xml. * Add docs/full-en_US.xml to .gitignore. * Use list() to convert python3 view. * Use python3 print function. * Replace cmp() with equivalent equation. * Replace reference to out of scope subtype variable with name parameter. * Use unescaping triple bracket notation in mustache templates where needed. This causes behavior of Python2 to be maintained when using Python3. * Fix references to has_websocket / is_websocket in res_ari_resource.c.mustache. * Update calculation of has_websocket to use any(). * Use unicode mode for writing output file in transform.py. * Replace 'from swagger_model import *' with explicit import of required symbols. I have not tested spandspflow2pcap.py or voicemailpwcheck.py, only the print syntax has been fixed. Change-Id: If5c5b556a2800d41a3e2cfef080ac2e151178c33 2018-03-23 07:49:59 -04:00			`print("INVALID: Password is too short (%d) - must be at least %d" % \`
			`(len(new_pw), REQUIRED_LENGTH))`
Add example script for use with the externpasscheck voicemail.conf option. (closes issue #17628) Reported by: lmadsen Tested by: russell, lmadsen Review: https://reviewboard.asterisk.org/r/774/ git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@275863 65c4cc65-6c06-0410-ace0-fbb531ad65f3 2010-07-13 11:41:54 +00:00			`sys.exit(0)`

			`for regex, error in REGEX_BLACKLIST:`
			`if re.search(regex, new_pw):`
Build System: Enable python3 compatibility. * Consistently use spaces in rest-api-templates/asterisk_processor.py. * Exclude third-party from docs/full-en_US.xml. * Add docs/full-en_US.xml to .gitignore. * Use list() to convert python3 view. * Use python3 print function. * Replace cmp() with equivalent equation. * Replace reference to out of scope subtype variable with name parameter. * Use unescaping triple bracket notation in mustache templates where needed. This causes behavior of Python2 to be maintained when using Python3. * Fix references to has_websocket / is_websocket in res_ari_resource.c.mustache. * Update calculation of has_websocket to use any(). * Use unicode mode for writing output file in transform.py. * Replace 'from swagger_model import *' with explicit import of required symbols. I have not tested spandspflow2pcap.py or voicemailpwcheck.py, only the print syntax has been fixed. Change-Id: If5c5b556a2800d41a3e2cfef080ac2e151178c33 2018-03-23 07:49:59 -04:00			`print("INVALID: %s" % error)`
Add example script for use with the externpasscheck voicemail.conf option. (closes issue #17628) Reported by: lmadsen Tested by: russell, lmadsen Review: https://reviewboard.asterisk.org/r/774/ git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@275863 65c4cc65-6c06-0410-ace0-fbb531ad65f3 2010-07-13 11:41:54 +00:00			`sys.exit(0)`

			`for pw in PW_BLACKLIST:`
			`if new_pw.find(pw) != -1:`
Build System: Enable python3 compatibility. * Consistently use spaces in rest-api-templates/asterisk_processor.py. * Exclude third-party from docs/full-en_US.xml. * Add docs/full-en_US.xml to .gitignore. * Use list() to convert python3 view. * Use python3 print function. * Replace cmp() with equivalent equation. * Replace reference to out of scope subtype variable with name parameter. * Use unescaping triple bracket notation in mustache templates where needed. This causes behavior of Python2 to be maintained when using Python3. * Fix references to has_websocket / is_websocket in res_ari_resource.c.mustache. * Update calculation of has_websocket to use any(). * Use unicode mode for writing output file in transform.py. * Replace 'from swagger_model import *' with explicit import of required symbols. I have not tested spandspflow2pcap.py or voicemailpwcheck.py, only the print syntax has been fixed. Change-Id: If5c5b556a2800d41a3e2cfef080ac2e151178c33 2018-03-23 07:49:59 -04:00			`print("INVALID: %s is forbidden in a password" % pw)`
Add example script for use with the externpasscheck voicemail.conf option. (closes issue #17628) Reported by: lmadsen Tested by: russell, lmadsen Review: https://reviewboard.asterisk.org/r/774/ git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@275863 65c4cc65-6c06-0410-ace0-fbb531ad65f3 2010-07-13 11:41:54 +00:00			`sys.exit(0)`

Build System: Enable python3 compatibility. * Consistently use spaces in rest-api-templates/asterisk_processor.py. * Exclude third-party from docs/full-en_US.xml. * Add docs/full-en_US.xml to .gitignore. * Use list() to convert python3 view. * Use python3 print function. * Replace cmp() with equivalent equation. * Replace reference to out of scope subtype variable with name parameter. * Use unescaping triple bracket notation in mustache templates where needed. This causes behavior of Python2 to be maintained when using Python3. * Fix references to has_websocket / is_websocket in res_ari_resource.c.mustache. * Update calculation of has_websocket to use any(). * Use unicode mode for writing output file in transform.py. * Replace 'from swagger_model import *' with explicit import of required symbols. I have not tested spandspflow2pcap.py or voicemailpwcheck.py, only the print syntax has been fixed. Change-Id: If5c5b556a2800d41a3e2cfef080ac2e151178c33 2018-03-23 07:49:59 -04:00			`print("VALID")`
Add example script for use with the externpasscheck voicemail.conf option. (closes issue #17628) Reported by: lmadsen Tested by: russell, lmadsen Review: https://reviewboard.asterisk.org/r/774/ git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@275863 65c4cc65-6c06-0410-ace0-fbb531ad65f3 2010-07-13 11:41:54 +00:00
			`sys.exit(0)`