reject passwords with single or double quotes or backslashes

2025-12-09 18:52:52 +01:00 · 2020-09-28 11:51:19 -04:00
parent 3ba8f47d9c
commit 85e53c53af
5 changed files with 28 additions and 1 deletions
--- a/setup/so-functions
+++ b/setup/so-functions
@@ -371,7 +371,11 @@ collect_webuser_inputs() {

 	WPMATCH=no
 	while [[ $WPMATCH != yes ]]; do
-		whiptail_create_web_user_password1
+	    whiptail_create_web_user_password1
+	    while ! check_password "$WEBPASSWD1"; do
+			whiptail_invalid_pass_characters_warning
+			whiptail_create_web_user_password1
+		done
 		if echo "$WEBPASSWD1" | so-user valpass >> "$setup_log" 2>&1; then
 			whiptail_create_web_user_password2
 			check_web_pass
--- a/setup/so-whiptail
+++ b/setup/so-whiptail
@@ -381,6 +381,13 @@ whiptail_invalid_pass_warning() {
 	whiptail --title "Security Onion Setup" --msgbox "Please choose a more secure password." 8 75
 }

+whiptail_invalid_pass_characters_warning() {
+
+	[ -n "$TESTING" ] && return
+
+	whiptail --title "Security Onion Setup" --msgbox "Password is invalid. Please exclude single quotes, double quotes and backslashes from the password." 8 75
+}
+
 whiptail_cur_close_days() {

 	[ -n "$TESTING" ] && return