Package: libpam-passwdqc Version: 1.3.0-1 Severity: minor Tags: patch I noticed some repeated text and somewhat tortured wording in the prompts for new passwords. Please consider the attached patch.
It defines a couple of extra text slugs to make the prompt wording more consistent across the different password class cases, and changes the wording to avoid constructs like this params.qc.min[4] == 8 || params.qc.min[4] == 11 ? "n" : "", Kind regards, Vince -- System Information: Debian Release: 8.5 APT prefers stable APT policy: (990, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.16.0-4-amd64 (SMP w/20 CPU cores) Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages libpam-passwdqc depends on: ii libc6 2.19-18+deb8u4 ii libpam-runtime 1.1.8-3.1+deb8u1 ii libpam0g 1.1.8-3.1+deb8u1+b1 ii libpasswdqc0 1.3.0-1 Versions of packages libpam-passwdqc recommends: ii passwdqc 1.3.0-1 libpam-passwdqc suggests no packages. -- no debconf information --
Define a couple of extra text fragments and use them to regularise the password prompting. Also tweak the wording so we don't need to decide whether 'a' or 'an' needs to be printed. --- a/pam_passwdqc.c +++ b/pam_passwdqc.c @@ -69,30 +69,32 @@ typedef lo_const void *pam_item_t; "\nYou can now choose the new password.\n" #define MESSAGE_INTRO_BOTH \ "\nYou can now choose the new password or passphrase.\n" -#define MESSAGE_EXPLAIN_PASSWORD_1CLASS \ +#define MESSAGE_EXPLAIN_CHAR_CLASSES \ "A good password should be a mix of upper and lower case letters,\n" \ - "digits, and other characters. You can use a%s %d character long\n" \ - "password.\n" -#define MESSAGE_EXPLAIN_PASSWORD_CLASSES \ - "A valid password should be a mix of upper and lower case letters,\n" \ - "digits, and other characters. You can use a%s %d character long\n" \ - "password with characters from at least %d of these 4 classes.\n" \ + "digits, and other characters.\n" +#define MESSAGE_EXPLAIN_DOES_NOT_COUNT \ "An upper case letter that begins the password and a digit that\n" \ "ends it do not count towards the number of character classes used.\n" +#define MESSAGE_EXPLAIN_PASSWORD_1CLASS \ + MESSAGE_EXPLAIN_CHAR_CLASSES \ + "You can use a password with %d or more characters.\n" \ + MESSAGE_EXPLAIN_DOES_NOT_COUNT +#define MESSAGE_EXPLAIN_PASSWORD_CLASSES \ + MESSAGE_EXPLAIN_CHAR_CLASSES \ + "You can enter a password with %d or more characters,\n" \ + "with characters from at least %d of these 4 classes.\n" \ + MESSAGE_EXPLAIN_DOES_NOT_COUNT #define MESSAGE_EXPLAIN_PASSWORD_ALL_CLASSES \ - "A valid password should be a mix of upper and lower case letters,\n" \ - "digits, and other characters. You can use a%s %d character long\n" \ - "password with characters from all of these classes. An upper\n" \ - "case letter that begins the password and a digit that ends it do\n" \ - "not count towards the number of character classes used.\n" + MESSAGE_EXPLAIN_CHAR_CLASSES \ + "You can enter a password with %d or more characters from\n" \ + "all of these classes.\n" \ + MESSAGE_EXPLAIN_DOES_NOT_COUNT #define MESSAGE_EXPLAIN_PASSWORD_ALT \ - "A valid password should be a mix of upper and lower case letters,\n" \ - "digits, and other characters. You can use a%s %d character long\n" \ - "password with characters from at least 3 of these 4 classes, or\n" \ - "a%s %d character long password containing characters from all the\n" \ - "classes. An upper case letter that begins the password and a\n" \ - "digit that ends it do not count towards the number of character\n" \ - "classes used.\n" + MESSAGE_EXPLAIN_CHAR_CLASSES \ + "You can enter password with %d or more characters from at least 3\n" \ + "of these 4 classes, or a pasword with %d or more characters\n" \ + "containing characters from all the classes.\n" \ + MESSAGE_EXPLAIN_DOES_NOT_COUNT #define MESSAGE_EXPLAIN_PASSPHRASE \ "A passphrase should be of at least %d words, %d to %d characters\n" \ "long, and contain enough different characters.\n" @@ -364,25 +366,20 @@ retry: if (!randomonly && params.qc.min[0] == params.qc.min[4]) status = say(pamh, PAM_TEXT_INFO, MESSAGE_EXPLAIN_PASSWORD_1CLASS, - params.qc.min[4] == 8 || params.qc.min[4] == 11 ? "n" : "", params.qc.min[4]); else if (!randomonly && params.qc.min[3] == params.qc.min[4]) status = say(pamh, PAM_TEXT_INFO, MESSAGE_EXPLAIN_PASSWORD_CLASSES, - params.qc.min[4] == 8 || params.qc.min[4] == 11 ? "n" : "", params.qc.min[4], params.qc.min[1] != params.qc.min[3] ? 3 : 2); else if (!randomonly && params.qc.min[3] == INT_MAX) status = say(pamh, PAM_TEXT_INFO, MESSAGE_EXPLAIN_PASSWORD_ALL_CLASSES, - params.qc.min[4] == 8 || params.qc.min[4] == 11 ? "n" : "", params.qc.min[4]); else if (!randomonly) status = say(pamh, PAM_TEXT_INFO, MESSAGE_EXPLAIN_PASSWORD_ALT, - params.qc.min[3] == 8 || params.qc.min[3] == 11 ? "n" : "", params.qc.min[3], - params.qc.min[4] == 8 || params.qc.min[4] == 11 ? "n" : "", params.qc.min[4]); if (status != PAM_SUCCESS) return status;
