From 50956ccb7b6b03cd329dde2f224ca99d391fdd0c Mon Sep 17 00:00:00 2001 From: phantasm4489 Date: Thu, 12 Oct 2023 13:58:55 +0100 Subject: [PATCH] Add in the v5.6.0 password security settings to the config editor --- axSetupTool/frmSettingsEdit.e | 87 ++++++++++++++++++++++++++++++++++- axSetupTool/helpText.e | 7 +++ axSetupTool/makefile | 2 +- 3 files changed, 94 insertions(+), 2 deletions(-) diff --git a/axSetupTool/frmSettingsEdit.e b/axSetupTool/frmSettingsEdit.e index e61bd40..71a365b 100644 --- a/axSetupTool/frmSettingsEdit.e +++ b/axSetupTool/frmSettingsEdit.e @@ -26,6 +26,12 @@ EXPORT OBJECT frmSettingsEdit OF frmBase strBBSLocation : PTR TO control strSysopName : PTR TO control strDefaultMenu : PTR TO control + intMinPasswordLen: PTR TO control + cycMinPasswordStrength: PTR TO control + cycPasswordEncryption: PTR TO control + intMaxPasswordFails: PTR TO control + intPasswordExpiry: PTR TO control + cycStrictPasswordPolicy: PTR TO control paLocalULPath : PTR TO control intAutoValPreset : PTR TO control intAutoValDelay : PTR TO control @@ -181,6 +187,24 @@ PROC addSystemControls() OF frmSettingsEdit NEW control.createString('bSysop Name',SYS_SYSOP_NAME,self.app.app,self.setChangedHook,self) self.strSysopName:=control + NEW control.createStringInt('Min Password Length',SYS_MIN_PASSWORD_LEN,self.app.app,self.setChangedHook,self) + self.intMinPasswordLen:=control + + NEW control.createCycle('Min Password Strength',SYS_MIN_PASSWORD_STRENGTH,['No restriction','2 character types','3 character types','All 4 character types',0],self.app.app,self.setChangedHook,self) + self.cycMinPasswordStrength:=control + + NEW control.createCycle('Password Encryption',SYS_PASSWORD_ENCRYPTION,['Legacy /X Encryption','PBKDF2 (5 rounds)','PBKDF2 (50 rounds)','PBKDF2 (100 rounds)','PBKDF2 (1000 rounds)','PBKDF2 (10000 rounds)',0],self.app.app,self.setChangedHook,self) + self.cycPasswordEncryption:=control + + NEW control.createStringInt('Max Password Fails',SYS_MAX_PASSWORD_FAILS,self.app.app,self.setChangedHook,self) + self.intMaxPasswordFails:=control + + NEW control.createStringInt('Password Expiry',SYS_PASSWORD_EXPIRY,self.app.app,self.setChangedHook,self) + self.intPasswordExpiry:=control + + NEW control.createCycle('Strict Password Policy',SYS_STRICT_PASSWORD_POLICY,['No','Yes',0],self.app.app,self.setChangedHook,self) + self.cycStrictPasswordPolicy:=control + NEW control.createString('Default Menu',SYS_DEFAULT_MENU,self.app.app,self.setChangedHook,self) self.strDefaultMenu:=control @@ -301,7 +325,9 @@ PROC addSystemControls() OF frmSettingsEdit NEW control.createString('Execute async on upload',SYS_EXECA_ON_UPLOAD,self.app.app,self.setChangedHook,self) self.strExecAOnUpload:=control - self.controlList:=[self.paBBSPath,self.strBBSName,self.strBBSLocation,self.strSysopName,self.strRegKey,self.cyNewAccounts,self.strDefaultMenu, + self.controlList:=[self.paBBSPath,self.strBBSName,self.strBBSLocation,self.strSysopName,self.intMinPasswordLen, + self.cycMinPasswordStrength,self.cycPasswordEncryption,self.intMaxPasswordFails,self.intPasswordExpiry, + self.cycStrictPasswordPolicy,self.strRegKey,self.cyNewAccounts,self.strDefaultMenu, self.paLocalULPath,self.intAutoValPreset,self.intAutoValDelay,self.strAutoValPassword,self.cyLanguage, self.strSmtpHost,self.intSmtpPort,self.strSmtpUsername,self.strSmtpPassword,self.boolSmtpSSL,self.strSysopEmail, self.strBbsEmail,self.paLanguageBase,self.paHistory,self.paUserNotes,self.intHoldAccess, @@ -623,6 +649,33 @@ PROC saveSystemChanges() OF frmSettingsEdit writeToolType(self.acpName,'BBS_NAME',self.strBBSName.getValue()) writeToolType(self.acpName,'BBS_GEOGRAPHIC',self.strBBSLocation.getValue()) writeToolType(self.acpName,'SYSOP_NAME',self.strSysopName.getValue()) + + writeToolType(self.bbsConfigName,'MIN_PASSWORD_LENGTH',self.intMinPasswordLen.getValue()) + IF self.cycMinPasswordStrength.getValueIndex()=0 + writeToolType(self.bbsConfigName,'MIN_PASSWORD_STRENGTH','') + ELSE + StringF(tempStr,'\d',self.cycMinPasswordStrength.getValueIndex()+1) + writeToolType(self.bbsConfigName,'MIN_PASSWORD_STRENGTH',tempStr) + ENDIF + SELECT self.cycPasswordEncryption.getValueIndex() + CASE 0 + writeToolType(self.bbsConfigName,'PASSWORD_SECURITY','LEGACY') + CASE 1 + writeToolType(self.bbsConfigName,'PASSWORD_SECURITY','PBKDF2_5') + CASE 2 + writeToolType(self.bbsConfigName,'PASSWORD_SECURITY','PBKDF2_50') + CASE 3 + writeToolType(self.bbsConfigName,'PASSWORD_SECURITY','PBKDF2_100') + CASE 4 + writeToolType(self.bbsConfigName,'PASSWORD_SECURITY','PBKDF2_1000') + CASE 5 + writeToolType(self.bbsConfigName,'PASSWORD_SECURITY','PBKDF2_10000') + ENDSELECT + + writeToolType(self.bbsConfigName,'MAX_PASSWORD_FAILS',self.intMaxPasswordFails.getValue()) + writeToolType(self.bbsConfigName,'PASSWORD_EXPIRY_DAYS',self.intPasswordExpiry.getValue()) + IF self.cycStrictPasswordPolicy.getValueIndex() THEN writeToolType(self.bbsConfigName,'STRICT_PASSWORD_POLICY') ELSE deleteToolType(self.bbsConfigName,'STRICT_PASSWORD_POLICY') + IF self.cyNewAccounts.getValueIndex()=0 THEN writeToolType(self.acpName,'NEW_ACCOUNTS','APPEND') ELSE deleteToolType(self.acpName,'NEW_ACCOUNTS') writeToolType(self.bbsConfigName,'REGKEY',self.strRegKey.getValue()) writeToolType(self.bbsConfigName,'DEFAULT_MENUNAME',self.strDefaultMenu.getValue()) @@ -862,6 +915,38 @@ PROC editSystemSettings(acpName:PTR TO CHAR, initialSetup=FALSE) OF frmSettingsE readToolType(self.acpName,'SYSOP_NAME',tempstr) self.strSysopName.setValue(tempstr) + val:=readToolTypeInt(self.bbsConfigName,'MIN_PASSWORD_LENGTH') + self.intMinPasswordLen.setValue(val) + + val:=readToolTypeInt(self.bbsConfigName,'MIN_PASSWORD_STRENGTH') + IF val<1 THEN val:=1 + self.cycMinPasswordStrength.setValueIndex(val-1) + + readToolType(self.bbsConfigName,'PASSWORD_SECURITY',tempstr) + IF StriCmp(tempstr,'LEGACY') + self.cycPasswordEncryption.setValueIndex(0) + ELSEIF StriCmp(tempstr,'PBKDF2_5') + self.cycPasswordEncryption.setValueIndex(1) + ELSEIF StriCmp(tempstr,'PBKDF2_50') + self.cycPasswordEncryption.setValueIndex(2) + ELSEIF StriCmp(tempstr,'PBKDF2_100') + self.cycPasswordEncryption.setValueIndex(3) + ELSEIF StriCmp(tempstr,'PBKDF2_1000') + self.cycPasswordEncryption.setValueIndex(4) + ELSEIF StriCmp(tempstr,'PBKDF2_10000') + self.cycPasswordEncryption.setValueIndex(5) + ELSE + self.cycPasswordEncryption.setValueIndex(0) + ENDIF + + val:=readToolTypeInt(self.bbsConfigName,'MAX_PASSWORD_FAILS') + self.intMaxPasswordFails.setValue(val) + + val:=readToolTypeInt(self.bbsConfigName,'PASSWORD_EXPIRY_DAYS') + self.intPasswordExpiry.setValue(val) + + self.cycStrictPasswordPolicy.setValueIndex(IF checkToolTypeExists(self.bbsConfigName,'STRICT_PASSWORD_POLICY') THEN 1 ELSE 0) + readToolType(self.acpName,'NEW_ACCOUNTS',tempstr) self.cyNewAccounts.setValueIndex(IF StriCmp(tempstr,'APPEND') THEN 0 ELSE 1) diff --git a/axSetupTool/helpText.e b/axSetupTool/helpText.e index 8517432..6676a0b 100644 --- a/axSetupTool/helpText.e +++ b/axSetupTool/helpText.e @@ -39,6 +39,7 @@ EXPORT ENUM ACCESS_NAME_MAX_PAGES,ACCESS_NAME,ACCESS_AREA_NAME,CHECKER_FILE,CHEC NODE_FORCE_ANSI,NODE_CON_IN_DEVICE,NODE_CON_OUT_DEVICE,NODE_SCREEN_PENS,NODE_CONF_DB_FILE, NODE_FIRST_COMMAND,NODE_SERIAL_DEVICE,NODE_MODEM_INIT,NODE_MODEM_RESET,NODE_MODEM_RING,NODE_MODEM_ANSWER, NODE_MODEM_OFFHOOK,NODE_MODEM_NRAMS,NODE_WIN_DEFPUBSCREEN,NODE_WIN_PUBSCREEN,SYS_BBS_NAME,SYS_BBS_LOCATION,SYS_SYSOP_NAME, + SYS_MIN_PASSWORD_LEN,SYS_MIN_PASSWORD_STRENGTH,SYS_PASSWORD_ENCRYPTION,SYS_MAX_PASSWORD_FAILS,SYS_PASSWORD_EXPIRY,SYS_STRICT_PASSWORD_POLICY, SYS_DEFAULT_MENU,SYS_AUTO_VAL_PASSWORD,SYS_REGKEY,SYS_SMTP_SERVER,SYS_SMTP_USERNAME,SYS_SMTP_PASSWORD, SYS_SYSOP_EMAIL,SYS_BBS_EMAIL,SYS_FILEDIZ_CMD,SYS_FTP_HOST,SYS_EXEC_ON_NEW_USER,SYS_EXECA_ON_NEW_USER, SYS_EXEC_ON_SYSOP_PAGE,SYS_EXECA_ON_SYSOP_PAGE,SYS_EXEC_ON_CONNECT,SYS_EXECA_ON_CONNECT, @@ -302,6 +303,12 @@ EXPORT PROC helpTextInitialise() addHelp(SYS_BBS_NAME,'Sets the name of the BBS that is shown to the user when they connect.') addHelp(SYS_BBS_LOCATION,'Sets the bbs geographic location that is shown to the user when they connect.') addHelp(SYS_SYSOP_NAME,'Sets the name of the sysop of the bbs.') + addHelp(SYS_MIN_PASSWORD_LEN,'Sets the minimum number of characters allowed for a users password.') + addHelp(SYS_MIN_PASSWORD_STRENGTH,'Sets the minimum complexity of a users password. The character types are Upper, Lower, Numeric, Symbol') + addHelp(SYS_PASSWORD_ENCRYPTION,'Sets the encryption used to store the users passwords. The legacy /X encryption is very weak and can be broken in seconds.') + addHelp(SYS_MAX_PASSWORD_FAILS,'Controls the maximum number of incorrect password attempts before a users account is locked out.') + addHelp(SYS_PASSWORD_EXPIRY,'Sets the number of days after which the user will be forced to change their password.') + addHelp(SYS_STRICT_PASSWORD_POLICY,'If strict password policy is enabled then users will be forced to change their existing password if it does not comply with the settings.') addHelp(SYS_DEFAULT_MENU,'Sets the default menu name (will default to MENU if left blank).') addHelp(SYS_AUTO_VAL_PASSWORD,'Sets the auto validation password for all nodes.') addHelp(SYS_REGKEY,'Sets the registration name. This is displayed to the user as part of the welcome message.') diff --git a/axSetupTool/makefile b/axSetupTool/makefile index 4a787c8..b8cf782 100644 --- a/axSetupTool/makefile +++ b/axSetupTool/makefile @@ -21,7 +21,7 @@ axSetupTool: axSetupTool.e frmMain.m axedit.m helpText.m axedit.m: axedit.e $(compiler) axedit $(options) -stringlist.m: ../stringlist.e +stringlist.m: $(compiler) /stringlist $(options) tooltypes.m: tooltypes.e stringlist.m