File: 02_password.out

package info (click to toggle)
credcheck 4.6-1
  • links: PTS, VCS
  • area: main
  • in suites:
  • size: 480 kB
  • sloc: ansic: 2,010; sql: 872; makefile: 22; sh: 1
file content (148 lines) | stat: -rw-r--r-- 4,943 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
 
LOAD 'credcheck';
--
--reset all settings
--
SET credcheck.username_min_length TO DEFAULT;
SET credcheck.username_min_special TO DEFAULT;
SET credcheck.username_min_upper TO DEFAULT;
SET credcheck.username_min_upper TO DEFAULT;
SET credcheck.username_min_digit TO DEFAULT;
SET credcheck.username_contain_password TO DEFAULT;
SET credcheck.username_ignore_case TO DEFAULT;
SET credcheck.username_contain TO DEFAULT;
SET credcheck.username_not_contain TO DEFAULT;
SET credcheck.username_min_repeat TO DEFAULT;
SET credcheck.password_min_length TO DEFAULT;
SET credcheck.password_min_special TO DEFAULT;
SET credcheck.password_min_upper TO DEFAULT;
SET credcheck.password_min_upper TO DEFAULT;
SET credcheck.password_min_digit TO DEFAULT;
SET credcheck.password_contain_username TO DEFAULT;
SET credcheck.password_ignore_case TO DEFAULT;
SET credcheck.password_contain TO DEFAULT;
SET credcheck.password_not_contain TO DEFAULT;
SET credcheck.password_min_repeat TO DEFAULT;
--password checks
--
--length must be >=2
--
SET credcheck.password_min_length TO 2;
DROP USER IF EXISTS aa;
NOTICE:  role "aa" does not exist, skipping
CREATE USER aa WITH PASSWORD 'd';
ERROR:  password length should match the configured credcheck.password_min_length (2)
CREATE USER aa WITH PASSWORD 'dd';
DROP USER IF EXISTS aa;
--
--min special >= 1
--
SET credcheck.password_min_special TO 1;
DROP USER IF EXISTS aa;
NOTICE:  role "aa" does not exist, skipping
CREATE USER aa WITH PASSWORD 'aa';
ERROR:  username should not contain password
CREATE USER aa WITH PASSWORD 'a$';
DROP USER IF EXISTS aa;
--
--min upper >=1
--
SET credcheck.password_min_upper TO 1;
DROP USER IF EXISTS "aa";
NOTICE:  role "aa" does not exist, skipping
CREATE USER "aa" WITH PASSWORD 'aa$';
ERROR:  password should not contain username
CREATE USER "aa" WITH PASSWORD 'aA$';
DROP USER IF EXISTS "aa";
--
--min lower >=2
--
SET credcheck.password_min_lower TO 1;
DROP USER IF EXISTS "aa";
NOTICE:  role "aa" does not exist, skipping
CREATE USER "aa" WITH PASSWORD 'AA$';
ERROR:  password does not contain the configured credcheck.password_min_lower characters (1)
CREATE USER "aa" WITH PASSWORD 'aA$';
DROP USER IF EXISTS "aa";
--
--must contain one of the characters 'a','b','c'
--
SET credcheck.password_contain TO 'a,b,c';
DROP USER IF EXISTS "aa";
NOTICE:  role "aa" does not exist, skipping
CREATE USER "aa" WITH PASSWORD 'dddU$';
ERROR:  password does not contain the configured credcheck.password_contain characters: a,b,c
CREATE USER "aa" WITH PASSWORD 'ddaU$';
DROP USER IF EXISTS "aa";
--
--must not contain one of the characters 'x','z'
--
SET credcheck.password_not_contain TO 'x,z';
DROP USER IF EXISTS "aa";
NOTICE:  role "aa" does not exist, skipping
CREATE USER "aa" WITH PASSWORD 'Ax$';
ERROR:  password does not contain the configured credcheck.password_contain characters: a,b,c
CREATE USER "aa" WITH PASSWORD 'Ab$';
DROP USER IF EXISTS "aa";
--
--passord contain username
--
SET credcheck.password_contain_username TO on;
DROP USER IF EXISTS "aa";
NOTICE:  role "aa" does not exist, skipping
CREATE USER "aa" WITH PASSWORD 'aa$';
ERROR:  password should not contain username
CREATE USER "aa" WITH PASSWORD 'Ab$';
DROP USER IF EXISTS "aa";
--
--ignore case while performing checks
--
SET credcheck.password_ignore_case TO on;
DROP USER IF EXISTS "aa";
NOTICE:  role "aa" does not exist, skipping
CREATE USER "aa" WITH PASSWORD 'random_AA$';
ERROR:  password should not contain username
DROP USER IF EXISTS "aa";
NOTICE:  role "aa" does not exist, skipping
--
--min digit >=1
--
SET credcheck.password_min_digit TO 1;
DROP USER IF EXISTS aa;
NOTICE:  role "aa" does not exist, skipping
CREATE USER aa WITH PASSWORD 'a@a';
ERROR:  password does not contain the configured credcheck.password_min_digit characters (1)
CREATE USER aa WITH PASSWORD 'a@1';
DROP USER IF EXISTS aa;
--
--min password repeat 2
--
SET credcheck.password_min_repeat TO 2;
DROP USER IF EXISTS aa;
NOTICE:  role "aa" does not exist, skipping
CREATE USER aa WITH PASSWORD '1a@bbb';
ERROR:  password characters are repeated more than the configured credcheck.password_min_repeat times (2)
CREATE USER aa WITH PASSWORD '1a@a';
DROP USER IF EXISTS aa;
--
-- Check NULL password
--
CREATE USER aa WITH PASSWORD '1a@bcg';
ALTER USER aa PASSWORD NULL;
DROP USER IF EXISTS aa;
CREATE USER aa PASSWORD NULL;
DROP USER IF EXISTS aa;
--
-- Check whitlisted users
SET credcheck.password_min_repeat TO 2;
SET credcheck.whitelist = 'nocheck1,nocheck2,aaaaaaaa,bbbbbbbb,cccccccc,dddddddd,eeeeeeee,ffffffff,gggggggg';
DROP USER IF EXISTS nocheck1;
NOTICE:  role "nocheck1" does not exist, skipping
CREATE USER nocheck1 WITH PASSWORD 'aaaa';
DROP USER IF EXISTS nocheck1;
CREATE USER nocheck1;
DROP USER IF EXISTS nocheck2;
NOTICE:  role "nocheck2" does not exist, skipping
CREATE USER nocheck2 WITH PASSWORD 'aaaa';
ALTER USER nocheck2 WITH PASSWORD 'bbbb';
DROP USER IF EXISTS nocheck1;
DROP USER IF EXISTS nocheck2;