From 297a5e682d24438cee2e545932f61bf271bc5491 Mon Sep 17 00:00:00 2001 From: David Shea Date: Oct 04 2013 14:37:47 +0000 Subject: Only encrypt the TUI user password once (#1015220) Since the TUI user spoke apply() method is called for every property change, and cryptPassword was called in apply(), the user password was being set multiple times if a password was set followed by other properties being set (e.g., set password, then set administrator). Moved the password encryption into EditTUIDialog so that cryptPassword is called immediately after the prompts and an encrypted password is returned to the spoke. --- diff --git a/pyanaconda/ui/tui/spokes/__init__.py b/pyanaconda/ui/tui/spokes/__init__.py index 773ea67..5dd8424 100644 --- a/pyanaconda/ui/tui/spokes/__init__.py +++ b/pyanaconda/ui/tui/spokes/__init__.py @@ -21,7 +21,7 @@ from pyanaconda.ui.tui import simpleline as tui from pyanaconda.ui.tui.tuiobject import TUIObject, YesNoDialog from pyanaconda.ui.common import Spoke, StandaloneSpoke, NormalSpoke, PersonalizationSpoke, collect -from pyanaconda.users import validatePassword, checkPassword +from pyanaconda.users import validatePassword, checkPassword, cryptPassword from pwquality import PWQError import re from collections import namedtuple @@ -129,7 +129,7 @@ class EditTUIDialog(NormalTUISpoke): if not question_window.answer: return None - self.value = pw + self.value = cryptPassword(pw) return None else: return _("Enter new value for '%s' and press enter\n") % entry.title diff --git a/pyanaconda/ui/tui/spokes/password.py b/pyanaconda/ui/tui/spokes/password.py index b4b13a2..89bc7a7 100644 --- a/pyanaconda/ui/tui/spokes/password.py +++ b/pyanaconda/ui/tui/spokes/password.py @@ -23,7 +23,6 @@ from pyanaconda.ui.tui.spokes import EditTUIDialog, EditTUISpokeEntry from pyanaconda.ui.common import FirstbootSpokeMixIn from pyanaconda.ui.tui.simpleline import TextWidget -from pyanaconda.users import cryptPassword from pyanaconda.i18n import _ class PasswordSpoke(FirstbootSpokeMixIn, EditTUIDialog): @@ -71,7 +70,7 @@ class PasswordSpoke(FirstbootSpokeMixIn, EditTUIDialog): self.close() def apply(self): - self.data.rootpw.password = cryptPassword(self._password) + self.data.rootpw.password = self._password self.data.rootpw.isCrypted = True self.data.rootpw.lock = False self.data.rootpw.seen = False diff --git a/pyanaconda/ui/tui/spokes/user.py b/pyanaconda/ui/tui/spokes/user.py index 2c44fec..c2ff4dd 100644 --- a/pyanaconda/ui/tui/spokes/user.py +++ b/pyanaconda/ui/tui/spokes/user.py @@ -22,7 +22,7 @@ from pyanaconda.ui.tui.spokes import EditTUISpoke from pyanaconda.ui.tui.spokes import EditTUISpokeEntry as Entry from pyanaconda.ui.common import FirstbootSpokeMixIn -from pyanaconda.users import guess_username, cryptPassword +from pyanaconda.users import guess_username from pyanaconda.i18n import _ from pykickstart.constants import FIRSTBOOT_RECONFIG from pyanaconda.constants import ANACONDA_ENVIRON, FIRSTBOOT_ENVIRON @@ -39,7 +39,7 @@ class UserSpoke(FirstbootSpokeMixIn, EditTUISpoke): Entry("Fullname", "gecos", GECOS_VALID, lambda self,args: args._create), Entry("Username", "name", USERNAME_VALID, lambda self,args: args._create), Entry("Use password", "_use_password", EditTUISpoke.CHECK, lambda self,args: args._create), - Entry("Password", "password", EditTUISpoke.PASSWORD, lambda self,args: args._use_password and args._create), + Entry("Password", "_password", EditTUISpoke.PASSWORD, lambda self,args: args._use_password and args._create), Entry("Administrator", "_admin", EditTUISpoke.CHECK, lambda self,args: args._create), Entry("Groups", "_groups", GROUPLIST_SIMPLE_VALID, lambda self,args: args._create) ] @@ -74,6 +74,10 @@ class UserSpoke(FirstbootSpokeMixIn, EditTUISpoke): self.args._use_password = self.args.isCrypted or self.args.password + # Keep the password separate from the kickstart data until apply() + # so that all of the properties are set at once + self.args._password = "" + def refresh(self, args = None): self.args._admin = "wheel" in self.args.groups self.args._groups = ", ".join(self.args.groups) @@ -128,8 +132,8 @@ class UserSpoke(FirstbootSpokeMixIn, EditTUISpoke): # encrypt and store password only if user entered anything; this should # preserve passwords set via kickstart - if self.args._use_password and len(self.args.password) > 0: - self.args.password = cryptPassword(self.args.password) + if self.args._use_password and len(self.args._password) > 0: + self.args.password = self.args._password self.args.isCrypted = True self.args.password_kickstarted = False # clear pw when user unselects to use pw