cPanel API get_password_strength

[nickwuk]

I had the Cpanel API get_password_strength function working previously, but today when I test it was only returning a strength of 31 for the test password *fox&jn3)G>L, then I found the strength remained at 31 even if I added more characters.

Then in a separate test script I'm getting the following error: "Failed to read valid json data in json fast mode". I'm wondering if I've made too many requests with the test script?

I've now tried setting the ftp password to *fox&jn3)G>L$T7j\"B9 using the API function Ftp::passwd and it failed with a 'too weak' error. This was working ok last week.

I found the ftp account had not been created so maybe that's why the password would not reset, but if so then it was returning spurious errors.

I've now recreated the ftp account and get_password_strength is now working correctly again.

 

[cPanelLauren]

Hi @nickwuk


Can you show me the full query string you were using (without any personal domain/account information) so that I can try testing this locally?

Thanks!

 

[nickwuk]

The test script I was using with the Cpanel class is below:

<?php
$new_pass = '*fox&jn3)G>L$h£32Tg^£';
include "Cpanel.php";
$cpanel = new Cpanel();
$cp_user = $cpanel->getCpUser();
$opts = array('password' => $new_pass);
if($result = $cpanel->callCpanelApi($cp_user, 'PasswdStrength', 'get_password_strength',$opts)) {
    $json = json_decode($result,true);
    if($json['cpanelresult']['event']['result']!=1) {
        print 'Error checking password strength: ';
        print_r($json);
    } else {
        print 'Strength: ' . $json['cpanelresult']['data'][0]['strength'];
    }
} else {
    print 'Error for callCpanelApi with function PasswdStrength|get_password_strength: ' . $cpanel->getError();
}

I extended the Cpanel class with

$this->cpUser = 'myusername';

in the constructor and the following function:

    public function getCpUser()
    {
        return $this->cpUser;
    }

And I'm using a token for authentication.

The full code includes comprehensive error and debug logging and I've noticed that testing an ftp connection immediately after the ftp account has been created via the api (also immediately after an addon domain has been created) is giving me intermittent errors, so I'm wondering if it's connected or whether it's a server load issue. Hopefully more testing will reveal.

 

[cPanelLauren]

Hi @nickwuk

Can you test this after you've recently restarted queuprocd? It may be the task queue has a backlog as well which could also be due to high load.

Thanks!

 

[nickwuk]

I've started retesting the addftp function (more than 3 months later) and now when it fails the code is outputting the result. In the example below the creation failed but succeeded using the same password when created manually. I notice the event result is 1 but the data result is 0 without reason, although the reason is given in the 'error' key.

    [cpanelresult] => Array
        (
            [apiversion] => 2
            [error] => This system does not allow the given password for “” because it is too weak and would be too easy to crack. Please select a password with strength rating of 90 or higher.
            [event] => Array
                (
                    [result] => 1
                )
            [module] => Ftp
            [func] => addftp
            [data] => Array
                (
                    [0] => Array
                        (
                            [result] => 0
                            [reason] =>
                        )
                )
        )

The user and password option parameters used were:
user: sitepro
pass: 3$#J^$ownGur

When an ftp account was created manually using the same parameters then it worked.

 

[cPanelMichael]

Hello @nickwuk,

Let's try to reproduce the behavior with the PasswdStrength::get_password_strength cPanel API 2 function via the command line first. This way we can isolate if it's an issue with our API functionality, or an issue with the custom script you are using.

I tested the password you provided in your initial message using the following command:

cpapi2 --user=cptest01 PasswdStrength get_password_strength password=%2Afox%26jn3%29G%3EL%2C

Note how the password you provided was URI-encoded for use with the API function from:

*fox&jn3)G>L,

To:

%2Afox%26jn3%29G%3EL%2C

URI-encoding the password is required when using it with an API function to ensure it's parsed correctly.

Here are the results from the command:

# cpapi2 --user=testuser123 PasswdStrength get_password_strength password=%2Afox%26jn3%29G%3EL%2C
---
cpanelresult:
  apiversion: 2
  data:
    -
      strength: 100
  event:
    result: 1
  func: get_password_strength
  module: PasswdStrength

As you can see, it shows a value of "100" for the strength, and matches what appears when entering it as a password in the cPanel & WHM user interfaces. Can you confirm if you see the same behavior?

Thank you.