src/home/user-record-pwquality.c

   1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
   2
   3 #include "bus-common-errors.h"
   4 #include "errno-util.h"
   5 #include "home-util.h"
   6 #include "libcrypt-util.h"
   7 #include "pwquality-util.h"
   8 #include "strv.h"
   9 #include "user-record-pwquality.h"
  10 #include "user-record-util.h"
  11
  12 #if HAVE_PWQUALITY
  13
  14 int user_record_quality_check_password(
  15                 UserRecord *hr,
  16                 UserRecord *secret,
  17                 sd_bus_error *error) {
  18
  19         _cleanup_(sym_pwquality_free_settingsp) pwquality_settings_t *pwq = NULL;
  20         char buf[PWQ_MAX_ERROR_MESSAGE_LEN];
  21         void *auxerror;
  22         int r;
  23
  24         assert(hr);
  25         assert(secret);
  26
  27         r = pwq_allocate_context(&pwq);
  28         if (ERRNO_IS_NOT_SUPPORTED(r))
  29                 return 0;
  30         if (r < 0)
  31                 return log_debug_errno(r, "Failed to allocate libpwquality context: %m");
  32
  33         /* This is a bit more complex than one might think at first. pwquality_check() would like to know the
  34          * old password to make security checks. We support arbitrary numbers of passwords however, hence we
  35          * call the function once for each combination of old and new password. */
  36
  37         /* Iterate through all new passwords */
  38         STRV_FOREACH(pp, secret->password) {
  39                 bool called = false;
  40
  41                 r = test_password_many(hr->hashed_password, *pp);
  42                 if (r < 0)
  43                         return r;
  44                 if (r == 0) /* This is an old password as it isn't listed in the hashedPassword field, skip it */
  45                         continue;
  46
  47                 /* Check this password against all old passwords */
  48                 STRV_FOREACH(old, secret->password) {
  49
  50                         if (streq(*pp, *old))
  51                                 continue;
  52
  53                         r = test_password_many(hr->hashed_password, *old);
  54                         if (r < 0)
  55                                 return r;
  56                         if (r > 0) /* This is a new password, not suitable as old password */
  57                                 continue;
  58
  59                         r = sym_pwquality_check(pwq, *pp, *old, hr->user_name, &auxerror);
  60                         if (r < 0)
  61                                 return sd_bus_error_setf(error, BUS_ERROR_LOW_PASSWORD_QUALITY, "Password too weak: %s",
  62                                                          sym_pwquality_strerror(buf, sizeof(buf), r, auxerror));
  63
  64                         called = true;
  65                 }
  66
  67                 if (called)
  68                         continue;
  69
  70                 /* If there are no old passwords, let's call pwquality_check() without any. */
  71                 r = sym_pwquality_check(pwq, *pp, NULL, hr->user_name, &auxerror);
  72                 if (r < 0)
  73                         return sd_bus_error_setf(error, BUS_ERROR_LOW_PASSWORD_QUALITY, "Password too weak: %s",
  74                                                  sym_pwquality_strerror(buf, sizeof(buf), r, auxerror));
  75         }
  76
  77         return 1;
  78 }
  79
  80 #else
  81
  82 int user_record_quality_check_password(
  83                 UserRecord *hr,
  84                 UserRecord *secret,
  85                 sd_bus_error *error) {
  86
  87         return 0;
  88 }
  89
  90 #endif