[thirdparty/systemd.git] / src / home / user-record-pwquality.c

/* SPDX-License-Identifier: LGPL-2.1+ */

#include "bus-common-errors.h"
#include "errno-util.h"
#include "home-util.h"
#include "libcrypt-util.h"
#include "pwquality-util.h"
#include "strv.h"
#include "user-record-pwquality.h"
#include "user-record-util.h"

#if HAVE_PWQUALITY

int user_record_quality_check_password(
                UserRecord *hr,
                UserRecord *secret,
                sd_bus_error *error) {

        _cleanup_(sym_pwquality_free_settingsp) pwquality_settings_t *pwq = NULL;
        char buf[PWQ_MAX_ERROR_MESSAGE_LEN], **pp;
        void *auxerror;
        int r;

        assert(hr);
        assert(secret);

        r = pwq_allocate_context(&pwq);
        if (ERRNO_IS_NOT_SUPPORTED(r))
                return 0;
        if (r < 0)
                return log_debug_errno(r, "Failed to allocate libpwquality context: %m");

        /* This is a bit more complex than one might think at first. pwquality_check() would like to know the
         * old password to make security checks. We support arbitrary numbers of passwords however, hence we
         * call the function once for each combination of old and new password. */

        /* Iterate through all new passwords */
        STRV_FOREACH(pp, secret->password) {
                bool called = false;
                char **old;

                r = test_password_many(hr->hashed_password, *pp);
                if (r < 0)
                        return r;
                if (r == 0) /* This is an old password as it isn't listed in the hashedPassword field, skip it */
                        continue;

                /* Check this password against all old passwords */
                STRV_FOREACH(old, secret->password) {

                        if (streq(*pp, *old))
                                continue;

                        r = test_password_many(hr->hashed_password, *old);
                        if (r < 0)
                                return r;
                        if (r > 0) /* This is a new password, not suitable as old password */
                                continue;

                        r = sym_pwquality_check(pwq, *pp, *old, hr->user_name, &auxerror);
                        if (r < 0)
                                return sd_bus_error_setf(error, BUS_ERROR_LOW_PASSWORD_QUALITY, "Password too weak: %s",
                                                         sym_pwquality_strerror(buf, sizeof(buf), r, auxerror));

                        called = true;
                }

                if (called)
                        continue;

                /* If there are no old passwords, let's call pwquality_check() without any. */
                r = sym_pwquality_check(pwq, *pp, NULL, hr->user_name, &auxerror);
                if (r < 0)
                        return sd_bus_error_setf(error, BUS_ERROR_LOW_PASSWORD_QUALITY, "Password too weak: %s",
                                                 sym_pwquality_strerror(buf, sizeof(buf), r, auxerror));
        }

        return 1;
}

#else

int user_record_quality_check_password(
                UserRecord *hr,
                UserRecord *secret,
                sd_bus_error *error) {

        return 0;
}

#endif
Commit	Line	Data
679badd7 LP	1	/* SPDX-License-Identifier: LGPL-2.1+ */
	2
	3	#include "bus-common-errors.h"
	4	#include "errno-util.h"
	5	#include "home-util.h"
2ae297fe	6	#include "libcrypt-util.h"
679badd7 LP	7	#include "pwquality-util.h"
	8	#include "strv.h"
	9	#include "user-record-pwquality.h"
	10	#include "user-record-util.h"
	11
	12	#if HAVE_PWQUALITY
	13
	14	int user_record_quality_check_password(
	15	UserRecord *hr,
	16	UserRecord *secret,
	17	sd_bus_error *error) {
	18
	19	_cleanup_(sym_pwquality_free_settingsp) pwquality_settings_t *pwq = NULL;
	20	char buf[PWQ_MAX_ERROR_MESSAGE_LEN], **pp;
	21	void *auxerror;
	22	int r;
	23
	24	assert(hr);
	25	assert(secret);
	26
	27	r = pwq_allocate_context(&pwq);
	28	if (ERRNO_IS_NOT_SUPPORTED(r))
	29	return 0;
	30	if (r < 0)
	31	return log_debug_errno(r, "Failed to allocate libpwquality context: %m");
	32
	33	/* This is a bit more complex than one might think at first. pwquality_check() would like to know the
	34	* old password to make security checks. We support arbitrary numbers of passwords however, hence we
	35	* call the function once for each combination of old and new password. */
	36
	37	/* Iterate through all new passwords */
	38	STRV_FOREACH(pp, secret->password) {
	39	bool called = false;
	40	char **old;
	41
	42	r = test_password_many(hr->hashed_password, *pp);
	43	if (r < 0)
	44	return r;
	45	if (r == 0) /* This is an old password as it isn't listed in the hashedPassword field, skip it */
	46	continue;
	47
	48	/* Check this password against all old passwords */
	49	STRV_FOREACH(old, secret->password) {
	50
	51	if (streq(pp, old))
	52	continue;
	53
	54	r = test_password_many(hr->hashed_password, *old);
	55	if (r < 0)
	56	return r;
	57	if (r > 0) /* This is a new password, not suitable as old password */
	58	continue;
	59
	60	r = sym_pwquality_check(pwq, pp, old, hr->user_name, &auxerror);
	61	if (r < 0)
	62	return sd_bus_error_setf(error, BUS_ERROR_LOW_PASSWORD_QUALITY, "Password too weak: %s",
	63	sym_pwquality_strerror(buf, sizeof(buf), r, auxerror));
	64
	65	called = true;
	66	}
	67
	68	if (called)
	69	continue;
	70
71	/* If there are no old passwords, let's call pwquality_check() without any. */
72	r = sym_pwquality_check(pwq, *pp, NULL, hr->user_name, &auxerror);
73	if (r < 0)
74	return sd_bus_error_setf(error, BUS_ERROR_LOW_PASSWORD_QUALITY, "Password too weak: %s",
75	sym_pwquality_strerror(buf, sizeof(buf), r, auxerror));
76	}
77
78	return 1;
79	}
80
81	#else
82
83	int user_record_quality_check_password(
84	UserRecord *hr,
85	UserRecord *secret,
86	sd_bus_error *error) {
87
88	return 0;
89	}
90
91	#endif