]>
Commit | Line | Data |
---|---|---|
679badd7 LP |
1 | /* SPDX-License-Identifier: LGPL-2.1+ */ |
2 | ||
3 | #include "bus-common-errors.h" | |
4 | #include "errno-util.h" | |
5 | #include "home-util.h" | |
2ae297fe | 6 | #include "libcrypt-util.h" |
679badd7 LP |
7 | #include "pwquality-util.h" |
8 | #include "strv.h" | |
9 | #include "user-record-pwquality.h" | |
10 | #include "user-record-util.h" | |
11 | ||
12 | #if HAVE_PWQUALITY | |
13 | ||
14 | int user_record_quality_check_password( | |
15 | UserRecord *hr, | |
16 | UserRecord *secret, | |
17 | sd_bus_error *error) { | |
18 | ||
19 | _cleanup_(sym_pwquality_free_settingsp) pwquality_settings_t *pwq = NULL; | |
20 | char buf[PWQ_MAX_ERROR_MESSAGE_LEN], **pp; | |
21 | void *auxerror; | |
22 | int r; | |
23 | ||
24 | assert(hr); | |
25 | assert(secret); | |
26 | ||
27 | r = pwq_allocate_context(&pwq); | |
28 | if (ERRNO_IS_NOT_SUPPORTED(r)) | |
29 | return 0; | |
30 | if (r < 0) | |
31 | return log_debug_errno(r, "Failed to allocate libpwquality context: %m"); | |
32 | ||
33 | /* This is a bit more complex than one might think at first. pwquality_check() would like to know the | |
34 | * old password to make security checks. We support arbitrary numbers of passwords however, hence we | |
35 | * call the function once for each combination of old and new password. */ | |
36 | ||
37 | /* Iterate through all new passwords */ | |
38 | STRV_FOREACH(pp, secret->password) { | |
39 | bool called = false; | |
40 | char **old; | |
41 | ||
42 | r = test_password_many(hr->hashed_password, *pp); | |
43 | if (r < 0) | |
44 | return r; | |
45 | if (r == 0) /* This is an old password as it isn't listed in the hashedPassword field, skip it */ | |
46 | continue; | |
47 | ||
48 | /* Check this password against all old passwords */ | |
49 | STRV_FOREACH(old, secret->password) { | |
50 | ||
51 | if (streq(*pp, *old)) | |
52 | continue; | |
53 | ||
54 | r = test_password_many(hr->hashed_password, *old); | |
55 | if (r < 0) | |
56 | return r; | |
57 | if (r > 0) /* This is a new password, not suitable as old password */ | |
58 | continue; | |
59 | ||
60 | r = sym_pwquality_check(pwq, *pp, *old, hr->user_name, &auxerror); | |
61 | if (r < 0) | |
62 | return sd_bus_error_setf(error, BUS_ERROR_LOW_PASSWORD_QUALITY, "Password too weak: %s", | |
63 | sym_pwquality_strerror(buf, sizeof(buf), r, auxerror)); | |
64 | ||
65 | called = true; | |
66 | } | |
67 | ||
68 | if (called) | |
69 | continue; | |
70 | ||
71 | /* If there are no old passwords, let's call pwquality_check() without any. */ | |
72 | r = sym_pwquality_check(pwq, *pp, NULL, hr->user_name, &auxerror); | |
73 | if (r < 0) | |
74 | return sd_bus_error_setf(error, BUS_ERROR_LOW_PASSWORD_QUALITY, "Password too weak: %s", | |
75 | sym_pwquality_strerror(buf, sizeof(buf), r, auxerror)); | |
76 | } | |
77 | ||
78 | return 1; | |
79 | } | |
80 | ||
81 | #else | |
82 | ||
83 | int user_record_quality_check_password( | |
84 | UserRecord *hr, | |
85 | UserRecord *secret, | |
86 | sd_bus_error *error) { | |
87 | ||
88 | return 0; | |
89 | } | |
90 | ||
91 | #endif |