# plugins/preauth/wpse
# plugins/preauth/cksum_body
# plugins/authdata/greet
-SUBDIRS=util include plugin_core plugin_core/impl plugins/prng \
+SUBDIRS=util include plugin_core plugin_core/impl \
plugins/pa plugins/pa/encrypted_challenge \
+ plugins/pwd_qlty plugins/pwd_qlty/plugin_pwd_qlty_krb \
lib \
@ldap_plugin_dir@ \
plugins/kdb/db2 \
BUILDTOP=$(REL)$(C)
LOCALINCLUDES = -I$(srcdir)
-# plugins/prng/plugin_yarrow
SRCS =
HDRS =
plugin_name = plugin_encrypted_challenge_pa
plugin_type = service
}
+ plugin_pwd_qlty = {
+ plugin_factory_name = plugin_default_factory
+ plugin_factory_type = static
+ plugin_name = plugin_pwd_qlty_krb
+ plugin_type = service
+ }
CRYPTO_DEPLIB = $(TOPLIBD)/libk5crypto$(DEPLIBEXT)
PLUGIN_CORE_DEPLIB = $(TOPLIBD)/../plugin_core/libplugin_core$(DEPLIBEXT)
PLUGIN_PRNG_DEPLIB = $(TOPLIBD)/../plugins/prng/libplugin_prng.a
+PLUGIN_PWD_QLTY_DEPLIB = $(TOPLIBD)/../plugins/pwd_qlty/libplugin_pwd_qlty.a
LIBS_PROFILE = $(TOPLIBD)/../util/profile/libprofile$(DEPLIBEXT)
COM_ERR_DEPLIB = $(COM_ERR_DEPLIB-@COM_ERR_VERSION@)
COM_ERR_DEPLIB-sys = # empty
SS_DEPLIB-sys =
APPUTILS_DEPLIB = $(TOPLIBD)/libapputils.a
-KRB5_BASE_DEPLIBS = $(KRB5_DEPLIB) $(PLUGIN_CORE_DEPLIB) $(LIBS_PROFILE) $(CRYPTO_DEPLIB) $(COM_ERR_DEPLIB) $(SUPPORT_DEPLIB) $(PLUGIN_PRNG_DEPLIB)
+KRB5_BASE_DEPLIBS = $(KRB5_DEPLIB) $(PLUGIN_CORE_DEPLIB) $(LIBS_PROFILE) $(CRYPTO_DEPLIB) $(COM_ERR_DEPLIB) $(SUPPORT_DEPLIB) $(PLUGIN_PWD_QLTY_DEPLIB)
KDB5_DEPLIBS = $(KDB5_DEPLIB) $(KDB5_PLUGIN_DEPLIBS)
GSS_DEPLIBS = $(GSS_DEPLIB)
GSSRPC_DEPLIBS = $(GSSRPC_DEPLIB) $(GSS_DEPLIBS)
# HESIOD_LIBS is -lhesiod...
HESIOD_LIBS = @HESIOD_LIBS@
-KRB5_BASE_LIBS = $(KRB5_LIB) $(K5CRYPTO_LIB) $(COM_ERR_LIB) $(SUPPORT_LIB) $(GEN_LIB) $(LIBS) $(DL_LIB) $(LIBS_PROFILE) $(PLUGIN_CORE_DEPLIB) $(PLUGIN_PRNG_DEPLIB)
+KRB5_BASE_LIBS = $(KRB5_LIB) $(K5CRYPTO_LIB) $(COM_ERR_LIB) $(SUPPORT_LIB) $(GEN_LIB) $(LIBS) $(DL_LIB) $(LIBS_PROFILE) $(PLUGIN_CORE_DEPLIB) $(PLUGIN_PWD_QLTY_DEPLIB)
KDB5_LIBS = $(KDB5_LIB) $(GSSRPC_LIBS)
GSS_LIBS = $(GSS_KRB5_LIB)
# needs fixing if ever used on Mac OS X!
plugins/authdata/greet_client
plugins/authdata/greet_server
- plugins/prng
+ plugins/pwd_qlty
+ plugins/pwd_qlty/plugin_pwd_qlty_krb
plugin_core/impl
plugins/pa
plugins/pa/encrypted_challenge
mydir=lib/kadm5/srv
BUILDTOP=$(REL)..$(S)..$(S)..
LOCALINCLUDES = -I$(BUILDTOP)/include/kadm5 \
- -I$(top_srcdir)/lib/gssapi/krb5 -I$(top_srcdir)/lib/gssapi/generic \
- -I$(BUILDTOP)/lib/gssapi/krb5 -I$(BUILDTOP)/lib/gssapi/generic
+ -I$(top_srcdir)/lib/gssapi/krb5 -I$(top_srcdir)/lib/gssapi/generic \
+ -I$(BUILDTOP)/lib/gssapi/krb5 -I$(BUILDTOP)/lib/gssapi/generic \
+ -I$(BUILDTOP)/plugin_core/ -I$(BUILDTOP)/../../../plugin_core/impl \
+ -I$(BUILDTOP)/plugins/pwd_qlty/
DEFINES = @HESIOD_DEFS@
DEFS=
$(TOPLIBD)/libk5crypto$(SHLIBEXT) \
$(COM_ERR_DEPLIB) $(SUPPORT_LIBDEP)
SHLIB_EXPLIBS = -lgssrpc -lgssapi_krb5 -lkdb5 $(KDB5_DB_LIB) \
- -lkrb5 -lk5crypto $(SUPPORT_LIB) -lcom_err @GEN_LIB@
+ -lkrb5 -lk5crypto $(SUPPORT_LIB) -lcom_err \
+ $(PLUGIN_CORE_DEPLIB) $(PLUGIN_PWD_QLTY_DEPLIB) @GEN_LIB@
SHLIB_DIRS=-L$(TOPLIBD)
SHLIB_RDIRS=$(KRB5_LIBDIR)
RELDIR=kadm5/srv
$(srcdir)/server_kdb.c \
$(srcdir)/server_misc.c \
$(srcdir)/server_init.c \
- $(srcdir)/server_dict.c \
$(srcdir)/svr_iters.c \
$(srcdir)/svr_chpass_util.c \
$(srcdir)/adb_xdr.c
server_kdb.$(OBJEXT) \
server_misc.$(OBJEXT) \
server_init.$(OBJEXT) \
- server_dict.$(OBJEXT) \
svr_iters.$(OBJEXT) \
svr_chpass_util.$(OBJEXT) \
adb_xdr.$(OBJEXT)
server_kdb.o \
server_misc.o \
server_init.o \
- server_dict.o \
svr_iters.o \
svr_chpass_util.o \
adb_xdr.o
kadm5int_acl_init
adb_policy_close
adb_policy_init
-destroy_dict
-find_word
hist_princ
-init_dict
kadm5_set_use_password_server
kadm5_chpass_principal
kadm5_chpass_principal_3
free(handle);
return ret;
}
-
+#if 0
+// Should happen in plugin
ret = init_dict(&handle->params);
if (ret) {
krb5_db_fini(handle->context);
free(handle);
return ret;
}
+#endif
+
*server_handle = (void *) handle;
CHECK_HANDLE(server_handle);
+#if 0
+// Should happen in plugin
destroy_dict();
-
+#endif
adb_policy_close(handle);
krb5_db_fini(handle->context);
krb5_free_principal(handle->context, handle->current_caller);
#include "server_internal.h"
+#include <plugin_manager.h>
+#include <plugin_pwd_qlty.h>
+
+
kadm5_ret_t
adb_policy_init(kadm5_server_handle_t handle)
{
return KADM5_OK;
}
-#ifdef HESIOD
-/* stolen from v4sever/kadm_funcs.c */
-static char *
-reverse(str)
- char *str;
-{
- static char newstr[80];
- char *p, *q;
- int i;
-
- i = strlen(str);
- if (i >= sizeof(newstr))
- i = sizeof(newstr)-1;
- p = str+i-1;
- q = newstr;
- q[i]='\0';
- for(; i > 0; i--)
- *q++ = *p--;
-
- return(newstr);
-}
-#endif /* HESIOD */
-
-#if 0
-static int
-lower(str)
- char *str;
-{
- register char *cp;
- int effect=0;
-
- for (cp = str; *cp; cp++) {
- if (isupper(*cp)) {
- *cp = tolower(*cp);
- effect++;
- }
- }
- return(effect);
-}
-#endif
-
-#ifdef HESIOD
-static int
-str_check_gecos(gecos, pwstr)
- char *gecos;
- char *pwstr;
-{
- char *cp, *ncp, *tcp;
-
- for (cp = gecos; *cp; ) {
- /* Skip past punctuation */
- for (; *cp; cp++)
- if (isalnum(*cp))
- break;
- /* Skip to the end of the word */
- for (ncp = cp; *ncp; ncp++)
- if (!isalnum(*ncp) && *ncp != '\'')
- break;
- /* Delimit end of word */
- if (*ncp)
- *ncp++ = '\0';
- /* Check word to see if it's the password */
- if (*cp) {
- if (!strcasecmp(pwstr, cp))
- return 1;
- tcp = reverse(cp);
- if (!strcasecmp(pwstr, tcp))
- return 1;
- cp = ncp;
- } else
- break;
- }
- return 0;
-}
-#endif /* HESIOD */
-
/* some of this is stolen from gatekeeper ... */
+/* passwd_check - returns KADM5_OK if password passes the validation.*/
kadm5_ret_t
-passwd_check(kadm5_server_handle_t handle,
+passwd_check(kadm5_server_handle_t srv_handle,
char *password, int use_policy, kadm5_policy_ent_t pol,
krb5_principal principal)
{
- int nupper = 0,
- nlower = 0,
- ndigit = 0,
- npunct = 0,
- nspec = 0;
- char c, *s, *cp;
-#ifdef HESIOD
- extern struct passwd *hes_getpwnam();
- struct passwd *ent;
-#endif
- if(use_policy) {
- if(strlen(password) < pol->pw_min_length)
- return KADM5_PASS_Q_TOOSHORT;
- s = password;
- while ((c = *s++)) {
- if (islower((unsigned char) c)) {
- nlower = 1;
- continue;
- }
- else if (isupper((unsigned char) c)) {
- nupper = 1;
- continue;
- } else if (isdigit((unsigned char) c)) {
- ndigit = 1;
- continue;
- } else if (ispunct((unsigned char) c)) {
- npunct = 1;
- continue;
- } else {
- nspec = 1;
- continue;
- }
- }
- if ((nupper + nlower + ndigit + npunct + nspec) < pol->pw_min_classes)
- return KADM5_PASS_Q_CLASS;
- if((find_word(password) == KADM5_OK))
- return KADM5_PASS_Q_DICT;
- else {
- int i, n = krb5_princ_size(handle->context, principal);
- cp = krb5_princ_realm(handle->context, principal)->data;
- if (strcasecmp(cp, password) == 0)
- return KADM5_PASS_Q_DICT;
- for (i = 0; i < n ; i++) {
- cp = krb5_princ_component(handle->context, principal, i)->data;
- if (strcasecmp(cp, password) == 0)
- return KADM5_PASS_Q_DICT;
-#ifdef HESIOD
- ent = hes_getpwnam(cp);
- if (ent && ent->pw_gecos)
- if (str_check_gecos(ent->pw_gecos, password))
- return KADM5_PASS_Q_DICT; /* XXX new error code? */
-#endif
- }
- return KADM5_OK;
- }
- } else {
- if (strlen(password) < 1)
- return KADM5_PASS_Q_TOOSHORT;
- }
- return KADM5_OK;
+ int ret = 0;
+
+ plhandle plugin_handle = plugin_manager_get_service(srv_handle->context->pl_handle, "plugin_pwd_qlty");
+
+ ret = plugin_pwd_qlty_check(plugin_handle, srv_handle, password, use_policy, pol, principal);
+
+ return ret;
}
PLUGINS_LIBS = \
../../plugin_core/impl/libplugin_impl.a $(PLUGIN_CORE_DEPLIB) \
- ../../plugins/pa/encrypted_challenge/libencrypted_challenge.a
+ ../../plugins/pa/encrypted_challenge/libencrypted_challenge.a \
+ ../../plugins/pwd_qlty/plugin_pwd_qlty_krb/libplugin_pwd_qlty_krb.a
##DOSBUILDTOP = ..\..
##DOS##OBJFILE=..\$(OUTPRE)$(PREFIXDIR).lst
PLUGINS_LIBS = $(srcdir)/../../libplugin_impl.a $(srcdir)/../../libencrypted_challenge.a
-# PLUGINS_LIBS = $(srcdir)/../../libplugin_impl.a $(srcdir)/../../libplugin_yarrow.a $(srcdir)/../../libencrypted_challenge.a
-
STLIBOBJS= \
addr_comp.o \
PROG_RPATH=$(KRB5_LIBDIR)
DEFS=
-LOCALINCLUDES = -I$(srcdir)/../include/krb5 -I$(srcdir)/. -I$(srcdir)/../plugins/prng -I$(srcdir)/../util/profile
+LOCALINCLUDES = -I$(srcdir)/../include/krb5 -I$(srcdir)/. -I$(srcdir)/../plugins/pwd_qlty -I$(srcdir)/../util/profile
LIBBASE= plugin_core
LIBMAJOR=0
DEFS=
LOCALINCLUDES = -I$(srcdir)/../../include/krb5 -I$(srcdir)/. \
- -I$(srcdir)/../../plugins/prng \
+ -I$(srcdir)/../../plugins/pwd_qlty -I$(srcdir)/../../plugins/pwd_qlty/plugin_pwd_qlty_krb \
-I$(srcdir)/../../plugins/pa -I$(srcdir)/../../plugins/pa/encrypted_challenge \
- -I$(srcdir)/..
+ -I$(srcdir)/.. -I$(srcdir)/../../lib/kadm5
LIBBASE=plugin_impl
STOBJLISTS=OBJS.ST
-LIBS_UTILS = ../plugin_core$(SO_EXT)
-
-# ../../plugins/prng/plugin_yarrow/plugin_prng_impl$(SO_EXT) \
-# ../../plugins/prng/plugin_yarrow/ycipher$(SO_EXT) \
-# ../../plugins/prng/plugin_yarrow/yarrow$(SO_EXT)
+LIBS_UTILS = ../plugin_core$(SO_EXT) \
+ ../../plugins/pwd_qlty/plugin_pwd_qlty_krb/plugin_pwd_qlty_impl$(SO_EXT)
SHLIB_EXPLIBS= $(LIBS_UTILS) $(CRYPTO_DEPLIB) $(SUPPORT_DEPLIB)
#include "plugin_factory.h"
//#include "plugin_prng_impl.h"
#include "plugin_pa_impl.h"
+#include "plugin_pwd_qlty_impl.h"
#include "plugin_default_factory.h"
static plugin_factory* _default_factory_instance = NULL;
static plugin_descr plugin_default_factory_table[] = {
// {"plugin_yarrow_prng", plugin_yarrow_prng_create},
+ {"plugin_pwd_qlty_krb", plugin_pwd_qlty_krb_create},
{"plugin_encrypted_challenge_pa", plugin_encrypted_challenge_pa_create},
{"plugin_ldap_audit", NULL},
{NULL,NULL}
#define PLUGIN_DEFAULT_FACTORY_H_
#include <plugin_factory.h>
-//#include "plugin_prng_impl.h"
+#include "plugin_pwd_qlty_impl.h"
factory_handle plugin_default_factory_get_instance(void);
--- /dev/null
+mydir=plugins/pwd_qlty
+BUILDTOP=$(REL)../..
+RELDIR=../plugins/pwd_qlty
+PROG_LIBPATH=-L$(TOPLIBD)
+PROG_RPATH=$(KRB5_LIBDIR)
+DEFS=
+
+LOCALINCLUDES = -I../../include/krb5 -I. -I../../plugin_core -I../../lib/kadm5/
+
+LIBBASE=plugin_pwd_qlty
+
+STLIBOBJS= plugin_pwd_qlty.o
+SRCS= plugin_pwd_qlty.c
+STOBJLISTS=OBJS.ST
+
+all-unix:: all-liblinks
+clean-unix:: clean-liblinks clean-libs clean-libobjs
+install-unix:: install-libs
+
+@libpriv_frag@
+@lib_frag@
+@libobj_frag@
--- /dev/null
+#
+# Generated makefile dependencies follow.
+#
+plugin_pwd_qlty.so plugin_pwd_qlty.po $(OUTPRE)plugin_pwd_qlty.$(OBJEXT): \
+ $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(top_srcdir)/plugins/pwd_qlty/plugin_pwd_qlty.h \
+ $(top_srcdir)/plugin_core/plugin_manager.h \
+ $(top_srcdir)/plugin_core/plugin_factory.h \
+ $(top_srcdir)/lib/kadm5/admin.h \
+ plugin_pwd_qlty.c
+plugin_pwd_qlty_impl.so plugin_pwd_qlty_impl.po $(OUTPRE)plugin_pwd_qlty_impl.$(OBJEXT): \
+ $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(top_srcdir)/plugins/pwd_qlty/plugin_pwd_qlty_impl.h \
+ $(top_srcdir)/plugin_core/plugin_manager.h \
+ $(top_srcdir)/plugin_core/plugin_factory.h \
+ $(top_srcdir)/lib/kadm5/admin.h \
+ plugin_pwd_qlty_impl.c
--- /dev/null
+/*
+ * plugin_pwd_qlty.c
+ *
+ */
+#include <plugin_manager.h>
+#include "plugin_pwd_qlty.h"
+
+kadm5_ret_t
+plugin_pwd_qlty_check(plhandle handle, kadm5_server_handle_t srv_handle,
+ char *password, int use_policy, kadm5_policy_ent_t pol,
+ krb5_principal principal)
+{
+ kadm5_ret_t ret = KADM5_OK;
+ plugin_pwd_qlty* api = (plugin_pwd_qlty*) handle.api;
+ ret = api->pwd_qlty_check(srv_handle, password, use_policy, pol, principal);
+
+ return ret;
+}
+
+
+kadm5_ret_t
+plugin_pwd_qlty_init(plhandle handle, kadm5_server_handle_t srv_handle)
+{
+ kadm5_ret_t ret = KADM5_OK;
+ plugin_pwd_qlty* api = (plugin_pwd_qlty*) handle.api;
+ ret = api->pwd_qlty_init(srv_handle);
+
+ return ret;
+}
+
+void
+plugin_pwd_qlty_cleanup(plhandle handle)
+{
+ return;
+}
--- /dev/null
+/*
+ * plugin_pwd_qlty.h
+ *
+ */
+
+#ifndef PLUGIN_PWD_QLTY_H_
+#define PLUGIN_PWD_QLTY_H_
+
+#include <plugin_manager.h>
+#include <k5-int.h>
+#include <admin.h>
+#include <server_internal.h>
+
+/* PWD_QLTY API */
+typedef struct {
+ int version;
+ kadm5_ret_t (*pwd_qlty_init)(kadm5_server_handle_t);
+ void (*pwd_qlty_cleanup)();
+ kadm5_ret_t (*pwd_qlty_check)(kadm5_server_handle_t, char*,
+ int, kadm5_policy_ent_t, krb5_principal);
+} plugin_pwd_qlty;
+
+/* Utility functions */
+kadm5_ret_t plugin_pwd_qlty_init(plhandle, kadm5_server_handle_t);
+void plugin_pwd_qlty_cleanup(plhandle);
+kadm5_ret_t plugin_pwd_qlty_check(plhandle, kadm5_server_handle_t, char*,
+ int, kadm5_policy_ent_t, krb5_principal);
+
+#endif /* PLUGIN_PWD_QLTY_H_ */
--- /dev/null
+mydir=plugins/pwd_qlty/plugin_pwd_qlty_krb
+BUILDTOP=$(REL)../../..
+RELDIR=../plugins/pwd_qlty/plugin_pwd_qlty_krb
+PROG_LIBPATH=-L$(TOPLIBD)
+PROG_RPATH=$(KRB5_LIBDIR)
+DEFS=
+
+LOCALINCLUDES = -I../../../include/krb5 -I. -I../../../plugin_core -I.. -I$(srcdir)/.. \
+ -I../../../lib/kadm5
+
+LIBBASE=plugin_pwd_qlty_krb
+
+STLIBOBJS= plugin_pwd_qlty_impl.o server_dict.o
+SRCS= $(srcdir)/plugin_pwd_qlty_impl.c $(srcdir)/server_dict.c
+
+STOBJLISTS=OBJS.ST
+
+all-unix:: all-liblinks
+clean-unix:: clean-liblinks clean-libs clean-libobjs
+install-unix:: install-libs
+
+
+@libpriv_frag@
+@lib_frag@
+@libobj_frag@
--- /dev/null
+#
+# Generated makefile dependencies follow.
+#
+plugin_pwd_qlty_impl.so plugin_pwd_qlty_impl.po $(OUTPRE)plugin_pwd_qlty_impl.$(OBJEXT): \
+ $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) \
+ $(top_srcdir)/plugins/pwd_qlty/plugin_pwd_qlty_krb/plugin_pwd_qlty_impl.h \
+ $(top_srcdir)/lib/kadm5/admin.h \
+ $(top_srcdir)/plugin_core/plugin_manager.h \
+ $(top_srcdir)/plugin_core/plugin_factory.h \
+ plugin_pwd_qlty_impl.c
+
--- /dev/null
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+
+#include "k5-int.h"
+
+#include <plugin_manager.h>
+#include <plugin_pwd_qlty.h>
+#include "plugin_pwd_qlty_impl.h"
+#include <string.h>
+#include <ctype.h>
+
+
+#ifdef HESIOD
+/* stolen from v4sever/kadm_funcs.c */
+static char *
+reverse(str)
+ char *str;
+{
+ static char newstr[80];
+ char *p, *q;
+ int i;
+
+ i = strlen(str);
+ if (i >= sizeof(newstr))
+ i = sizeof(newstr)-1;
+ p = str+i-1;
+ q = newstr;
+ q[i]='\0';
+ for(; i > 0; i--)
+ *q++ = *p--;
+
+ return(newstr);
+}
+
+static int
+str_check_gecos(gecos, pwstr)
+ char *gecos;
+ char *pwstr;
+{
+ char *cp, *ncp, *tcp;
+
+ for (cp = gecos; *cp; ) {
+ /* Skip past punctuation */
+ for (; *cp; cp++)
+ if (isalnum(*cp))
+ break;
+ /* Skip to the end of the word */
+ for (ncp = cp; *ncp; ncp++)
+ if (!isalnum(*ncp) && *ncp != '\'')
+ break;
+ /* Delimit end of word */
+ if (*ncp)
+ *ncp++ = '\0';
+ /* Check word to see if it's the password */
+ if (*cp) {
+ if (!strcasecmp(pwstr, cp))
+ return 1;
+ tcp = reverse(cp);
+ if (!strcasecmp(pwstr, tcp))
+ return 1;
+ cp = ncp;
+ } else
+ break;
+ }
+ return 0;
+}
+#endif /* HESIOD */
+
+
+static kadm5_ret_t
+_plugin_pwd_qlty_check(kadm5_server_handle_t srv_handle,
+ char *password, int use_policy, kadm5_policy_ent_t pol,
+ krb5_principal principal)
+{
+ int nupper = 0,
+ nlower = 0,
+ ndigit = 0,
+ npunct = 0,
+ nspec = 0;
+ char c, *s, *cp;
+
+#ifdef HESIOD
+ extern struct passwd *hes_getpwnam();
+ struct passwd *ent;
+#endif
+ if(use_policy) {
+ if(strlen(password) < (unsigned int)pol->pw_min_length)
+ return KADM5_PASS_Q_TOOSHORT;
+ s = password;
+ while ((c = *s++)) {
+ if (islower((unsigned char) c)) {
+ nlower = 1;
+ continue;
+ }
+ else if (isupper((unsigned char) c)) {
+ nupper = 1;
+ continue;
+ } else if (isdigit((unsigned char) c)) {
+ ndigit = 1;
+ continue;
+ } else if (ispunct((unsigned char) c)) {
+ npunct = 1;
+ continue;
+ } else {
+ nspec = 1;
+ continue;
+ }
+ }
+ if ((nupper + nlower + ndigit + npunct + nspec) < pol->pw_min_classes)
+ return KADM5_PASS_Q_CLASS;
+ if((find_word(password) == KADM5_OK))
+ return KADM5_PASS_Q_DICT;
+ else {
+ int i, n = krb5_princ_size(handle->context, principal);
+ cp = krb5_princ_realm(handle->context, principal)->data;
+ if (strcasecmp(cp, password) == 0)
+ return KADM5_PASS_Q_DICT;
+ for (i = 0; i < n ; i++) {
+ cp = krb5_princ_component(handle->context, principal, i)->data;
+ if (strcasecmp(cp, password) == 0)
+ return KADM5_PASS_Q_DICT;
+#ifdef HESIOD
+ ent = hes_getpwnam(cp);
+ if (ent && ent->pw_gecos)
+ if (str_check_gecos(ent->pw_gecos, password))
+ return KADM5_PASS_Q_DICT; /* XXX new error code? */
+#endif
+ }
+ return KADM5_OK;
+ }
+ } else {
+ if (strlen(password) < 1)
+ return KADM5_PASS_Q_TOOSHORT;
+ }
+ return KADM5_OK;
+
+}
+
+static kadm5_ret_t
+_plugin_pwd_qlty_init(kadm5_server_handle_t handle)
+{
+ init_dict(&handle->params);
+ return 0;
+}
+
+static void
+_plugin_pwd_qlty_clean()
+{
+ destroy_dict();
+ return;
+}
+
+plhandle
+plugin_pwd_qlty_krb_create()
+{
+ plhandle handle;
+ plugin_pwd_qlty* api = malloc(sizeof(plugin_pwd_qlty));
+
+ memset(api, 0, sizeof(plugin_pwd_qlty));
+ api->version = 1;
+ api->pwd_qlty_init = _plugin_pwd_qlty_init;
+ api->pwd_qlty_check = _plugin_pwd_qlty_check;
+ api->pwd_qlty_cleanup = _plugin_pwd_qlty_clean;
+ handle.api = api;
+
+ return handle;
+}
--- /dev/null
+/*
+ * plugin_pwd_qlty_impl.h
+ *
+ */
+
+#ifndef PLUGIN_PWD_QLTY_IMPL_H_
+#define PLUGIN_PWD_QLTY_IMPL_H_
+
+#include <plugin_manager.h>
+#include <plugin_pwd_qlty.h>
+
+plhandle plugin_pwd_qlty_krb_create(void);
+
+#endif /* PLUGIN_PWD_QLTY_IMPL_H_ */
if(word_list != NULL && word_block != NULL)
return KADM5_OK;
if (! (params->mask & KADM5_CONFIG_DICT_FILE)) {
- krb5_klog_syslog(LOG_INFO, "No dictionary file specified, continuing "
- "without one.");
return KADM5_OK;
}
if ((fd = open(params->dict_file, O_RDONLY)) == -1) {
if (errno == ENOENT) {
- krb5_klog_syslog(LOG_ERR,
- "WARNING! Cannot find dictionary file %s, "
- "continuing without one.", params->dict_file);
return KADM5_OK;
} else
return errno;
projects / thirdparty / krb5.git / commitdiff
