From: Dmitry V. Levin <ldv@strace.io>
Date: Wed, 5 Jul 2023 08:00:00 +0000 (+0000)
Subject: pwquality: fix quality_check_password return value
X-Git-Tag: v254-rc1~7^2~5
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7fc3f9c032cad0690c08fcdee190d83f1c7a6d53;p=thirdparty%2Fsystemd.git

pwquality: fix quality_check_password return value

quality_check_password() used to return the same value 0 in two
different cases: when pwq_allocate_context() failed with a
ERRNO_IS_NOT_SUPPORTED() code, and when pwquality_check() rejected the
password.  As result, users of quality_check_password() used to report
password weakness also in case when the underlying library was not
available.

Fix this by changing quality_check_password() to forward the
ERRNO_IS_NOT_SUPPORTED() code to its callers, and change the callers
to handle this case gracefully.
---

diff --git a/src/cryptenroll/cryptenroll-password.c b/src/cryptenroll/cryptenroll-password.c
index d636db266eb..de72278394a 100644
--- a/src/cryptenroll/cryptenroll-password.c
+++ b/src/cryptenroll/cryptenroll-password.c
@@ -3,6 +3,7 @@
 #include "ask-password-api.h"
 #include "cryptenroll-password.h"
 #include "env-util.h"
+#include "errno-util.h"
 #include "escape.h"
 #include "memory-util.h"
 #include "pwquality-util.h"
@@ -156,8 +157,12 @@ int enroll_password(
         }
 
         r = quality_check_password(new_password, NULL, &error);
-        if (r < 0)
-                return log_error_errno(r, "Failed to check password for quality: %m");
+        if (r < 0) {
+                if (ERRNO_IS_NOT_SUPPORTED(r))
+                        log_warning("Password quality check is not supported, proceeding anyway.");
+                else
+                        return log_error_errno(r, "Failed to check password quality: %m");
+        }
         if (r == 0)
                 log_warning("Specified password does not pass quality checks (%s), proceeding anyway.", error);
 
diff --git a/src/firstboot/firstboot.c b/src/firstboot/firstboot.c
index 076e06e8215..019b7d70afa 100644
--- a/src/firstboot/firstboot.c
+++ b/src/firstboot/firstboot.c
@@ -19,6 +19,7 @@
 #include "creds-util.h"
 #include "dissect-image.h"
 #include "env-file.h"
+#include "errno-util.h"
 #include "fd-util.h"
 #include "fileio.h"
 #include "fs-util.h"
@@ -790,8 +791,12 @@ static int prompt_root_password(int rfd) {
                 }
 
                 r = quality_check_password(*a, "root", &error);
-                if (r < 0)
-                        return log_error_errno(r, "Failed to check quality of password: %m");
+                if (r < 0) {
+                        if (ERRNO_IS_NOT_SUPPORTED(r))
+                                log_warning("Password quality check is not supported, proceeding anyway.");
+                        else
+                                return log_error_errno(r, "Failed to check password quality: %m");
+                }
                 if (r == 0)
                         log_warning("Password is weak, accepting anyway: %s", error);
 
diff --git a/src/shared/pwquality-util.c b/src/shared/pwquality-util.c
index 5deb9324aec..d25104c38f6 100644
--- a/src/shared/pwquality-util.c
+++ b/src/shared/pwquality-util.c
@@ -141,11 +141,8 @@ int quality_check_password(const char *password, const char *username, char **re
         assert(password);
 
         r = pwq_allocate_context(&pwq);
-        if (r < 0) {
-                if (ERRNO_IS_NOT_SUPPORTED(r))
-                        return 0;
+        if (r < 0)
                 return log_debug_errno(r, "Failed to allocate libpwquality context: %m");
-        }
 
         r = sym_pwquality_check(pwq, password, NULL, username, &auxerror);
         if (r < 0) {