155682Smarkm/* 2233294Sstas * Copyright (c) 1999 Kungliga Tekniska H��gskolan 3233294Sstas * (Royal Institute of Technology, Stockholm, Sweden). 4233294Sstas * All rights reserved. 555682Smarkm * 6233294Sstas * Redistribution and use in source and binary forms, with or without 7233294Sstas * modification, are permitted provided that the following conditions 8233294Sstas * are met: 955682Smarkm * 10233294Sstas * 1. Redistributions of source code must retain the above copyright 11233294Sstas * notice, this list of conditions and the following disclaimer. 1255682Smarkm * 13233294Sstas * 2. Redistributions in binary form must reproduce the above copyright 14233294Sstas * notice, this list of conditions and the following disclaimer in the 15233294Sstas * documentation and/or other materials provided with the distribution. 1655682Smarkm * 1755682Smarkm * 3. Neither the name of KTH nor the names of its contributors may be 1855682Smarkm * used to endorse or promote products derived from this software without 1955682Smarkm * specific prior written permission. 2055682Smarkm * 2155682Smarkm * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY 2255682Smarkm * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 2355682Smarkm * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 2455682Smarkm * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE 2555682Smarkm * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 2655682Smarkm * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 2755682Smarkm * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR 2855682Smarkm * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 2955682Smarkm * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR 3055682Smarkm * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF 3155682Smarkm * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ 3255682Smarkm 33233294Sstas/* $Id$ */ 3455682Smarkm 3555682Smarkm#include <string.h> 3655682Smarkm#include <stdlib.h> 3755682Smarkm#include <krb5.h> 3855682Smarkm 39178825Sdfrconst char* check_length(krb5_context, krb5_principal, krb5_data *); 40178825Sdfr 4155682Smarkm/* specify the api-version this library conforms to */ 4255682Smarkm 4355682Smarkmint version = 0; 4455682Smarkm 4555682Smarkm/* just check the length of the password, this is what the default 4655682Smarkm check does, but this lets you specify the minimum length in 4755682Smarkm krb5.conf */ 4855682Smarkmconst char* 4955682Smarkmcheck_length(krb5_context context, 5055682Smarkm krb5_principal prinipal, 5155682Smarkm krb5_data *password) 5255682Smarkm{ 5355682Smarkm int min_length = krb5_config_get_int_default(context, NULL, 6, 5455682Smarkm "password_quality", 5555682Smarkm "min_length", 5655682Smarkm NULL); 5755682Smarkm if(password->length < min_length) 5855682Smarkm return "Password too short"; 5955682Smarkm return NULL; 6055682Smarkm} 6155682Smarkm 6255682Smarkm#ifdef DICTPATH 6355682Smarkm 6455682Smarkm/* use cracklib to check password quality; this requires a patch for 6555682Smarkm cracklib that can be found at 6655682Smarkm ftp://ftp.pdc.kth.se/pub/krb/src/cracklib.patch */ 6755682Smarkm 6855682Smarkmconst char* 6955682Smarkmcheck_cracklib(krb5_context context, 7055682Smarkm krb5_principal principal, 7155682Smarkm krb5_data *password) 7255682Smarkm{ 7355682Smarkm char *s = malloc(password->length + 1); 7455682Smarkm char *msg; 7555682Smarkm char *strings[2]; 7655682Smarkm if(s == NULL) 7755682Smarkm return NULL; /* XXX */ 7855682Smarkm strings[0] = principal->name.name_string.val[0]; /* XXX */ 7955682Smarkm strings[1] = NULL; 8055682Smarkm memcpy(s, password->data, password->length); 8155682Smarkm s[password->length] = '\0'; 8255682Smarkm msg = FascistCheck(s, DICTPATH, strings); 8355682Smarkm memset(s, 0, password->length); 8455682Smarkm free(s); 8555682Smarkm return msg; 8655682Smarkm} 8755682Smarkm#endif 88