Adding upstream version 1:10.6.11.upstream/1%10.6.11upstream

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

2 files changed, 100 insertions, 0 deletions

diff --git a/plugin/cracklib_password_check/CMakeLists.txt b/plugin/cracklib_password_check/CMakeLists.txt
new file mode 100644
index 00000000..620234cc
--- /dev/null
+++ b/plugin/cracklib_password_check/CMakeLists.txt
@@ -0,0 +1,17 @@
+INCLUDE (CheckIncludeFiles)
+INCLUDE (CheckLibraryExists)
+
+SET(CPACK_RPM_cracklib-password-check_PACKAGE_SUMMARY "CrackLib Password Validation Plugin for MariaDB" PARENT_SCOPE)
+SET(CPACK_RPM_cracklib-password-check_PACKAGE_DESCRIPTION "This password validation plugin uses cracklib to allow only
+sufficiently secure (as defined by cracklib) user passwords in MariaDB." PARENT_SCOPE)
+
+CHECK_LIBRARY_EXISTS(crack FascistCheckUser "" HAVE_LIBCRACK)
+
+SET(CMAKE_REQUIRED_DEFINITIONS -Dsize_t=int) # debian hack, debian bug.
+CHECK_INCLUDE_FILES (crack.h HAVE_CRACK_H)
+
+IF (HAVE_ALLOCA_H AND HAVE_CRACK_H AND HAVE_LIBCRACK AND HAVE_MEMCPY)
+  MYSQL_ADD_PLUGIN(cracklib_password_check cracklib_password_check.c
+                   LINK_LIBRARIES crack MODULE_ONLY
+                   COMPONENT cracklib-password-check)
+ENDIF()
diff --git a/plugin/cracklib_password_check/cracklib_password_check.c b/plugin/cracklib_password_check/cracklib_password_check.c
new file mode 100644
index 00000000..470e6e52
--- /dev/null
+++ b/plugin/cracklib_password_check/cracklib_password_check.c
@@ -0,0 +1,83 @@
+/* Copyright (c) 2014, Sergei Golubchik and MariaDB
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; version 2 of the License.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, write to the Free Software
+   Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1335  USA */
+
+#include <my_global.h>
+#include <mysql/plugin_password_validation.h>
+#include <crack.h>
+#include <string.h>
+#include <mysqld_error.h>
+
+static char *dictionary;
+
+static int crackme(const MYSQL_CONST_LEX_STRING *username,
+                   const MYSQL_CONST_LEX_STRING *password)
+{
+  char *user= alloca(username->length + 1);
+  char *host;
+  const char *res;
+
+  memcpy(user, username->str, username->length);
+  user[username->length]= 0;
+  if ((host= strchr(user, '@')))
+    *host++= 0;
+
+  if ((res= FascistCheckUser(password->str, dictionary, user, host)))
+  {
+    my_printf_error(ER_NOT_VALID_PASSWORD, "cracklib: %s",
+                    ME_WARNING, res);
+    return 1;
+  }
+
+  return 0;
+}
+
+static MYSQL_SYSVAR_STR(dictionary, dictionary, PLUGIN_VAR_RQCMDARG | PLUGIN_VAR_READONLY,
+  "Path to a cracklib dictionary", NULL, NULL, 0);
+
+/* optional user-friendly nicety */
+void set_default_dictionary_path() __attribute__((constructor));
+void set_default_dictionary_path()
+{
+  MYSQL_SYSVAR_NAME(dictionary).def_val = GetDefaultCracklibDict();
+}
+
+static struct st_mysql_sys_var* sysvars[]= {
+  MYSQL_SYSVAR(dictionary),
+  NULL
+};
+
+static struct st_mariadb_password_validation info=
+{
+  MariaDB_PASSWORD_VALIDATION_INTERFACE_VERSION,
+  crackme
+};
+
+maria_declare_plugin(cracklib_password_check)
+{
+  MariaDB_PASSWORD_VALIDATION_PLUGIN,
+  &info,
+  "cracklib_password_check",
+  "Sergei Golubchik",
+  "Password validation via CrackLib",
+  PLUGIN_LICENSE_GPL,
+  NULL,
+  NULL,
+  0x0100,
+  NULL,
+  sysvars,
+  "1.0",
+  MariaDB_PLUGIN_MATURITY_STABLE
+}
+maria_declare_plugin_end;