summaryrefslogtreecommitdiffstats
path: root/lib/obscure.c
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-06-26 16:18:36 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-06-26 16:18:36 +0000
commit6c3ea4f47ea280811a7fe53a22f7832e4533c9ec (patch)
tree3d7ed5da23b5dbf6f9e450dfb61642832249c31e /lib/obscure.c
parentAdding upstream version 1:4.13+dfsg1. (diff)
downloadshadow-upstream/1%4.15.2.tar.xz
shadow-upstream/1%4.15.2.zip
Adding upstream version 1:4.15.2.upstream/1%4.15.2upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r--lib/obscure.c (renamed from libmisc/obscure.c)112
1 files changed, 15 insertions, 97 deletions
diff --git a/libmisc/obscure.c b/lib/obscure.c
index 3daaa95..549c2a8 100644
--- a/libmisc/obscure.c
+++ b/lib/obscure.c
@@ -9,25 +9,27 @@
#include <config.h>
-#ifndef USE_PAM
-
#ident "$Id$"
-/*
- * This version of obscure.c contains modifications to support "cracklib"
- * by Alec Muffet (alec.muffett@uk.sun.com). You must obtain the Cracklib
- * library source code for this function to operate.
- */
#include <ctype.h>
#include <stdio.h>
+
+#include "alloc.h"
+#include "attr.h"
+#include "memzero.h"
#include "prototypes.h"
#include "defines.h"
#include "getdef.h"
+
+#if WITH_LIBBSD == 0
+#include "freezero.h"
+#endif /* WITH_LIBBSD */
+
/*
* can't be a palindrome - like `R A D A R' or `M A D A M'
*/
-static bool palindrome (unused const char *old, const char *new)
+static bool palindrome (MAYBE_UNUSED const char *old, const char *new)
{
size_t i, j;
@@ -73,57 +75,6 @@ static bool similar (/*@notnull@*/const char *old, /*@notnull@*/const char *new)
return true;
}
-/*
- * a nice mix of characters.
- */
-
-static bool simple (unused const char *old, const char *new)
-{
- bool digits = false;
- bool uppers = false;
- bool lowers = false;
- bool others = false;
- int size;
- int i;
-
- for (i = 0; '\0' != new[i]; i++) {
- if (isdigit (new[i])) {
- digits = true;
- } else if (isupper (new[i])) {
- uppers = true;
- } else if (islower (new[i])) {
- lowers = true;
- } else {
- others = true;
- }
- }
-
- /*
- * The scam is this - a password of only one character type
- * must be 8 letters long. Two types, 7, and so on.
- */
-
- size = 9;
- if (digits) {
- size--;
- }
- if (uppers) {
- size--;
- }
- if (lowers) {
- size--;
- }
- if (others) {
- size--;
- }
-
- if (size <= i) {
- return false;
- }
-
- return true;
-}
-
static char *str_lower (/*@returned@*/char *string)
{
char *cp;
@@ -137,28 +88,18 @@ static char *str_lower (/*@returned@*/char *string)
static /*@observer@*//*@null@*/const char *password_check (
/*@notnull@*/const char *old,
/*@notnull@*/const char *new,
- /*@notnull@*/const struct passwd *pwdp)
+ /*@notnull@*/MAYBE_UNUSED const struct passwd *pwdp)
{
const char *msg = NULL;
char *oldmono, *newmono, *wrapped;
-#ifdef HAVE_LIBCRACK
- char *dictpath;
-
-#ifdef HAVE_LIBCRACK_PW
- char *FascistCheckPw ();
-#else
- char *FascistCheck ();
-#endif
-#endif
-
if (strcmp (new, old) == 0) {
return _("no change");
}
newmono = str_lower (xstrdup (new));
oldmono = str_lower (xstrdup (old));
- wrapped = xmalloc (strlen (oldmono) * 2 + 1);
+ wrapped = XMALLOC(strlen(oldmono) * 2 + 1, char);
strcpy (wrapped, oldmono);
strcat (wrapped, oldmono);
@@ -168,25 +109,8 @@ static /*@observer@*//*@null@*/const char *password_check (
msg = _("case changes only");
} else if (similar (oldmono, newmono)) {
msg = _("too similar");
- } else if (simple (old, new)) {
- msg = _("too simple");
} else if (strstr (wrapped, newmono) != NULL) {
msg = _("rotated");
- } else {
-#ifdef HAVE_LIBCRACK
- /*
- * Invoke Alec Muffett's cracklib routines.
- */
-
- dictpath = getdef_str ("CRACKLIB_DICTPATH");
- if (NULL != dictpath) {
-#ifdef HAVE_LIBCRACK_PW
- msg = FascistCheckPw (new, dictpath, pwdp);
-#else
- msg = FascistCheck (new, dictpath);
-#endif
- }
-#endif
}
strzero (newmono);
strzero (oldmono);
@@ -257,7 +181,7 @@ static /*@observer@*//*@null@*/const char *obscure_msg (
}
}
- maxlen = (size_t) getdef_num ("PASS_MAX_LEN", 8);
+ maxlen = getdef_num ("PASS_MAX_LEN", 8);
if ( (oldlen <= maxlen)
&& (newlen <= maxlen)) {
return NULL;
@@ -274,10 +198,8 @@ static /*@observer@*//*@null@*/const char *obscure_msg (
msg = password_check (old1, new1, pwdp);
- memzero (new1, newlen);
- memzero (old1, oldlen);
- free (new1);
- free (old1);
+ freezero (new1, newlen);
+ freezero (old1, oldlen);
return msg;
}
@@ -300,7 +222,3 @@ bool obscure (const char *old, const char *new, const struct passwd *pwdp)
}
return true;
}
-
-#else /* !USE_PAM */
-extern int errno; /* warning: ANSI C forbids an empty source file */
-#endif /* !USE_PAM */