summaryrefslogtreecommitdiffstats
path: root/contrib/slapd-modules/ppm/ppm.h
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 16:35:32 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 16:35:32 +0000
commit5ea77a75dd2d2158401331879f3c8f47940a732c (patch)
treed89dc06e9f4850a900f161e25f84e922c4f86cc8 /contrib/slapd-modules/ppm/ppm.h
parentInitial commit. (diff)
downloadopenldap-5ea77a75dd2d2158401331879f3c8f47940a732c.tar.xz
openldap-5ea77a75dd2d2158401331879f3c8f47940a732c.zip
Adding upstream version 2.5.13+dfsg.upstream/2.5.13+dfsgupstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'contrib/slapd-modules/ppm/ppm.h')
-rw-r--r--contrib/slapd-modules/ppm/ppm.h125
1 files changed, 125 insertions, 0 deletions
diff --git a/contrib/slapd-modules/ppm/ppm.h b/contrib/slapd-modules/ppm/ppm.h
new file mode 100644
index 0000000..25b360d
--- /dev/null
+++ b/contrib/slapd-modules/ppm/ppm.h
@@ -0,0 +1,125 @@
+/*
+ * ppm.h for OpenLDAP
+ *
+ * See LICENSE, README and INSTALL files
+ */
+
+#ifndef PPM_H_
+#define PPM_H_
+
+#include <stdlib.h> // for type conversion, such as atoi...
+#include <regex.h> // for matching allowedParameters / conf file
+#include <string.h>
+#include <ctype.h>
+#include <portable.h>
+#include <slap.h>
+
+#if defined(DEBUG)
+#include <syslog.h>
+#endif
+
+//#define PPM_READ_FILE 1 // old deprecated configuration mode
+ // 1: (deprecated) don't read pwdCheckModuleArg
+ // attribute, instead read config file
+ // 0: read pwdCheckModuleArg attribute
+
+/* config file parameters (DEPRECATED) */
+#ifndef CONFIG_FILE
+#define CONFIG_FILE "/etc/openldap/ppm.example"
+#endif
+#define FILENAME_MAX_LEN 512
+
+#define DEFAULT_QUALITY 3
+#define MEMORY_MARGIN 50
+#define MEM_INIT_SZ 64
+#define DN_MAX_LEN 512
+
+#define CONF_MAX_SIZE 50
+#define PARAM_MAX_LEN 32
+#define VALUE_MAX_LEN 128
+#define ATTR_NAME_MAX_LEN 150
+
+#define PARAM_PREFIX_CLASS "class-"
+#define TOKENS_DELIMITERS " ,;-_£\t"
+
+
+#define DEBUG_MSG_MAX_LEN 256
+
+#define PASSWORD_QUALITY_SZ \
+ "Password for dn=\"%s\" does not pass required number of strength checks (%d of %d)"
+#define PASSWORD_CRITERIA \
+ "Password for dn=\"%s\" has not reached the minimum number of characters (%d) for class %s"
+#define PASSWORD_MAXCONSECUTIVEPERCLASS \
+ "Password for dn=\"%s\" has reached the maximum number of characters (%d) for class %s"
+#define PASSWORD_FORBIDDENCHARS \
+ "Password for dn=\"%s\" contains %d forbidden characters in %s"
+#define RDN_TOKEN_FOUND \
+ "Password for dn=\"%s\" contains tokens from the RDN"
+#define GENERIC_ERROR \
+ "Error while checking password"
+#define PASSWORD_CRACKLIB \
+ "Password for dn=\"%s\" is too weak"
+#define BAD_PASSWORD_SZ \
+ "Bad password for dn=\"%s\" because %s"
+
+
+
+typedef union genValue {
+ int iVal;
+ char sVal[VALUE_MAX_LEN];
+} genValue;
+
+typedef enum {
+ typeInt,
+ typeStr
+} valueType;
+
+typedef struct params {
+ char param[PARAM_MAX_LEN];
+ valueType iType;
+} params;
+
+// allowed parameters loaded into configuration structure
+// it also contains the type of the corresponding value
+params allowedParameters[7] = {
+ {"^minQuality", typeInt},
+ {"^checkRDN", typeInt},
+ {"^forbiddenChars", typeStr},
+ {"^maxConsecutivePerClass", typeInt},
+ {"^useCracklib", typeInt},
+ {"^cracklibDict", typeStr},
+ {"^class-.*", typeStr}
+};
+
+
+// configuration structure, containing a parameter, a value,
+// a corresponding min and minForPoint indicators if necessary
+// and a type for the value (typeInt or typeStr)
+typedef struct conf {
+ char param[PARAM_MAX_LEN];
+ valueType iType;
+ genValue value;
+ int min;
+ int minForPoint;
+} conf;
+
+void ppm_log(int priority, const char *format, ...);
+int min(char *str1, char *str2);
+#ifndef PPM_READ_FILE
+ static void read_config_attr(conf * fileConf, int *numParam, char *ppm_config_attr);
+#endif
+#ifdef PPM_READ_FILE
+ static void read_config_file(conf * fileConf, int *numParam, char *ppm_config_file);
+#endif
+int check_password(char *pPasswd, char **ppErrStr, Entry *e, void *pArg);
+int maxConsPerClass(char *password, char *charClass);
+void storeEntry(char *param, char *value, valueType valType,
+ char *min, char *minForPoint, conf * fileConf, int *numParam);
+int typeParam(char* param);
+genValue* getValue(conf *fileConf, int numParam, char* param);
+void strcpy_safe(char *dest, char *src, int length_dest);
+
+
+int ppm_test = 0;
+
+#endif