X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=libbb%2Fobscure.c;h=19b87523ec6c5a6f17f52dd1d461d4c0ea65de57;hb=d7171c114028815df4e92f9c26875f1d60c6af2a;hp=a152456b2e630a3376fc33ed97165ddd52c93c5a;hpb=a13cca9cf44ab36a8da90a343a6cd68ab7743345;p=oweals%2Fbusybox.git diff --git a/libbb/obscure.c b/libbb/obscure.c index a152456b2..19b87523e 100644 --- a/libbb/obscure.c +++ b/libbb/obscure.c @@ -18,12 +18,12 @@ This password types should not be permitted: a) pure numbers: birthdates, social security number, license plate, phone numbers; b) words and all letters only passwords (uppercase, lowercase or mixed) - as palindromes, consecutive or repetitive letters + as palindromes, consecutive or repetitive letters or adjacent letters on your keyboard; c) username, real name, company name or (e-mail?) address in any form (as-is, reversed, capitalized, doubled, etc.). (we can check only against username, gecos and hostname) - d) common and obvious letter-number replacements + d) common and obvious letter-number replacements (e.g. replace the letter O with number 0) such as "M1cr0$0ft" or "P@ssw0rd" (CAVEAT: we cannot check for them without the use of a dictionary). @@ -39,17 +39,8 @@ of crypt do not truncate passwords. */ -#include -#include -#include - #include "libbb.h" - -/* passwords should consist of 6 (to 8 characters) */ -#define MINLEN 6 - - static int string_checker_helper(const char *p1, const char *p2) __attribute__ ((__pure__)); static int string_checker_helper(const char *p1, const char *p2) @@ -70,7 +61,7 @@ static int string_checker(const char *p1, const char *p2) /* check string */ int ret = string_checker_helper(p1, p2); /* Make our own copy */ - char *p = bb_xstrdup(p1); + char *p = xstrdup(p1); /* reverse string */ size = strlen(p); @@ -93,36 +84,35 @@ static int string_checker(const char *p1, const char *p2) #define NUMBERS 4 #define SPECIAL 8 -static const char *obscure_msg(const char *old_p, const char *new_p, const struct passwd *pw) +static const char *obscure_msg(const char *old_p, const char *new_p, const struct passwd *pw) { int i; int c; int length; int mixed = 0; - /* Add 1 for each type of characters to the minlen of password */ - int size = MINLEN + 8; + /* Add 2 for each type of characters to the minlen of password */ + int size = CONFIG_PASSWORD_MINLEN + 8; const char *p; - char hostname[255]; + char *hostname; /* size */ - if (!new_p || (length = strlen(new_p)) < MINLEN) - return("too short"); - + if (!new_p || (length = strlen(new_p)) < CONFIG_PASSWORD_MINLEN) + return "too short"; + /* no username as-is, as sub-string, reversed, capitalized, doubled */ if (string_checker(new_p, pw->pw_name)) { return "similar to username"; } /* no gecos as-is, as sub-string, reversed, capitalized, doubled */ - if (string_checker(new_p, pw->pw_gecos)) { + if (*pw->pw_gecos && string_checker(new_p, pw->pw_gecos)) { return "similar to gecos"; } /* hostname as-is, as sub-string, reversed, capitalized, doubled */ - if (gethostname(hostname, 255) == 0) { - hostname[254] = '\0'; - if (string_checker(new_p, hostname)) { - return "similar to hostname"; - } - } + hostname = safe_gethostname(); + i = string_checker(new_p, hostname); + free(hostname); + if (i) + return "similar to hostname"; /* Should / Must contain a mix of: */ for (i = 0; i < length; i++) { @@ -139,7 +129,8 @@ static const char *obscure_msg(const char *old_p, const char *new_p, const struc c = 0; p = new_p; while (1) { - if ((p = strchr(p, new_p[i])) == NULL) { + p = strchr(p, new_p[i]); + if (p == NULL) { break; } c++; @@ -152,11 +143,11 @@ static const char *obscure_msg(const char *old_p, const char *new_p, const struc return "too many similar characters"; } } - for(i=0;i<4;i++) + for (i=0; i<4; i++) if (mixed & (1<