diff options
author | Matthieu Patou <mat+Informatique.Samba@matws.net> | 2009-07-11 15:57:35 +0200 |
---|---|---|
committer | Jelmer Vernooij <jelmer@samba.org> | 2009-07-19 16:00:19 +0200 |
commit | a817cff5a0f17c6a8b35013483a18c70acdfaa1c (patch) | |
tree | ed7cdd7e3982b07942df153b2bc8c851d1752a0e | |
parent | 295c3724a30013c572d3a3fdd3a8acc6ed19c546 (diff) | |
download | samba-a817cff5a0f17c6a8b35013483a18c70acdfaa1c.tar.gz samba-a817cff5a0f17c6a8b35013483a18c70acdfaa1c.tar.bz2 samba-a817cff5a0f17c6a8b35013483a18c70acdfaa1c.zip |
Fix broken password quality check
This fixes broken password tests when the passwords contain non ASCII characters
(e.g. accentuated chars like ('e, `e, ...)
-rw-r--r-- | lib/util/genrand.c | 3 | ||||
-rw-r--r-- | lib/util/tests/genrand.c | 2 |
2 files changed, 4 insertions, 1 deletions
diff --git a/lib/util/genrand.c b/lib/util/genrand.c index cd1823a9a0..c51f9384b8 100644 --- a/lib/util/genrand.c +++ b/lib/util/genrand.c @@ -294,6 +294,7 @@ _PUBLIC_ uint32_t generate_random(void) _PUBLIC_ bool check_password_quality(const char *s) { int has_digit=0, has_capital=0, has_lower=0, has_special=0, has_high=0; + char* reals = s; while (*s) { if (isdigit((unsigned char)*s)) { has_digit |= 1; @@ -310,7 +311,7 @@ _PUBLIC_ bool check_password_quality(const char *s) } return ((has_digit + has_lower + has_capital + has_special) >= 3 - || (has_high > strlen(s)/2)); + || (has_high > strlen(reals)/2)); } /** diff --git a/lib/util/tests/genrand.c b/lib/util/tests/genrand.c index 5fe229c089..20a20ac7fa 100644 --- a/lib/util/tests/genrand.c +++ b/lib/util/tests/genrand.c @@ -40,6 +40,8 @@ static bool test_check_password_quality(struct torture_context *tctx) torture_assert(tctx, !check_password_quality("aaaaaaaaaaaa"), "same char password"); torture_assert(tctx, !check_password_quality("BLA"), "multiple upcases password"); torture_assert(tctx, !check_password_quality("123"), "digits only"); + torture_assert(tctx, !check_password_quality("matthiéu"), "not enough high symbols"); + torture_assert(tctx, check_password_quality("abcdééàçè"), "valid"); torture_assert(tctx, check_password_quality("A2e"), "valid"); torture_assert(tctx, check_password_quality("BA2eLi443"), "valid"); return true; |