summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorMatthieu Patou <mat+Informatique.Samba@matws.net>2009-07-11 15:57:35 +0200
committerJelmer Vernooij <jelmer@samba.org>2009-07-19 16:00:19 +0200
commita817cff5a0f17c6a8b35013483a18c70acdfaa1c (patch)
treeed7cdd7e3982b07942df153b2bc8c851d1752a0e /lib
parent295c3724a30013c572d3a3fdd3a8acc6ed19c546 (diff)
downloadsamba-a817cff5a0f17c6a8b35013483a18c70acdfaa1c.tar.gz
samba-a817cff5a0f17c6a8b35013483a18c70acdfaa1c.tar.bz2
samba-a817cff5a0f17c6a8b35013483a18c70acdfaa1c.zip
Fix broken password quality check
This fixes broken password tests when the passwords contain non ASCII characters (e.g. accentuated chars like ('e, `e, ...)
Diffstat (limited to 'lib')
-rw-r--r--lib/util/genrand.c3
-rw-r--r--lib/util/tests/genrand.c2
2 files changed, 4 insertions, 1 deletions
diff --git a/lib/util/genrand.c b/lib/util/genrand.c
index cd1823a9a0..c51f9384b8 100644
--- a/lib/util/genrand.c
+++ b/lib/util/genrand.c
@@ -294,6 +294,7 @@ _PUBLIC_ uint32_t generate_random(void)
_PUBLIC_ bool check_password_quality(const char *s)
{
int has_digit=0, has_capital=0, has_lower=0, has_special=0, has_high=0;
+ char* reals = s;
while (*s) {
if (isdigit((unsigned char)*s)) {
has_digit |= 1;
@@ -310,7 +311,7 @@ _PUBLIC_ bool check_password_quality(const char *s)
}
return ((has_digit + has_lower + has_capital + has_special) >= 3
- || (has_high > strlen(s)/2));
+ || (has_high > strlen(reals)/2));
}
/**
diff --git a/lib/util/tests/genrand.c b/lib/util/tests/genrand.c
index 5fe229c089..20a20ac7fa 100644
--- a/lib/util/tests/genrand.c
+++ b/lib/util/tests/genrand.c
@@ -40,6 +40,8 @@ static bool test_check_password_quality(struct torture_context *tctx)
torture_assert(tctx, !check_password_quality("aaaaaaaaaaaa"), "same char password");
torture_assert(tctx, !check_password_quality("BLA"), "multiple upcases password");
torture_assert(tctx, !check_password_quality("123"), "digits only");
+ torture_assert(tctx, !check_password_quality("matthiéu"), "not enough high symbols");
+ torture_assert(tctx, check_password_quality("abcdééàçè"), "valid");
torture_assert(tctx, check_password_quality("A2e"), "valid");
torture_assert(tctx, check_password_quality("BA2eLi443"), "valid");
return true;