summaryrefslogtreecommitdiff
path: root/source3/smbd
diff options
context:
space:
mode:
authorGünther Deschner <gd@samba.org>2004-10-02 00:13:21 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 10:52:52 -0500
commit96876f696eed81327d32b92ee7160c9048d39388 (patch)
tree43af0c8c5d98edfab95e71c9b60dbe73cd185f6f /source3/smbd
parentb2dc329d437603e525609b101ecced7f0c5b19cd (diff)
downloadsamba-96876f696eed81327d32b92ee7160c9048d39388.tar.gz
samba-96876f696eed81327d32b92ee7160c9048d39388.tar.bz2
samba-96876f696eed81327d32b92ee7160c9048d39388.zip
r2772: Check correct string length when verifying password-policies. Do not
allow e.g. two umlauts and one ascii char to comply with account-policy "min password length" of 5. Thanks to Uwe Morgenroth from CC Compunet and Volker. TODO: we do check the length against AP_MIN_PASSWORD_LEN *and* lp_min_passwd_length() - both can have differing values. (This used to be commit d03683772942e8c32507be210b8fd35bfba2c048)
Diffstat (limited to 'source3/smbd')
-rw-r--r--source3/smbd/chgpasswd.c5
1 files changed, 3 insertions, 2 deletions
diff --git a/source3/smbd/chgpasswd.c b/source3/smbd/chgpasswd.c
index af363d75a3..f8636be351 100644
--- a/source3/smbd/chgpasswd.c
+++ b/source3/smbd/chgpasswd.c
@@ -1018,7 +1018,8 @@ NTSTATUS change_oem_password(SAM_ACCOUNT *hnd, char *old_passwd, char *new_passw
return NT_STATUS_ACCOUNT_RESTRICTION;
}
- if (account_policy_get(AP_MIN_PASSWORD_LEN, &min_len) && (strlen(new_passwd) < min_len)) {
+ /* FIXME: AP_MIN_PASSWORD_LEN and lp_min_passwd_length() need to be merged - gd */
+ if (account_policy_get(AP_MIN_PASSWORD_LEN, &min_len) && (str_charnum(new_passwd) < min_len)) {
DEBUG(1, ("user %s cannot change password - password too short\n",
username));
DEBUGADD(1, (" account policy min password len = %d\n", min_len));
@@ -1028,7 +1029,7 @@ NTSTATUS change_oem_password(SAM_ACCOUNT *hnd, char *old_passwd, char *new_passw
/* Take the passed information and test it for minimum criteria */
/* Minimum password length */
- if (strlen(new_passwd) < lp_min_passwd_length()) {
+ if (str_charnum(new_passwd) < lp_min_passwd_length()) {
/* too short, must be at least MINPASSWDLENGTH */
DEBUG(1, ("Password Change: user %s, New password is shorter than minimum password length = %d\n",
username, lp_min_passwd_length()));