summaryrefslogtreecommitdiff
path: root/source4/lib
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2004-04-22 06:17:50 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 12:51:32 -0500
commitced7fa4b45adaf2807a5dc84de4fd0dfbcfed55a (patch)
treeb8305e04cb2b9c393a450e5c29a284a82f9e64bd /source4/lib
parent7e6038ee00c836151d6629a5ac29e1d5a77e6fe9 (diff)
downloadsamba-ced7fa4b45adaf2807a5dc84de4fd0dfbcfed55a.tar.gz
samba-ced7fa4b45adaf2807a5dc84de4fd0dfbcfed55a.tar.bz2
samba-ced7fa4b45adaf2807a5dc84de4fd0dfbcfed55a.zip
r323: added rough password quality checking in generate_random_str(), so we generate passwords
that are likely to be accepted by the win2003 quality checks (This used to be commit 5954969f278e7f23190fe7301bfdc608f480eef6)
Diffstat (limited to 'source4/lib')
-rw-r--r--source4/lib/genrand.c33
1 files changed, 31 insertions, 2 deletions
diff --git a/source4/lib/genrand.c b/source4/lib/genrand.c
index e2e66f7e58..1423419961 100644
--- a/source4/lib/genrand.c
+++ b/source4/lib/genrand.c
@@ -242,6 +242,27 @@ void generate_random_buffer( unsigned char *out, int len, BOOL do_reseed_now)
}
}
+
+/*
+ very basic password quality checker
+*/
+static BOOL check_password_quality(const char *s)
+{
+ int has_digit=0, has_capital=0, has_lower=0;
+ while (*s) {
+ if (isdigit(*s)) {
+ has_digit++;
+ } else if (isupper(*s)) {
+ has_capital++;
+ } else if (islower(*s)) {
+ has_lower++;
+ }
+ s++;
+ }
+
+ return has_digit && has_lower && has_capital;
+}
+
/*******************************************************************
Use the random number generator to generate a random string.
********************************************************************/
@@ -257,11 +278,19 @@ char *generate_random_str(size_t len)
if (len > sizeof(retstr)-1)
len = sizeof(retstr) -1;
- generate_random_buffer( retstr, len, False);
+
+again:
+ generate_random_buffer(retstr, len, False);
for (i = 0; i < len; i++)
- retstr[i] = c_list[ retstr[i] % (sizeof(c_list)-1) ];
+ retstr[i] = c_list[retstr[i] % (sizeof(c_list)-1) ];
retstr[i] = '\0';
+ /* we need to make sure the random string passes basic quality tests
+ or it might be rejected by windows as a password */
+ if (len >= 7 && !check_password_quality(retstr)) {
+ goto again;
+ }
+
return (char *)retstr;
}