diff options
author | Andrew Tridgell <tridge@samba.org> | 2004-04-22 06:17:50 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 12:51:32 -0500 |
commit | ced7fa4b45adaf2807a5dc84de4fd0dfbcfed55a (patch) | |
tree | b8305e04cb2b9c393a450e5c29a284a82f9e64bd /source4 | |
parent | 7e6038ee00c836151d6629a5ac29e1d5a77e6fe9 (diff) | |
download | samba-ced7fa4b45adaf2807a5dc84de4fd0dfbcfed55a.tar.gz samba-ced7fa4b45adaf2807a5dc84de4fd0dfbcfed55a.tar.bz2 samba-ced7fa4b45adaf2807a5dc84de4fd0dfbcfed55a.zip |
r323: added rough password quality checking in generate_random_str(), so we generate passwords
that are likely to be accepted by the win2003 quality checks
(This used to be commit 5954969f278e7f23190fe7301bfdc608f480eef6)
Diffstat (limited to 'source4')
-rw-r--r-- | source4/lib/genrand.c | 33 |
1 files changed, 31 insertions, 2 deletions
diff --git a/source4/lib/genrand.c b/source4/lib/genrand.c index e2e66f7e58..1423419961 100644 --- a/source4/lib/genrand.c +++ b/source4/lib/genrand.c @@ -242,6 +242,27 @@ void generate_random_buffer( unsigned char *out, int len, BOOL do_reseed_now) } } + +/* + very basic password quality checker +*/ +static BOOL check_password_quality(const char *s) +{ + int has_digit=0, has_capital=0, has_lower=0; + while (*s) { + if (isdigit(*s)) { + has_digit++; + } else if (isupper(*s)) { + has_capital++; + } else if (islower(*s)) { + has_lower++; + } + s++; + } + + return has_digit && has_lower && has_capital; +} + /******************************************************************* Use the random number generator to generate a random string. ********************************************************************/ @@ -257,11 +278,19 @@ char *generate_random_str(size_t len) if (len > sizeof(retstr)-1) len = sizeof(retstr) -1; - generate_random_buffer( retstr, len, False); + +again: + generate_random_buffer(retstr, len, False); for (i = 0; i < len; i++) - retstr[i] = c_list[ retstr[i] % (sizeof(c_list)-1) ]; + retstr[i] = c_list[retstr[i] % (sizeof(c_list)-1) ]; retstr[i] = '\0'; + /* we need to make sure the random string passes basic quality tests + or it might be rejected by windows as a password */ + if (len >= 7 && !check_password_quality(retstr)) { + goto again; + } + return (char *)retstr; } |