From 96876f696eed81327d32b92ee7160c9048d39388 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Sat, 2 Oct 2004 00:13:21 +0000 Subject: r2772: Check correct string length when verifying password-policies. Do not allow e.g. two umlauts and one ascii char to comply with account-policy "min password length" of 5. Thanks to Uwe Morgenroth from CC Compunet and Volker. TODO: we do check the length against AP_MIN_PASSWORD_LEN *and* lp_min_passwd_length() - both can have differing values. (This used to be commit d03683772942e8c32507be210b8fd35bfba2c048) --- source3/smbd/chgpasswd.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'source3') diff --git a/source3/smbd/chgpasswd.c b/source3/smbd/chgpasswd.c index af363d75a3..f8636be351 100644 --- a/source3/smbd/chgpasswd.c +++ b/source3/smbd/chgpasswd.c @@ -1018,7 +1018,8 @@ NTSTATUS change_oem_password(SAM_ACCOUNT *hnd, char *old_passwd, char *new_passw return NT_STATUS_ACCOUNT_RESTRICTION; } - if (account_policy_get(AP_MIN_PASSWORD_LEN, &min_len) && (strlen(new_passwd) < min_len)) { + /* FIXME: AP_MIN_PASSWORD_LEN and lp_min_passwd_length() need to be merged - gd */ + if (account_policy_get(AP_MIN_PASSWORD_LEN, &min_len) && (str_charnum(new_passwd) < min_len)) { DEBUG(1, ("user %s cannot change password - password too short\n", username)); DEBUGADD(1, (" account policy min password len = %d\n", min_len)); @@ -1028,7 +1029,7 @@ NTSTATUS change_oem_password(SAM_ACCOUNT *hnd, char *old_passwd, char *new_passw /* Take the passed information and test it for minimum criteria */ /* Minimum password length */ - if (strlen(new_passwd) < lp_min_passwd_length()) { + if (str_charnum(new_passwd) < lp_min_passwd_length()) { /* too short, must be at least MINPASSWDLENGTH */ DEBUG(1, ("Password Change: user %s, New password is shorter than minimum password length = %d\n", username, lp_min_passwd_length())); -- cgit