oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

(kadm5_check_password_quality): set error message in context.

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17595 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2006-05-30 21:51:55 +00:00
parent 661cb09850
commit 201b9198cc
1 changed files with 20 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
lib/kadm5/password_quality.c
View File

@@ -462,12 +462,19 @@ kadm5_check_password_quality (krb5_context context,
char **v, **vp; char **v, **vp;
int ret; int ret;
/*
* Check if we should use the old version of policy function.
*/
v = krb5_config_get_strings(context, NULL, v = krb5_config_get_strings(context, NULL,
"password_quality", "password_quality",
"policies", "policies",
NULL); NULL);
if (v == NULL) if (v == NULL) {
return (*passwd_quality_check) (context, principal, pwd_data); msg = (*passwd_quality_check) (context, principal, pwd_data);
krb5_set_error_string(context, "password policy failed: %s", msg);
return msg;
}
error_msg[0] = '\0'; error_msg[0] = '\0';
@@ -476,11 +483,16 @@ kadm5_check_password_quality (krb5_context context,
proc = find_func(context, *vp); proc = find_func(context, *vp);
if (proc == NULL) { if (proc == NULL) {
msg = "failed to find password verifier function"; msg = "failed to find password verifier function";
krb5_set_error_string(context, "Failed to find password policy "
"function: %s", *vp);
break; break;
} }
ret = (proc->func)(context, principal, pwd_data, NULL, ret = (proc->func)(context, principal, pwd_data, NULL,
error_msg, sizeof(error_msg)); error_msg, sizeof(error_msg));
if (ret) { if (ret) {
krb5_set_error_string(context, "Password policy "
"%s failed with %s",
proc->name, error_msg);
msg = error_msg; msg = error_msg;
break; break;
} }
@@ -489,8 +501,12 @@ kadm5_check_password_quality (krb5_context context,
/* If the default quality check isn't used, lets check that the /* If the default quality check isn't used, lets check that the
* old quality function the user have set too */ * old quality function the user have set too */
if (msg == NULL && passwd_quality_check != min_length_passwd_quality_v0) if (msg == NULL && passwd_quality_check != min_length_passwd_quality_v0) {
msg = (*passwd_quality_check) (context, principal, pwd_data); msg = (*passwd_quality_check) (context, principal, pwd_data);
if (msg)
krb5_set_error_string(context, "(old) password policy "
"failed with %s", msg);
}
return msg; return msg;
} }