(kadmind_dispatch): kadm_chpass: require the password to pass the

password quality check in case the user changes the user's own password kadm_chpass_with_key: disallow the user to change it own password to a key, since that password might violate the password quality check. git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@11626 ec53bebd-3082-4978-b11e-865c3cabbd6b
2003-01-29 12:33:05 +00:00
parent cb07c3282d
commit 84a8e5c39a
1 changed files with 24 additions and 14 deletions
--- a/kadmin/server.c
+++ b/kadmin/server.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 - 2002 Kungliga Tekniska H<>gskolan
+ * Copyright (c) 1997 - 2003 Kungliga Tekniska H<>gskolan
 * (Royal Institute of Technology, Stockholm, Sweden). 
 * All rights reserved. 
 *
@@ -217,19 +217,36 @@ kadmind_dispatch(void *kadm_handle, krb5_boolean initial,

 	/*
 	 * The change is allowed if at least one of:
-	 * a) it's for the principal him/herself and this was an initial ticket
+
+	 * a) it's for the principal him/herself and this was an
+	 *    initial ticket, but then, check with the password quality
+	 *    function.
 	 * b) the user is on the CPW ACL.
 	 */

 	if (initial
 	    && krb5_principal_compare (context->context, context->caller,
 				       princ))
-	    ret = 0;
-	else
+	{
+	    krb5_data pwd_data;
+	    const char *pwd_reason;
+
+	    pwd_data.data = password;
+	    pwd_data.length = strlen(password);
+
+	    pwd_reason = kadm5_check_password_quality (context->context,
+						       princ, &pwd_data);
+	    if (pwd_reason != NULL)
+		ret = KADM5_PASS_Q_DICT;
+	    else
+		ret = 0;
+	} else
 	    ret = _kadm5_acl_check_permission(context, KADM5_PRIV_CPW, princ);

 	if(ret) {
 	    krb5_free_principal(context->context, princ);
+	    memset(password, 0, strlen(password));
+	    free(password);
 	    goto fail;
 	}
 	ret = kadm5_chpass_principal(kadm_handle, princ, password);
@@ -286,18 +303,11 @@ kadmind_dispatch(void *kadm_handle, krb5_boolean initial,
 	krb5_warnx(context->context, "%s: %s %s", client, op, name);

 	/*
-	 * The change is allowed if at least one of:
-	 * a) it's for the principal him/herself and this was an initial ticket
-	 * b) the user is on the CPW ACL.
+	 * The change is only allowed if the user is on the CPW ACL,
+	 * this it to force password quality check on the user.
 	 */

-	if (initial
-	    && krb5_principal_compare (context->context, context->caller,
-				       princ))
-	    ret = 0;
-	else
-	    ret = _kadm5_acl_check_permission(context, KADM5_PRIV_CPW, princ);
-
+	ret = _kadm5_acl_check_permission(context, KADM5_PRIV_CPW, princ);
 	if(ret) {
 	    int16_t dummy = n_key_data;