oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

allow password reuse for a short time after it was set last time

Browse Source 
Patch from Harald Barth
This commit is contained in:
Love Hornquist Astrand
2010-05-28 13:40:37 -07:00
parent f2c29f2b1e
commit f4f59121c3
1 changed files with 9 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
lib/kadm5/check-cracklib.pl
View File

@@ -40,6 +40,9 @@ my $database = '/usr/lib/cracklib_dict';
my $historydb = '/var/heimdal/historydb'; my $historydb = '/var/heimdal/historydb';
# NEED TO CHANGE THESE TO MATCH YOUR SYSTEM # NEED TO CHANGE THESE TO MATCH YOUR SYSTEM
# seconds password reuse allowed (to catch retries from clients)
my $reusetime = 60;
my %params; my %params;
sub check_basic sub check_basic
@@ -60,6 +63,7 @@ sub check_repeat
my $result = 'Do not reuse passwords'; my $result = 'Do not reuse passwords';
my %DB; my %DB;
my $md5context = new Digest::MD5; my $md5context = new Digest::MD5;
my $timenow = scalar(time());
$md5context->reset(); $md5context->reset();
$md5context->add($principal, ":", $passwd); $md5context->add($principal, ":", $passwd);
@@ -67,8 +71,11 @@ sub check_repeat
my $key=$md5context->hexdigest(); my $key=$md5context->hexdigest();
dbmopen(%DB,$historydb,0600) or die "Internal: Could not open $historydb"; dbmopen(%DB,$historydb,0600) or die "Internal: Could not open $historydb";
$result = "ok" if (!$DB{$key}); if (!$DB{$key} || ($timenow - $DB{$key} < $reusetime)) {
$DB{$key}=scalar(time()); $result = "ok";
print $timenow - $DB{$key} . "\n";
$DB{$key}=$timenow;
}
dbmclose(%DB) or die "Internal: Could not close $historydb"; dbmclose(%DB) or die "Internal: Could not close $historydb";
return $result; return $result;
} }