AbstractPasswordService::StrengthValidatorResult
PasswordStrengthValidator::evaluateStrength(const WT_USTRING& password,
const WT_USTRING& loginName,
const std::string& email) const
{
passwdqc_params_qc_t params;
for (unsigned i = 0; i < 5; ++i)
params.min[i] = minLength_[i];
params.passphrase_words = passPhraseWords_;
params.match_length = minMatchLength_;
params.similar_deny = false;
params.random_bits = 0;
params.max = 256;
std::string login_utf8 = loginName.toUTF8();
passwdqc_user_t user;
user.pw_name = login_utf8.c_str();
user.pw_email = email.c_str();
int index = passwdqc_check(¶ms, password.toUTF8().c_str(), 0, &user);
WString message
= WString::tr(std::string("Wt.Auth.passwdqc.reason-") + reasons[index]);
bool valid = index == 0;
AbstractPasswordService::StrengthValidatorResult result(valid,
message,
valid ? 5 : 0);
return result;
}
int main(int argc, const char **argv)
{
passwdqc_params_t params;
const char *check_reason;
char *parse_reason, *newpass, *oldpass, *pwline;
struct passwd pwbuf, *pw;
int lines_to_read = 3, multi = 0;
int size = 8192;
int rc = 1;
while (argc > 1 && argv[1][0] == '-') {
const char *arg = argv[1];
if (!strcmp("-h", arg) || !strcmp("--help", arg)) {
print_help();
return 0;
}
if (!strcmp("--version", arg)) {
printf("pwqcheck version %s\n", PASSWDQC_VERSION);
return 0;
}
if ((arg[1] == '1' || arg[1] == '2') && !arg[2]) {
lines_to_read = arg[1] - '0';
goto next_arg;
}
if (!strcmp("--multi", arg)) {
multi = 1;
goto next_arg;
}
break;
next_arg:
argc--; argv++;
}
passwdqc_params_reset(¶ms);
if (argc > 1 &&
passwdqc_params_parse(¶ms, &parse_reason, argc - 1,
argv + 1)) {
fprintf(stderr, "pwqcheck: %s\n",
(parse_reason ? parse_reason : "Out of memory"));
free(parse_reason);
return rc;
}
if (params.qc.max + 1 > size)
size = params.qc.max + 1;
next_pass:
oldpass = pwline = NULL; pw = NULL;
if (!(newpass = read_line(size, multi))) {
if (multi && feof(stdin) && !ferror(stdin) &&
fflush(stdout) >= 0)
rc = 0;
goto done;
}
if (lines_to_read >= 2 && !(oldpass = read_line(size, 0)))
goto done;
if (lines_to_read >= 3 && (!(pwline = read_line(size, 0)) ||
!parse_pwline(pwline, pw = &pwbuf)))
goto done;
check_reason = passwdqc_check(¶ms.qc, newpass, oldpass, pw);
if (!check_reason) {
if (multi)
printf("OK: %s\n", newpass);
else if (puts("OK") >= 0 && fflush(stdout) >= 0)
rc = 0;
goto cleanup;
}
if (multi)
printf("Bad passphrase (%s): %s\n", check_reason, newpass);
else
printf("Bad passphrase (%s)\n", check_reason);
cleanup:
memset(&pwbuf, 0, sizeof(pwbuf));
clean(pwline, size);
clean(oldpass, size);
clean(newpass, size);
if (multi)
goto next_pass;
return rc;
done:
multi = 0;
goto cleanup;
}
