AbstractPasswordService::StrengthValidatorResult PasswordStrengthValidator::evaluateStrength(const WT_USTRING& password, const WT_USTRING& loginName, const std::string& email) const { passwdqc_params_qc_t params; for (unsigned i = 0; i < 5; ++i) params.min[i] = minLength_[i]; params.passphrase_words = passPhraseWords_; params.match_length = minMatchLength_; params.similar_deny = false; params.random_bits = 0; params.max = 256; std::string login_utf8 = loginName.toUTF8(); passwdqc_user_t user; user.pw_name = login_utf8.c_str(); user.pw_email = email.c_str(); int index = passwdqc_check(¶ms, password.toUTF8().c_str(), 0, &user); WString message = WString::tr(std::string("Wt.Auth.passwdqc.reason-") + reasons[index]); bool valid = index == 0; AbstractPasswordService::StrengthValidatorResult result(valid, message, valid ? 5 : 0); return result; }
int main(int argc, const char **argv) { passwdqc_params_t params; const char *check_reason; char *parse_reason, *newpass, *oldpass, *pwline; struct passwd pwbuf, *pw; int lines_to_read = 3, multi = 0; int size = 8192; int rc = 1; while (argc > 1 && argv[1][0] == '-') { const char *arg = argv[1]; if (!strcmp("-h", arg) || !strcmp("--help", arg)) { print_help(); return 0; } if (!strcmp("--version", arg)) { printf("pwqcheck version %s\n", PASSWDQC_VERSION); return 0; } if ((arg[1] == '1' || arg[1] == '2') && !arg[2]) { lines_to_read = arg[1] - '0'; goto next_arg; } if (!strcmp("--multi", arg)) { multi = 1; goto next_arg; } break; next_arg: argc--; argv++; } passwdqc_params_reset(¶ms); if (argc > 1 && passwdqc_params_parse(¶ms, &parse_reason, argc - 1, argv + 1)) { fprintf(stderr, "pwqcheck: %s\n", (parse_reason ? parse_reason : "Out of memory")); free(parse_reason); return rc; } if (params.qc.max + 1 > size) size = params.qc.max + 1; next_pass: oldpass = pwline = NULL; pw = NULL; if (!(newpass = read_line(size, multi))) { if (multi && feof(stdin) && !ferror(stdin) && fflush(stdout) >= 0) rc = 0; goto done; } if (lines_to_read >= 2 && !(oldpass = read_line(size, 0))) goto done; if (lines_to_read >= 3 && (!(pwline = read_line(size, 0)) || !parse_pwline(pwline, pw = &pwbuf))) goto done; check_reason = passwdqc_check(¶ms.qc, newpass, oldpass, pw); if (!check_reason) { if (multi) printf("OK: %s\n", newpass); else if (puts("OK") >= 0 && fflush(stdout) >= 0) rc = 0; goto cleanup; } if (multi) printf("Bad passphrase (%s): %s\n", check_reason, newpass); else printf("Bad passphrase (%s)\n", check_reason); cleanup: memset(&pwbuf, 0, sizeof(pwbuf)); clean(pwline, size); clean(oldpass, size); clean(newpass, size); if (multi) goto next_pass; return rc; done: multi = 0; goto cleanup; }