void AddUserDlg::slotCheckPwd() { ui.infoLabel->setText(""); if (ui.canLoginCheckBox->isChecked()) { if (!checkPwd()) { return; } } if (true) { char pwdStr[512] =""; char userName[128]=""; if( ui.userNameEdit->text().trimmed().length() < 1 ) { ui.infoLabel->setText(i18n("Please input user name.")); ui.userNameEdit->selectAll(); return; } pwdStr[0] = '\0'; userName[0] = '\0'; snprintf(pwdStr,sizeof(pwdStr),"%s",qPrintable(ui.PwdEdit->text()) ); snprintf(userName,sizeof(userName),"%s",qPrintable(ui.userNameEdit->text().trimmed() ) ); void *auxerror; int pwdErrValue = 0; int pwdValue = pwquality_check (get_pwq (), pwdStr, NULL, userName,&auxerror); if( pwdValue < 0 ) { pwdErrValue = 0; QString setStr = pwdErrorStr(pwdValue,&pwdErrValue); if( pwdErrValue > 0 ) { int i = ui.PwdEdit->text().length(); if( i < 0 ) { i = 1; } pwdErrValue = 2*i; if( pwdErrValue >100 ) { pwdErrValue = 100; } ui.pwdProgressBar->setValue(pwdErrValue); } else { ui.infoLabel->setText(setStr); ui.PwdEdit->selectAll(); ui.pwdProgressBar->setValue(0); return; } } else { ui.pwdProgressBar->setValue(pwdValue); } } if( ui.verifyPwdEdit->text() != ui.PwdEdit->text() ){ ui.infoLabel->setText(i18n("Passwords do not match.")); return; } }
int keystrength::quality( QString key ) { #if BUILD_PWQUALITY void * auxerror ; QByteArray keyArray = key.toAscii() ; int st = pwquality_check( m_handle,keyArray.constData(),NULL,NULL,&auxerror); pwquality_strerror( NULL,0,st,auxerror); return st ; #else key = QString( "silence compiler warning" ) ; return NOT_USED ; #endif }
gdouble pw_strength (const gchar *password, const gchar *old_password, const gchar *username, const gchar **hint, gint *strength_level) { gint rv, level, length = 0; gdouble strength = 0.0; void *auxerror; rv = pwquality_check (get_pwq (), password, old_password, username, &auxerror); if (password != NULL) length = strlen (password); strength = CLAMP (0.01 * rv, 0.0, 1.0); if (rv < 0) { level = (length > 0) ? 1 : 0; } else if (strength < 0.50) { level = 2; } else if (strength < 0.75) { level = 3; } else if (strength < 0.90) { level = 4; } else { level = 5; } if (length && length < pw_min_length()) *hint = pw_error_hint (PWQ_ERROR_MIN_LENGTH); else *hint = pw_error_hint (rv); if (strength_level) *strength_level = level; return strength; }
gdouble pw_strength (const gchar *password, const gchar *old_password, const gchar *username, const gchar **hint, const gchar **long_hint, gint *strength_level) { gint rv, level = 0; gdouble strength = 0.0; void *auxerror; rv = pwquality_check (get_pwq (), password, old_password, username, &auxerror); strength = CLAMP (0.01 * rv, 0.0, 1.0); if (rv < 0) { *hint = C_("Password strength", "Strength: Weak"); } else if (strength < 0.50) { level = 1; *hint = C_("Password strength", "Strength: Low"); } else if (strength < 0.75) { level = 2; *hint = C_("Password strength", "Strength: Medium"); } else if (strength < 0.90) { level = 3; *hint = C_("Password strength", "Strength: Good"); } else { level = 4; *hint = C_("Password strength", "Strength: High"); } *long_hint = pw_error_hint (rv); if (strength_level) *strength_level = level; return strength; }
int keystrength::quality( const QString& key ) { auto h = reinterpret_cast< pwquality_settings_t * >( m_handle ) ; return pwquality_check( h,key.toLatin1().constData(),nullptr,nullptr,nullptr ) ; }
PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags, int argc, const char **argv) { int ctrl; struct module_options options; memset(&options, 0, sizeof(options)); options.retry_times = CO_RETRY_TIMES; ctrl = _pam_parse(pamh, &options, argc, argv); if (ctrl < 0) return PAM_BUF_ERR; if (flags & PAM_PRELIM_CHECK) { /* Check for passwd dictionary * We cannot do that, since the original path is compiled * into the cracklib library and we don't know it. */ return PAM_SUCCESS; } else if (flags & PAM_UPDATE_AUTHTOK) { int retval; const void *oldtoken; const char *user; int tries; retval = pam_get_user(pamh, &user, NULL); if (retval != PAM_SUCCESS || user == NULL) { if (ctrl & PAM_DEBUG_ARG) pam_syslog(pamh, LOG_ERR, "Can not get username"); return PAM_AUTHTOK_ERR; } retval = pam_get_item(pamh, PAM_OLDAUTHTOK, &oldtoken); if (retval != PAM_SUCCESS) { if (ctrl & PAM_DEBUG_ARG) pam_syslog(pamh, LOG_ERR, "Can not get old passwd"); oldtoken = NULL; } tries = 0; while (tries < options.retry_times) { void *auxerror; const char *newtoken = NULL; tries++; /* Planned modus operandi: * Get a passwd. * Verify it against libpwquality. * If okay get it a second time. * Check to be the same with the first one. * set PAM_AUTHTOK and return */ retval = pam_get_authtok_noverify(pamh, &newtoken, NULL); if (retval != PAM_SUCCESS) { pam_syslog(pamh, LOG_ERR, "pam_get_authtok_noverify returned error: %s", pam_strerror(pamh, retval)); continue; } else if (newtoken == NULL) { /* user aborted password change, quit */ return PAM_AUTHTOK_ERR; } /* now test this passwd against libpwquality */ retval = pwquality_check(options.pwq, newtoken, oldtoken, user, &auxerror); if (retval < 0) { const char *msg; char buf[PWQ_MAX_ERROR_MESSAGE_LEN]; msg = pwquality_strerror(buf, sizeof(buf), retval, auxerror); if (ctrl & PAM_DEBUG_ARG) pam_syslog(pamh, LOG_DEBUG, "bad password: %s", msg); pam_error(pamh, _("BAD PASSWORD: %s"), msg); if (getuid() || options.enforce_for_root || (flags & PAM_CHANGE_EXPIRED_AUTHTOK)) { pam_set_item(pamh, PAM_AUTHTOK, NULL); retval = PAM_AUTHTOK_ERR; continue; } } else { if (ctrl & PAM_DEBUG_ARG) pam_syslog(pamh, LOG_DEBUG, "password score: %d", retval); } retval = pam_get_authtok_verify(pamh, &newtoken, NULL); if (retval != PAM_SUCCESS) { pam_syslog(pamh, LOG_ERR, "pam_get_authtok_verify returned error: %s", pam_strerror(pamh, retval)); pam_set_item(pamh, PAM_AUTHTOK, NULL); continue; } else if (newtoken == NULL) { /* user aborted password change, quit */ return PAM_AUTHTOK_ERR; } return PAM_SUCCESS; } pam_set_item (pamh, PAM_AUTHTOK, NULL); /* if we have only one try, we can use the real reason, * else say that there were too many tries. */ if (options.retry_times > 1) return PAM_MAXTRIES; else return retval; } else { if (ctrl & PAM_DEBUG_ARG) pam_syslog(pamh, LOG_NOTICE, "UNKNOWN flags setting %02X",flags); } return PAM_SERVICE_ERR; }