svn commit: samba r2772 - branches/SAMBA_3_0/source/smbd
trunk/source/smbd
gd at samba.org
gd at samba.org
Sat Oct 2 00:13:23 GMT 2004
Author: gd
Date: 2004-10-02 00:13:21 +0000 (Sat, 02 Oct 2004)
New Revision: 2772
WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=samba&path=/&rev=2772&nolog=1
Log:
Check correct string length when verifying password-policies. Do not
allow e.g. two umlauts and one ascii char to comply with account-policy
"min password length" of 5.
Thanks to Uwe Morgenroth from CC Compunet and Volker.
TODO: we do check the length against AP_MIN_PASSWORD_LEN *and*
lp_min_passwd_length() - both can have differing values.
Modified:
branches/SAMBA_3_0/source/smbd/chgpasswd.c
trunk/source/smbd/chgpasswd.c
Changeset:
Modified: branches/SAMBA_3_0/source/smbd/chgpasswd.c
===================================================================
--- branches/SAMBA_3_0/source/smbd/chgpasswd.c 2004-10-01 22:24:44 UTC (rev 2771)
+++ branches/SAMBA_3_0/source/smbd/chgpasswd.c 2004-10-02 00:13:21 UTC (rev 2772)
@@ -1018,7 +1018,8 @@
return NT_STATUS_ACCOUNT_RESTRICTION;
}
- if (account_policy_get(AP_MIN_PASSWORD_LEN, &min_len) && (strlen(new_passwd) < min_len)) {
+ /* FIXME: AP_MIN_PASSWORD_LEN and lp_min_passwd_length() need to be merged - gd */
+ if (account_policy_get(AP_MIN_PASSWORD_LEN, &min_len) && (str_charnum(new_passwd) < min_len)) {
DEBUG(1, ("user %s cannot change password - password too short\n",
username));
DEBUGADD(1, (" account policy min password len = %d\n", min_len));
@@ -1028,7 +1029,7 @@
/* Take the passed information and test it for minimum criteria */
/* Minimum password length */
- if (strlen(new_passwd) < lp_min_passwd_length()) {
+ if (str_charnum(new_passwd) < lp_min_passwd_length()) {
/* too short, must be at least MINPASSWDLENGTH */
DEBUG(1, ("Password Change: user %s, New password is shorter than minimum password length = %d\n",
username, lp_min_passwd_length()));
Modified: trunk/source/smbd/chgpasswd.c
===================================================================
--- trunk/source/smbd/chgpasswd.c 2004-10-01 22:24:44 UTC (rev 2771)
+++ trunk/source/smbd/chgpasswd.c 2004-10-02 00:13:21 UTC (rev 2772)
@@ -1018,7 +1018,8 @@
return NT_STATUS_ACCOUNT_RESTRICTION;
}
- if (account_policy_get(AP_MIN_PASSWORD_LEN, &min_len) && (strlen(new_passwd) < min_len)) {
+ /* FIXME: AP_MIN_PASSWORD_LEN and lp_min_passwd_length() need to be merged - gd */
+ if (account_policy_get(AP_MIN_PASSWORD_LEN, &min_len) && (str_charnum(new_passwd) < min_len)) {
DEBUG(1, ("user %s cannot change password - password too short\n",
username));
DEBUGADD(1, (" account policy min password len = %d\n", min_len));
@@ -1028,7 +1029,7 @@
/* Take the passed information and test it for minimum criteria */
/* Minimum password length */
- if (strlen(new_passwd) < lp_min_passwd_length()) {
+ if (str_charnum(new_passwd) < lp_min_passwd_length()) {
/* too short, must be at least MINPASSWDLENGTH */
DEBUG(1, ("Password Change: user %s, New password is shorter than minimum password length = %d\n",
username, lp_min_passwd_length()));
More information about the samba-cvs
mailing list