svn commit: samba r24273 - in branches/SAMBA_4_0/source/lib/util: .

[abartlet at samba.org]

Author: abartlet
Date: 2007-08-08 02:41:12 +0000 (Wed, 08 Aug 2007)
New Revision: 24273

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=24273

Log:
Fix bug #4817 by <mwallnoefer at yahoo.de>.  (Unable to add a computer
from MMC Active Directory Users and Computers).

Windows sets a 14 UCS2 char buffer as the password in this case.

We need to allow random buffers to be accepted as complex passwords,
even if they don't have ASCII upper or lower case characters.  (If
half the bytes are > 127, then it's likely a random buffer).

Also make the test match the documented windows behaviour of '3 of the
4 classes: upper, lower, digit, special'.

Andrew Bartlett


Modified:
   branches/SAMBA_4_0/source/lib/util/genrand.c


Changeset:
Modified: branches/SAMBA_4_0/source/lib/util/genrand.c
===================================================================
--- branches/SAMBA_4_0/source/lib/util/genrand.c	2007-08-07 14:06:27 UTC (rev 24272)
+++ branches/SAMBA_4_0/source/lib/util/genrand.c	2007-08-08 02:41:12 UTC (rev 24273)
@@ -265,19 +265,24 @@
 **/
 _PUBLIC_ BOOL check_password_quality(const char *s)
 {
-	int has_digit=0, has_capital=0, has_lower=0;
+	int has_digit=0, has_capital=0, has_lower=0, has_special=0, has_high=0;
 	while (*s) {
 		if (isdigit((unsigned char)*s)) {
-			has_digit++;
+			has_digit |= 1;
 		} else if (isupper((unsigned char)*s)) {
-			has_capital++;
+			has_capital |= 1;
 		} else if (islower((unsigned char)*s)) {
-			has_lower++;
+			has_lower |= 1;
+		} else if (isascii((unsigned char)*s)) {
+			has_special |= 1;
+		} else {
+			has_high++;
 		}
 		s++;
 	}
 
-	return has_digit && has_lower && has_capital;
+	return ((has_digit + has_lower + has_capital + has_special) >= 3
+		|| (has_high > strlen(s)/2));
 }
 
 /**