[patch]: Fix broken password check

[Matthieu Patou]

Dear all,

please find attached 3 patches intended to fix broken password tests 
when password contains non ascii char (ie. accentuated chars like 
é,à,à,ù ....).

The first on (fix_password_quality_check) fix an error with strlen.

The second patch (fix_password_quality_check_variant) is a (better) 
variant of the first one where I rewrote the not so clear metric 
associated to number of non ascii symbols to something (I hope) more 
clearer: the number of non ascii symbols must be more that the half of 
total symbols in the password (I had the impression that the test was 
missing the fact that with non ascii symbols, a symbol is not a char or 
a byte width).

The third patch (add_high_symbols_torture_test) is an addon on the 
torture test in order to be sure not to face a regression in this area.

I wait for your comments.

Matthieu.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: add_high_symbols_torture_test.patch
Type: text/x-diff
Size: 801 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20090614/f488239d/add_high_symbols_torture_test.bin
-------------- next part --------------
diff --git a/lib/util/genrand.c b/lib/util/genrand.c
index cd1823a..88380c8 100644
--- a/lib/util/genrand.c
+++ b/lib/util/genrand.c
@@ -294,6 +294,7 @@ _PUBLIC_ uint32_t generate_random(void)
 _PUBLIC_ bool check_password_quality(const char *s)
 {
 	int has_digit=0, has_capital=0, has_lower=0, has_special=0, has_high=0;
+	const char* reals = s;
 	while (*s) {
 		if (isdigit((unsigned char)*s)) {
 			has_digit |= 1;
@@ -308,9 +309,14 @@ _PUBLIC_ bool check_password_quality(const char *s)
 		}
 		s++;
 	}
-
+  /* password must have characters from 3 out of 4 catergories or
+   * contain more than the half of the password of high symbols (ie. non 
+   * ascii char)
+   * As high symbols accounts for two bytes the real length of the string is
+   * strlen(string) - number_of_high_symbol / 2
+   */
 	return ((has_digit + has_lower + has_capital + has_special) >= 3
-		|| (has_high > strlen(s)/2));
+		|| (has_high > ( strlen(reals) - (has_high/2) )));
 }
 
 /**
-------------- next part --------------
diff --git a/lib/util/genrand.c b/lib/util/genrand.c
index cd1823a..c51f938 100644
--- a/lib/util/genrand.c
+++ b/lib/util/genrand.c
@@ -294,6 +294,7 @@ _PUBLIC_ uint32_t generate_random(void)
 _PUBLIC_ bool check_password_quality(const char *s)
 {
 	int has_digit=0, has_capital=0, has_lower=0, has_special=0, has_high=0;
+	char* reals = s;
 	while (*s) {
 		if (isdigit((unsigned char)*s)) {
 			has_digit |= 1;
@@ -310,7 +311,7 @@ _PUBLIC_ bool check_password_quality(const char *s)
 	}
 
 	return ((has_digit + has_lower + has_capital + has_special) >= 3
-		|| (has_high > strlen(s)/2));
+		|| (has_high > strlen(reals)/2));
 }
 
 /**