23#define DIM(v) (sizeof (v) / sizeof ((v)[0]))
24#define DIMof(type, member) DIM (((type *) 0)->member)
31#define G_LOG_DOMAIN "libgvm base"
94#define PWPOLICY_FILE_NAME GVM_SYSCONF_DIR "/pwpolicy.conf"
108 return g_strdup (
"Password policy checking failed (internal error)");
128 idx = strlen (keyword);
129 slen = strlen (
string);
131 if (!strncmp (
string, keyword, idx))
134 if (tmp -
string > slen)
139 if (tmp -
string > slen)
142 for (; tmp -
string < slen && g_ascii_isspace (*tmp); tmp++)
170 fp = fopen (fname,
"r");
174 while (fgets (line,
DIM (line) - 1, fp))
179 if (!len || line[len - 1] !=
'\n')
183 while ((c = getc (fp)) != EOF && c !=
'\n')
188 if (len && line[len - 1] ==
'\r')
192 if (!g_ascii_strcasecmp (line, password))
200 int save_errno = errno;
227 const char *password,
const char *username)
234 while (g_ascii_isspace (*line))
241 else if (*line ==
'#' && line[1] ==
'+')
249 *descp = g_strdup (p);
265 g_warning (
"error searching '%s' (requested at line %d): %s", p,
266 lineno, g_strerror (errno));
269 else if (sret && *descp)
270 ret = g_strdup_printf (
"Weak password (%s)", *descp);
272 ret = g_strdup_printf (
"Weak password (found in '%s')", p);
284 else if (!g_ascii_strcasecmp (password, username))
285 ret = g_strdup_printf (
"Weak password (%s)",
286 "user name matches password");
287 else if (strstr (password, username))
288 ret = g_strdup_printf (
"Weak password (%s)",
289 "user name is part of the password");
290 else if (strstr (username, password))
291 ret = g_strdup_printf (
"Weak password (%s)",
292 "password is part of the user name");
298 g_warning (
"error reading '%s', line %d: %s", fname, lineno,
299 "unknown processing instruction");
303 else if (*line ==
'#')
307 else if (*line ==
'/'
308 || (*line ==
'!' && line[1] ==
'/'))
310 int rev = (*line ==
'!');
315 if (n && line[n - 1] ==
'/')
317 if (((!g_regex_match_simple (line, password, G_REGEX_CASELESS, 0)) ^ rev))
320 ret = g_strdup_printf (
"Weak password (%s)", *descp);
323 g_strdup_printf (
"Weak password (see '%s' line %d)", fname, lineno);
327 if (g_ascii_strcasecmp (line, password))
330 ret = g_strdup_printf (
"Weak password (%s)", *descp);
333 g_strdup_printf (
"Weak password (see '%s' line %d)", fname, lineno);
362 if (!password || !*password)
363 return g_strdup (
"Empty password");
365 fp = fopen (patternfile,
"r");
368 g_warning (
"error opening '%s': %s", patternfile, g_strerror (errno));
373 while (fgets (line,
DIM (line) - 1, fp))
379 if (!len || line[len - 1] !=
'\n')
381 g_warning (
"error reading '%s', line %d: %s", patternfile, lineno,
382 len ?
"line too long" :
"line without a LF");
387 if (len && line[len - 1] ==
'\r')
394 bzero (line,
sizeof (line));
409 g_warning (
"Password policy checking has been disabled.");
static int search_file(const char *fname, const char *password)
Search a file for a matching line.
Definition pwpolicy.c:164
void gvm_disable_password_policy(void)
Disable all password policy checking.
Definition pwpolicy.c:406
#define DIM(v)
Definition pwpolicy.c:23
static char * policy_checking_failed(void)
Definition pwpolicy.c:106
static gboolean disable_password_policy
Flag indicating that passwords are not checked.
Definition pwpolicy.c:99
#define PWPOLICY_FILE_NAME
The name of the pattern file.
Definition pwpolicy.c:94
char * gvm_validate_password(const char *password, const char *username)
Validate a password against the pattern file.
Definition pwpolicy.c:350
static char * is_keyword(char *string, const char *keyword)
Check whether a string starts with a keyword.
Definition pwpolicy.c:124
static char * parse_pattern_line(char *line, const char *fname, int lineno, char **descp, const char *password, const char *username)
Parse one line of a pettern file.
Definition pwpolicy.c:226
Protos and data structures for pwpolicy checking.