add patch from Enrico Scholz for FascistCheckUser, bump lib to 2.9.0v2.9.0 cracklib-2.9.0

git-svn-id: file:///tmp/cracklib-svn/trunk@211 4175fe1e-86d5-4fdc-8e6a-506fab9d8533
author: Nathan Neulinger <nneul@neulinger.org> 2013-06-01 14:58:32 +0000
committer: Nathan Neulinger <nneul@neulinger.org> 2013-06-01 14:58:32 +0000
commit: 1bf7a03927dc6a179d5e6385a14b75fc4c888888 (patch)
tree: 747ef129be26274e6b0696ff8c2e3ddef426b644
parent: 4eb84605b3dee07831d018e2afff8d0190b5495a (diff)
download: cracklib-1bf7a03927dc6a179d5e6385a14b75fc4c888888.tar.gz
5 files changed, 106 insertions, 93 deletions
diff --git a/cracklib/NEWS b/cracklib/NEWS
index 52cf5b5..851b01b 100644
--- a/cracklib/NEWS
+++ b/cracklib/NEWS
@@ -1,4 +1,4 @@
-v2.8.23
+v2.9.0 add new FascistCheckUser function from Enrico Scholz, bumped minor version for library
 v2.8.22 error return instead of exit if dictionary can't be opened (Nalin Dahyabhai)
 v2.8.21 export prototype for FascistLook (Nalin Dahyabhai)
 v2.8.20 include python/test_cracklib.py in release tarball (Jan Dittberner)
diff --git a/cracklib/configure.in b/cracklib/configure.in
index e31a8dc..993587d 100644
--- a/cracklib/configure.in
+++ b/cracklib/configure.in
@@ -1,6 +1,6 @@
 dnl Process this file with autoconf to produce a configure script.
 AC_INIT([lib/crack.h])
-AM_INIT_AUTOMAKE(cracklib, 2.8.23)
+AM_INIT_AUTOMAKE(cracklib, 2.9.0)
 AM_CONFIG_HEADER(config.h)
 AC_CONFIG_MACRO_DIR([m4])
 
diff --git a/cracklib/lib/Makefile.am b/cracklib/lib/Makefile.am
index ba65bdd..eccedcc 100644
--- a/cracklib/lib/Makefile.am
+++ b/cracklib/lib/Makefile.am
@@ -14,7 +14,7 @@ libcrack_la_SOURCES = 	fascist.c \
 # For next ABI changing release, use 3:0:0
 # After that, follow the libtool recommended incrementing procedure
 #
-libcrack_la_LDFLAGS = -version-info 10:1:8
+libcrack_la_LDFLAGS = -version-info 11:0:9
 
 # Link in NLS libs. Needed by FreeBSD build
 libcrack_la_LIBADD = $(LTLIBINTL)
diff --git a/cracklib/lib/crack.h b/cracklib/lib/crack.h
index b824a9c..f9ef767 100644
--- a/cracklib/lib/crack.h
+++ b/cracklib/lib/crack.h
@@ -5,15 +5,22 @@
 extern "C" {
 #endif
 
-/* Pass this function a password (pw) and a path to the
+/* Pass these functions a password (pw) and a path to the
  * dictionaries (/usr/lib/cracklib_dict should be specified)
  * and it will either return a NULL string, meaning that the
  * password is good, or a pointer to a string that explains the
  * problem with the password.
+ *
+ * FascistCheckUser() executes tests against an arbitrary user (the 'gecos'
+ * attribute can be NULL), while FascistCheck() assumes the currently logged
+ * in user.
+ *
  * You must link with -lcrack
  */
 
 extern const char *FascistCheck(const char *pw, const char *dictpath);
+extern const char *FascistCheckUser(const char *pw, const char *dictpath,
+				    const char *user, const char *gecos);
 
 /* This function returns the compiled in value for DEFAULT_CRACKLIB_DICT.
  */
diff --git a/cracklib/lib/fascist.c b/cracklib/lib/fascist.c
index 184469e..a142abc 100644
--- a/cracklib/lib/fascist.c
+++ b/cracklib/lib/fascist.c
@@ -491,82 +491,34 @@ GTry(rawtext, password)
     return (0);
 }
 
-char *
-FascistGecos(password, uid)
-    char *password;
-    int uid;
+static char *
+FascistGecosUser(char *password, const char *user, const char *gecos)
 {
     int i;
     int j;
     int wc;
     char *ptr;
     int gwords;
-    struct passwd *pwp, passwd;
     char gbuffer[STRINGSIZE];
     char tbuffer[STRINGSIZE];
-    char *sbuffer = NULL;
-#ifdef HAVE_GETPWUID_R
-    size_t sbufferlen = LINE_MAX;
-#endif
     char *uwords[STRINGSIZE];
     char longbuffer[STRINGSIZE * 2];
 
-#ifdef HAVE_GETPWUID_R
-    sbuffer = malloc(sbufferlen);
-    if (sbuffer == NULL)
-    {
-        return ("memory allocation error");
-    }
-    while ((i = getpwuid_r(uid, &passwd, sbuffer, sbufferlen, &pwp)) != 0)
-    {
-        if (i == ERANGE)
-        {
-            free(sbuffer);
-
-	    sbufferlen += LINE_MAX;
-            sbuffer = malloc(sbufferlen);
-
-            if (sbuffer == NULL)
-            {
-                return ("memory allocation error");
-            }
-        } else {
-            pwp = NULL;
-            break;
-        }
-    }
-#else
-    /* Non-reentrant, but no choice since no _r routine */
-    pwp = getpwuid(uid);
-#endif
-
-    if (pwp == NULL)
-    {
-	if (sbuffer)
-	{
-		free(sbuffer);
-		sbuffer = NULL;
-	}
-	return _("you are not registered in the password file");
-    }
+    if (gecos == NULL)
+	gecos = "";
 
     /* lets get really paranoid and assume a dangerously long gecos entry */
 
-    strncpy(tbuffer, pwp->pw_name, STRINGSIZE);
+    strncpy(tbuffer, user, STRINGSIZE);
     tbuffer[STRINGSIZE-1] = '\0';
     if (GTry(tbuffer, password))
     {
-	if (sbuffer)
-	{
-		free(sbuffer);
-		sbuffer = NULL;
-	}
 	return _("it is based on your username");
     }
 
     /* it never used to be that you got passwd strings > 1024 chars, but now... */
 
-    strncpy(tbuffer, pwp->pw_gecos, STRINGSIZE);
+    strncpy(tbuffer, gecos, STRINGSIZE);
     tbuffer[STRINGSIZE-1] = '\0';
     strcpy(gbuffer, Lowercase(tbuffer));
 
@@ -621,11 +573,6 @@ FascistGecos(password, uid)
     {
 	if (GTry(uwords[i], password))
 	{
-	    if (sbuffer)
-	    {
-	    	free(sbuffer);
-		sbuffer = NULL;
-	    }
 	    return _("it is based upon your password entry");
 	}
     }
@@ -641,11 +588,6 @@ FascistGecos(password, uid)
 
 	    if (GTry(longbuffer, password))
 	    {
-	        if (sbuffer)
-	        {
-	       	    free(sbuffer);
-		    sbuffer = NULL;
-	        }
 		return _("it is derived from your password entry");
 	    }
 
@@ -654,11 +596,6 @@ FascistGecos(password, uid)
 
 	    if (GTry(longbuffer, password))
 	    {
-	        if (sbuffer)
-	        {
-	       	    free(sbuffer);
-		    sbuffer = NULL;
-	        }
 		return _("it's derived from your password entry");
 	    }
 
@@ -668,11 +605,6 @@ FascistGecos(password, uid)
 
 	    if (GTry(longbuffer, password))
 	    {
-	        if (sbuffer)
-	        {
-	       	    free(sbuffer);
-		    sbuffer = NULL;
-	        }
 		return _("it is derivable from your password entry");
 	    }
 
@@ -682,29 +614,80 @@ FascistGecos(password, uid)
 
 	    if (GTry(longbuffer, password))
 	    {
-	        if (sbuffer)
-	        {
-	       	    free(sbuffer);
-		    sbuffer = NULL;
-	        }
 		return _("it's derivable from your password entry");
 	    }
 	}
     }
 
+    return ((char *) 0);
+}
+
+char *
+FascistGecos(password, uid)
+    char *password;
+    int uid;
+{
+    struct passwd *pwp;
+    char *sbuffer = NULL;
+    char *ptr;
+
+#ifdef HAVE_GETPWUID_R
+    size_t sbufferlen = LINE_MAX;
+    struct passwd passwd;
+    int i;
+
+    sbuffer = malloc(sbufferlen);
+    if (sbuffer == NULL)
+    {
+	return ("memory allocation error");
+    }
+    while ((i = getpwuid_r(uid, &passwd, sbuffer, sbufferlen, &pwp)) != 0)
+    {
+	if (i == ERANGE)
+	{
+	    free(sbuffer);
+
+	    sbufferlen += LINE_MAX;
+	    sbuffer = malloc(sbufferlen);
+
+	    if (sbuffer == NULL)
+	    {
+		return ("memory allocation error");
+	    }
+	} else {
+	    pwp = NULL;
+	    break;
+	}
+    }
+#else
+    /* Non-reentrant, but no choice since no _r routine */
+    pwp = getpwuid(uid);
+#endif
+
+    if (pwp == NULL)
+    {
+	if (sbuffer)
+	{
+	    free(sbuffer);
+	    sbuffer = NULL;
+	}
+	return _("you are not registered in the password file");
+    }
+
+    ptr = FascistGecosUser(password, pwp->pw_name, pwp->pw_gecos);
+
     if (sbuffer)
     {
-        free(sbuffer);
-        sbuffer = NULL;
+	free(sbuffer);
+	sbuffer = NULL;
     }
 
-    return ((char *) 0);
+    return ptr;
 }
 
-char *
-FascistLook(pwp, instring)
-    PWDICT *pwp;
-    char *instring;
+static char *
+FascistLookUser(PWDICT *pwp, char *instring,
+		const char *user, const char *gecos)
 {
     int i,maxrepeat;
     char *ptr;
@@ -786,7 +769,12 @@ FascistLook(pwp, instring)
 	return _("it looks like a National Insurance number.");
     }
 
-    if ((ptr = FascistGecos(password, getuid())))
+    if (user != NULL)
+        ptr = FascistGecosUser(password, user, gecos);
+    else
+        ptr = FascistGecos(password, getuid());
+
+    if (ptr)
     {
 	return (ptr);
     }
@@ -836,10 +824,20 @@ FascistLook(pwp, instring)
     return ((char *) 0);
 }
 
+char *
+FascistLook(pwp, instring)
+    PWDICT *pwp;
+    char *instring;
+{
+    return FascistLookUser(pwp, instring, NULL, NULL);
+}
+
 const char *
-FascistCheck(password, path)
+FascistCheckUser(password, path, user, gecos)
     const char *password;
     const char *path;
+    const char *user;
+    const char *gecos;
 {
     PWDICT *pwp;
     char pwtrunced[STRINGSIZE];
@@ -868,7 +866,7 @@ FascistCheck(password, path)
     }
 
     /* sure seems like we should close the database, since we're only likely to check one password */
-    res = FascistLook(pwp, pwtrunced);
+    res = FascistLookUser(pwp, pwtrunced, user, gecos);
 
     PWClose(pwp);
     pwp = (PWDICT *)0;
@@ -877,6 +875,14 @@ FascistCheck(password, path)
 }
 
 const char *
+FascistCheck(password, path)
+    const char *password;
+    const char *path;
+{
+    return FascistCheckUser(password, path, NULL, NULL);
+}
+
+const char *
 GetDefaultCracklibDict()
 {
     return DEFAULT_CRACKLIB_DICT;
author	Nathan Neulinger <nneul@neulinger.org>	2013-06-01 14:58:32 +0000
committer	Nathan Neulinger <nneul@neulinger.org>	2013-06-01 14:58:32 +0000
commit	1bf7a03927dc6a179d5e6385a14b75fc4c888888 (patch)
tree	747ef129be26274e6b0696ff8c2e3ddef426b644
parent	4eb84605b3dee07831d018e2afff8d0190b5495a (diff)
download	cracklib-1bf7a03927dc6a179d5e6385a14b75fc4c888888.tar.gz