2 * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 #include "kadm_locl.h"
36 RCSID("$Id: pw_check.c,v 1.14 1999/12/02 16:58:36 joda Exp $");
41 * pw : new password or "" if none passed
42 * newkey : key for pw as passed from client
43 * strings : interesting strings to check for
45 * returns NULL if pw is ok, else an explanatory string
48 kadm_pw_check(char *pw, des_cblock *newkey, char **pw_msg,
52 int status=KADM_SUCCESS;
54 if (pw == NULL || *pw == '\0')
55 return status; /* XXX - Change this later */
59 des_string_to_key(pw, &pwkey); /* Check AFS string to key also! */
60 if (memcmp(pwkey, *newkey, sizeof(pwkey)) != 0)
62 /* no password or bad key */
63 status=KADM_PW_MISMATCH;
64 *pw_msg = "Password doesn't match supplied DES key";
66 else if (strlen(pw) < MIN_KPW_LEN)
68 status = KADM_INSECURE_PW;
69 *pw_msg="Password is too short";
73 *pw_msg = FascistCheck(pw, DICTPATH, strings);
75 return KADM_INSECURE_PW;
78 memset(pwkey, 0, sizeof(pwkey));