2 * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 #include "kadm5_locl.h"
36 RCSID("$Id: password_quality.c,v 1.4 2000/07/05 13:14:45 joda Exp $");
43 simple_passwd_quality (krb5_context context,
44 krb5_principal principal,
48 return "Password too short";
53 typedef const char* (*passwd_quality_check_func)(krb5_context,
57 static passwd_quality_check_func passwd_quality_check = simple_passwd_quality;
61 #define PASSWD_VERSION 0
66 * setup the password quality hook
70 kadm5_setup_passwd_quality_check(krb5_context context,
71 const char *check_library,
72 const char *check_function)
87 if(check_library == NULL) {
88 tmp = krb5_config_get_string(context, NULL,
95 if(check_function == NULL) {
96 tmp = krb5_config_get_string(context, NULL,
101 check_function = tmp;
103 if(check_library != NULL && check_function == NULL)
104 check_function = "passwd_check";
106 if(check_library == NULL)
108 handle = dlopen(check_library, flags);
110 krb5_warnx(context, "failed to open `%s'", check_library);
113 version = dlsym(handle, "version");
114 if(version == NULL) {
116 "didn't find `version' symbol in `%s'", check_library);
120 if(*version != PASSWD_VERSION) {
122 "version of loaded library is %d (expected %d)",
123 *version, PASSWD_VERSION);
127 sym = dlsym(handle, check_function);
130 "didn't find `%s' symbol in `%s'",
131 check_function, check_library);
135 passwd_quality_check = (passwd_quality_check_func) sym;
136 #endif /* HAVE_DLOPEN */
140 kadm5_check_password_quality (krb5_context context,
141 krb5_principal principal,
144 return (*passwd_quality_check) (context, principal, pwd_data);