Path: blob/main/crypto/krb5/src/lib/kadm5/srv/pwqual.c
39566 views
/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */1/* lib/kadm5/srv/pwqual.c */2/*3* Copyright (C) 2010 by the Massachusetts Institute of Technology.4* All rights reserved.5*6* Export of this software from the United States of America may7* require a specific license from the United States Government.8* It is the responsibility of any person or organization contemplating9* export to obtain such a license before exporting.10*11* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and12* distribute this software and its documentation for any purpose and13* without fee is hereby granted, provided that the above copyright14* notice appear in all copies and that both that copyright notice and15* this permission notice appear in supporting documentation, and that16* the name of M.I.T. not be used in advertising or publicity pertaining17* to distribution of the software without specific, written prior18* permission. Furthermore if you modify this software you must label19* your software as modified software and not distribute it in such a20* fashion that it might be confused with the original M.I.T. software.21* M.I.T. makes no representations about the suitability of22* this software for any purpose. It is provided "as is" without express23* or implied warranty.24*/2526/*27*28* Consumer interface for password quality plugins.29*/3031#include "k5-int.h"32#include "server_internal.h"33#include <krb5/pwqual_plugin.h>3435struct pwqual_handle_st {36struct krb5_pwqual_vtable_st vt;37krb5_pwqual_moddata data;38};3940krb5_error_code41k5_pwqual_load(krb5_context context, const char *dict_file,42pwqual_handle **handles_out)43{44krb5_error_code ret;45krb5_plugin_initvt_fn *modules = NULL, *mod;46size_t count;47pwqual_handle *list = NULL, handle = NULL;4849*handles_out = NULL;5051ret = k5_plugin_load_all(context, PLUGIN_INTERFACE_PWQUAL, &modules);52if (ret != 0)53goto cleanup;5455/* Allocate a large enough list of handles. */56for (count = 0; modules[count] != NULL; count++);57list = k5calloc(count + 1, sizeof(*list), &ret);58if (list == NULL)59goto cleanup;6061/* For each module, allocate a handle, initialize its vtable, and bind the62* dictionary filename. */63count = 0;64for (mod = modules; *mod != NULL; mod++) {65handle = k5alloc(sizeof(*handle), &ret);66if (handle == NULL)67goto cleanup;68ret = (*mod)(context, 1, 1, (krb5_plugin_vtable)&handle->vt);69if (ret != 0) { /* Failed vtable init is non-fatal. */70free(handle);71handle = NULL;72continue;73}74handle->data = NULL;75if (handle->vt.open != NULL) {76ret = handle->vt.open(context, dict_file, &handle->data);77if (ret != 0) /* Failed dictionary binding is fatal. */78goto cleanup;79}80list[count++] = handle;81list[count] = NULL;82handle = NULL;83}84list[count] = NULL;8586ret = 0;87*handles_out = list;88list = NULL;8990cleanup:91free(handle);92k5_plugin_free_modules(context, modules);93k5_pwqual_free_handles(context, list);94return ret;95}9697void98k5_pwqual_free_handles(krb5_context context, pwqual_handle *handles)99{100pwqual_handle *hp, handle;101102if (handles == NULL)103return;104for (hp = handles; *hp != NULL; hp++) {105handle = *hp;106if (handle->vt.close != NULL)107handle->vt.close(context, handle->data);108free(handle);109}110free(handles);111}112113const char *114k5_pwqual_name(krb5_context context, pwqual_handle handle)115{116return handle->vt.name;117}118119krb5_error_code120k5_pwqual_check(krb5_context context, pwqual_handle handle,121const char *password, const char *policy_name,122krb5_principal princ)123{124return handle->vt.check(context, handle->data, password, policy_name,125princ, NULL);126}127128129