git.samba.org / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 295c372)
Fix broken password quality check
authorMatthieu Patou <mat+Informatique.Samba@matws.net>
Sat, 11 Jul 2009 13:57:35 +0000 (15:57 +0200)
committerJelmer Vernooij <jelmer@samba.org>
Sun, 19 Jul 2009 14:00:19 +0000 (16:00 +0200)
This fixes broken password tests when the passwords contain non ASCII characters
(e.g. accentuated chars like ('e, `e, ...)

lib/util/genrand.c patch | blob | history
lib/util/tests/genrand.c patch | blob | history

diff --git a/lib/util/genrand.c b/lib/util/genrand.c
index cd1823a9a07bcacc2063713b22c3d772398ddca6..c51f9384b835c0a04793b2580d1f3f57c16a30ca 100644 (file)
--- a/lib/util/genrand.c
+++ b/lib/util/genrand.c
@@ -294,6 +294,7 @@ _PUBLIC_ uint32_t generate_random(void)
 _PUBLIC_ bool check_password_quality(const char *s)
 {
        int has_digit=0, has_capital=0, has_lower=0, has_special=0, has_high=0;
+       char* reals = s;
        while (*s) {
                if (isdigit((unsigned char)*s)) {
                        has_digit |= 1;
@@ -310,7 +311,7 @@ _PUBLIC_ bool check_password_quality(const char *s)
        }
 
        return ((has_digit + has_lower + has_capital + has_special) >= 3
-               || (has_high > strlen(s)/2));
+               || (has_high > strlen(reals)/2));
 }
 
 /**
diff --git a/lib/util/tests/genrand.c b/lib/util/tests/genrand.c
index 5fe229c089e3e8f23e05a3070fc8e8bfd03d6cfa..20a20ac7fa1f0a3225d39cfac0eedf0137b1b572 100644 (file)
--- a/lib/util/tests/genrand.c
+++ b/lib/util/tests/genrand.c
@@ -40,6 +40,8 @@ static bool test_check_password_quality(struct torture_context *tctx)
        torture_assert(tctx, !check_password_quality("aaaaaaaaaaaa"), "same char password");
        torture_assert(tctx, !check_password_quality("BLA"), "multiple upcases password");
        torture_assert(tctx, !check_password_quality("123"), "digits only");
+       torture_assert(tctx, !check_password_quality("matthiéu"), "not enough high symbols");
+       torture_assert(tctx, check_password_quality("abcdééàçè"), "valid");
        torture_assert(tctx, check_password_quality("A2e"), "valid");
        torture_assert(tctx, check_password_quality("BA2eLi443"), "valid");
        return true;
Samba Shared Repository