113a51d221
Fixes: #15559
187 lines
6.2 KiB
C
187 lines
6.2 KiB
C
/* SPDX-License-Identifier: LGPL-2.1+ */
|
|
|
|
#include <unistd.h>
|
|
|
|
#if HAVE_PWQUALITY
|
|
/* pwquality.h uses size_t but doesn't include sys/types.h on its own */
|
|
#include <sys/types.h>
|
|
#include <pwquality.h>
|
|
#endif
|
|
|
|
#include "bus-common-errors.h"
|
|
#include "home-util.h"
|
|
#include "memory-util.h"
|
|
#include "pwquality-util.h"
|
|
#include "strv.h"
|
|
|
|
#if HAVE_PWQUALITY
|
|
DEFINE_TRIVIAL_CLEANUP_FUNC(pwquality_settings_t*, pwquality_free_settings);
|
|
|
|
static void pwquality_maybe_disable_dictionary(
|
|
pwquality_settings_t *pwq) {
|
|
|
|
char buf[PWQ_MAX_ERROR_MESSAGE_LEN];
|
|
const char *path;
|
|
int r;
|
|
|
|
r = pwquality_get_str_value(pwq, PWQ_SETTING_DICT_PATH, &path);
|
|
if (r < 0) {
|
|
log_warning("Failed to read libpwquality dictionary path, ignoring: %s", pwquality_strerror(buf, sizeof(buf), r, NULL));
|
|
return;
|
|
}
|
|
|
|
// REMOVE THIS AS SOON AS https://github.com/libpwquality/libpwquality/pull/21 IS MERGED AND RELEASED
|
|
if (isempty(path))
|
|
path = "/usr/share/cracklib/pw_dict.pwd.gz";
|
|
|
|
if (isempty(path)) {
|
|
log_warning("Weird, no dictionary file configured, ignoring.");
|
|
return;
|
|
}
|
|
|
|
if (access(path, F_OK) >= 0)
|
|
return;
|
|
|
|
if (errno != ENOENT) {
|
|
log_warning_errno(errno, "Failed to check if dictionary file %s exists, ignoring: %m", path);
|
|
return;
|
|
}
|
|
|
|
r = pwquality_set_int_value(pwq, PWQ_SETTING_DICT_CHECK, 0);
|
|
if (r < 0) {
|
|
log_warning("Failed to disable libpwquality dictionary check, ignoring: %s", pwquality_strerror(buf, sizeof(buf), r, NULL));
|
|
return;
|
|
}
|
|
}
|
|
|
|
int quality_check_password(
|
|
UserRecord *hr,
|
|
UserRecord *secret,
|
|
sd_bus_error *error) {
|
|
|
|
_cleanup_(pwquality_free_settingsp) pwquality_settings_t *pwq = NULL;
|
|
char buf[PWQ_MAX_ERROR_MESSAGE_LEN], **pp;
|
|
void *auxerror;
|
|
int r;
|
|
|
|
assert(hr);
|
|
assert(secret);
|
|
|
|
pwq = pwquality_default_settings();
|
|
if (!pwq)
|
|
return log_oom();
|
|
|
|
r = pwquality_read_config(pwq, NULL, &auxerror);
|
|
if (r < 0)
|
|
log_warning_errno(SYNTHETIC_ERRNO(EINVAL), "Failed to read libpwquality configuration, ignoring: %s",
|
|
pwquality_strerror(buf, sizeof(buf), r, auxerror));
|
|
|
|
pwquality_maybe_disable_dictionary(pwq);
|
|
|
|
/* This is a bit more complex than one might think at first. pwquality_check() would like to know the
|
|
* old password to make security checks. We support arbitrary numbers of passwords however, hence we
|
|
* call the function once for each combination of old and new password. */
|
|
|
|
/* Iterate through all new passwords */
|
|
STRV_FOREACH(pp, secret->password) {
|
|
bool called = false;
|
|
char **old;
|
|
|
|
r = test_password_many(hr->hashed_password, *pp);
|
|
if (r < 0)
|
|
return r;
|
|
if (r == 0) /* This is an old password as it isn't listed in the hashedPassword field, skip it */
|
|
continue;
|
|
|
|
/* Check this password against all old passwords */
|
|
STRV_FOREACH(old, secret->password) {
|
|
|
|
if (streq(*pp, *old))
|
|
continue;
|
|
|
|
r = test_password_many(hr->hashed_password, *old);
|
|
if (r < 0)
|
|
return r;
|
|
if (r > 0) /* This is a new password, not suitable as old password */
|
|
continue;
|
|
|
|
r = pwquality_check(pwq, *pp, *old, hr->user_name, &auxerror);
|
|
if (r < 0)
|
|
return sd_bus_error_setf(error, BUS_ERROR_LOW_PASSWORD_QUALITY, "Password too weak: %s",
|
|
pwquality_strerror(buf, sizeof(buf), r, auxerror));
|
|
|
|
called = true;
|
|
}
|
|
|
|
if (called)
|
|
continue;
|
|
|
|
/* If there are no old passwords, let's call pwquality_check() without any. */
|
|
r = pwquality_check(pwq, *pp, NULL, hr->user_name, &auxerror);
|
|
if (r < 0)
|
|
return sd_bus_error_setf(error, BUS_ERROR_LOW_PASSWORD_QUALITY, "Password too weak: %s",
|
|
pwquality_strerror(buf, sizeof(buf), r, auxerror));
|
|
}
|
|
|
|
return 0;
|
|
}
|
|
|
|
#define N_SUGGESTIONS 6
|
|
|
|
int suggest_passwords(void) {
|
|
_cleanup_(pwquality_free_settingsp) pwquality_settings_t *pwq = NULL;
|
|
_cleanup_strv_free_erase_ char **suggestions = NULL;
|
|
_cleanup_(erase_and_freep) char *joined = NULL;
|
|
char buf[PWQ_MAX_ERROR_MESSAGE_LEN];
|
|
void *auxerror;
|
|
size_t i;
|
|
int r;
|
|
|
|
pwq = pwquality_default_settings();
|
|
if (!pwq)
|
|
return log_oom();
|
|
|
|
r = pwquality_read_config(pwq, NULL, &auxerror);
|
|
if (r < 0)
|
|
log_warning_errno(SYNTHETIC_ERRNO(EINVAL), "Failed to read libpwquality configuration, ignoring: %s",
|
|
pwquality_strerror(buf, sizeof(buf), r, auxerror));
|
|
|
|
pwquality_maybe_disable_dictionary(pwq);
|
|
|
|
suggestions = new0(char*, N_SUGGESTIONS+1);
|
|
if (!suggestions)
|
|
return log_oom();
|
|
|
|
for (i = 0; i < N_SUGGESTIONS; i++) {
|
|
r = pwquality_generate(pwq, 64, suggestions + i);
|
|
if (r < 0)
|
|
return log_error_errno(SYNTHETIC_ERRNO(EIO), "Failed to generate password, ignoring: %s",
|
|
pwquality_strerror(buf, sizeof(buf), r, NULL));
|
|
}
|
|
|
|
joined = strv_join(suggestions, " ");
|
|
if (!joined)
|
|
return log_oom();
|
|
|
|
log_info("Password suggestions: %s", joined);
|
|
return 0;
|
|
}
|
|
|
|
#else
|
|
|
|
int quality_check_password(
|
|
UserRecord *hr,
|
|
UserRecord *secret,
|
|
sd_bus_error *error) {
|
|
|
|
assert(hr);
|
|
assert(secret);
|
|
|
|
return 0;
|
|
}
|
|
|
|
int suggest_passwords(void) {
|
|
return 0;
|
|
}
|
|
#endif
|