cvs commit: patches/heimdal heimdal-0.6.1-cracklib-1.patch

jim at linuxfromscratch.org jim at linuxfromscratch.org
Wed Apr 28 14:01:36 PDT 2004


jim         04/04/28 15:01:36

  Added:       heimdal  heimdal-0.6.1-cracklib-1.patch
  Log:
  Added: heimdal-0.6.1-cracklib-1.patch
  
  Revision  Changes    Path
  1.1                  patches/heimdal/heimdal-0.6.1-cracklib-1.patch
  
  Index: heimdal-0.6.1-cracklib-1.patch
  ===================================================================
  ==> heimdal-0.6.1-cracklib-1.patch <==
  Submitted By: Randy McMurchy <LFS-User at mcmurchy.com> and DJ Lucas
  Date: 2004-04-20
  Initial Package Version: 0.6.1
  Origin: NA
  Description: Enables kpasswd to use the cracklib library. Cracklib
               must be installed using BLFS instructions. Install this
               patch as the root user as /usr/include/crack.h is modified.
  
  diff -Naur heimdal-0.6.1-orig/lib/kadm5/Makefile.in heimdal-0.6.1/lib/kadm5/Makefile.in
  --- heimdal-0.6.1-orig/lib/kadm5/Makefile.in	2004-04-01 12:19:46.000000000 +0000
  +++ heimdal-0.6.1/lib/kadm5/Makefile.in	2004-04-28 18:23:25.000000000 +0000
  @@ -124,7 +124,7 @@
   LEXLIB = @LEXLIB@
   LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
   LIBOBJS = @LIBOBJS@
  -LIBS = @LIBS@
  +LIBS = @LIBS@ -lcrack
   LIBTOOL = @LIBTOOL@
   LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@
   LIB_NDBM = @LIB_NDBM@
  
  diff -Naur heimdal-0.6.1-orig/lib/kadm5/password_quality.c heimdal-0.6.1/lib/kadm5/password_quality.c
  --- heimdal-0.6.1-orig/lib/kadm5/password_quality.c	2000-07-05 13:14:45.000000000 +0000
  +++ heimdal-0.6.1/lib/kadm5/password_quality.c	2004-04-28 18:24:07.000000000 +0000
  @@ -32,6 +32,7 @@
    */
   
   #include "kadm5_locl.h"
  +#include <crack.h>
   
   RCSID("$Id: heimdal-0.6.1-cracklib-1.patch,v 1.1 2004/04/28 21:01:36 jim Exp $");
   
  @@ -39,21 +40,53 @@
   #include <dlfcn.h>
   #endif
   
  -static const char *
  +/* The following function was inserted to utilize the cracklib library to 
  +   ensure strong passwords.  The cracklib library must be patched before 
  +   this function will work. For more information, see:
  +   http://www.linuxfromscratch.org/blfs/view/cvs/postlfs/cracklib.html
  +*/
  +
  +#if defined(CRACKLIB_H) && defined(DICTPATH)
  +
  +static const char*
   simple_passwd_quality (krb5_context context,
  -		       krb5_principal principal,
  -		       krb5_data *pwd)
  +               krb5_principal principal,
  +               krb5_data *password)
   {
  -    if (pwd->length < 6)
  -	return "Password too short";
  -    else
  -	return NULL;
  +    char *s = malloc(password->length + 1);
  +    char *msg;
  +    char *strings[2];
  +    if(s == NULL)
  +    return NULL; /* XXX */
  +    strings[0] = principal->name.name_string.val[0]; /* XXX */
  +    strings[1] = NULL;
  +    memcpy(s, password->data, password->length);
  +    s[password->length] = '\0';
  +        msg = FascistCheck(s, DICTPATH, strings); /* defined in crack.h */
  +    memset(s, 0, password->length);
  +    free(s);
  +    return msg;
   }
   
   typedef const char* (*passwd_quality_check_func)(krb5_context, 
   						 krb5_principal, 
   						 krb5_data*);
   
  +#else /* CRACKLIB_H && DICTPATH */
  +
  +static const char *
  +simple_passwd_quality (krb5_context context,
  +                       krb5_principal principal,
  +                       krb5_data *pwd)
  +{
  +    if (pwd->length < 6)
  +        return "Password too short";
  +    else
  +        return NULL;
  +}
  +
  +#endif /* CRACKLIB_H && DICTPATH */
  +
   static passwd_quality_check_func passwd_quality_check = simple_passwd_quality;
   
   #ifdef HAVE_DLOPEN
  
  
  



More information about the patches mailing list