File: cracklib_password_check.c

package info (click to toggle)
mariadb 1%3A11.8.3-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 772,520 kB
  • sloc: ansic: 2,414,714; cpp: 1,791,394; asm: 381,336; perl: 62,905; sh: 49,647; pascal: 40,897; java: 39,363; python: 20,791; yacc: 20,432; sql: 17,907; xml: 12,344; ruby: 8,544; cs: 6,542; makefile: 6,145; ada: 1,879; lex: 1,193; javascript: 996; objc: 80; tcl: 73; awk: 46; php: 22
file content (86 lines) | stat: -rw-r--r-- 2,574 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
 
/* Copyright (c) 2014, Sergei Golubchik and MariaDB

   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
   the Free Software Foundation; version 2 of the License.

   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   GNU General Public License for more details.

   You should have received a copy of the GNU General Public License
   along with this program; if not, write to the Free Software
   Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1335  USA */

#include <my_alloca.h>
#include <mysql/plugin_password_validation.h>
#include <crack.h>
#include <string.h>
#include <mysqld_error.h>

static char *dictionary;

static int crackme(const MYSQL_CONST_LEX_STRING *username,
                   const MYSQL_CONST_LEX_STRING *password,
                   const MYSQL_CONST_LEX_STRING *hostname)
{
  char *user= alloca(username->length + 1);
  char *full_name= alloca(hostname->length + username->length + 2);
  const char *res;

  memcpy(user, username->str, username->length);
  user[username->length]= 0;
  memcpy(full_name, username->str, username->length);
  full_name[username->length]= '@';
  memcpy(full_name + username->length + 1, hostname->str, hostname->length);
  full_name[hostname->length+ username->length + 1]= 0;

  if ((res= FascistCheckUser(password->str, dictionary, user, full_name)))
  {
    my_printf_error(ER_NOT_VALID_PASSWORD, "cracklib: %s",
                    ME_WARNING, res);
    return 1;
  }

  return 0;
}

static MYSQL_SYSVAR_STR(dictionary, dictionary, PLUGIN_VAR_RQCMDARG | PLUGIN_VAR_READONLY,
  "Path to a cracklib dictionary", NULL, NULL, 0);

/* optional user-friendly nicety */
void set_default_dictionary_path() __attribute__((constructor));
void set_default_dictionary_path()
{
  MYSQL_SYSVAR_NAME(dictionary).def_val = GetDefaultCracklibDict();
}

static struct st_mysql_sys_var* sysvars[]= {
  MYSQL_SYSVAR(dictionary),
  NULL
};

static struct st_mariadb_password_validation info=
{
  MariaDB_PASSWORD_VALIDATION_INTERFACE_VERSION,
  crackme
};

maria_declare_plugin(cracklib_password_check)
{
  MariaDB_PASSWORD_VALIDATION_PLUGIN,
  &info,
  "cracklib_password_check",
  "Sergei Golubchik",
  "Password validation via CrackLib",
  PLUGIN_LICENSE_GPL,
  NULL,
  NULL,
  0x0100,
  NULL,
  sysvars,
  "1.0",
  MariaDB_PLUGIN_MATURITY_STABLE
}
maria_declare_plugin_end;