Patch to use cracklib for Heimdal kpasswdd password quality checks. Based on the patch from ftp://ftp.pdc.kth.se/pub/krb/src/cracklib.patch --- cracklib/fascist.c.orig 2004-11-24 23:37:43.000000000 +0100 +++ cracklib/fascist.c 2004-11-24 23:40:09.000000000 +0100 @@ -477,6 +477,23 @@ } char * +FascistStrings(password, strings) + char *password; + char **strings; +{ + char *p; + + while(p = *strings++) + { + if(GTry(p, password)) + { + return ("it is based on your name"); + } + } + return ((char *) 0); +} + +char * FascistGecos(password, uid) char *password; int uid; @@ -613,9 +630,10 @@ } char * -FascistLook(pwp, instring) +FascistLook(pwp, instring, strings) PWDICT *pwp; char *instring; + char **strings; { int i; char *ptr; @@ -694,10 +712,16 @@ return ("it looks like a National Insurance number."); } +#if 0 if (ptr = FascistGecos(password, getuid())) { return (ptr); } +#endif + if (ptr = FascistStrings(password, strings)) + { + return (ptr); + } /* it should be safe to use Mangle with its reliance on STRINGSIZE since password cannot be longer than TRUNCSTRINGSIZE; @@ -745,9 +769,10 @@ } char * -FascistCheck(password, path) +FascistCheck(password, path, strings) char *password; char *path; + char **strings; { static char lastpath[STRINGSIZE]; static PWDICT *pwp; @@ -780,5 +805,5 @@ strncpy(lastpath, path, STRINGSIZE); } - return (FascistLook(pwp, pwtrunced)); + return (FascistLook(pwp, password, strings)); } Index: cracklib/packlib.c =================================================================== RCS file: /src/packages/kth-krb/src/cracklib/cracklib/packlib.c,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- cracklib/packlib.c 1996/02/04 09:48:13 1.1.1.1 +++ cracklib/packlib.c 1996/02/04 11:35:20 1.2 @@ -329,6 +329,13 @@ #ifdef DEBUG printf("%lu, %lu\n", lwm, hwm); #endif + if (lwm > hwm) { + register int32 tmp; + + tmp = hwm; + hwm = lwm; + lwm = tmp; + } middle = lwm + ((hwm - lwm + 1) / 2);