/* SPDX-License-Identifier: LGPL-2.1+ */ #include #if HAVE_PWQUALITY /* pwquality.h uses size_t but doesn't include sys/types.h on its own */ #include #include #endif #include "bus-common-errors.h" #include "home-util.h" #include "memory-util.h" #include "pwquality-util.h" #include "strv.h" #if HAVE_PWQUALITY DEFINE_TRIVIAL_CLEANUP_FUNC(pwquality_settings_t*, pwquality_free_settings); static void pwquality_maybe_disable_dictionary( pwquality_settings_t *pwq) { char buf[PWQ_MAX_ERROR_MESSAGE_LEN]; const char *path; int r; r = pwquality_get_str_value(pwq, PWQ_SETTING_DICT_PATH, &path); if (r < 0) { log_warning("Failed to read libpwquality dictionary path, ignoring: %s", pwquality_strerror(buf, sizeof(buf), r, NULL)); return; } // REMOVE THIS AS SOON AS https://github.com/libpwquality/libpwquality/pull/21 IS MERGED AND RELEASED if (isempty(path)) path = "/usr/share/cracklib/pw_dict.pwd.gz"; if (isempty(path)) { log_warning("Weird, no dictionary file configured, ignoring."); return; } if (access(path, F_OK) >= 0) return; if (errno != ENOENT) { log_warning_errno(errno, "Failed to check if dictionary file %s exists, ignoring: %m", path); return; } r = pwquality_set_int_value(pwq, PWQ_SETTING_DICT_CHECK, 0); if (r < 0) { log_warning("Failed to disable libpwquality dictionary check, ignoring: %s", pwquality_strerror(buf, sizeof(buf), r, NULL)); return; } } int quality_check_password( UserRecord *hr, UserRecord *secret, sd_bus_error *error) { _cleanup_(pwquality_free_settingsp) pwquality_settings_t *pwq = NULL; char buf[PWQ_MAX_ERROR_MESSAGE_LEN], **pp; void *auxerror; int r; assert(hr); assert(secret); pwq = pwquality_default_settings(); if (!pwq) return log_oom(); r = pwquality_read_config(pwq, NULL, &auxerror); if (r < 0) log_warning_errno(SYNTHETIC_ERRNO(EINVAL), "Failed to read libpwquality configuration, ignoring: %s", pwquality_strerror(buf, sizeof(buf), r, auxerror)); pwquality_maybe_disable_dictionary(pwq); /* This is a bit more complex than one might think at first. pwquality_check() would like to know the * old password to make security checks. We support arbitrary numbers of passwords however, hence we * call the function once for each combination of old and new password. */ /* Iterate through all new passwords */ STRV_FOREACH(pp, secret->password) { bool called = false; char **old; r = test_password_many(hr->hashed_password, *pp); if (r < 0) return r; if (r == 0) /* This is an old password as it isn't listed in the hashedPassword field, skip it */ continue; /* Check this password against all old passwords */ STRV_FOREACH(old, secret->password) { if (streq(*pp, *old)) continue; r = test_password_many(hr->hashed_password, *old); if (r < 0) return r; if (r > 0) /* This is a new password, not suitable as old password */ continue; r = pwquality_check(pwq, *pp, *old, hr->user_name, &auxerror); if (r < 0) return sd_bus_error_setf(error, BUS_ERROR_LOW_PASSWORD_QUALITY, "Password too weak: %s", pwquality_strerror(buf, sizeof(buf), r, auxerror)); called = true; } if (called) continue; /* If there are no old passwords, let's call pwquality_check() without any. */ r = pwquality_check(pwq, *pp, NULL, hr->user_name, &auxerror); if (r < 0) return sd_bus_error_setf(error, BUS_ERROR_LOW_PASSWORD_QUALITY, "Password too weak: %s", pwquality_strerror(buf, sizeof(buf), r, auxerror)); } return 0; } #define N_SUGGESTIONS 6 int suggest_passwords(void) { _cleanup_(pwquality_free_settingsp) pwquality_settings_t *pwq = NULL; _cleanup_strv_free_erase_ char **suggestions = NULL; _cleanup_(erase_and_freep) char *joined = NULL; char buf[PWQ_MAX_ERROR_MESSAGE_LEN]; void *auxerror; size_t i; int r; pwq = pwquality_default_settings(); if (!pwq) return log_oom(); r = pwquality_read_config(pwq, NULL, &auxerror); if (r < 0) log_warning_errno(SYNTHETIC_ERRNO(EINVAL), "Failed to read libpwquality configuration, ignoring: %s", pwquality_strerror(buf, sizeof(buf), r, auxerror)); pwquality_maybe_disable_dictionary(pwq); suggestions = new0(char*, N_SUGGESTIONS+1); if (!suggestions) return log_oom(); for (i = 0; i < N_SUGGESTIONS; i++) { r = pwquality_generate(pwq, 64, suggestions + i); if (r < 0) return log_error_errno(SYNTHETIC_ERRNO(EIO), "Failed to generate password, ignoring: %s", pwquality_strerror(buf, sizeof(buf), r, NULL)); } joined = strv_join(suggestions, " "); if (!joined) return log_oom(); log_info("Password suggestions: %s", joined); return 0; } #else int quality_check_password( UserRecord *hr, UserRecord *secret, sd_bus_error *error) { assert(hr); assert(secret); return 0; } int suggest_passwords(void) { return 0; } #endif