rpms / cracklib

Clone
Source Code
GIT

Files

  1.   d8d736852f9a8d0cc98fa65cf2bd0c2048975da7
  2.   cracklib-2.9.0-simplistic.patch
Blob Blame History Raw 
diff -up cracklib-2.9.0/lib/fascist.c.simplistic cracklib-2.9.0/lib/fascist.c
--- cracklib-2.9.0/lib/fascist.c.simplistic	2013-09-03 07:45:55.369653537 +0200
+++ cracklib-2.9.0/lib/fascist.c	2013-09-03 07:48:58.686759120 +0200
@@ -55,7 +55,6 @@ static char *r_destructors[] = {
 
     "/?p@?p",                   /* purging out punctuation/symbols/junk */
     "/?s@?s",
-    "/?X@?X",
 
     /* attempt reverse engineering of password strings */
 
@@ -454,6 +453,12 @@ GTry(rawtext, password)
 	    continue;
 	}
 
+	if (len - strlen(mp) >= 3)
+	{
+	    /* purged too much */
+	    continue;
+	}
+
 #ifdef DEBUG
 	printf("%-16s = %-16s (destruct %s)\n", mp, rawtext, r_destructors[i]);
 #endif
@@ -480,6 +485,12 @@ GTry(rawtext, password)
 	    continue;
 	}
 
+	if (len - strlen(mp) >= 3)
+	{
+	    /* purged too much */
+	    continue;
+	}
+
 #ifdef DEBUG
 	printf("%-16s = %-16s (construct %s)\n", mp, password, r_constructors[i]);
 #endif
@@ -699,6 +710,7 @@ FascistLookUser(PWDICT *pwp, char *instr
     char rpassword[STRINGSIZE];
     char area[STRINGSIZE];
     uint32_t notfound;
+    int len;
 
     notfound = PW_WORDS(pwp);
     /* already truncated if from FascistCheck() */
@@ -748,6 +760,7 @@ FascistLookUser(PWDICT *pwp, char *instr
 	return _("it is all whitespace");
     }
 
+    len = strlen(password);
     i = 0;
     ptr = password;
     while (ptr[0] && ptr[1])
@@ -759,10 +772,9 @@ FascistLookUser(PWDICT *pwp, char *instr
 	ptr++;
     }
 
-    /*  Change by Ben Karsin from ITS at University of Hawaii at Manoa.  Static MAXSTEP 
-        would generate many false positives for long passwords. */
-    maxrepeat = 3+(0.09*strlen(password));
-    if (i > maxrepeat)
+    /*  We were still generating false positives for long passwords.
+        Just count systematic double as a single character. */
+    if (len - i < MINLEN)
     {
 	return _("it is too simplistic/systematic");
     }
@@ -795,6 +807,12 @@ FascistLookUser(PWDICT *pwp, char *instr
 	    continue;
 	}
 
+	if (len - strlen(a) >= 3)
+	{
+	    /* purged too much */
+	    continue;
+	}
+
 #ifdef DEBUG
 	printf("%-16s (dict)\n", a);
 #endif
@@ -815,6 +833,13 @@ FascistLookUser(PWDICT *pwp, char *instr
 	{
 	    continue;
 	}
+
+	if (len - strlen(a) >= 3)
+	{
+	    /* purged too much */
+	    continue;
+	}
+
 #ifdef DEBUG
 	printf("%-16s (reversed dict)\n", a);
 #endif

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation