2  * Copyright (c) 2000-2002 by Solar Designer. See LICENSE.
66 		40,				/* max */
81 	"Re-type new password: "
150 	return conv->conv(1, (lo_const struct pam_message **)&pmsg, resp,  in converse()
151 	    conv->appdata_ptr);  in converse()
182 	if ((int)strlen(newpass) > params->qc.max) {  in check_max()
183 		if (params->qc.max != 8) {  in check_max()
185 			return -1;  in check_max()
214 				if (i && (int)v > params->qc.min[i - 1]) break;  in parse()
215 				params->qc.min[i] = v;  in parse()
219 		if (!strncmp(*argv, "max=", 4)) {  in parse()
222 			params->qc.max = v;  in parse()
227 			params->qc.passphrase_words = v;  in parse()
232 			params->qc.match_length = v;  in parse()
236 				params->qc.similar_deny = 0;  in parse()
239 				params->qc.similar_deny = 1;  in parse()
247 				params->qc.min[4] = INT_MAX;  in parse()
250 			params->qc.random_bits = v;  in parse()
253 			params->flags &= ~F_ENFORCE_MASK;  in parse()
255 				params->flags |= F_ENFORCE_USERS;  in parse()
258 				params->flags |= F_ENFORCE_EVERYONE;  in parse()
263 		if (!strcmp(*argv, "non-unix")) {  in parse()
264 			if (params->flags & F_CHECK_OLDAUTHTOK) break;  in parse()
265 			params->flags |= F_NON_UNIX;  in parse()
270 			params->retry = v;  in parse()
273 			params->flags &= ~F_ASK_OLDAUTHTOK_MASK;  in parse()
274 			if (params->flags & F_USE_FIRST_PASS) break;  in parse()
276 				params->flags |= F_ASK_OLDAUTHTOK_UPDATE;  in parse()
279 				params->flags |= F_ASK_OLDAUTHTOK_PRELIM;  in parse()
284 			if (params->flags & F_NON_UNIX) break;  in parse()
285 			params->flags |= F_CHECK_OLDAUTHTOK;  in parse()
288 			if (params->flags & F_ASK_OLDAUTHTOK_MASK) break;  in parse()
289 			params->flags |= F_USE_FIRST_PASS | F_USE_AUTHTOK;  in parse()
292 			params->flags |= F_USE_AUTHTOK;  in parse()
295 		argc--; argv++;  in parse()
322 	const char *reason;  in pam_sm_chauthtok()  local
348 			if (resp && resp->resp) {  in pam_sm_chauthtok()
350 				    PAM_OLDAUTHTOK, resp->resp);  in pam_sm_chauthtok()
375 		pw->pw_name = (char *)user;  in pam_sm_chauthtok()
376 		pw->pw_gecos = "";  in pam_sm_chauthtok()
387 			if (!strcmp(pw->pw_passwd, "x")) {  in pam_sm_chauthtok()
391 					if (strcmp(crypt(oldpass, spw->sp_pwdp),  in pam_sm_chauthtok()
392 					    spw->sp_pwdp))  in pam_sm_chauthtok()
394 					memset(spw->sp_pwdp, 0,  in pam_sm_chauthtok()
395 					    strlen(spw->sp_pwdp));  in pam_sm_chauthtok()
400 			if (strcmp(crypt(oldpass, pw->pw_passwd),  in pam_sm_chauthtok()
401 			    pw->pw_passwd))  in pam_sm_chauthtok()
404 		memset(pw->pw_passwd, 0, strlen(pw->pw_passwd));  in pam_sm_chauthtok()
409 	randomonly = params.qc.min[4] > params.qc.max;  in pam_sm_chauthtok()
423 		reason = _passwdqc_check(&params.qc, curpass, oldpass, pw);  in pam_sm_chauthtok()
424 		if (reason) {  in pam_sm_chauthtok()
425 			say(pamh, PAM_ERROR_MSG, MESSAGE_WEAKPASS, reason);  in pam_sm_chauthtok()
438 	    params.qc.passphrase_words && params.qc.min[2] <= params.qc.max)  in pam_sm_chauthtok()
461 	    params.qc.min[2] <= params.qc.max) {  in pam_sm_chauthtok()
464 		    params.qc.min[2], params.qc.max);  in pam_sm_chauthtok()
485 	if (status == PAM_SUCCESS && (!resp || !resp->resp))  in pam_sm_chauthtok()
493 	newpass = strdup(resp->resp);  in pam_sm_chauthtok()
507 	reason = NULL;  in pam_sm_chauthtok()
511 	    (reason = _passwdqc_check(&params.qc, newpass, oldpass, pw)))) {  in pam_sm_chauthtok()
515 			say(pamh, PAM_ERROR_MSG, MESSAGE_WEAKPASS, reason);  in pam_sm_chauthtok()
526 		if (resp && resp->resp) {  in pam_sm_chauthtok()
527 			if (strcmp(newpass, resp->resp)) {  in pam_sm_chauthtok()
547 	if (retry_wanted && --retries_left > 0) {  in pam_sm_chauthtok()