passwordcheck.c File Reference

#include "postgres.h"
#include <ctype.h>
#include <limits.h>
#include "commands/user.h"
#include "fmgr.h"
#include "libpq/crypt.h"

Include dependency graph for passwordcheck.c:

Go to the source code of this file.

Functions
	PG_MODULE_MAGIC_EXT (.name="passwordcheck",.version=PG_VERSION)
static void	check_password (const char *username, const char *shadow_pass, PasswordType password_type, Datum validuntil_time, bool validuntil_null)
void	_PG_init (void)

Variables
static check_password_hook_type	prev_check_password_hook = NULL
static int	min_password_length = 8

Function Documentation

_PG_init()

void _PG_init

(

void

)

Definition at line 149 of file passwordcheck.c.

{
    /* Define custom GUC variables. */
    DefineCustomIntVariable("passwordcheck.min_password_length",
                            "Minimum allowed password length.",
                            NULL,
                            &min_password_length,
                            8,
                            0, INT_MAX,
                            PGC_SUSET,
                            GUC_UNIT_BYTE,
                            NULL, NULL, NULL);
 
    MarkGUCPrefixReserved("passwordcheck");
 
    /* activate password checks when the module is loaded */
    prev_check_password_hook = check_password_hook;
    check_password_hook = check_password;
}

References check_password(), check_password_hook, DefineCustomIntVariable(), GUC_UNIT_BYTE, MarkGUCPrefixReserved(), min_password_length, PGC_SUSET, and prev_check_password_hook.

check_password()

static void check_password ( const char *  username, const char *  shadow_pass, PasswordType  password_type, Datum  validuntil_time, bool  validuntil_null  )

static

Definition at line 57 of file passwordcheck.c.

{
    if (prev_check_password_hook)
        prev_check_password_hook(username, shadow_pass,
                                 password_type, validuntil_time,
                                 validuntil_null);
 
    if (password_type != PASSWORD_TYPE_PLAINTEXT)
    {
        /*
         * Unfortunately we cannot perform exhaustive checks on encrypted
         * passwords - we are restricted to guessing. (Alternatively, we could
         * insist on the password being presented non-encrypted, but that has
         * its own security disadvantages.)
         *
         * We only check for username = password.
         */
        const char *logdetail = NULL;
 
        if (plain_crypt_verify(username, shadow_pass, username, &logdetail) == STATUS_OK)
            ereport(ERROR,
                    (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
                     errmsg("password must not equal user name")));
    }
    else
    {
        /*
         * For unencrypted passwords we can perform better checks
         */
        const char *password = shadow_pass;
        int         pwdlen = strlen(password);
        int         i;
        bool        pwd_has_letter,
                    pwd_has_nonletter;
#ifdef USE_CRACKLIB
        const char *reason;
#endif
 
        /* enforce minimum length */
        if (pwdlen < min_password_length)
            ereport(ERROR,
                    (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
                     errmsg("password is too short"),
                     errdetail("password must be at least \"passwordcheck.min_password_length\" (%d) bytes long",
                               min_password_length)));
 
        /* check if the password contains the username */
        if (strstr(password, username))
            ereport(ERROR,
                    (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
                     errmsg("password must not contain user name")));
 
        /* check if the password contains both letters and non-letters */
        pwd_has_letter = false;
        pwd_has_nonletter = false;
        for (i = 0; i < pwdlen; i++)
        {
            /*
             * isalpha() does not work for multibyte encodings but let's
             * consider non-ASCII characters non-letters
             */
            if (isalpha((unsigned char) password[i]))
                pwd_has_letter = true;
            else
                pwd_has_nonletter = true;
        }
        if (!pwd_has_letter || !pwd_has_nonletter)
            ereport(ERROR,
                    (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
                     errmsg("password must contain both letters and nonletters")));
 
#ifdef USE_CRACKLIB
        /* call cracklib to check password */
        if ((reason = FascistCheck(password, CRACKLIB_DICTPATH)))
            ereport(ERROR,
                    (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
                     errmsg("password is easily cracked"),
                     errdetail_log("cracklib diagnostic: %s", reason)));
#endif
    }
 
    /* all checks passed, password is ok */
}

References ereport, errcode(), errdetail(), errdetail_log(), errmsg(), ERROR, i, min_password_length, password, PASSWORD_TYPE_PLAINTEXT, plain_crypt_verify(), prev_check_password_hook, STATUS_OK, and username.

Referenced by _PG_init().

PG_MODULE_MAGIC_EXT()

PG_MODULE_MAGIC_EXT	(	.	name = "passwordcheck",
		.	version = PG_VERSION
	)

Variable Documentation

min_password_length

int min_password_length = 8

static

Definition at line 37 of file passwordcheck.c.

Referenced by _PG_init(), and check_password().

prev_check_password_hook

check_password_hook_type prev_check_password_hook = NULL

static

Definition at line 34 of file passwordcheck.c.

Referenced by _PG_init(), and check_password().