goodpw_check_other(S)
goodpw_check_other --
check group, modem or filesystem password syntax and guessability
Syntax
cc . . . -lprot
#include <sys/types.h>
#include <prot.h>
int goodpw_check_other(password, oencrypt, reasonp)
char *password;
char *oencrypt;
char **reasonp;
Description
goodpw_check_other
checks the password syntax and guessability of a user-supplied group,
modem line, or filesystem password,
in a similar way to
smp_try_pw(S),
but using the type argument selected
by the last call to
goodpw_set_other_checks(S).
Whatever guessability checks are in effect for the selected type are
used to validate password.
oencrypt should be the encrypted password being replaced;
if there is none, it should be NULL.
If the password is rejected, a pointer to a character string describing
the reason for rejection is stored in *reasonp.
Note that the password is not overwritten by this
routine, and that empty passwords will always pass the check - if this
is not appropriate, the caller should check for an empty password
beforehand.
Return values
The following values are returned by goodpw_check_other:
SMP_GOODPW-
The password passed the checks as configured.
SMP_BADPW-
The password failed the checks as configured;
reasonp points to a character string explaining the reason for
rejection.
SMP_FAIL-
Memory could not be allocated for the goodpw dialogue.
Diagnostics
All diagnostics are returned as strings pointed to by the argument
reasonp. It is up to the calling program to display these
for the user. In each case the return value is also noted.
You may not re-use the same password
-
password matches the existing password entry.
SMP_BADPW is returned.
Too short (must be at least
n characters)
-
password is shorter then the minimum length calculated by the system
based on a combination of the delay between login attempts, the password
lifetime and the ascii character set.
SMP_BADPW is returned.
Password is too easy to guess
-
password has been checked using
acceptable_password(S)
and is too easy to guess.
SMP_BADPW is returned.
Rejected by goodpw checks
-
password failed the goodpw checks.
SMP_BADPW is returned.
Cannot be circular shift of login name
-
password is simply a shift of the letters of the login name.
SMP_BADPW is returned.
Must contain at least two alphabetic and one numeric or
special characters
-
password does not contain at least two alphabetic
characters and at least one numeric or special character.
SMP_BADPW is returned.
Passwords must differ by at least 3 positions
-
password is identical to the old password except for one or two
characters.
SMP_BADPW is returned.
Examples
The following example illustrates the usage of goodpw_check_other:
...
char **reasonp;
...
char password[PASSWDLEN];
int set;
...
if((set = goodpw_set_other_checks(GOODPW_GROUP)) == SMP_COMPLETE) {
...
fprintf(stdout, "Password: ");
fscanf(stdin, "%s", password);
...
switch(goodpw_check_other(password, NULL, &reasonp)) {
case SMP_GOODPW : ...
break;
case SMP_BADPW : ...
break;
case SMP_FAIL : ...
break;
}
...
}
...
Files
/lib/libprot.a-
security subsystem library routines
/usr/lib/libp/libprot.a-
as above but used for profiling
/usr/include/prot.h-
defines the smp_user_info structure
See also
goodpw_set_other_checks(S),
smp_check_user(S),
smp_check_pw(S),
smp_pw_choice(S),
smp_generate_pw(S),
smp_get_messages(S),
smp_pw_change(S),
smp_set_identity(S),
smp_set_pw(S),
smp_try_pw(S)
Standards conformance
goodpw_check_other is not part of any currently
supported standard; it is an extension of AT&T System V
provided by The Santa Cruz Operation, Inc.
© 2003 Caldera International, Inc. All rights reserved.
SCO OpenServer Release 5.0.7 -- 11 February 2003