diff options
| author | mboelen <michael@cisofy.com> | 2015-10-21 23:58:52 +0300 |
|---|---|---|
| committer | mboelen <michael@cisofy.com> | 2015-10-21 23:58:52 +0300 |
| commit | 4cbeb310782d30cb35486d2fca2bed124f40bab8 (patch) | |
| tree | a0c547d43191859531ccd06adc7182602b1617af /plugins | |
| parent | 69cbabfed207ea14825888340ff1af23fd5ad029 (diff) | |
Changes to improve password strength testing
Diffstat (limited to 'plugins')
| -rw-r--r-- | plugins/plugin_pam_phase1 | 44 |
1 files changed, 19 insertions, 25 deletions
diff --git a/plugins/plugin_pam_phase1 b/plugins/plugin_pam_phase1 index 76388d94..4beea405 100644 --- a/plugins/plugin_pam_phase1 +++ b/plugins/plugin_pam_phase1 @@ -199,7 +199,7 @@ if [ "${MIN_PASSWORD_CLASS}" = "" ]; then MIN_PASSWORD_CLASS=0; fi if [ "${MIN_PASSWORD_LENGTH}" = "" ]; then MIN_PASSWORD_LENGTH=6; fi - PAM_MODULE_PASSWORD_STRENGTH_TESTED=1 + PAM_PASSWORD_STRENGTH_TESTED=1 if [ ! "${PAM_MODULE_OPTIONS}" = "" ]; then Debug "Module options configured" for I in ${PAM_MODULE_OPTIONS}; do @@ -214,39 +214,33 @@ DigitsOnly ${VALUE} MIN_PASSWORD_LENGTH=${VALUE} ;; - # Digital characters - dccredit) - # Digits only + retry) + # Maximum password retry + logtext "Result: Max password Retry configured" DigitsOnly ${VALUE} - if [ ${VALUE} -gt 0 ]; then CREDITS_CONFIGURED=1; fi + MAX_PASSWORD_RETRY=${VALUE} ;; - # Lowercase characters - lccredit) - # Digits only - DigitsOnly ${VALUE} - if [ ${VALUE} -gt 0 ]; then CREDITS_CONFIGURED=1; fi + minclass) + # Minimum number of class required out of upper, lower, digit and oters + logtext "Result: Min number of password class is configured" + MIN_PASSWORD_CLASS=${VALUE} + ;; + dcredit) + CREDITS_D_PASSWORD=${VALUE} ;; - # Other characters - occredit) - # Digits only - DigitsOnly ${VALUE} - - if [ ${VALUE} -gt 0 ]; then CREDITS_CONFIGURED=1; fi + lcredit) + CREDITS_L_PASSWORD=${VALUE} ;; - # Uppercase characters - uccredit) - # Digits only - DigitsOnly ${VALUE} - if [ ${VALUE} -gt 0 ]; then CREDITS_CONFIGURED=1; fi + ocredit) + CREDITS_O_PASSWORD=${VALUE} + ;; + ucredit) + CREDITS_U_PASSWORD=${VALUE} ;; *) logtext "Result: unknown option found: ${OPTION} with value ${VALUE}" ;; esac - if [ ${CREDITS_CONFIGURED} -eq 1 ]; then - logtext "Result: Credits are configured, password length minus 1" - MIN_PASSWORD_LENGTH=`expr ${MIN_PASSWORD_LENGTH} - 1` - fi done fi ;; |