Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
M
MariaDB
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
nexedi
MariaDB
Commits
78cb6e34
Commit
78cb6e34
authored
Nov 25, 2014
by
Sergei Golubchik
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
cracklib_password_check plugin
parent
7516a3c7
Changes
4
Show whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
185 additions
and
0 deletions
+185
-0
mysql-test/suite/plugins/r/cracklib_password_check.result
mysql-test/suite/plugins/r/cracklib_password_check.result
+50
-0
mysql-test/suite/plugins/t/cracklib_password_check.test
mysql-test/suite/plugins/t/cracklib_password_check.test
+41
-0
plugin/cracklib_password_check/CMakeLists.txt
plugin/cracklib_password_check/CMakeLists.txt
+11
-0
plugin/cracklib_password_check/cracklib_password_check.c
plugin/cracklib_password_check/cracklib_password_check.c
+83
-0
No files found.
mysql-test/suite/plugins/r/cracklib_password_check.result
0 → 100644
View file @
78cb6e34
install soname "cracklib_password_check";
select * from information_schema.plugins where plugin_name='cracklib_password_check';
PLUGIN_NAME cracklib_password_check
PLUGIN_VERSION 1.0
PLUGIN_STATUS ACTIVE
PLUGIN_TYPE PASSWORD VALIDATION
PLUGIN_TYPE_VERSION 1.0
PLUGIN_LIBRARY cracklib_password_check.so
PLUGIN_LIBRARY_VERSION 1.10
PLUGIN_AUTHOR Sergei Golubchik
PLUGIN_DESCRIPTION Password validation via CrackLib
PLUGIN_LICENSE GPL
LOAD_OPTION ON
PLUGIN_MATURITY Alpha
PLUGIN_AUTH_VERSION 1.0
grant select on *.* to foobar identified by 'foobar';
ERROR HY000: Your password does not satisfy the current policy requirements
show warnings;
Level Code Message
Warning 1819 cracklib: it is based on your username
Error 1819 Your password does not satisfy the current policy requirements
grant select on *.* to foobar identified by 'raboof';
ERROR HY000: Your password does not satisfy the current policy requirements
show warnings;
Level Code Message
Warning 1819 cracklib: it is based on your username
Error 1819 Your password does not satisfy the current policy requirements
grant select on *.* to foo@barbar identified by 'barbar';
ERROR HY000: Your password does not satisfy the current policy requirements
show warnings;
Level Code Message
Warning 1819 cracklib: it does not contain enough DIFFERENT characters
Error 1819 Your password does not satisfy the current policy requirements
grant select on *.* to foo@foobar identified by 'foobar';
ERROR HY000: Your password does not satisfy the current policy requirements
show warnings;
Level Code Message
Warning 1819 cracklib: it is based on your username
Error 1819 Your password does not satisfy the current policy requirements
grant select on *.* to foobar identified by 'qwerty';
ERROR HY000: Your password does not satisfy the current policy requirements
show warnings;
Level Code Message
Warning 1819 cracklib: it is based on a dictionary word
Error 1819 Your password does not satisfy the current policy requirements
grant select on *.* to foobar identified by 'q$%^&*rty';
drop user foobar;
uninstall plugin cracklib_password_check;
create user foo1 identified by 'pwd';
drop user foo1;
mysql-test/suite/plugins/t/cracklib_password_check.test
0 → 100644
View file @
78cb6e34
--
source
include
/
not_embedded
.
inc
if
(
!
$CRACKLIB_PASSWORD_CHECK_SO
)
{
skip
No
CRACKLIB_PASSWORD_CHECK
plugin
;
}
install
soname
"cracklib_password_check"
;
--
vertical_results
--
replace_result
.
dll
.
so
select
*
from
information_schema
.
plugins
where
plugin_name
=
'cracklib_password_check'
;
--
horizontal_results
--
error
ER_NOT_VALID_PASSWORD
grant
select
on
*.*
to
foobar
identified
by
'foobar'
;
show
warnings
;
--
error
ER_NOT_VALID_PASSWORD
grant
select
on
*.*
to
foobar
identified
by
'raboof'
;
show
warnings
;
--
error
ER_NOT_VALID_PASSWORD
grant
select
on
*.*
to
foo
@
barbar
identified
by
'barbar'
;
show
warnings
;
--
error
ER_NOT_VALID_PASSWORD
grant
select
on
*.*
to
foo
@
foobar
identified
by
'foobar'
;
show
warnings
;
--
error
ER_NOT_VALID_PASSWORD
grant
select
on
*.*
to
foobar
identified
by
'qwerty'
;
show
warnings
;
grant
select
on
*.*
to
foobar
identified
by
'q$%^&*rty'
;
drop
user
foobar
;
uninstall
plugin
cracklib_password_check
;
create
user
foo1
identified
by
'pwd'
;
drop
user
foo1
;
plugin/cracklib_password_check/CMakeLists.txt
0 → 100644
View file @
78cb6e34
INCLUDE
(
CheckIncludeFiles
)
INCLUDE
(
CheckLibraryExists
)
CHECK_INCLUDE_FILES
(
crack.h HAVE_CRACK_H
)
CHECK_LIBRARY_EXISTS
(
crack FascistCheckUser
""
HAVE_LIBCRACK
)
IF
(
HAVE_ALLOCA_H AND HAVE_CRACK_H AND HAVE_LIBCRACK AND HAVE_MEMCPY
)
SET
(
ok 1
)
ENDIF
()
MYSQL_ADD_PLUGIN
(
cracklib_password_check cracklib_password_check.c
LINK_LIBRARIES crack ONLY_IF ok MODULE_ONLY
)
plugin/cracklib_password_check/cracklib_password_check.c
0 → 100644
View file @
78cb6e34
/* Copyright (c) 2014, Sergei Golubchik and MariaDB
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; version 2 of the License.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
#include <my_config.h>
#include <mysql/plugin_password_validation.h>
#include <crack.h>
#include <string.h>
#include <alloca.h>
#include <my_sys.h>
#include <mysqld_error.h>
static
char
*
dictionary
;
static
int
crackme
(
MYSQL_LEX_STRING
*
username
,
MYSQL_LEX_STRING
*
password
)
{
char
*
user
=
alloca
(
username
->
length
+
1
);
char
*
host
;
const
char
*
res
;
memcpy
(
user
,
username
->
str
,
username
->
length
);
if
((
host
=
strchr
(
user
,
'@'
)))
*
host
++=
0
;
if
((
res
=
FascistCheckUser
(
password
->
str
,
dictionary
,
user
,
host
)))
{
my_printf_error
(
ER_NOT_VALID_PASSWORD
,
"cracklib: %s"
,
MYF
(
ME_JUST_WARNING
),
res
);
return
TRUE
;
}
return
FALSE
;
}
static
MYSQL_SYSVAR_STR
(
dictionary
,
dictionary
,
PLUGIN_VAR_RQCMDARG
|
PLUGIN_VAR_READONLY
,
"Path to a cracklib dictionary"
,
NULL
,
NULL
,
0
);
/* optional user-friendly nicety */
void
set_default_dictionary_path
()
__attribute__
((
constructor
));
void
set_default_dictionary_path
()
{
MYSQL_SYSVAR_NAME
(
dictionary
).
def_val
=
GetDefaultCracklibDict
();
}
static
struct
st_mysql_sys_var
*
sysvars
[]
=
{
MYSQL_SYSVAR
(
dictionary
),
NULL
};
static
struct
st_mysql_password_validation
info
=
{
MariaDB_PASSWORD_VALIDATION_INTERFACE_VERSION
,
crackme
};
maria_declare_plugin
(
cracklib_password_check
)
{
MariaDB_PASSWORD_VALIDATION_PLUGIN
,
&
info
,
"cracklib_password_check"
,
"Sergei Golubchik"
,
"Password validation via CrackLib"
,
PLUGIN_LICENSE_GPL
,
NULL
,
NULL
,
0x0100
,
NULL
,
sysvars
,
"1.0"
,
MariaDB_PLUGIN_MATURITY_ALPHA
,
}
maria_declare_plugin_end
;
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment