rpms / adcli

Clone
Source Code
GIT

Blame SOURCES/0004-enroll-more-filters-for-random-characters.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta
  1.   436d9337cf899d7ba2b87b9b47f1eb50ccf51e80
  2.   SOURCES
  3.   0004-enroll-more-filters-for-random-characters.patch
Blob History Raw
436d93 
From 2750f536ac6746756335eec8332060d2365a4126 Mon Sep 17 00:00:00 2001
436d93 
From: Sumit Bose <sbose@redhat.com>
436d93 
Date: Tue, 27 Oct 2020 14:44:07 +0100
436d93 
Subject: [PATCH 4/7] enroll: more filters for random characters
436d93
436d93 
Make handling of random strings more flexible.
436d93
436d93 
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1854112
436d93 
---
436d93 
 library/adenroll.c | 30 +++++++++++++++++++++++++++---
436d93 
 1 file changed, 27 insertions(+), 3 deletions(-)
436d93
436d93 
diff --git a/library/adenroll.c b/library/adenroll.c
436d93 
index 9cdc79b..44383cc 100644
436d93 
--- a/library/adenroll.c
436d93 
+++ b/library/adenroll.c
436d93 
@@ -259,6 +259,29 @@ ensure_computer_sam (adcli_result res,
436d93 
 	return ADCLI_SUCCESS;
436d93 
 }
436d93
436d93 
+typedef int (rand_filter) (char *password, int length);
436d93 
+
436d93 
+static int
436d93 
+filter_sam_chars (char *password,
436d93 
+                       int length)
436d93 
+{
436d93 
+	int i, j;
436d93 
+
436d93 
+	/*
436d93 
+	 * There are a couple of restrictions for characters in the
436d93 
+	 * sAMAccountName attribute value, for our purpose (random suffix)
436d93 
+	 * letters and numbers are sufficient.
436d93 
+	 */
436d93 
+	for (i = 0, j = 0; i < length; i++) {
436d93 
+		if (password[i] >= 48 && password[i] <= 122 &&
436d93 
+		    isalnum (password[i]))
436d93 
+			password[j++] = password[i];
436d93 
+	}
436d93 
+
436d93 
+	/* return the number of valid characters remaining */
436d93 
+	return j;
436d93 
+}
436d93 
+
436d93 
 static int
436d93 
 filter_password_chars (char *password,
436d93 
                        int length)
436d93 
@@ -283,7 +306,8 @@ filter_password_chars (char *password,
436d93
436d93 
 static char *
436d93 
 generate_host_password  (adcli_enroll *enroll,
436d93 
-                         size_t length)
436d93 
+                         size_t length,
436d93 
+                         rand_filter *filter)
436d93 
 {
436d93 
 	char *password;
436d93 
 	krb5_context k5;
436d93 
@@ -305,7 +329,7 @@ generate_host_password  (adcli_enroll *enroll,
436d93 
 		code = krb5_c_random_make_octets (k5, &buffer);
436d93 
 		return_val_if_fail (code == 0, NULL);
436d93
436d93 
-		at += filter_password_chars (buffer.data, buffer.length);
436d93 
+		at += filter (buffer.data, buffer.length);
436d93 
 		assert (at <= length);
436d93 
 	}
436d93
436d93 
@@ -333,7 +357,7 @@ ensure_computer_password (adcli_result res,
436d93 
 		_adcli_info ("Using default reset computer password");
436d93
436d93 
 	} else {
436d93 
-		enroll->computer_password = generate_host_password (enroll, length);
436d93 
+		enroll->computer_password = generate_host_password (enroll, length, filter_password_chars);
436d93 
 		return_unexpected_if_fail (enroll->computer_password != NULL);
436d93 
 		_adcli_info ("Generated %d character computer password", length);
436d93 
 	}
436d93 
--
436d93 
2.28.0
436d93

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation