diff options
author | Simo Sorce <ssorce@redhat.com> | 2011-06-30 18:47:05 -0400 |
---|---|---|
committer | Simo Sorce <ssorce@redhat.com> | 2011-08-26 08:24:49 -0400 |
commit | a1637d47c0ccd596305567f925ee611c00dfa899 (patch) | |
tree | 003f1fc443cb802b685c9935d5c5cec2c3a912d5 /util/ipa_pwd.h | |
parent | 452fcdccdccb4340f20c85dd9d4f45ee2b02bf37 (diff) | |
download | freeipa.git-a1637d47c0ccd596305567f925ee611c00dfa899.tar.gz freeipa.git-a1637d47c0ccd596305567f925ee611c00dfa899.tar.xz freeipa.git-a1637d47c0ccd596305567f925ee611c00dfa899.zip |
util: add password policy manipulation functions
Diffstat (limited to 'util/ipa_pwd.h')
-rw-r--r-- | util/ipa_pwd.h | 65 |
1 files changed, 65 insertions, 0 deletions
diff --git a/util/ipa_pwd.h b/util/ipa_pwd.h new file mode 100644 index 00000000..7a00b7fc --- /dev/null +++ b/util/ipa_pwd.h @@ -0,0 +1,65 @@ +/* + * Password related utils for FreeIPA + * + * Authors: Simo Sorce <ssorce@redhat.com> + * + * Copyright (C) 2011 Simo Sorce, Red Hat + * see file 'COPYING' for use and warranty information + * + * This program is free software you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +#ifndef _IPA_PWD_H_ +#define _IPA_PWD_H_ + +/* 90 days default pwd max lifetime */ +#define IPAPWD_DEFAULT_PWDLIFE (90 * 24 *3600) +#define IPAPWD_DEFAULT_MINLEN 0 + +enum ipapwd_error { + IPAPWD_POLICY_ERROR = -1, + IPAPWD_POLICY_OK = 0, + IPAPWD_POLICY_ACCOUNT_EXPIRED = 1, + IPAPWD_POLICY_PWD_TOO_YOUNG = 2, + IPAPWD_POLICY_PWD_TOO_SHORT = 3, + IPAPWD_POLICY_PWD_IN_HISTORY = 4, + IPAPWD_POLICY_PWD_COMPLEXITY = 5 +}; + +struct ipapwd_policy { + int min_pwd_life; + int max_pwd_life; + int min_pwd_length; + int history_length; + int min_complexity; +}; + +time_t ipapwd_gentime_to_time_t(char *timestr); + +int ipapwd_check_policy(struct ipapwd_policy *policy, + char *password, + time_t cur_time, + time_t acct_expiration, + time_t pwd_expiration, + time_t last_pwd_change, + char **pwd_history); + +int ipapwd_generate_new_history(char *password, + time_t cur_time, + int history_length, + char **pwd_history, + char ***new_pwd_history, + int *new_pwd_hlen); + +#endif |