diff options
Diffstat (limited to 'util')
| -rw-r--r-- | util/ipa_pwd.c | 20 | ||||
| -rw-r--r-- | util/ipa_pwd.h | 6 |
2 files changed, 26 insertions, 0 deletions
diff --git a/util/ipa_pwd.c b/util/ipa_pwd.c index fda6cb34e..b6ed929b3 100644 --- a/util/ipa_pwd.c +++ b/util/ipa_pwd.c @@ -538,6 +538,26 @@ int ipapwd_check_policy(struct ipapwd_policy *policy, return IPAPWD_POLICY_OK; } +char * IPAPWD_ERROR_STRINGS[] = { + "Password is OK", + "Account expired", + "Too soon to change password", + "Password is too short", + "Password reuse not permitted", + "Password is too simple" +}; + +char * IPAPWD_ERROR_STRING_GENERAL = "Password does not meet the policy requirements"; + +char * ipapwd_error2string(enum ipapwd_error err) { + if (err < 0 || err > IPAPWD_POLICY_PWD_COMPLEXITY) { + /* IPAPWD_POLICY_ERROR or out of boundary, return general error */ + return IPAPWD_ERROR_STRING_GENERAL; + } + + return IPAPWD_ERROR_STRINGS[err]; +} + /** * @brief Generate a new password history using the new password * diff --git a/util/ipa_pwd.h b/util/ipa_pwd.h index 7a00b7fc3..ecb821084 100644 --- a/util/ipa_pwd.h +++ b/util/ipa_pwd.h @@ -27,6 +27,10 @@ #define IPAPWD_DEFAULT_PWDLIFE (90 * 24 *3600) #define IPAPWD_DEFAULT_MINLEN 0 +/* + * IMPORTANT: please update error string table in ipa_pwd.c if you change this + * error code table. + */ enum ipapwd_error { IPAPWD_POLICY_ERROR = -1, IPAPWD_POLICY_OK = 0, @@ -55,6 +59,8 @@ int ipapwd_check_policy(struct ipapwd_policy *policy, time_t last_pwd_change, char **pwd_history); +char * ipapwd_error2string(enum ipapwd_error err); + int ipapwd_generate_new_history(char *password, time_t cur_time, int history_length, |