[16188] in Kerberos_V5_Development
Re: Pasword quality pluggable interface project review
daemon@ATHENA.MIT.EDU (ghudson@mit.edu)
Sun Aug 29 12:17:03 2010
Date: Sun, 29 Aug 2010 12:16:59 -0400 (EDT)
From: ghudson@mit.edu
Message-Id: <201008291616.o7TGGxum009115@outgoing.mit.edu>
To: ghudson@mit.edu
In-Reply-To: <201008280039.o7S0deDw002631@outgoing.mit.edu>
Cc: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
I uncovered one subtle issue during implementation: if a module's
check method decides it doesn't like a new password, what error code
should it return?
There are three error codes in kadm_err.et: KADM5_PASS_Q_TOOSHORT,
KADM5_PASS_Q_CLASS, and KADM5_PASS_Q_DICT. Those error codes are
treated specially by kadmind's process_chpw_request(). But if plugins
are not tracking <kadm5/admin.h>, they won't have access to those
error codes.
krb5-strength sidesteps this issue by tying into find_word(), so that
all module errors are converted to KADM5_PASS_Q_DICT in libkadm5srv.
I can think of a few options which don't reintroduce <kadm5/admin.h>
into the API:
* Add a boolean result argument to the check method, so that a
failing password is not an error from the perspective of the
pluggable interface.
* Add a string result argument to the check method (to be set to
NULL if the password passes quality checks), in the hopes that a
module-generated explanation could be conveyed to the user. No
idea how this would ever be localized, though. Also, the password
change protocol doesn't appear to have a way to communicate such
errors (looking at our implementation, anyway), so such strings
would only show up in the kadmind log.
* Create a new error in the krb5 table (or actually, the k5e1
expansion table) for unspecified password quality failures, and
treat that error code specially in process_chpw_request().
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
