C program to call pam_passwdqc.so and report password strength, pass/fail
https://stackoverflow.com/questions/4787456
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
Is it possible (and where would I find the interface documentation) to write a simple C program to use pam_passwdqc.so to determine if a potential password will be strong enough to pass muster under passwd?
Solution
I think what you actually want is libpasswdqc, which is the stand alone version of the PAM module. The source / download links are at the middle of the page(note, if you just want the checking functionality, you probably just want the library).
The file INTERNALS points you to the header, which is brief and self explanatory. The file pwqcheck.c illustrates pretty much what you want to accomplish.
At least on my Ubuntu workstation, I could not find a package that didn't also install all of the PAM bits. The stand alone library is small enough to drop into almost any tree, if the dependency would be problematic for you.
Then again, you could try linking to the DSO, The interface might be the same. The way my OS packages it, it's kind of hard to tell. The library uses the most permissive version of the BSD license that I've ever seen, so dropping it in place is a non-issue:
Redistribution and use in source and binary forms, with or without modification, are permitted.
THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
OTHER TIPS
Pam is using cracklib for password checking, you should check it also.
