* interface. It uses a krb5.conf parameter to determine the location of its
* dictionary.
*
- * Written by Russ Allbery <rra@stanford.edu>
+ * Written by Russ Allbery <eagle@eyrie.org>
+ * Copyright 2020 Russ Allbery <eagle@eyrie.org>
* Copyright 2009, 2013
* The Board of Trustees of the Leland Stanford Junior University
*
- * See LICENSE for licensing terms.
+ * SPDX-License-Identifier: MIT
*/
#include <config.h>
#include <errno.h>
-#include <plugin/api.h>
+#include <plugin/internal.h>
#include <util/macros.h>
-#include <util/messages.h>
#include <util/messages-krb5.h>
+#include <util/messages.h>
#include <util/xmalloc.h>
read_key(const char *key, char *buffer, size_t length)
{
char *p;
+ int size = (length < INT_MAX) ? (int) length : INT_MAX;
- if (fgets(buffer, length, stdin) == NULL)
+ if (fgets(buffer, size, stdin) == NULL)
sysdie("Cannot read %s", key);
if (strlen(buffer) < 1 || buffer[strlen(buffer) - 1] != '\n')
die("Malformed or too long %s line", key);
sysdie("Cannot read end of entry");
if (strcmp(end, "end\n") != 0)
die("Malformed end line");
- code = pwcheck_check(ctx, data, password, principal);
+ code = strength_check(ctx, data, principal, password);
if (code == 0)
printf("APPROVED\n");
else {
code = krb5_init_context(&ctx);
if (code != 0)
die_krb5(ctx, code, "Cannot create Kerberos context");
- code = pwcheck_init(ctx, NULL, &data);
+ code = strength_init(ctx, NULL, &data);
if (code != 0)
die_krb5(ctx, code, "Cannot initialize strength checking");
check_password(ctx, data);
/* Close and free resources. */
- pwcheck_close(ctx, data);
+ strength_close(ctx, data);
krb5_free_context(ctx);
exit(0);
}