From 5cd336ae07a39afe201df7559c4e99750468b3f6 Mon Sep 17 00:00:00 2001 From: elad Date: Sat, 18 Feb 2006 16:45:01 +0000 Subject: [PATCH] When loading a policy with an "nclasses" option, always set the min/max values for the various character classes to allow any number, just in case. Also note about that in the man-page. This makes it easier to use the "nclasses" option. Note that alternatively we could just memset() to 0xff when doing the load, but that might lead to more unexpected behavior. --- lib/libutil/pw_policy.3 | 10 +++++++++- lib/libutil/pw_policy.c | 15 ++++++++++++++- 2 files changed, 23 insertions(+), 2 deletions(-) diff --git a/lib/libutil/pw_policy.3 b/lib/libutil/pw_policy.3 index 070060961ba3..3b12acdd776e 100644 --- a/lib/libutil/pw_policy.3 +++ b/lib/libutil/pw_policy.3 @@ -1,4 +1,4 @@ -.\" $NetBSD: pw_policy.3,v 1.3 2006/02/18 16:32:45 elad Exp $ +.\" $NetBSD: pw_policy.3,v 1.4 2006/02/18 16:45:01 elad Exp $ .\" .\" Copyright 2005, 2006 Elad Efrat .\" @@ -211,6 +211,14 @@ And that the user must change character class every 2 characters: .Bd -literal -offset indent ntoggles = *-2 .Ed +.Pp +Note that when using the +.Dq nclasses +directive, the policy will be initialized to allow any number of characters +from all classes. +If desired, this should be overridden after the +.Dq nclasses +option. .Sh RETURN VALUES .Fn pw_policy_load returns a diff --git a/lib/libutil/pw_policy.c b/lib/libutil/pw_policy.c index 65533194db4f..5ed2f0d3582c 100644 --- a/lib/libutil/pw_policy.c +++ b/lib/libutil/pw_policy.c @@ -1,4 +1,4 @@ -/* $NetBSD: pw_policy.c,v 1.4 2006/02/18 16:32:45 elad Exp $ */ +/* $NetBSD: pw_policy.c,v 1.5 2006/02/18 16:45:01 elad Exp $ */ /*- * Copyright 2005, 2006 Elad Efrat @@ -251,6 +251,19 @@ pw_policy_handle_nclasses(HANDLER_ARGS) if (pw_policy_parse_range(arg, &policy->minclasses, &policy->maxclasses) != 0) return (EINVAL); + /* + * Set these to -1 just in case. This indicates we allow any + * number of characters from all classes. + */ + policy->minlower = -1; + policy->maxlower = -1; + policy->minupper = -1; + policy->maxupper = -1; + policy->mindigits = -1; + policy->maxdigits = -1; + policy->minpunct = -1; + policy->maxpunct = -1; + break; case TEST_POLICY: {