- 论坛徽章:
- 0
|
详细安装操作请见下面的地址:
http://bbs.igenus.org/discuz/vie ... &extra=page%3D1- --- vpopmail-5.4.17/vchkpw.c 2006-05-08 01:07:13.000000000 +0800
- +++ vpopmail-5.4.17_new/vchkpw.c 2010-12-24 20:16:34.000000000 +0800
- @@ -89,6 +89,7 @@
- void login_virtual_user();
- void login_system_user();
- void read_user_pass();
- +void check_weak_passwd();
- void vlog(int verror, char *TheUser, char *TheDomain, char *ThePass, char *TheName, char *IpAddr, char *LogLine);
- void vchkpw_exit(int err);
- void run_command(char *prog);
- @@ -200,6 +201,7 @@
- */
- if ( (vpw = vauth_getpw(TheUser, TheDomain)) != NULL ) {
- vget_assign(TheDomain,NULL,0,&pw_uid,&pw_gid);
- + if (ConnType == SMTP_CONN) check_weak_passwd();
- login_virtual_user();
-
- #ifdef ENABLE_PASSWD
- @@ -218,7 +220,6 @@
- vchkpw_exit(3);
- }
- vclose();
- -
- /* The user is authenticated, now setup the environment */
-
- /* Set the programs effective group id */
- @@ -330,6 +331,46 @@
-
- }
-
- +void check_weak_passwd()
- +{
- + char weak[MAX_PW_PASS+1];
- + char path[MAX_BUFF];
- + int dlen, eof, i, weak_flag;
- + FILE *fs;
- +
- + weak_flag = 0;
- + dlen = strlen(ThePass);
- + for (i = 1; i < dlen; i++) {
- + if (ThePass[0] != ThePass[i]) {weak_flag++; };
- + }
- +
- + if (weak_flag == 0 || strcmp(ThePass, TheUser) == 0) {
- + snprintf(LogLine, sizeof(LogLine), "%s: weak password (pass: '%s') %s@%s:%s",
- + VchkpwLogName, ThePass, TheUser, TheDomain, IpAddr);
- + vlog(VLOG_ERROR_PASSWD, TheUser, TheDomain, ThePass, TheName, IpAddr, LogLine);
- + vchkpw_exit(20);
- + }
- +
- + weak[0] = '\0';
- + snprintf (path, sizeof(path), "%s/etc/weakpasswd", VPOPMAILDIR);
- +
- + fs = fopen (path, "r");
- + if (fs == NULL) return 0;
- + do {
- + eof = (fgets (weak, sizeof(weak), fs) == NULL);
- + dlen = strlen(weak) - 1;
- + if (weak[dlen] == '\n') { weak[dlen] = '\0'; }
- + if (strcmp(ThePass, weak) == 0) {
- + fclose (fs);
- + snprintf(LogLine, sizeof(LogLine), "%s: weak password (pass: '%s') %s@%s:%s",
- + VchkpwLogName, ThePass, TheUser, TheDomain, IpAddr);
- + vlog(VLOG_ERROR_PASSWD, TheUser, TheDomain, ThePass, TheName, IpAddr, LogLine);
- + vchkpw_exit(20);
- + }
- + }while (!eof);
- + fclose (fs);
- +}
- +
- void read_user_pass()
- {
- int i,j,l;
复制代码 |
|