Summary: Make random password generation work with policies
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=216983
Description of problem:
passwd_modify_generate_passwd (passwd_extop.c) always generates 8-bytes random
characters made by PK11_GenerateRandom and ldif_base64_encode. It needs to
generate a password which follows the password policy if it's defined.
------- Additional Comments From nhosoi(a)redhat.com 2006-11-27 14:18 EST -------
Created an attachment (id=142208)
--> (
https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=142208&action=...)
cvs diff (passwd_extop.c)
File:
ldap/servers/slapd/passwd_extop.c
Changes:
1. Renamed passwd_modify_generate_passwd to
passwd_modify_generate_basic_passwd, which algorithm is used when no specific
password rule or just the minimum length is given.
2. If some other rules are set, passwd_modify_generate_policy_passwd is called
and generates a password which fulfills the requirement.
Note: this password generator does not support passwordMin8Bit. If it
generates a password which includes 8-bit characters, most likely they won't be
able to be displayed or input from the users' keyboard. We should note it in the
doc...
------- Additional Comments From nhosoi(a)redhat.com 2006-11-27 14:21 EST -------
Created an attachment (id=142213)
--> (
https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=142213&action=...)
generated password sample
Attached is the sample output from ldappasswd. Do you think this quality of
the randomness satisfies the requirement?