accman: added function get password

the get_passwd function performs the following operations:

- gets the password
- checks if the lenght is greater than 64 or lower than 8, if
  so, fails
- asks for the confirmation
- encrypts it in SHA256
- returns the encrypted password

Signed-off-by: Andi Shyti <andi@etezian.org>

2 files changed, 31 insertions, 1 deletions

diff --git a/accman.c b/accman.c
index 186693e..d12ce2a 100644
--- a/accman.c
+++ b/accman.c
@@ -43,13 +43,40 @@ uint8_t confirm(struct user u)
 			!strcmp(choice, "")) ? 1 : 0;
 }
 
+char *get_password(void)
+{
+	char *p, *tmp;
+	size_t len;
+
+	tmp = getpass("Password: ");
+	len = strlen(tmp);
+
+	if ((len < MIN_PASSWD_LEN) || (len > MAX_PASSWD_LEN)) {
+		fprintf(stderr,
+			"Password must be between %d and %d characters\n",
+			MIN_PASSWD_LEN, MAX_PASSWD_LEN);
+		exit(EXIT_FAILURE);
+	}
+
+	p = (char*) malloc (len + 1);
+	strcpy(p, tmp);
+
+	tmp = getpass("Re-type password: ");
+	if (strcmp(p, tmp)) {
+		fprintf(stderr, "The passwords don't match, operation aborted\n");
+		exit(EXIT_FAILURE);
+	}
+
+	return get_crypt_sha256(p);
+}
+
 int main (void)
 {
 	struct user usr;
 
 	printf("Insert user name (user@etezian.org): ");
 	usr.n = get_name();
-	usr.p = get_crypt_sha256(getpass("Password: "));
+	usr.p = get_password();
 
 	if (confirm(usr)) {
 		db_insert_user(usr);
diff --git a/include/accman.h b/include/accman.h
index 27bfe2b..b8438bc 100644
--- a/include/accman.h
+++ b/include/accman.h
@@ -8,6 +8,9 @@
 #define MDOMAIN "@"DOMAIN
 #define DIM_MDOM 12
 
+#define MIN_PASSWD_LEN	8
+#define MAX_PASSWD_LEN	64
+
 struct user {
 	char *n;
 	char *p;