A pro-active password checker library
static char const CRACKLIB_DICTPATH = .\|.\|.;
extern char const *
FascistCheck(char const passwd, char const dictpath);
cracklib is a library containing the FascistCheck C function which may be used in a "passwd" like program. The idea is simple: try to prevent users from choosing passwords that could be guessed by "crack" by filtering them out, at source. cracklib is an offshoot of the the version 5 of the "crack" software and contains a considerable number of ideas nicked from the new software.
The first formal argument password is the potential password. The second formal argument dictpath is the full path name + filename prefix of the cracklib dictionary database. FascistCheck returns the NULL pointer for a good password, or a pointer to a diagnostic string if it is a weak password.
The database is in a binary format generated by the utilities crack_mkdict(8) and crack_packer(8). On a Debian system the database is located in the directory defined by the static constant CRACKLIB_DICTPATH and is set to /var/cache/cracklib/cracklib_dict. None of the subroutines in the cracklib libraries have this location hard-coded into their implementations. It is generated daily with the program /etc/cron.daily/cracklib.
cracklib dictionary database files used by utilities.
cracklib daily cron program to rebuild the cracklib dictionary database.
cracklib configuration file used by the cracklib daily cron program to rebuild the cracklib dictionary database.
cracklib shell script to create initial list of words for dictionary database.
Example cc(1) source files that show how FascistCheck is used.
crack_teststr(8), crack_mkdict(8), update-cracklib(8)