From febf3be94d567dd3f12a4457e9ff86df72df98a4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=BD=D0=B0=D0=B1?= <nabijaczleweli@nabijaczleweli.xyz>
Date: Tue, 27 Oct 2020 20:41:12 +0100
Subject: [PATCH] Only allow at least 8-character new passwords

---
 src/fd.cpp | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/src/fd.cpp b/src/fd.cpp
index 5160208..9aa6f28 100644
--- a/src/fd.cpp
+++ b/src/fd.cpp
@@ -12,6 +12,10 @@
 #include <unistd.h>
 
 
+/// Matches libzfs
+#define MIN_PASSPHRASE_LEN 8
+
+
 int filled_fd(int & fd, const void * with, size_t with_len) {
 	int pipes[2];
 	TRY("create buffer pipe", pipe(pipes));
@@ -142,7 +146,7 @@ int read_known_passphrase(const char * whom, uint8_t *& buf, size_t & len_out, s
 	if(len_out <= max_len)
 		return 0;
 
-	fprintf(stderr, "Passphrase too long: (max %zu)\n", max_len);
+	fprintf(stderr, "Passphrase too long (max %zu)\n", max_len);
 	free(buf);
 	buf     = nullptr;
 	len_out = 0;
@@ -155,8 +159,12 @@ int read_new_passphrase(const char * whom, uint8_t *& buf, size_t & len_out, siz
 	TRY_MAIN(get_key_material_raw(whom, false, true, first_passphrase, first_passphrase_len));
 	quickscope_wrapper first_passphrase_deleter{[&] { free(first_passphrase); }};
 
+	if(first_passphrase_len != 0 && first_passphrase_len < MIN_PASSPHRASE_LEN) {
+		fprintf(stderr, "Passphrase too short (min %u)\n", MIN_PASSPHRASE_LEN);
+		return __LINE__;
+	}
 	if(first_passphrase_len > max_len) {
-		fprintf(stderr, "Passphrase too long: (max %zu)\n", max_len);
+		fprintf(stderr, "Passphrase too long (max %zu)\n", max_len);
 		return __LINE__;
 	}