Update libpasswdqc support

Starting with version 2.0.0, libpasswdqc can use memory allocation
when loading configuration that contains new optional parameters.
It's therefore recommended to free all memory allocated by
passwdqc_params_load using new passwdqc_params_free function
introduced in the same version of libpasswdqc.

[slightly modified by mbroz]

configure.ac

@@ -184,7 +184,15 @@ AC_DEFINE_UNQUOTED([PASSWDQC_CONFIG_FILE], ["$use_passwdqc_config"], [passwdqc l
 if test "x$enable_passwdqc" = "xyes"; then
 	AC_DEFINE(ENABLE_PASSWDQC, 1, [Enable password quality checking using passwdqc library])
 
-	PASSWDQC_LIBS="-lpasswdqc"
+	saved_LIBS="$LIBS"
+	AC_SEARCH_LIBS([passwdqc_check], [passwdqc])
+	case "$ac_cv_search_passwdqc_check" in
+		no) AC_MSG_ERROR([failed to find passwdqc_check]) ;;
+		-l*) PASSWDQC_LIBS="$ac_cv_search_passwdqc_check" ;;
+		*) PASSWDQC_LIBS= ;;
+	esac
+	AC_CHECK_FUNCS([passwdqc_params_free])
+	LIBS="$saved_LIBS"
 fi
 
 if test "x$enable_pwquality$enable_passwdqc" = "xyesyes"; then

src/utils_password.c

@@ -63,27 +63,32 @@ static int tools_check_pwquality(const char *password)
 static int tools_check_passwdqc(const char *password)
 {
 	passwdqc_params_t params;
-	char *parse_reason;
+	char *parse_reason = NULL;
 	const char *check_reason;
 	const char *config = PASSWDQC_CONFIG_FILE;
+	int r = -EINVAL;
 
 	passwdqc_params_reset(&params);
 
 	if (*config && passwdqc_params_load(&params, &parse_reason, config)) {
 		log_err(_("Cannot check password quality: %s"),
 			(parse_reason ? parse_reason : "Out of memory"));
-		free(parse_reason);
-		return -EINVAL;
+		goto out;
 	}
 
 	check_reason = passwdqc_check(&params.qc, password, NULL, NULL);
 	if (check_reason) {
 		log_err(_("Password quality check failed: Bad passphrase (%s)"),
 			check_reason);
-		return -EPERM;
-	}
-
-	return 0;
+		r = -EPERM;
+	} else
+		r = 0;
+out:
+#if HAVE_PASSWDQC_PARAMS_FREE
+	passwdqc_params_free(&params);
+#endif
+	free(parse_reason);
+	return r;
 }
 #endif /* ENABLE_PWQUALITY || ENABLE_PASSWDQC */