svn commit: samba r12720 - in branches/SAMBA_4_0/source:
dsdb/samdb/ldb_modules rpc_server/samr setup
abartlet at samba.org
abartlet at samba.org
Thu Jan 5 09:03:13 GMT 2006
Author: abartlet
Date: 2006-01-05 09:03:13 +0000 (Thu, 05 Jan 2006)
New Revision: 12720
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=12720
Log:
By metze's request, rename the ntPwdHistory attribute to
sambaNTPassword. Likewise lmPwdHistory -> sambaLMPwdHistory.
The idea here is to avoid having conflicting formats when we get to
replication. We know the base data matches, but we may need to use a
module to munge formats.
Andrew Bartlett
Modified:
branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/password_hash.c
branches/SAMBA_4_0/source/rpc_server/samr/samr_password.c
branches/SAMBA_4_0/source/setup/provision_init.ldif
Changeset:
Modified: branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/password_hash.c
===================================================================
--- branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/password_hash.c 2006-01-05 06:53:39 UTC (rev 12719)
+++ branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/password_hash.c 2006-01-05 09:03:13 UTC (rev 12720)
@@ -72,12 +72,12 @@
uint_t userAccountControl;
const char *dnsDomain, *realm;
const char *sambaPassword;
- struct samr_Password *lmPwdHistory, *ntPwdHistory;
+ struct samr_Password *sambaLMPwdHistory, *sambaNTPwdHistory;
struct samr_Password *lmPwdHash, *ntPwdHash;
struct samr_Password *lmOldHash = NULL, *ntOldHash = NULL;
- struct samr_Password *new_lmPwdHistory, *new_ntPwdHistory;
+ struct samr_Password *new_sambaLMPwdHistory, *new_sambaNTPwdHistory;
struct samr_Password local_lmNewHash, local_ntNewHash;
- int lmPwdHistory_len, ntPwdHistory_len;
+ int sambaLMPwdHistory_len, sambaNTPwdHistory_len;
uint_t kvno;
struct dom_sid *domain_sid;
time_t now = time(NULL);
@@ -105,8 +105,8 @@
const char *domain_expression;
const char *old_user_attrs[] = { "lmPwdHash", "ntPwdHash", NULL };
- const char *user_attrs[] = { "userAccountControl", "lmPwdHistory",
- "ntPwdHistory",
+ const char *user_attrs[] = { "userAccountControl", "sambaLMPwdHistory",
+ "sambaNTPwdHistory",
"ntPwdHash",
"objectSid", "msDS-KeyVersionNumber",
"objectClass", "userPrincipalName",
@@ -274,10 +274,10 @@
}
userAccountControl = samdb_result_uint(res->msgs[0], "userAccountControl", 0);
- lmPwdHistory_len = samdb_result_hashes(mem_ctx, res->msgs[0],
- "lmPwdHistory", &lmPwdHistory);
- ntPwdHistory_len = samdb_result_hashes(mem_ctx, res->msgs[0],
- "ntPwdHistory", &ntPwdHistory);
+ sambaLMPwdHistory_len = samdb_result_hashes(mem_ctx, res->msgs[0],
+ "sambaLMPwdHistory", &sambaLMPwdHistory);
+ sambaNTPwdHistory_len = samdb_result_hashes(mem_ctx, res->msgs[0],
+ "sambaNTPwdHistory", &sambaNTPwdHistory);
ntPwdHash = samdb_result_hash(mem_ctx, res->msgs[0], "ntPwdHash");
kvno = samdb_result_uint(res->msgs[0], "msDS-KeyVersionNumber", 0);
@@ -588,61 +588,61 @@
}
}
- CHECK_RET(ldb_msg_add_empty(modify_msg, "lmPwdHistory",
+ CHECK_RET(ldb_msg_add_empty(modify_msg, "sambaLMPwdHistory",
LDB_FLAG_MOD_REPLACE));
- CHECK_RET(ldb_msg_add_empty(modify_msg, "ntPwdHistory",
+ CHECK_RET(ldb_msg_add_empty(modify_msg, "sambaNTPwdHistory",
LDB_FLAG_MOD_REPLACE));
/* If we have something to put into the history, or an old
* history element to expire, update the history */
if (pwdHistoryLength > 0 &&
- ((ntPwdHistory_len > 0) || (lmPwdHistory_len > 0)
+ ((sambaNTPwdHistory_len > 0) || (sambaLMPwdHistory_len > 0)
|| lmOldHash || ntOldHash)) {
/* store the password history */
- new_lmPwdHistory = talloc_array(mem_ctx, struct samr_Password,
+ new_sambaLMPwdHistory = talloc_array(mem_ctx, struct samr_Password,
pwdHistoryLength);
- if (!new_lmPwdHistory) {
+ if (!new_sambaLMPwdHistory) {
return LDB_ERR_OPERATIONS_ERROR;
}
- new_ntPwdHistory = talloc_array(mem_ctx, struct samr_Password,
+ new_sambaNTPwdHistory = talloc_array(mem_ctx, struct samr_Password,
pwdHistoryLength);
- if (!new_ntPwdHistory) {
+ if (!new_sambaNTPwdHistory) {
return LDB_ERR_OPERATIONS_ERROR;
}
- for (i=0;i<MIN(pwdHistoryLength-1, lmPwdHistory_len);i++) {
- new_lmPwdHistory[i+1] = lmPwdHistory[i];
+ for (i=0;i<MIN(pwdHistoryLength-1, sambaLMPwdHistory_len);i++) {
+ new_sambaLMPwdHistory[i+1] = sambaLMPwdHistory[i];
}
- for (i=0;i<MIN(pwdHistoryLength-1, ntPwdHistory_len);i++) {
- new_ntPwdHistory[i+1] = ntPwdHistory[i];
+ for (i=0;i<MIN(pwdHistoryLength-1, sambaNTPwdHistory_len);i++) {
+ new_sambaNTPwdHistory[i+1] = sambaNTPwdHistory[i];
}
/* Don't store 'long' passwords in the LM history,
but make sure to 'expire' one password off the other end */
if (lmOldHash) {
- new_lmPwdHistory[0] = *lmOldHash;
+ new_sambaLMPwdHistory[0] = *lmOldHash;
} else {
- ZERO_STRUCT(new_lmPwdHistory[0]);
+ ZERO_STRUCT(new_sambaLMPwdHistory[0]);
}
- lmPwdHistory_len = MIN(lmPwdHistory_len + 1, pwdHistoryLength);
+ sambaLMPwdHistory_len = MIN(sambaLMPwdHistory_len + 1, pwdHistoryLength);
/* Likewise, we might not have a new NT password (lm
* only password change function) */
if (ntOldHash) {
- new_ntPwdHistory[0] = *ntOldHash;
+ new_sambaNTPwdHistory[0] = *ntOldHash;
} else {
- ZERO_STRUCT(new_ntPwdHistory[0]);
+ ZERO_STRUCT(new_sambaNTPwdHistory[0]);
}
- ntPwdHistory_len = MIN(ntPwdHistory_len + 1, pwdHistoryLength);
+ sambaNTPwdHistory_len = MIN(sambaNTPwdHistory_len + 1, pwdHistoryLength);
CHECK_RET(samdb_msg_add_hashes(module->ldb, mem_ctx, modify_msg,
- "lmPwdHistory",
- new_lmPwdHistory,
- lmPwdHistory_len));
+ "sambaLMPwdHistory",
+ new_sambaLMPwdHistory,
+ sambaLMPwdHistory_len));
CHECK_RET(samdb_msg_add_hashes(module->ldb, mem_ctx, modify_msg,
- "ntPwdHistory",
- new_ntPwdHistory,
- ntPwdHistory_len));
+ "sambaNTPwdHistory",
+ new_sambaNTPwdHistory,
+ sambaNTPwdHistory_len));
}
/* Too much code above, we should check we got it close to reasonable */
Modified: branches/SAMBA_4_0/source/rpc_server/samr/samr_password.c
===================================================================
--- branches/SAMBA_4_0/source/rpc_server/samr/samr_password.c 2006-01-05 06:53:39 UTC (rev 12719)
+++ branches/SAMBA_4_0/source/rpc_server/samr/samr_password.c 2006-01-05 09:03:13 UTC (rev 12720)
@@ -532,8 +532,8 @@
enum samr_RejectReason *reject_reason,
struct samr_DomInfo1 **_dominfo)
{
- const char * const user_attrs[] = { "userAccountControl", "lmPwdHistory",
- "ntPwdHistory",
+ const char * const user_attrs[] = { "userAccountControl", "sambaLMPwdHistory",
+ "sambaNTPwdHistory",
"lmPwdHash", "ntPwdHash",
"objectSid",
"pwdLastSet", NULL };
@@ -544,9 +544,9 @@
int64_t minPwdAge;
uint_t minPwdLength, pwdProperties, pwdHistoryLength;
uint_t userAccountControl;
- struct samr_Password *lmPwdHistory, *ntPwdHistory, *lmPwdHash, *ntPwdHash;
+ struct samr_Password *sambaLMPwdHistory, *sambaNTPwdHistory, *lmPwdHash, *ntPwdHash;
struct samr_Password local_lmNewHash, local_ntNewHash;
- int lmPwdHistory_len, ntPwdHistory_len;
+ int sambaLMPwdHistory_len, sambaNTPwdHistory_len;
struct dom_sid *domain_sid;
struct ldb_message **res;
int count;
@@ -563,10 +563,10 @@
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
userAccountControl = samdb_result_uint(res[0], "userAccountControl", 0);
- lmPwdHistory_len = samdb_result_hashes(mem_ctx, res[0],
- "lmPwdHistory", &lmPwdHistory);
- ntPwdHistory_len = samdb_result_hashes(mem_ctx, res[0],
- "ntPwdHistory", &ntPwdHistory);
+ sambaLMPwdHistory_len = samdb_result_hashes(mem_ctx, res[0],
+ "sambaLMPwdHistory", &sambaLMPwdHistory);
+ sambaNTPwdHistory_len = samdb_result_hashes(mem_ctx, res[0],
+ "sambaNTPwdHistory", &sambaNTPwdHistory);
lmPwdHash = samdb_result_hash(mem_ctx, res[0], "lmPwdHash");
ntPwdHash = samdb_result_hash(mem_ctx, res[0], "ntPwdHash");
pwdLastSet = samdb_result_uint64(res[0], "pwdLastSet", 0);
@@ -680,19 +680,19 @@
}
/* check the password history */
- lmPwdHistory_len = MIN(lmPwdHistory_len, pwdHistoryLength);
- ntPwdHistory_len = MIN(ntPwdHistory_len, pwdHistoryLength);
+ sambaLMPwdHistory_len = MIN(sambaLMPwdHistory_len, pwdHistoryLength);
+ sambaNTPwdHistory_len = MIN(sambaNTPwdHistory_len, pwdHistoryLength);
- for (i=0; lmNewHash && i<lmPwdHistory_len;i++) {
- if (memcmp(lmNewHash->hash, lmPwdHistory[i].hash, 16) == 0) {
+ for (i=0; lmNewHash && i<sambaLMPwdHistory_len;i++) {
+ if (memcmp(lmNewHash->hash, sambaLMPwdHistory[i].hash, 16) == 0) {
if (reject_reason) {
*reject_reason = SAMR_REJECT_COMPLEXITY;
}
return NT_STATUS_PASSWORD_RESTRICTION;
}
}
- for (i=0; ntNewHash && i<ntPwdHistory_len;i++) {
- if (memcmp(ntNewHash->hash, ntPwdHistory[i].hash, 16) == 0) {
+ for (i=0; ntNewHash && i<sambaNTPwdHistory_len;i++) {
+ if (memcmp(ntNewHash->hash, sambaNTPwdHistory[i].hash, 16) == 0) {
if (reject_reason) {
*reject_reason = SAMR_REJECT_COMPLEXITY;
}
Modified: branches/SAMBA_4_0/source/setup/provision_init.ldif
===================================================================
--- branches/SAMBA_4_0/source/setup/provision_init.ldif 2006-01-05 06:53:39 UTC (rev 12719)
+++ branches/SAMBA_4_0/source/setup/provision_init.ldif 2006-01-05 09:03:13 UTC (rev 12720)
@@ -24,9 +24,9 @@
sambaPassword: HIDDEN
krb5Key: HIDDEN
ntPwdHash: HIDDEN
-ntPwdHistory: HIDDEN
+sambaNTPwdHistory: HIDDEN
lmPwdHash: HIDDEN
-lmPwdHistory: HIDDEN
+sambaLMPwdHistory: HIDDEN
createTimestamp: HIDDEN
modifyTimestamp: HIDDEN
groupType: INTEGER
More information about the samba-cvs
mailing list