r2213: Optimisation. Passes masktest against W2K3.

[ira/wip.git] / source3 / lib / account_pol.c
diff --git a/source3/lib/account_pol.c b/source3/lib/account_pol.c

index 74c8883ed135ee066ad9564c742e98e5121382b5..8d5b963da28f8f948e43a36c25f41d29ab6aa899 100644 (file)
--- a/source3/lib/account_pol.c
+++ b/source3/lib/account_pol.c
@@ -1,8 +1,8 @@
  /* 
- *  Unix SMB/Netbios implementation.
- *  Version 1.9.
+ *  Unix SMB/CIFS implementation.
   *  account policy storage
   *  Copyright (C) Jean François Micouleau      1998-2001.
+ *  Copyright (C) Andrew Bartlett              2002
   *  
   *  This program is free software; you can redistribute it and/or modify
   *  it under the terms of the GNU General Public License as published by
@@ -25,14 +25,17 @@ static TDB_CONTEXT *tdb; /* used for driver files */
  #define DATABASE_VERSION 1
  
  /****************************************************************************
-open the account policy tdb
+ Open the account policy tdb.
  ****************************************************************************/
+
  BOOL init_account_policy(void)
  {
         static pid_t local_pid;
-       char *vstring = "INFO/version";
+       const char *vstring = "INFO/version";
+       uint32 version;
  
-       if (tdb && local_pid == sys_getpid()) return True;
+       if (tdb && local_pid == sys_getpid())
+               return True;
         tdb = tdb_open_log(lock_path("account_policy.tdb"), 0, TDB_DEFAULT, O_RDWR|O_CREAT, 0600);
         if (!tdb) {
                 DEBUG(0,("Failed to open account policy database\n"));
@@ -42,77 +45,116 @@ BOOL init_account_policy(void)
         local_pid = sys_getpid();
  
         /* handle a Samba upgrade */
-       tdb_lock_bystring(tdb, vstring);
-       if (tdb_fetch_int(tdb, vstring) != DATABASE_VERSION) {
-               tdb_traverse(tdb, (tdb_traverse_func)tdb_delete, NULL);
-               tdb_store_int(tdb, vstring, DATABASE_VERSION);
+       tdb_lock_bystring(tdb, vstring,0);
+       if (!tdb_fetch_uint32(tdb, vstring, &version) || version != DATABASE_VERSION) {
+               tdb_traverse(tdb, tdb_traverse_delete_fn, NULL);
+               tdb_store_uint32(tdb, vstring, DATABASE_VERSION);
                 
                 account_policy_set(AP_MIN_PASSWORD_LEN, MINPASSWDLENGTH);   /* 5 chars minimum             */
                 account_policy_set(AP_PASSWORD_HISTORY, 0);                 /* don't keep any old password */
                 account_policy_set(AP_USER_MUST_LOGON_TO_CHG_PASS, 0);      /* don't force user to logon   */
-               account_policy_set(AP_MAX_PASSWORD_AGE, MAX_PASSWORD_AGE);  /* 21 days                     */
+               account_policy_set(AP_MAX_PASSWORD_AGE, (uint32)-1);        /* don't expire                */
                 account_policy_set(AP_MIN_PASSWORD_AGE, 0);                 /* 0 days                      */
-               account_policy_set(AP_LOCK_ACCOUNT_DURATION, 0);            /* lockout for 0 minutes       */
-               account_policy_set(AP_RESET_COUNT_TIME, 0);                 /* reset immediatly            */
+               account_policy_set(AP_LOCK_ACCOUNT_DURATION, 30);           /* lockout for 30 minutes      */
+               account_policy_set(AP_RESET_COUNT_TIME, 30);                /* reset after 30 minutes      */
                 account_policy_set(AP_BAD_ATTEMPT_LOCKOUT, 0);              /* don't lockout               */
                 account_policy_set(AP_TIME_TO_LOGOUT, -1);                  /* don't force logout          */
         }
         tdb_unlock_bystring(tdb, vstring);
  
-
         return True;
  }
  
+static const struct {
+       int field;
+       const char *string;
+} account_policy_names[] = {
+       {AP_MIN_PASSWORD_LEN, "min password length"},
+       {AP_PASSWORD_HISTORY, "password history"},
+       {AP_USER_MUST_LOGON_TO_CHG_PASS, "user must logon to change password"},
+       {AP_MAX_PASSWORD_AGE, "maximum password age"},
+       {AP_MIN_PASSWORD_AGE,"minimum password age"},
+       {AP_LOCK_ACCOUNT_DURATION, "lockout duration"},
+       {AP_RESET_COUNT_TIME, "reset count minutes"},
+       {AP_BAD_ATTEMPT_LOCKOUT, "bad lockout attempt"},
+       {AP_TIME_TO_LOGOUT, "disconnect time"},
+       {0, NULL}
+};
+
+char *account_policy_names_list(void)
+{
+       char *nl, *p;
+       int i;
+       size_t len = 0;
+
+       for (i=0; account_policy_names[i].string; i++) {
+               len += strlen(account_policy_names[i].string) + 1;
+       }
+       len++;
+       nl = malloc(len);
+       if (!nl) {
+               return NULL;
+       }
+       p = nl;
+       for (i=0; account_policy_names[i].string; i++) {
+               memcpy(p, account_policy_names[i].string, strlen(account_policy_names[i].string) + 1);
+               p[strlen(account_policy_names[i].string)] = '\n';
+               p += strlen(account_policy_names[i].string) + 1;
+       }
+       *p = '\0';
+       return nl;
+}
+
  /****************************************************************************
+Get the account policy name as a string from its #define'ed number
  ****************************************************************************/
  
-static char *decode_account_policy_name(int field)
+static const char *decode_account_policy_name(int field)
  {
-       switch (field) {
-               case AP_MIN_PASSWORD_LEN:
-                       return "min password length";
-                       break;
-               case AP_PASSWORD_HISTORY:
-                       return "password history";
-                       break;
-               case AP_USER_MUST_LOGON_TO_CHG_PASS:
-                       return "user must logon to change password";
-                       break;
-               case AP_MAX_PASSWORD_AGE:
-                       return "maximum password age";
-                       break;
-               case AP_MIN_PASSWORD_AGE:
-                       return "minimum password age";
-                       break;
-               case AP_LOCK_ACCOUNT_DURATION:
-                       return "lockout duration";
-                       break;
-               case AP_RESET_COUNT_TIME:
-                       return "reset count minutes";
-                       break;
-               case AP_BAD_ATTEMPT_LOCKOUT:
-                       return "bad lockout attempt";
-                       break;
-               case AP_TIME_TO_LOGOUT:
-                       return "disconnect time";
-                       break;
-               default:
-                       return "undefined value";
-                       break;
+       int i;
+       for (i=0; account_policy_names[i].string; i++) {
+               if (field == account_policy_names[i].field)
+                       return account_policy_names[i].string;
         }
+       return NULL;
+
  }
  
+/****************************************************************************
+Get the account policy name as a string from its #define'ed number
+****************************************************************************/
+
+int account_policy_name_to_fieldnum(const char *name)
+{
+       int i;
+       for (i=0; account_policy_names[i].string; i++) {
+               if (strcmp(name, account_policy_names[i].string) == 0)
+                       return account_policy_names[i].field;
+       }
+       return 0;
+
+}
  
  /****************************************************************************
  ****************************************************************************/
-BOOL account_policy_get(int field, int *value)
+
+BOOL account_policy_get(int field, uint32 *value)
  {
         fstring name;
  
-       init_account_policy();
+       if(!init_account_policy())return False;
+
+       *value = 0;
  
         fstrcpy(name, decode_account_policy_name(field));
-       *value=tdb_fetch_int(tdb, name);
+       if (!*name) {
+               DEBUG(1, ("account_policy_get: Field %d is not a valid account policy type!  Cannot get, returning 0.\n", field));
+               return False;
+       }
+       if (!tdb_fetch_uint32(tdb, name, value)) {
+               DEBUG(1, ("account_policy_get: tdb_fetch_uint32 failed for efild %d (%s), returning 0", field, name));
+               return False;
+       }
         DEBUG(10,("account_policy_get: %s:%d\n", name, *value));
         return True;
  }
@@ -120,17 +162,24 @@ BOOL account_policy_get(int field, int *value)
  
  /****************************************************************************
  ****************************************************************************/
-BOOL account_policy_set(int field, int value)
+BOOL account_policy_set(int field, uint32 value)
  {
         fstring name;
  
-       init_account_policy();
+       if(!init_account_policy())return False;
  
         fstrcpy(name, decode_account_policy_name(field));
-       if ( tdb_store_int(tdb, name, value)== -1)
+       if (!*name) {
+               DEBUG(1, ("Field %d is not a valid account policy type!  Cannot set.\n", field));
+               return False;
+       }
+
+       if (!tdb_store_uint32(tdb, name, value)) {
+               DEBUG(1, ("tdb_store_uint32 failed for field %d (%s) on value %u", field, name, value));
                 return False;
+       }
+
         DEBUG(10,("account_policy_set: %s:%d\n", name, value));
         
         return True;
  }
-