#define DBGC_CLASS DBGC_PASSDB
/**
- * @todo Redefine this to NULL, but this changes the API becouse
+ * @todo Redefine this to NULL, but this changes the API because
* much of samba assumes that the pdb_get...() funtions
* return pstrings. (ie not null-pointers).
* See also pdb_fill_default_sam().
uint16 pdb_get_acct_ctrl (const SAM_ACCOUNT *sampass)
{
if (sampass)
- return (sampass->private.acct_ctrl);
+ return (sampass->private_u.acct_ctrl);
else
return (ACB_DISABLED);
}
time_t pdb_get_logon_time (const SAM_ACCOUNT *sampass)
{
if (sampass)
- return (sampass->private.logon_time);
+ return (sampass->private_u.logon_time);
else
return (0);
}
time_t pdb_get_logoff_time (const SAM_ACCOUNT *sampass)
{
if (sampass)
- return (sampass->private.logoff_time);
+ return (sampass->private_u.logoff_time);
else
return (-1);
}
time_t pdb_get_kickoff_time (const SAM_ACCOUNT *sampass)
{
if (sampass)
- return (sampass->private.kickoff_time);
+ return (sampass->private_u.kickoff_time);
+ else
+ return (-1);
+}
+
+time_t pdb_get_bad_password_time (const SAM_ACCOUNT *sampass)
+{
+ if (sampass)
+ return (sampass->private_u.bad_password_time);
else
return (-1);
}
time_t pdb_get_pass_last_set_time (const SAM_ACCOUNT *sampass)
{
if (sampass)
- return (sampass->private.pass_last_set_time);
+ return (sampass->private_u.pass_last_set_time);
else
return (-1);
}
time_t pdb_get_pass_can_change_time (const SAM_ACCOUNT *sampass)
{
if (sampass)
- return (sampass->private.pass_can_change_time);
+ return (sampass->private_u.pass_can_change_time);
else
return (-1);
}
time_t pdb_get_pass_must_change_time (const SAM_ACCOUNT *sampass)
{
if (sampass)
- return (sampass->private.pass_must_change_time);
+ return (sampass->private_u.pass_must_change_time);
else
return (-1);
}
uint16 pdb_get_logon_divs (const SAM_ACCOUNT *sampass)
{
if (sampass)
- return (sampass->private.logon_divs);
+ return (sampass->private_u.logon_divs);
else
return (-1);
}
uint32 pdb_get_hours_len (const SAM_ACCOUNT *sampass)
{
if (sampass)
- return (sampass->private.hours_len);
+ return (sampass->private_u.hours_len);
else
return (-1);
}
const uint8* pdb_get_hours (const SAM_ACCOUNT *sampass)
{
if (sampass)
- return (sampass->private.hours);
+ return (sampass->private_u.hours);
else
return (NULL);
}
const uint8* pdb_get_nt_passwd (const SAM_ACCOUNT *sampass)
{
if (sampass) {
- SMB_ASSERT((!sampass->private.nt_pw.data)
- || sampass->private.nt_pw.length == NT_HASH_LEN);
- return ((uint8*)sampass->private.nt_pw.data);
+ SMB_ASSERT((!sampass->private_u.nt_pw.data)
+ || sampass->private_u.nt_pw.length == NT_HASH_LEN);
+ return ((uint8*)sampass->private_u.nt_pw.data);
}
else
return (NULL);
const uint8* pdb_get_lanman_passwd (const SAM_ACCOUNT *sampass)
{
if (sampass) {
- SMB_ASSERT((!sampass->private.lm_pw.data)
- || sampass->private.lm_pw.length == LM_HASH_LEN);
- return ((uint8*)sampass->private.lm_pw.data);
+ SMB_ASSERT((!sampass->private_u.lm_pw.data)
+ || sampass->private_u.lm_pw.length == LM_HASH_LEN);
+ return ((uint8*)sampass->private_u.lm_pw.data);
}
else
return (NULL);
}
+const uint8* pdb_get_pw_history (const SAM_ACCOUNT *sampass, uint32 *current_hist_len)
+{
+ if (sampass) {
+ SMB_ASSERT((!sampass->private_u.nt_pw_his.data)
+ || ((sampass->private_u.nt_pw_his.length % PW_HISTORY_ENTRY_LEN) == 0));
+ *current_hist_len = sampass->private_u.nt_pw_his.length / PW_HISTORY_ENTRY_LEN;
+ return ((uint8*)sampass->private_u.nt_pw_his.data);
+ } else {
+ *current_hist_len = 0;
+ return (NULL);
+ }
+}
+
/* Return the plaintext password if known. Most of the time
it isn't, so don't assume anything magic about this function.
const char* pdb_get_plaintext_passwd (const SAM_ACCOUNT *sampass)
{
if (sampass) {
- return (sampass->private.plaintext_pw);
+ return (sampass->private_u.plaintext_pw);
}
else
return (NULL);
const DOM_SID *pdb_get_user_sid(const SAM_ACCOUNT *sampass)
{
if (sampass)
- return &sampass->private.user_sid;
+ return &sampass->private_u.user_sid;
else
return (NULL);
}
const DOM_SID *pdb_get_group_sid(const SAM_ACCOUNT *sampass)
{
if (sampass)
- return &sampass->private.group_sid;
+ return &sampass->private_u.group_sid;
else
return (NULL);
}
{
enum pdb_value_state ret = PDB_DEFAULT;
- if (!sampass || !sampass->private.change_flags || !sampass->private.set_flags)
+ if (!sampass || !sampass->private_u.change_flags || !sampass->private_u.set_flags)
return ret;
- if (bitmap_query(sampass->private.set_flags, element)) {
- DEBUG(10, ("element %d: SET\n", element));
+ if (bitmap_query(sampass->private_u.set_flags, element)) {
+ DEBUG(11, ("element %d: SET\n", element));
ret = PDB_SET;
}
- if (bitmap_query(sampass->private.change_flags, element)) {
- DEBUG(10, ("element %d: CHANGED\n", element));
+ if (bitmap_query(sampass->private_u.change_flags, element)) {
+ DEBUG(11, ("element %d: CHANGED\n", element));
ret = PDB_CHANGED;
}
if (ret == PDB_DEFAULT) {
- DEBUG(10, ("element %d: DEFAULT\n", element));
+ DEBUG(11, ("element %d: DEFAULT\n", element));
}
return ret;
}
-uid_t pdb_get_uid (const SAM_ACCOUNT *sampass)
-{
- if (sampass)
- return (sampass->private.uid);
- else
- return (-1);
-}
-
-gid_t pdb_get_gid (const SAM_ACCOUNT *sampass)
-{
- if (sampass)
- return (sampass->private.gid);
- else
- return (-1);
-}
-
const char* pdb_get_username (const SAM_ACCOUNT *sampass)
{
if (sampass)
- return (sampass->private.username);
+ return (sampass->private_u.username);
else
return (NULL);
}
const char* pdb_get_domain (const SAM_ACCOUNT *sampass)
{
if (sampass)
- return (sampass->private.domain);
+ return (sampass->private_u.domain);
else
return (NULL);
}
const char* pdb_get_nt_username (const SAM_ACCOUNT *sampass)
{
if (sampass)
- return (sampass->private.nt_username);
+ return (sampass->private_u.nt_username);
else
return (NULL);
}
const char* pdb_get_fullname (const SAM_ACCOUNT *sampass)
{
if (sampass)
- return (sampass->private.full_name);
+ return (sampass->private_u.full_name);
else
return (NULL);
}
const char* pdb_get_homedir (const SAM_ACCOUNT *sampass)
{
if (sampass)
- return (sampass->private.home_dir);
+ return (sampass->private_u.home_dir);
else
return (NULL);
}
const char* pdb_get_unix_homedir (const SAM_ACCOUNT *sampass)
{
if (sampass)
- return (sampass->private.unix_home_dir);
+ return (sampass->private_u.unix_home_dir);
else
return (NULL);
}
const char* pdb_get_dir_drive (const SAM_ACCOUNT *sampass)
{
if (sampass)
- return (sampass->private.dir_drive);
+ return (sampass->private_u.dir_drive);
else
return (NULL);
}
const char* pdb_get_logon_script (const SAM_ACCOUNT *sampass)
{
if (sampass)
- return (sampass->private.logon_script);
+ return (sampass->private_u.logon_script);
else
return (NULL);
}
const char* pdb_get_profile_path (const SAM_ACCOUNT *sampass)
{
if (sampass)
- return (sampass->private.profile_path);
+ return (sampass->private_u.profile_path);
else
return (NULL);
}
const char* pdb_get_acct_desc (const SAM_ACCOUNT *sampass)
{
if (sampass)
- return (sampass->private.acct_desc);
+ return (sampass->private_u.acct_desc);
else
return (NULL);
}
const char* pdb_get_workstations (const SAM_ACCOUNT *sampass)
{
if (sampass)
- return (sampass->private.workstations);
+ return (sampass->private_u.workstations);
else
return (NULL);
}
const char* pdb_get_unknown_str (const SAM_ACCOUNT *sampass)
{
if (sampass)
- return (sampass->private.unknown_str);
+ return (sampass->private_u.unknown_str);
else
return (NULL);
}
const char* pdb_get_munged_dial (const SAM_ACCOUNT *sampass)
{
if (sampass)
- return (sampass->private.munged_dial);
+ return (sampass->private_u.munged_dial);
else
return (NULL);
}
-uint32 pdb_get_unknown_3 (const SAM_ACCOUNT *sampass)
+uint16 pdb_get_bad_password_count(const SAM_ACCOUNT *sampass)
{
if (sampass)
- return (sampass->private.unknown_3);
+ return (sampass->private_u.bad_password_count);
else
- return (-1);
+ return 0;
}
-uint32 pdb_get_unknown_5 (const SAM_ACCOUNT *sampass)
+uint16 pdb_get_logon_count(const SAM_ACCOUNT *sampass)
{
if (sampass)
- return (sampass->private.unknown_5);
+ return (sampass->private_u.logon_count);
else
- return (-1);
+ return 0;
}
uint32 pdb_get_unknown_6 (const SAM_ACCOUNT *sampass)
{
if (sampass)
- return (sampass->private.unknown_6);
+ return (sampass->private_u.unknown_6);
else
return (-1);
}
+void *pdb_get_backend_private_data (const SAM_ACCOUNT *sampass, const struct pdb_methods *my_methods)
+{
+ if (sampass && my_methods == sampass->private_u.backend_private_methods)
+ return sampass->private_u.backend_private_data;
+ else
+ return NULL;
+}
+
/*********************************************************************
Collection of set...() functions for SAM_ACCOUNT.
********************************************************************/
if (!sampass)
return False;
- sampass->private.acct_ctrl = acct_ctrl;
+ sampass->private_u.acct_ctrl = acct_ctrl;
return pdb_set_init_flags(sampass, PDB_ACCTCTRL, flag);
}
if (!sampass)
return False;
- sampass->private.logon_time = mytime;
+ sampass->private_u.logon_time = mytime;
return pdb_set_init_flags(sampass, PDB_LOGONTIME, flag);
}
if (!sampass)
return False;
- sampass->private.logoff_time = mytime;
+ sampass->private_u.logoff_time = mytime;
return pdb_set_init_flags(sampass, PDB_LOGOFFTIME, flag);
}
if (!sampass)
return False;
- sampass->private.kickoff_time = mytime;
+ sampass->private_u.kickoff_time = mytime;
return pdb_set_init_flags(sampass, PDB_KICKOFFTIME, flag);
}
+BOOL pdb_set_bad_password_time (SAM_ACCOUNT *sampass, time_t mytime,
+ enum pdb_value_state flag)
+{
+ if (!sampass)
+ return False;
+
+ sampass->private_u.bad_password_time = mytime;
+
+ return pdb_set_init_flags(sampass, PDB_BAD_PASSWORD_TIME, flag);
+}
+
BOOL pdb_set_pass_can_change_time (SAM_ACCOUNT *sampass, time_t mytime, enum pdb_value_state flag)
{
if (!sampass)
return False;
- sampass->private.pass_can_change_time = mytime;
+ sampass->private_u.pass_can_change_time = mytime;
return pdb_set_init_flags(sampass, PDB_CANCHANGETIME, flag);
}
if (!sampass)
return False;
- sampass->private.pass_must_change_time = mytime;
+ sampass->private_u.pass_must_change_time = mytime;
return pdb_set_init_flags(sampass, PDB_MUSTCHANGETIME, flag);
}
if (!sampass)
return False;
- sampass->private.pass_last_set_time = mytime;
+ sampass->private_u.pass_last_set_time = mytime;
return pdb_set_init_flags(sampass, PDB_PASSLASTSET, flag);
}
if (!sampass)
return False;
- sampass->private.hours_len = len;
+ sampass->private_u.hours_len = len;
return pdb_set_init_flags(sampass, PDB_HOURSLEN, flag);
}
if (!sampass)
return False;
- sampass->private.logon_divs = hours;
+ sampass->private_u.logon_divs = hours;
return pdb_set_init_flags(sampass, PDB_LOGONDIVS, flag);
}
if (!sampass || !sampass->mem_ctx)
return False;
- if (!sampass->private.set_flags) {
- if ((sampass->private.set_flags =
+ if (!sampass->private_u.set_flags) {
+ if ((sampass->private_u.set_flags =
bitmap_talloc(sampass->mem_ctx,
PDB_COUNT))==NULL) {
DEBUG(0,("bitmap_talloc failed\n"));
return False;
}
}
- if (!sampass->private.change_flags) {
- if ((sampass->private.change_flags =
+ if (!sampass->private_u.change_flags) {
+ if ((sampass->private_u.change_flags =
bitmap_talloc(sampass->mem_ctx,
PDB_COUNT))==NULL) {
DEBUG(0,("bitmap_talloc failed\n"));
switch(value_flag) {
case PDB_CHANGED:
- if (!bitmap_set(sampass->private.change_flags, element)) {
+ if (!bitmap_set(sampass->private_u.change_flags, element)) {
DEBUG(0,("Can't set flag: %d in change_flags.\n",element));
return False;
}
- if (!bitmap_set(sampass->private.set_flags, element)) {
- DEBUG(0,("Can't set flag: %d in set_falgs.\n",element));
+ if (!bitmap_set(sampass->private_u.set_flags, element)) {
+ DEBUG(0,("Can't set flag: %d in set_flags.\n",element));
return False;
}
- DEBUG(10, ("element %d -> now CHANGED\n", element));
+ DEBUG(11, ("element %d -> now CHANGED\n", element));
break;
case PDB_SET:
- if (!bitmap_clear(sampass->private.change_flags, element)) {
+ if (!bitmap_clear(sampass->private_u.change_flags, element)) {
DEBUG(0,("Can't set flag: %d in change_flags.\n",element));
return False;
}
- if (!bitmap_set(sampass->private.set_flags, element)) {
- DEBUG(0,("Can't set flag: %d in set_falgs.\n",element));
+ if (!bitmap_set(sampass->private_u.set_flags, element)) {
+ DEBUG(0,("Can't set flag: %d in set_flags.\n",element));
return False;
}
- DEBUG(10, ("element %d -> now SET\n", element));
+ DEBUG(11, ("element %d -> now SET\n", element));
break;
case PDB_DEFAULT:
default:
- if (!bitmap_clear(sampass->private.change_flags, element)) {
+ if (!bitmap_clear(sampass->private_u.change_flags, element)) {
DEBUG(0,("Can't set flag: %d in change_flags.\n",element));
return False;
}
- if (!bitmap_clear(sampass->private.set_flags, element)) {
- DEBUG(0,("Can't set flag: %d in set_falgs.\n",element));
+ if (!bitmap_clear(sampass->private_u.set_flags, element)) {
+ DEBUG(0,("Can't set flag: %d in set_flags.\n",element));
return False;
}
- DEBUG(10, ("element %d -> now DEFAULT\n", element));
+ DEBUG(11, ("element %d -> now DEFAULT\n", element));
break;
}
return True;
}
-BOOL pdb_set_uid (SAM_ACCOUNT *sampass, const uid_t uid, enum pdb_value_state flag)
-{
- if (!sampass)
- return False;
-
- DEBUG(10, ("pdb_set_uid: setting uid %d, was %d\n",
- (int)uid, (int)sampass->private.uid));
-
- sampass->private.uid = uid;
-
- return pdb_set_init_flags(sampass, PDB_UID, flag);
-}
-
-BOOL pdb_set_gid (SAM_ACCOUNT *sampass, const gid_t gid, enum pdb_value_state flag)
-{
- if (!sampass)
- return False;
-
- DEBUG(10, ("pdb_set_gid: setting gid %d, was %d\n",
- (int)gid, (int)sampass->private.gid));
-
- sampass->private.gid = gid;
-
- return pdb_set_init_flags(sampass, PDB_GID, flag);
-}
-
-BOOL pdb_set_user_sid (SAM_ACCOUNT *sampass, DOM_SID *u_sid, enum pdb_value_state flag)
+BOOL pdb_set_user_sid (SAM_ACCOUNT *sampass, const DOM_SID *u_sid, enum pdb_value_state flag)
{
if (!sampass || !u_sid)
return False;
- sid_copy(&sampass->private.user_sid, u_sid);
+ sid_copy(&sampass->private_u.user_sid, u_sid);
DEBUG(10, ("pdb_set_user_sid: setting user sid %s\n",
- sid_string_static(&sampass->private.user_sid)));
+ sid_string_static(&sampass->private_u.user_sid)));
return pdb_set_init_flags(sampass, PDB_USERSID, flag);
}
return True;
}
-BOOL pdb_set_group_sid (SAM_ACCOUNT *sampass, DOM_SID *g_sid, enum pdb_value_state flag)
+BOOL pdb_set_group_sid (SAM_ACCOUNT *sampass, const DOM_SID *g_sid, enum pdb_value_state flag)
{
if (!sampass || !g_sid)
return False;
- sid_copy(&sampass->private.group_sid, g_sid);
+ sid_copy(&sampass->private_u.group_sid, g_sid);
DEBUG(10, ("pdb_set_group_sid: setting group sid %s\n",
- sid_string_static(&sampass->private.group_sid)));
+ sid_string_static(&sampass->private_u.group_sid)));
return pdb_set_init_flags(sampass, PDB_GROUPSID, flag);
}
if (username) {
DEBUG(10, ("pdb_set_username: setting username %s, was %s\n", username,
- (sampass->private.username)?(sampass->private.username):"NULL"));
+ (sampass->private_u.username)?(sampass->private_u.username):"NULL"));
- sampass->private.username = talloc_strdup(sampass->mem_ctx, username);
+ sampass->private_u.username = talloc_strdup(sampass->mem_ctx, username);
- if (!sampass->private.username) {
+ if (!sampass->private_u.username) {
DEBUG(0, ("pdb_set_username: talloc_strdup() failed!\n"));
return False;
}
} else {
- sampass->private.username = PDB_NOT_QUITE_NULL;
+ sampass->private_u.username = PDB_NOT_QUITE_NULL;
}
return pdb_set_init_flags(sampass, PDB_USERNAME, flag);
if (domain) {
DEBUG(10, ("pdb_set_domain: setting domain %s, was %s\n", domain,
- (sampass->private.domain)?(sampass->private.domain):"NULL"));
+ (sampass->private_u.domain)?(sampass->private_u.domain):"NULL"));
- sampass->private.domain = talloc_strdup(sampass->mem_ctx, domain);
+ sampass->private_u.domain = talloc_strdup(sampass->mem_ctx, domain);
- if (!sampass->private.domain) {
+ if (!sampass->private_u.domain) {
DEBUG(0, ("pdb_set_domain: talloc_strdup() failed!\n"));
return False;
}
} else {
- sampass->private.domain = PDB_NOT_QUITE_NULL;
+ sampass->private_u.domain = PDB_NOT_QUITE_NULL;
}
return pdb_set_init_flags(sampass, PDB_DOMAIN, flag);
if (nt_username) {
DEBUG(10, ("pdb_set_nt_username: setting nt username %s, was %s\n", nt_username,
- (sampass->private.nt_username)?(sampass->private.nt_username):"NULL"));
+ (sampass->private_u.nt_username)?(sampass->private_u.nt_username):"NULL"));
- sampass->private.nt_username = talloc_strdup(sampass->mem_ctx, nt_username);
+ sampass->private_u.nt_username = talloc_strdup(sampass->mem_ctx, nt_username);
- if (!sampass->private.nt_username) {
+ if (!sampass->private_u.nt_username) {
DEBUG(0, ("pdb_set_nt_username: talloc_strdup() failed!\n"));
return False;
}
} else {
- sampass->private.nt_username = PDB_NOT_QUITE_NULL;
+ sampass->private_u.nt_username = PDB_NOT_QUITE_NULL;
}
return pdb_set_init_flags(sampass, PDB_NTUSERNAME, flag);
if (full_name) {
DEBUG(10, ("pdb_set_full_name: setting full name %s, was %s\n", full_name,
- (sampass->private.full_name)?(sampass->private.full_name):"NULL"));
+ (sampass->private_u.full_name)?(sampass->private_u.full_name):"NULL"));
- sampass->private.full_name = talloc_strdup(sampass->mem_ctx, full_name);
+ sampass->private_u.full_name = talloc_strdup(sampass->mem_ctx, full_name);
- if (!sampass->private.full_name) {
+ if (!sampass->private_u.full_name) {
DEBUG(0, ("pdb_set_fullname: talloc_strdup() failed!\n"));
return False;
}
} else {
- sampass->private.full_name = PDB_NOT_QUITE_NULL;
+ sampass->private_u.full_name = PDB_NOT_QUITE_NULL;
}
return pdb_set_init_flags(sampass, PDB_FULLNAME, flag);
if (logon_script) {
DEBUG(10, ("pdb_set_logon_script: setting logon script %s, was %s\n", logon_script,
- (sampass->private.logon_script)?(sampass->private.logon_script):"NULL"));
+ (sampass->private_u.logon_script)?(sampass->private_u.logon_script):"NULL"));
- sampass->private.logon_script = talloc_strdup(sampass->mem_ctx, logon_script);
+ sampass->private_u.logon_script = talloc_strdup(sampass->mem_ctx, logon_script);
- if (!sampass->private.logon_script) {
+ if (!sampass->private_u.logon_script) {
DEBUG(0, ("pdb_set_logon_script: talloc_strdup() failed!\n"));
return False;
}
} else {
- sampass->private.logon_script = PDB_NOT_QUITE_NULL;
+ sampass->private_u.logon_script = PDB_NOT_QUITE_NULL;
}
return pdb_set_init_flags(sampass, PDB_LOGONSCRIPT, flag);
if (profile_path) {
DEBUG(10, ("pdb_set_profile_path: setting profile path %s, was %s\n", profile_path,
- (sampass->private.profile_path)?(sampass->private.profile_path):"NULL"));
+ (sampass->private_u.profile_path)?(sampass->private_u.profile_path):"NULL"));
- sampass->private.profile_path = talloc_strdup(sampass->mem_ctx, profile_path);
+ sampass->private_u.profile_path = talloc_strdup(sampass->mem_ctx, profile_path);
- if (!sampass->private.profile_path) {
+ if (!sampass->private_u.profile_path) {
DEBUG(0, ("pdb_set_profile_path: talloc_strdup() failed!\n"));
return False;
}
} else {
- sampass->private.profile_path = PDB_NOT_QUITE_NULL;
+ sampass->private_u.profile_path = PDB_NOT_QUITE_NULL;
}
return pdb_set_init_flags(sampass, PDB_PROFILE, flag);
if (dir_drive) {
DEBUG(10, ("pdb_set_dir_drive: setting dir drive %s, was %s\n", dir_drive,
- (sampass->private.dir_drive)?(sampass->private.dir_drive):"NULL"));
+ (sampass->private_u.dir_drive)?(sampass->private_u.dir_drive):"NULL"));
- sampass->private.dir_drive = talloc_strdup(sampass->mem_ctx, dir_drive);
+ sampass->private_u.dir_drive = talloc_strdup(sampass->mem_ctx, dir_drive);
- if (!sampass->private.dir_drive) {
+ if (!sampass->private_u.dir_drive) {
DEBUG(0, ("pdb_set_dir_drive: talloc_strdup() failed!\n"));
return False;
}
} else {
- sampass->private.dir_drive = PDB_NOT_QUITE_NULL;
+ sampass->private_u.dir_drive = PDB_NOT_QUITE_NULL;
}
return pdb_set_init_flags(sampass, PDB_DRIVE, flag);
if (home_dir) {
DEBUG(10, ("pdb_set_homedir: setting home dir %s, was %s\n", home_dir,
- (sampass->private.home_dir)?(sampass->private.home_dir):"NULL"));
+ (sampass->private_u.home_dir)?(sampass->private_u.home_dir):"NULL"));
- sampass->private.home_dir = talloc_strdup(sampass->mem_ctx, home_dir);
+ sampass->private_u.home_dir = talloc_strdup(sampass->mem_ctx, home_dir);
- if (!sampass->private.home_dir) {
+ if (!sampass->private_u.home_dir) {
DEBUG(0, ("pdb_set_home_dir: talloc_strdup() failed!\n"));
return False;
}
} else {
- sampass->private.home_dir = PDB_NOT_QUITE_NULL;
+ sampass->private_u.home_dir = PDB_NOT_QUITE_NULL;
}
return pdb_set_init_flags(sampass, PDB_SMBHOME, flag);
if (unix_home_dir) {
DEBUG(10, ("pdb_set_unix_homedir: setting home dir %s, was %s\n", unix_home_dir,
- (sampass->private.unix_home_dir)?(sampass->private.unix_home_dir):"NULL"));
+ (sampass->private_u.unix_home_dir)?(sampass->private_u.unix_home_dir):"NULL"));
- sampass->private.unix_home_dir = talloc_strdup(sampass->mem_ctx,
+ sampass->private_u.unix_home_dir = talloc_strdup(sampass->mem_ctx,
unix_home_dir);
- if (!sampass->private.unix_home_dir) {
+ if (!sampass->private_u.unix_home_dir) {
DEBUG(0, ("pdb_set_unix_home_dir: talloc_strdup() failed!\n"));
return False;
}
} else {
- sampass->private.unix_home_dir = PDB_NOT_QUITE_NULL;
+ sampass->private_u.unix_home_dir = PDB_NOT_QUITE_NULL;
}
return pdb_set_init_flags(sampass, PDB_UNIXHOMEDIR, flag);
return False;
if (acct_desc) {
- sampass->private.acct_desc = talloc_strdup(sampass->mem_ctx, acct_desc);
+ sampass->private_u.acct_desc = talloc_strdup(sampass->mem_ctx, acct_desc);
- if (!sampass->private.acct_desc) {
+ if (!sampass->private_u.acct_desc) {
DEBUG(0, ("pdb_set_acct_desc: talloc_strdup() failed!\n"));
return False;
}
} else {
- sampass->private.acct_desc = PDB_NOT_QUITE_NULL;
+ sampass->private_u.acct_desc = PDB_NOT_QUITE_NULL;
}
return pdb_set_init_flags(sampass, PDB_ACCTDESC, flag);
if (workstations) {
DEBUG(10, ("pdb_set_workstations: setting workstations %s, was %s\n", workstations,
- (sampass->private.workstations)?(sampass->private.workstations):"NULL"));
+ (sampass->private_u.workstations)?(sampass->private_u.workstations):"NULL"));
- sampass->private.workstations = talloc_strdup(sampass->mem_ctx, workstations);
+ sampass->private_u.workstations = talloc_strdup(sampass->mem_ctx, workstations);
- if (!sampass->private.workstations) {
+ if (!sampass->private_u.workstations) {
DEBUG(0, ("pdb_set_workstations: talloc_strdup() failed!\n"));
return False;
}
} else {
- sampass->private.workstations = PDB_NOT_QUITE_NULL;
+ sampass->private_u.workstations = PDB_NOT_QUITE_NULL;
}
return pdb_set_init_flags(sampass, PDB_WORKSTATIONS, flag);
return False;
if (unknown_str) {
- sampass->private.unknown_str = talloc_strdup(sampass->mem_ctx, unknown_str);
+ sampass->private_u.unknown_str = talloc_strdup(sampass->mem_ctx, unknown_str);
- if (!sampass->private.unknown_str) {
+ if (!sampass->private_u.unknown_str) {
DEBUG(0, ("pdb_set_unknown_str: talloc_strdup() failed!\n"));
return False;
}
} else {
- sampass->private.unknown_str = PDB_NOT_QUITE_NULL;
+ sampass->private_u.unknown_str = PDB_NOT_QUITE_NULL;
}
return pdb_set_init_flags(sampass, PDB_UNKNOWNSTR, flag);
return False;
if (munged_dial) {
- sampass->private.munged_dial = talloc_strdup(sampass->mem_ctx, munged_dial);
+ sampass->private_u.munged_dial = talloc_strdup(sampass->mem_ctx, munged_dial);
- if (!sampass->private.munged_dial) {
+ if (!sampass->private_u.munged_dial) {
DEBUG(0, ("pdb_set_munged_dial: talloc_strdup() failed!\n"));
return False;
}
} else {
- sampass->private.munged_dial = PDB_NOT_QUITE_NULL;
+ sampass->private_u.munged_dial = PDB_NOT_QUITE_NULL;
}
return pdb_set_init_flags(sampass, PDB_MUNGEDDIAL, flag);
if (!sampass)
return False;
- data_blob_clear_free(&sampass->private.nt_pw);
+ data_blob_clear_free(&sampass->private_u.nt_pw);
- sampass->private.nt_pw = data_blob(pwd, NT_HASH_LEN);
+ if (pwd) {
+ sampass->private_u.nt_pw = data_blob(pwd, NT_HASH_LEN);
+ } else {
+ sampass->private_u.nt_pw = data_blob(NULL, 0);
+ }
return pdb_set_init_flags(sampass, PDB_NTPASSWD, flag);
}
if (!sampass)
return False;
- data_blob_clear_free(&sampass->private.lm_pw);
+ data_blob_clear_free(&sampass->private_u.lm_pw);
- sampass->private.lm_pw = data_blob(pwd, LM_HASH_LEN);
+ if (pwd) {
+ sampass->private_u.lm_pw = data_blob(pwd, LM_HASH_LEN);
+ } else {
+ sampass->private_u.lm_pw = data_blob(NULL, 0);
+ }
return pdb_set_init_flags(sampass, PDB_LMPASSWD, flag);
}
+/*********************************************************************
+ Set the user's password history hash. historyLen is the number of
+ PW_HISTORY_SALT_LEN+SALTED_MD5_HASH_LEN length
+ entries to store in the history - this must match the size of the uint8 array
+ in pwd.
+********************************************************************/
+
+BOOL pdb_set_pw_history (SAM_ACCOUNT *sampass, const uint8 *pwd, uint32 historyLen, enum pdb_value_state flag)
+{
+ if (!sampass)
+ return False;
+
+ if (historyLen && pwd){
+ sampass->private_u.nt_pw_his = data_blob_talloc(sampass->mem_ctx,
+ pwd, historyLen*PW_HISTORY_ENTRY_LEN);
+ if (!sampass->private_u.nt_pw_his.length) {
+ DEBUG(0, ("pdb_set_pw_history: data_blob_talloc() failed!\n"));
+ return False;
+ }
+ } else {
+ sampass->private_u.nt_pw_his = data_blob_talloc(sampass->mem_ctx, NULL, 0);
+ }
+
+ return pdb_set_init_flags(sampass, PDB_PWHISTORY, flag);
+}
+
/*********************************************************************
Set the user's plaintext password only (base procedure, see helper
below)
return False;
if (password) {
- if (sampass->private.plaintext_pw!=NULL)
- memset(sampass->private.plaintext_pw,'\0',strlen(sampass->private.plaintext_pw)+1);
+ if (sampass->private_u.plaintext_pw!=NULL)
+ memset(sampass->private_u.plaintext_pw,'\0',strlen(sampass->private_u.plaintext_pw)+1);
- sampass->private.plaintext_pw = talloc_strdup(sampass->mem_ctx, password);
+ sampass->private_u.plaintext_pw = talloc_strdup(sampass->mem_ctx, password);
- if (!sampass->private.plaintext_pw) {
+ if (!sampass->private_u.plaintext_pw) {
DEBUG(0, ("pdb_set_unknown_str: talloc_strdup() failed!\n"));
return False;
}
} else {
- sampass->private.plaintext_pw = NULL;
+ sampass->private_u.plaintext_pw = NULL;
}
return pdb_set_init_flags(sampass, PDB_PLAINTEXT_PW, flag);
}
-BOOL pdb_set_unknown_3 (SAM_ACCOUNT *sampass, uint32 unkn, enum pdb_value_state flag)
+BOOL pdb_set_bad_password_count(SAM_ACCOUNT *sampass, uint16 bad_password_count, enum pdb_value_state flag)
{
if (!sampass)
return False;
- sampass->private.unknown_3 = unkn;
-
- return pdb_set_init_flags(sampass, PDB_UNKNOWN3, flag);
+ sampass->private_u.bad_password_count = bad_password_count;
+
+ return pdb_set_init_flags(sampass, PDB_BAD_PASSWORD_COUNT, flag);
}
-BOOL pdb_set_unknown_5 (SAM_ACCOUNT *sampass, uint32 unkn, enum pdb_value_state flag)
+BOOL pdb_set_logon_count(SAM_ACCOUNT *sampass, uint16 logon_count, enum pdb_value_state flag)
{
if (!sampass)
return False;
- sampass->private.unknown_5 = unkn;
+ sampass->private_u.logon_count = logon_count;
- return pdb_set_init_flags(sampass, PDB_UNKNOWN5, flag);
+ return pdb_set_init_flags(sampass, PDB_LOGON_COUNT, flag);
}
BOOL pdb_set_unknown_6 (SAM_ACCOUNT *sampass, uint32 unkn, enum pdb_value_state flag)
if (!sampass)
return False;
- sampass->private.unknown_6 = unkn;
+ sampass->private_u.unknown_6 = unkn;
return pdb_set_init_flags(sampass, PDB_UNKNOWN6, flag);
}
return False;
if (!hours) {
- memset ((char *)sampass->private.hours, 0, MAX_HOURS_LEN);
+ memset ((char *)sampass->private_u.hours, 0, MAX_HOURS_LEN);
return True;
}
- memcpy (sampass->private.hours, hours, MAX_HOURS_LEN);
+ memcpy (sampass->private_u.hours, hours, MAX_HOURS_LEN);
return pdb_set_init_flags(sampass, PDB_HOURS, flag);
}
+BOOL pdb_set_backend_private_data (SAM_ACCOUNT *sampass, void *private_data,
+ void (*free_fn)(void **),
+ const struct pdb_methods *my_methods,
+ enum pdb_value_state flag)
+{
+ if (!sampass)
+ return False;
+
+ if (sampass->private_u.backend_private_data && sampass->private_u.backend_private_data_free_fn) {
+ sampass->private_u.backend_private_data_free_fn(&sampass->private_u.backend_private_data);
+ }
+
+ sampass->private_u.backend_private_data = private_data;
+ sampass->private_u.backend_private_data_free_fn = free_fn;
+ sampass->private_u.backend_private_methods = my_methods;
+
+ return pdb_set_init_flags(sampass, PDB_BACKEND_PRIVATE_DATA, flag);
+}
+
/* Helpful interfaces to the above */
BOOL pdb_set_pass_changed_now (SAM_ACCOUNT *sampass)
{
uint32 expire;
+ uint32 min_age;
if (!sampass)
return False;
if (!pdb_set_pass_last_set_time (sampass, time(NULL), PDB_CHANGED))
return False;
- if (!account_policy_get(AP_MAX_PASSWORD_AGE, &expire)
- || (expire==(uint32)-1)) {
+ if (!pdb_get_account_policy(AP_MAX_PASSWORD_AGE, &expire)
+ || (expire==(uint32)-1) || (expire == 0)) {
if (!pdb_set_pass_must_change_time (sampass, get_time_t_max(), PDB_CHANGED))
return False;
} else {
return False;
}
+ if (!pdb_get_account_policy(AP_MIN_PASSWORD_AGE, &min_age)
+ || (min_age==(uint32)-1)) {
+ if (!pdb_set_pass_can_change_time (sampass, 0, PDB_CHANGED))
+ return False;
+ } else {
+ if (!pdb_set_pass_can_change_time (sampass,
+ pdb_get_pass_last_set_time(sampass)
+ + min_age, PDB_CHANGED))
+ return False;
+ }
return True;
}
BOOL pdb_set_plaintext_passwd (SAM_ACCOUNT *sampass, const char *plaintext)
{
- uchar new_lanman_p16[16];
- uchar new_nt_p16[16];
+ uchar new_lanman_p16[LM_HASH_LEN];
+ uchar new_nt_p16[NT_HASH_LEN];
if (!sampass || !plaintext)
return False;
-
- nt_lm_owf_gen (plaintext, new_nt_p16, new_lanman_p16);
+
+ /* Calculate the MD4 hash (NT compatible) of the password */
+ E_md4hash(plaintext, new_nt_p16);
if (!pdb_set_nt_passwd (sampass, new_nt_p16, PDB_CHANGED))
return False;
- if (!pdb_set_lanman_passwd (sampass, new_lanman_p16, PDB_CHANGED))
- return False;
+ if (!E_deshash(plaintext, new_lanman_p16)) {
+ /* E_deshash returns false for 'long' passwords (> 14
+ DOS chars). This allows us to match Win2k, which
+ does not store a LM hash for these passwords (which
+ would reduce the effective password length to 14 */
+
+ if (!pdb_set_lanman_passwd (sampass, NULL, PDB_CHANGED))
+ return False;
+ } else {
+ if (!pdb_set_lanman_passwd (sampass, new_lanman_p16, PDB_CHANGED))
+ return False;
+ }
if (!pdb_set_plaintext_pw_only (sampass, plaintext, PDB_CHANGED))
return False;
if (!pdb_set_pass_changed_now (sampass))
return False;
+ /* Store the password history. */
+ if (pdb_get_acct_ctrl(sampass) & ACB_NORMAL) {
+ uchar *pwhistory;
+ uint32 pwHistLen;
+ pdb_get_account_policy(AP_PASSWORD_HISTORY, &pwHistLen);
+ if (pwHistLen != 0){
+ uint32 current_history_len;
+ /* We need to make sure we don't have a race condition here - the
+ account policy history length can change between when the pw_history
+ was first loaded into the SAM_ACCOUNT struct and now.... JRA. */
+ pwhistory = (uchar *)pdb_get_pw_history(sampass, ¤t_history_len);
+
+ if (current_history_len != pwHistLen) {
+ /* After closing and reopening SAM_ACCOUNT the history
+ values will sync up. We can't do this here. */
+
+ /* current_history_len > pwHistLen is not a problem - we
+ have more history than we need. */
+
+ if (current_history_len < pwHistLen) {
+ /* Ensure we have space for the needed history. */
+ uchar *new_history = TALLOC(sampass->mem_ctx,
+ pwHistLen*PW_HISTORY_ENTRY_LEN);
+ /* And copy it into the new buffer. */
+ if (current_history_len) {
+ memcpy(new_history, pwhistory,
+ current_history_len*PW_HISTORY_ENTRY_LEN);
+ }
+ /* Clearing out any extra space. */
+ memset(&new_history[current_history_len*PW_HISTORY_ENTRY_LEN],
+ '\0', (pwHistLen-current_history_len)*PW_HISTORY_ENTRY_LEN);
+ /* Finally replace it. */
+ pwhistory = new_history;
+ }
+ }
+ if (pwhistory && pwHistLen){
+ /* Make room for the new password in the history list. */
+ if (pwHistLen > 1) {
+ memmove(&pwhistory[PW_HISTORY_ENTRY_LEN],
+ pwhistory, (pwHistLen -1)*PW_HISTORY_ENTRY_LEN );
+ }
+ /* Create the new salt as the first part of the history entry. */
+ generate_random_buffer(pwhistory, PW_HISTORY_SALT_LEN);
+
+ /* Generate the md5 hash of the salt+new password as the second
+ part of the history entry. */
+
+ E_md5hash(pwhistory, new_nt_p16, &pwhistory[PW_HISTORY_SALT_LEN]);
+ pdb_set_pw_history(sampass, pwhistory, pwHistLen, PDB_CHANGED);
+ } else {
+ DEBUG (10,("pdb_get_set.c: pdb_set_plaintext_passwd: pwhistory was NULL!\n"));
+ }
+ } else {
+ /* Set the history length to zero. */
+ pdb_set_pw_history(sampass, NULL, 0, PDB_CHANGED);
+ }
+ }
+
return True;
}
+
+/* check for any PDB_SET/CHANGED field and fill the appropriate mask bit */
+uint32 pdb_build_fields_present (SAM_ACCOUNT *sampass)
+{
+ /* value set to all for testing */
+ return 0x00ffffff;
+}