summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2006-01-05 09:03:13 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 13:49:45 -0500
commitff90c1c5c3b291d3d7ed5027743e1227df7a96d1 (patch)
tree23331b66fa34d846bda91fd43bdd8a0f397885db
parent4bfe2907e77809e499e998dd63f41985c5a02279 (diff)
downloadsamba-ff90c1c5c3b291d3d7ed5027743e1227df7a96d1.tar.gz
samba-ff90c1c5c3b291d3d7ed5027743e1227df7a96d1.tar.bz2
samba-ff90c1c5c3b291d3d7ed5027743e1227df7a96d1.zip
r12720: By metze's request, rename the ntPwdHistory attribute to
sambaNTPassword. Likewise lmPwdHistory -> sambaLMPwdHistory. The idea here is to avoid having conflicting formats when we get to replication. We know the base data matches, but we may need to use a module to munge formats. Andrew Bartlett (This used to be commit 8e608dd4bf4f108e02274a9977ced04a0a270570)
-rw-r--r--source4/dsdb/samdb/ldb_modules/password_hash.c64
-rw-r--r--source4/rpc_server/samr/samr_password.c28
-rw-r--r--source4/setup/provision_init.ldif4
3 files changed, 48 insertions, 48 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/password_hash.c b/source4/dsdb/samdb/ldb_modules/password_hash.c
index 80017548d2..e0fc50f242 100644
--- a/source4/dsdb/samdb/ldb_modules/password_hash.c
+++ b/source4/dsdb/samdb/ldb_modules/password_hash.c
@@ -72,12 +72,12 @@ static int password_hash_handle(struct ldb_module *module, struct ldb_request *r
uint_t userAccountControl;
const char *dnsDomain, *realm;
const char *sambaPassword;
- struct samr_Password *lmPwdHistory, *ntPwdHistory;
+ struct samr_Password *sambaLMPwdHistory, *sambaNTPwdHistory;
struct samr_Password *lmPwdHash, *ntPwdHash;
struct samr_Password *lmOldHash = NULL, *ntOldHash = NULL;
- struct samr_Password *new_lmPwdHistory, *new_ntPwdHistory;
+ struct samr_Password *new_sambaLMPwdHistory, *new_sambaNTPwdHistory;
struct samr_Password local_lmNewHash, local_ntNewHash;
- int lmPwdHistory_len, ntPwdHistory_len;
+ int sambaLMPwdHistory_len, sambaNTPwdHistory_len;
uint_t kvno;
struct dom_sid *domain_sid;
time_t now = time(NULL);
@@ -105,8 +105,8 @@ static int password_hash_handle(struct ldb_module *module, struct ldb_request *r
const char *domain_expression;
const char *old_user_attrs[] = { "lmPwdHash", "ntPwdHash", NULL };
- const char *user_attrs[] = { "userAccountControl", "lmPwdHistory",
- "ntPwdHistory",
+ const char *user_attrs[] = { "userAccountControl", "sambaLMPwdHistory",
+ "sambaNTPwdHistory",
"ntPwdHash",
"objectSid", "msDS-KeyVersionNumber",
"objectClass", "userPrincipalName",
@@ -274,10 +274,10 @@ static int password_hash_handle(struct ldb_module *module, struct ldb_request *r
}
userAccountControl = samdb_result_uint(res->msgs[0], "userAccountControl", 0);
- lmPwdHistory_len = samdb_result_hashes(mem_ctx, res->msgs[0],
- "lmPwdHistory", &lmPwdHistory);
- ntPwdHistory_len = samdb_result_hashes(mem_ctx, res->msgs[0],
- "ntPwdHistory", &ntPwdHistory);
+ sambaLMPwdHistory_len = samdb_result_hashes(mem_ctx, res->msgs[0],
+ "sambaLMPwdHistory", &sambaLMPwdHistory);
+ sambaNTPwdHistory_len = samdb_result_hashes(mem_ctx, res->msgs[0],
+ "sambaNTPwdHistory", &sambaNTPwdHistory);
ntPwdHash = samdb_result_hash(mem_ctx, res->msgs[0], "ntPwdHash");
kvno = samdb_result_uint(res->msgs[0], "msDS-KeyVersionNumber", 0);
@@ -588,61 +588,61 @@ static int password_hash_handle(struct ldb_module *module, struct ldb_request *r
}
}
- CHECK_RET(ldb_msg_add_empty(modify_msg, "lmPwdHistory",
+ CHECK_RET(ldb_msg_add_empty(modify_msg, "sambaLMPwdHistory",
LDB_FLAG_MOD_REPLACE));
- CHECK_RET(ldb_msg_add_empty(modify_msg, "ntPwdHistory",
+ CHECK_RET(ldb_msg_add_empty(modify_msg, "sambaNTPwdHistory",
LDB_FLAG_MOD_REPLACE));
/* If we have something to put into the history, or an old
* history element to expire, update the history */
if (pwdHistoryLength > 0 &&
- ((ntPwdHistory_len > 0) || (lmPwdHistory_len > 0)
+ ((sambaNTPwdHistory_len > 0) || (sambaLMPwdHistory_len > 0)
|| lmOldHash || ntOldHash)) {
/* store the password history */
- new_lmPwdHistory = talloc_array(mem_ctx, struct samr_Password,
+ new_sambaLMPwdHistory = talloc_array(mem_ctx, struct samr_Password,
pwdHistoryLength);
- if (!new_lmPwdHistory) {
+ if (!new_sambaLMPwdHistory) {
return LDB_ERR_OPERATIONS_ERROR;
}
- new_ntPwdHistory = talloc_array(mem_ctx, struct samr_Password,
+ new_sambaNTPwdHistory = talloc_array(mem_ctx, struct samr_Password,
pwdHistoryLength);
- if (!new_ntPwdHistory) {
+ if (!new_sambaNTPwdHistory) {
return LDB_ERR_OPERATIONS_ERROR;
}
- for (i=0;i<MIN(pwdHistoryLength-1, lmPwdHistory_len);i++) {
- new_lmPwdHistory[i+1] = lmPwdHistory[i];
+ for (i=0;i<MIN(pwdHistoryLength-1, sambaLMPwdHistory_len);i++) {
+ new_sambaLMPwdHistory[i+1] = sambaLMPwdHistory[i];
}
- for (i=0;i<MIN(pwdHistoryLength-1, ntPwdHistory_len);i++) {
- new_ntPwdHistory[i+1] = ntPwdHistory[i];
+ for (i=0;i<MIN(pwdHistoryLength-1, sambaNTPwdHistory_len);i++) {
+ new_sambaNTPwdHistory[i+1] = sambaNTPwdHistory[i];
}
/* Don't store 'long' passwords in the LM history,
but make sure to 'expire' one password off the other end */
if (lmOldHash) {
- new_lmPwdHistory[0] = *lmOldHash;
+ new_sambaLMPwdHistory[0] = *lmOldHash;
} else {
- ZERO_STRUCT(new_lmPwdHistory[0]);
+ ZERO_STRUCT(new_sambaLMPwdHistory[0]);
}
- lmPwdHistory_len = MIN(lmPwdHistory_len + 1, pwdHistoryLength);
+ sambaLMPwdHistory_len = MIN(sambaLMPwdHistory_len + 1, pwdHistoryLength);
/* Likewise, we might not have a new NT password (lm
* only password change function) */
if (ntOldHash) {
- new_ntPwdHistory[0] = *ntOldHash;
+ new_sambaNTPwdHistory[0] = *ntOldHash;
} else {
- ZERO_STRUCT(new_ntPwdHistory[0]);
+ ZERO_STRUCT(new_sambaNTPwdHistory[0]);
}
- ntPwdHistory_len = MIN(ntPwdHistory_len + 1, pwdHistoryLength);
+ sambaNTPwdHistory_len = MIN(sambaNTPwdHistory_len + 1, pwdHistoryLength);
CHECK_RET(samdb_msg_add_hashes(module->ldb, mem_ctx, modify_msg,
- "lmPwdHistory",
- new_lmPwdHistory,
- lmPwdHistory_len));
+ "sambaLMPwdHistory",
+ new_sambaLMPwdHistory,
+ sambaLMPwdHistory_len));
CHECK_RET(samdb_msg_add_hashes(module->ldb, mem_ctx, modify_msg,
- "ntPwdHistory",
- new_ntPwdHistory,
- ntPwdHistory_len));
+ "sambaNTPwdHistory",
+ new_sambaNTPwdHistory,
+ sambaNTPwdHistory_len));
}
/* Too much code above, we should check we got it close to reasonable */
diff --git a/source4/rpc_server/samr/samr_password.c b/source4/rpc_server/samr/samr_password.c
index 39c077418f..cc0f0aa3b7 100644
--- a/source4/rpc_server/samr/samr_password.c
+++ b/source4/rpc_server/samr/samr_password.c
@@ -532,8 +532,8 @@ NTSTATUS samdb_set_password(struct ldb_context *ctx, TALLOC_CTX *mem_ctx,
enum samr_RejectReason *reject_reason,
struct samr_DomInfo1 **_dominfo)
{
- const char * const user_attrs[] = { "userAccountControl", "lmPwdHistory",
- "ntPwdHistory",
+ const char * const user_attrs[] = { "userAccountControl", "sambaLMPwdHistory",
+ "sambaNTPwdHistory",
"lmPwdHash", "ntPwdHash",
"objectSid",
"pwdLastSet", NULL };
@@ -544,9 +544,9 @@ NTSTATUS samdb_set_password(struct ldb_context *ctx, TALLOC_CTX *mem_ctx,
int64_t minPwdAge;
uint_t minPwdLength, pwdProperties, pwdHistoryLength;
uint_t userAccountControl;
- struct samr_Password *lmPwdHistory, *ntPwdHistory, *lmPwdHash, *ntPwdHash;
+ struct samr_Password *sambaLMPwdHistory, *sambaNTPwdHistory, *lmPwdHash, *ntPwdHash;
struct samr_Password local_lmNewHash, local_ntNewHash;
- int lmPwdHistory_len, ntPwdHistory_len;
+ int sambaLMPwdHistory_len, sambaNTPwdHistory_len;
struct dom_sid *domain_sid;
struct ldb_message **res;
int count;
@@ -563,10 +563,10 @@ NTSTATUS samdb_set_password(struct ldb_context *ctx, TALLOC_CTX *mem_ctx,
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
userAccountControl = samdb_result_uint(res[0], "userAccountControl", 0);
- lmPwdHistory_len = samdb_result_hashes(mem_ctx, res[0],
- "lmPwdHistory", &lmPwdHistory);
- ntPwdHistory_len = samdb_result_hashes(mem_ctx, res[0],
- "ntPwdHistory", &ntPwdHistory);
+ sambaLMPwdHistory_len = samdb_result_hashes(mem_ctx, res[0],
+ "sambaLMPwdHistory", &sambaLMPwdHistory);
+ sambaNTPwdHistory_len = samdb_result_hashes(mem_ctx, res[0],
+ "sambaNTPwdHistory", &sambaNTPwdHistory);
lmPwdHash = samdb_result_hash(mem_ctx, res[0], "lmPwdHash");
ntPwdHash = samdb_result_hash(mem_ctx, res[0], "ntPwdHash");
pwdLastSet = samdb_result_uint64(res[0], "pwdLastSet", 0);
@@ -680,19 +680,19 @@ NTSTATUS samdb_set_password(struct ldb_context *ctx, TALLOC_CTX *mem_ctx,
}
/* check the password history */
- lmPwdHistory_len = MIN(lmPwdHistory_len, pwdHistoryLength);
- ntPwdHistory_len = MIN(ntPwdHistory_len, pwdHistoryLength);
+ sambaLMPwdHistory_len = MIN(sambaLMPwdHistory_len, pwdHistoryLength);
+ sambaNTPwdHistory_len = MIN(sambaNTPwdHistory_len, pwdHistoryLength);
- for (i=0; lmNewHash && i<lmPwdHistory_len;i++) {
- if (memcmp(lmNewHash->hash, lmPwdHistory[i].hash, 16) == 0) {
+ for (i=0; lmNewHash && i<sambaLMPwdHistory_len;i++) {
+ if (memcmp(lmNewHash->hash, sambaLMPwdHistory[i].hash, 16) == 0) {
if (reject_reason) {
*reject_reason = SAMR_REJECT_COMPLEXITY;
}
return NT_STATUS_PASSWORD_RESTRICTION;
}
}
- for (i=0; ntNewHash && i<ntPwdHistory_len;i++) {
- if (memcmp(ntNewHash->hash, ntPwdHistory[i].hash, 16) == 0) {
+ for (i=0; ntNewHash && i<sambaNTPwdHistory_len;i++) {
+ if (memcmp(ntNewHash->hash, sambaNTPwdHistory[i].hash, 16) == 0) {
if (reject_reason) {
*reject_reason = SAMR_REJECT_COMPLEXITY;
}
diff --git a/source4/setup/provision_init.ldif b/source4/setup/provision_init.ldif
index 5746fbfcda..cac851e97b 100644
--- a/source4/setup/provision_init.ldif
+++ b/source4/setup/provision_init.ldif
@@ -24,9 +24,9 @@ objectClass: CASE_INSENSITIVE
sambaPassword: HIDDEN
krb5Key: HIDDEN
ntPwdHash: HIDDEN
-ntPwdHistory: HIDDEN
+sambaNTPwdHistory: HIDDEN
lmPwdHash: HIDDEN
-lmPwdHistory: HIDDEN
+sambaLMPwdHistory: HIDDEN
createTimestamp: HIDDEN
modifyTimestamp: HIDDEN
groupType: INTEGER