s3-account_policy: add pdb_policy_type enum.

Guenther
author: Günther Deschner <gd@samba.org> 2009-07-13 23:53:49 +0200
committer: Günther Deschner <gd@samba.org> 2009-07-14 12:12:18 +0200
commit: 9f15ef11bdf75dbc1a1af3c2bc35b1d653216f62 (patch)
tree: 600d736069915ef79e6acc698204ae05a1fdbda9 /source3/passdb
parent: 39fa9468c6b8099429b971d75c0647033b60901c (diff)
download: samba-9f15ef11bdf75dbc1a1af3c2bc35b1d653216f62.tar.gz
samba-9f15ef11bdf75dbc1a1af3c2bc35b1d653216f62.tar.bz2
samba-9f15ef11bdf75dbc1a1af3c2bc35b1d653216f62.zip
5 files changed, 46 insertions, 42 deletions
diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c
index 4ed04e4e7a..0678181669 100644
--- a/source3/passdb/passdb.c
+++ b/source3/passdb/passdb.c
@@ -1439,7 +1439,7 @@ static bool init_samu_from_buffer_v2(struct samu *sampass, uint8 *buf, uint32 bu
 	}
 
 	/* Change from V1 is addition of password history field. */
-	pdb_get_account_policy(AP_PASSWORD_HISTORY, &pwHistLen);
+	pdb_get_account_policy(PDB_POLICY_PASSWORD_HISTORY, &pwHistLen);
 	if (pwHistLen) {
 		uint8 *pw_hist = SMB_MALLOC_ARRAY(uint8, pwHistLen * PW_HISTORY_ENTRY_LEN);
 		if (!pw_hist) {
@@ -1674,7 +1674,7 @@ static bool init_samu_from_buffer_v3(struct samu *sampass, uint8 *buf, uint32 bu
 		}
 	}
 
-	pdb_get_account_policy(AP_PASSWORD_HISTORY, &pwHistLen);
+	pdb_get_account_policy(PDB_POLICY_PASSWORD_HISTORY, &pwHistLen);
 	if (pwHistLen) {
 		uint8 *pw_hist = (uint8 *)SMB_MALLOC(pwHistLen * PW_HISTORY_ENTRY_LEN);
 		if (!pw_hist) {
@@ -1879,7 +1879,7 @@ static uint32 init_buffer_from_samu_v3 (uint8 **buf, struct samu *sampass, bool
 		nt_pw_len = 0;
 	}
 
-	pdb_get_account_policy(AP_PASSWORD_HISTORY, &pwHistLen);
+	pdb_get_account_policy(PDB_POLICY_PASSWORD_HISTORY, &pwHistLen);
 	nt_pw_hist =  pdb_get_pw_history(sampass, &nt_pw_hist_len);
 	if (pwHistLen && nt_pw_hist && nt_pw_hist_len) {
 		nt_pw_hist_len *= PW_HISTORY_ENTRY_LEN;
@@ -2085,7 +2085,7 @@ bool pdb_copy_sam_account(struct samu *dst, struct samu *src )
 }
 
 /*********************************************************************
- Update the bad password count checking the AP_RESET_COUNT_TIME 
+ Update the bad password count checking the PDB_POLICY_RESET_COUNT_TIME
 *********************************************************************/
 
 bool pdb_update_bad_password_count(struct samu *sampass, bool *updated)
@@ -2102,7 +2102,7 @@ bool pdb_update_bad_password_count(struct samu *sampass, bool *updated)
 	}
 
 	become_root();
-	res = pdb_get_account_policy(AP_RESET_COUNT_TIME, &resettime);
+	res = pdb_get_account_policy(PDB_POLICY_RESET_COUNT_TIME, &resettime);
 	unbecome_root();
 
 	if (!res) {
@@ -2131,7 +2131,7 @@ bool pdb_update_bad_password_count(struct samu *sampass, bool *updated)
 }
 
 /*********************************************************************
- Update the ACB_AUTOLOCK flag checking the AP_LOCK_ACCOUNT_DURATION 
+ Update the ACB_AUTOLOCK flag checking the PDB_POLICY_LOCK_ACCOUNT_DURATION
 *********************************************************************/
 
 bool pdb_update_autolock_flag(struct samu *sampass, bool *updated)
@@ -2147,7 +2147,7 @@ bool pdb_update_autolock_flag(struct samu *sampass, bool *updated)
 	}
 
 	become_root();
-	res = pdb_get_account_policy(AP_LOCK_ACCOUNT_DURATION, &duration);
+	res = pdb_get_account_policy(PDB_POLICY_LOCK_ACCOUNT_DURATION, &duration);
 	unbecome_root();
 
 	if (!res) {
@@ -2199,7 +2199,7 @@ bool pdb_increment_bad_password_count(struct samu *sampass)
 
 	/* Retrieve the account lockout policy */
 	become_root();
-	ret = pdb_get_account_policy(AP_BAD_ATTEMPT_LOCKOUT, &account_policy_lockout);
+	ret = pdb_get_account_policy(PDB_POLICY_BAD_ATTEMPT_LOCKOUT, &account_policy_lockout);
 	unbecome_root();
 	if ( !ret ) {
 		DEBUG(0, ("pdb_increment_bad_password_count: pdb_get_account_policy failed.\n"));
diff --git a/source3/passdb/pdb_ads.c b/source3/passdb/pdb_ads.c
index 66fdff181f..70d550042b 100644
--- a/source3/passdb/pdb_ads.c
+++ b/source3/passdb/pdb_ads.c
@@ -1706,16 +1706,18 @@ static NTSTATUS pdb_ads_lookup_names(struct pdb_methods *m,
 }
 
 static NTSTATUS pdb_ads_get_account_policy(struct pdb_methods *m,
-					   int policy_index, uint32 *value)
+					   enum pdb_policy_type type,
+					   uint32_t *value)
 {
-	return account_policy_get(policy_index, value)
+	return account_policy_get(type, value)
 		? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
 }
 
 static NTSTATUS pdb_ads_set_account_policy(struct pdb_methods *m,
-					   int policy_index, uint32 value)
+					   enum pdb_policy_type type,
+					   uint32_t value)
 {
-	return account_policy_set(policy_index, value)
+	return account_policy_set(type, value)
 		? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
 }
 
diff --git a/source3/passdb/pdb_get_set.c b/source3/passdb/pdb_get_set.c
index f55b77f675..30775e49fe 100644
--- a/source3/passdb/pdb_get_set.c
+++ b/source3/passdb/pdb_get_set.c
@@ -88,7 +88,7 @@ time_t pdb_get_pass_can_change_time(const struct samu *sampass)
 	    pdb_get_init_flags(sampass, PDB_CANCHANGETIME) == PDB_CHANGED)
 		return sampass->pass_can_change_time;
 
-	if (!pdb_get_account_policy(AP_MIN_PASSWORD_AGE, &allow))
+	if (!pdb_get_account_policy(PDB_POLICY_MIN_PASSWORD_AGE, &allow))
 		allow = 0;
 
 	/* in normal cases, just calculate it from policy */
@@ -112,7 +112,7 @@ time_t pdb_get_pass_must_change_time(const struct samu *sampass)
 	if (sampass->acct_ctrl & ACB_PWNOEXP)
 		return get_time_t_max();
 
-	if (!pdb_get_account_policy(AP_MAX_PASSWORD_AGE, &expire)
+	if (!pdb_get_account_policy(PDB_POLICY_MAX_PASSWORD_AGE, &expire)
 	    || expire == (uint32)-1 || expire == 0) 
 		return get_time_t_max();
 
@@ -1013,7 +1013,7 @@ bool pdb_set_plaintext_passwd(struct samu *sampass, const char *plaintext)
 	if (pdb_get_acct_ctrl(sampass) & ACB_NORMAL) {
 		uchar *pwhistory;
 		uint32 pwHistLen;
-		pdb_get_account_policy(AP_PASSWORD_HISTORY, &pwHistLen);
+		pdb_get_account_policy(PDB_POLICY_PASSWORD_HISTORY, &pwHistLen);
 		if (pwHistLen != 0){
 			uint32 current_history_len;
 			/* We need to make sure we don't have a race condition here - the
diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 465a6bf595..5d0b625da5 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -994,25 +994,25 @@ NTSTATUS pdb_lookup_names(const DOM_SID *domain_sid,
 }
 #endif
 
-bool pdb_get_account_policy(int policy_index, uint32 *value)
+bool pdb_get_account_policy(enum pdb_policy_type type, uint32_t *value)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
 	NTSTATUS status;
 
 	become_root();
-	status = pdb->get_account_policy(pdb, policy_index, value);
+	status = pdb->get_account_policy(pdb, type, value);
 	unbecome_root();
 
 	return NT_STATUS_IS_OK(status);	
 }
 
-bool pdb_set_account_policy(int policy_index, uint32 value)
+bool pdb_set_account_policy(enum pdb_policy_type type, uint32_t value)
 {
 	struct pdb_methods *pdb = pdb_get_methods();
 	NTSTATUS status;
 
 	become_root();
-	status = pdb->set_account_policy(pdb, policy_index, value);
+	status = pdb->set_account_policy(pdb, type, value);
 	unbecome_root();
 
 	return NT_STATUS_IS_OK(status);
@@ -1174,14 +1174,14 @@ static NTSTATUS pdb_default_update_login_attempts (struct pdb_methods *methods,
 	return NT_STATUS_OK;
 }
 
-static NTSTATUS pdb_default_get_account_policy(struct pdb_methods *methods, int policy_index, uint32 *value)
+static NTSTATUS pdb_default_get_account_policy(struct pdb_methods *methods, enum pdb_policy_type type, uint32_t *value)
 {
-	return account_policy_get(policy_index, value) ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
+	return account_policy_get(type, value) ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
 }
 
-static NTSTATUS pdb_default_set_account_policy(struct pdb_methods *methods, int policy_index, uint32 value)
+static NTSTATUS pdb_default_set_account_policy(struct pdb_methods *methods, enum pdb_policy_type type, uint32_t value)
 {
-	return account_policy_set(policy_index, value) ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
+	return account_policy_set(type, value) ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
 }
 
 static NTSTATUS pdb_default_get_seq_num(struct pdb_methods *methods, time_t *seq_num)
diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c
index 173298561f..11554a76ac 100644
--- a/source3/passdb/pdb_ldap.c
+++ b/source3/passdb/pdb_ldap.c
@@ -902,7 +902,7 @@ static bool init_sam_from_ldap(struct ldapsam_privates *ldap_state,
 
 	pwHistLen = 0;
 
-	pdb_get_account_policy(AP_PASSWORD_HISTORY, &pwHistLen);
+	pdb_get_account_policy(PDB_POLICY_PASSWORD_HISTORY, &pwHistLen);
 	if (pwHistLen > 0){
 		uint8 *pwhist = NULL;
 		int i;
@@ -1327,7 +1327,7 @@ static bool init_ldap_from_sam (struct ldapsam_privates *ldap_state,
 		if (need_update(sampass, PDB_PWHISTORY)) {
 			char *pwstr = NULL;
 			uint32 pwHistLen = 0;
-			pdb_get_account_policy(AP_PASSWORD_HISTORY, &pwHistLen);
+			pdb_get_account_policy(PDB_POLICY_PASSWORD_HISTORY, &pwHistLen);
 
 			pwstr = SMB_MALLOC_ARRAY(char, 1024);
 			if (!pwstr) {
@@ -1404,7 +1404,7 @@ static bool init_ldap_from_sam (struct ldapsam_privates *ldap_state,
 		uint16 badcount = pdb_get_bad_password_count(sampass);
 		time_t badtime = pdb_get_bad_password_time(sampass);
 		uint32 pol;
-		pdb_get_account_policy(AP_BAD_ATTEMPT_LOCKOUT, &pol);
+		pdb_get_account_policy(PDB_POLICY_BAD_ATTEMPT_LOCKOUT, &pol);
 
 		DEBUG(3, ("updating bad password fields, policy=%u, count=%u, time=%u\n",
 			(unsigned int)pol, (unsigned int)badcount, (unsigned int)badtime));
@@ -3762,7 +3762,7 @@ static NTSTATUS ldapsam_alias_memberships(struct pdb_methods *methods,
 }
 
 static NTSTATUS ldapsam_set_account_policy_in_ldap(struct pdb_methods *methods,
-						   int policy_index,
+						   enum pdb_policy_type type,
 						   uint32 value)
 {
 	NTSTATUS ntstatus = NT_STATUS_UNSUCCESSFUL;
@@ -3780,7 +3780,7 @@ static NTSTATUS ldapsam_set_account_policy_in_ldap(struct pdb_methods *methods,
 		return NT_STATUS_INVALID_PARAMETER;
 	}
 
-	policy_attr = get_account_policy_attr(policy_index);
+	policy_attr = get_account_policy_attr(type);
 	if (policy_attr == NULL) {
 		DEBUG(0,("ldapsam_set_account_policy_in_ldap: invalid "
 			 "policy\n"));
@@ -3800,7 +3800,7 @@ static NTSTATUS ldapsam_set_account_policy_in_ldap(struct pdb_methods *methods,
 		return ntstatus;
 	}
 
-	if (!cache_account_policy_set(policy_index, value)) {
+	if (!cache_account_policy_set(type, value)) {
 		DEBUG(0,("ldapsam_set_account_policy_in_ldap: failed to "
 			 "update local tdb cache\n"));
 		return ntstatus;
@@ -3810,14 +3810,15 @@ static NTSTATUS ldapsam_set_account_policy_in_ldap(struct pdb_methods *methods,
 }
 
 static NTSTATUS ldapsam_set_account_policy(struct pdb_methods *methods,
-					   int policy_index, uint32 value)
+					   enum pdb_policy_type type,
+					   uint32_t value)
 {
-	return ldapsam_set_account_policy_in_ldap(methods, policy_index,
+	return ldapsam_set_account_policy_in_ldap(methods, type,
 						  value);
 }
 
 static NTSTATUS ldapsam_get_account_policy_from_ldap(struct pdb_methods *methods,
-						     int policy_index,
+						     enum pdb_policy_type type,
 						     uint32 *value)
 {
 	NTSTATUS ntstatus = NT_STATUS_UNSUCCESSFUL;
@@ -3839,10 +3840,10 @@ static NTSTATUS ldapsam_get_account_policy_from_ldap(struct pdb_methods *methods
 		return NT_STATUS_INVALID_PARAMETER;
 	}
 
-	policy_attr = get_account_policy_attr(policy_index);
+	policy_attr = get_account_policy_attr(type);
 	if (!policy_attr) {
 		DEBUG(0,("ldapsam_get_account_policy_from_ldap: invalid "
-			 "policy index: %d\n", policy_index));
+			 "policy index: %d\n", type));
 		return ntstatus;
 	}
 
@@ -3896,17 +3897,18 @@ out:
    Guenther
 */
 static NTSTATUS ldapsam_get_account_policy(struct pdb_methods *methods,
-					   int policy_index, uint32 *value)
+					   enum pdb_policy_type type,
+					   uint32_t *value)
 {
 	NTSTATUS ntstatus = NT_STATUS_UNSUCCESSFUL;
 
-	if (cache_account_policy_get(policy_index, value)) {
+	if (cache_account_policy_get(type, value)) {
 		DEBUG(11,("ldapsam_get_account_policy: got valid value from "
 			  "cache\n"));
 		return NT_STATUS_OK;
 	}
 
-	ntstatus = ldapsam_get_account_policy_from_ldap(methods, policy_index,
+	ntstatus = ldapsam_get_account_policy_from_ldap(methods, type,
 							value);
 	if (NT_STATUS_IS_OK(ntstatus)) {
 		goto update_cache;
@@ -3917,27 +3919,27 @@ static NTSTATUS ldapsam_get_account_policy(struct pdb_methods *methods,
 
 #if 0
 	/* should we automagically migrate old tdb value here ? */
-	if (account_policy_get(policy_index, value))
+	if (account_policy_get(type, value))
 		goto update_ldap;
 
 	DEBUG(10,("ldapsam_get_account_policy: no tdb for %d, trying "
-		  "default\n", policy_index));
+		  "default\n", type));
 #endif
 
-	if (!account_policy_get_default(policy_index, value)) {
+	if (!account_policy_get_default(type, value)) {
 		return ntstatus;
 	}
 
 /* update_ldap: */
 
- 	ntstatus = ldapsam_set_account_policy(methods, policy_index, *value);
+	ntstatus = ldapsam_set_account_policy(methods, type, *value);
 	if (!NT_STATUS_IS_OK(ntstatus)) {
 		return ntstatus;
 	}
 
  update_cache:
 
-	if (!cache_account_policy_set(policy_index, *value)) {
+	if (!cache_account_policy_set(type, *value)) {
 		DEBUG(0,("ldapsam_get_account_policy: failed to update local "
 			 "tdb as a cache\n"));
 		return NT_STATUS_UNSUCCESSFUL;
author	Günther Deschner <gd@samba.org>	2009-07-13 23:53:49 +0200
committer	Günther Deschner <gd@samba.org>	2009-07-14 12:12:18 +0200
commit	9f15ef11bdf75dbc1a1af3c2bc35b1d653216f62 (patch)
tree	600d736069915ef79e6acc698204ae05a1fdbda9 /source3/passdb
parent	39fa9468c6b8099429b971d75c0647033b60901c (diff)
download	samba-9f15ef11bdf75dbc1a1af3c2bc35b1d653216f62.tar.gz samba-9f15ef11bdf75dbc1a1af3c2bc35b1d653216f62.tar.bz2 samba-9f15ef11bdf75dbc1a1af3c2bc35b1d653216f62.zip