diff options
| author | Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de> | 2009-10-04 19:30:53 +0200 |
|---|---|---|
| committer | Stefan Metzmacher <metze@samba.org> | 2010-05-10 12:20:27 +0200 |
| commit | 946993238fbb0e4920bf3c6c1178236b4f039b3b (patch) | |
| tree | e0f0806ac1f848cd7f5a632515f2fe8474c8ba93 /source4/dsdb/common/util.c | |
| parent | 6ee53309a180d32cf6df1a72fde30c9455d5364d (diff) | |
| download | samba-946993238fbb0e4920bf3c6c1178236b4f039b3b.tar.gz samba-946993238fbb0e4920bf3c6c1178236b4f039b3b.tar.bz2 samba-946993238fbb0e4920bf3c6c1178236b4f039b3b.zip | |
s4:dsdb/util.c - Add a new function for retrieving password change attributes
This is needed since we have not only reset operations on password fields
(attributes marked with REPLACE flag) but also change operations which can be
performed by users itself. They have one attribute with the old value marked
with the REMOVE flag and one with the new one marked with the ADD flag.
This function helps to retrieve them (argument "new" is used for the new
password on both reset and change).
Diffstat (limited to 'source4/dsdb/common/util.c')
| -rw-r--r-- | source4/dsdb/common/util.c | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c index 40f0a7f6c6..2948be0e23 100644 --- a/source4/dsdb/common/util.c +++ b/source4/dsdb/common/util.c @@ -722,6 +722,47 @@ struct ldb_message_element *samdb_find_attribute(struct ldb_context *ldb, return NULL; } +/* + * This is intended for use by the "password hash" module since there + * password changes can be specified through one message element with the + * new password (to set) and another one with the old password (to unset). + * + * The first which sets a password (new value) can have flags + * (LDB_FLAG_MOD_ADD, LDB_FLAG_MOD_REPLACE) but also none (on "add" operations + * for entries). The latter (old value) has always specified + * LDB_FLAG_MOD_DELETE. + * + * Returns LDB_ERR_NO_SUCH_ATTRIBUTE if the attribute which should be deleted + * doesn't contain only one value (this is the Windows Server behaviour) + * otherwise LDB_SUCCESS. + */ +int samdb_msg_find_old_and_new_ldb_val(const struct ldb_message *msg, + const char *name, + const struct ldb_val **new_val, + const struct ldb_val **old_val) +{ + unsigned int i; + + *new_val = NULL; + *old_val = NULL; + + if (msg == NULL) { + return LDB_SUCCESS; + } + + for (i = 0; i < msg->num_elements; i++) { + if (ldb_attr_cmp(msg->elements[i].name, name) == 0) { + if (msg->elements[i].flags == LDB_FLAG_MOD_DELETE) { + *old_val = &msg->elements[i].values[0]; + } else { + *new_val = &msg->elements[i].values[0]; + } + } + } + + return LDB_SUCCESS; +} + int samdb_find_or_add_value(struct ldb_context *ldb, struct ldb_message *msg, const char *name, const char *set_value) { if (samdb_find_attribute(ldb, msg, name, set_value) == NULL) { |