summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source4/lib/samba3/config.mk3
-rw-r--r--source4/lib/samba3/policy.c67
-rw-r--r--source4/lib/samba3/policy.h37
-rw-r--r--source4/lib/samba3/samba3dump.c26
-rw-r--r--source4/lib/tdb/include/tdbutil.h2
5 files changed, 134 insertions, 1 deletions
diff --git a/source4/lib/samba3/config.mk b/source4/lib/samba3/config.mk
index 5045901b3b..ba6c1a8dbc 100644
--- a/source4/lib/samba3/config.mk
+++ b/source4/lib/samba3/config.mk
@@ -3,7 +3,8 @@
[SUBSYSTEM::LIBSAMBA3]
INIT_OBJ_FILES = \
lib/samba3/smbpasswd.o \
- lib/samba3/tdbsam.o
+ lib/samba3/tdbsam.o \
+ lib/samba3/policy.o
# End SUBSYSTEM LIBSAMBA3
################################################
diff --git a/source4/lib/samba3/policy.c b/source4/lib/samba3/policy.c
new file mode 100644
index 0000000000..796e6eefac
--- /dev/null
+++ b/source4/lib/samba3/policy.c
@@ -0,0 +1,67 @@
+/*
+ * Unix SMB/CIFS implementation.
+ * account policy storage
+ * Copyright (C) Jean François Micouleau 1998-2001.
+ * Copyright (C) Andrew Bartlett 2002
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ */
+
+#include "includes.h"
+#include "lib/tdb/include/tdbutil.h"
+#include "lib/samba3/policy.h"
+#include "system/filesys.h"
+
+#define DATABASE_VERSION 2
+
+/****************************************************************************
+ Open the account policy tdb.
+****************************************************************************/
+
+struct samba3_policy *samba3_read_account_policy(TALLOC_CTX *ctx, const char *fn)
+{
+ struct samba3_policy *ret;
+ const char *vstring = "INFO/version";
+ uint32_t version;
+
+ TDB_CONTEXT *tdb = tdb_open(fn, 0, TDB_DEFAULT, O_RDONLY, 0600);
+ if (!tdb) {
+ DEBUG(0,("Failed to open account policy database\n"));
+ return NULL;
+ }
+
+ /* handle a Samba upgrade */
+ if (!tdb_fetch_uint32(tdb, vstring, &version) || version != DATABASE_VERSION) {
+ tdb_store_uint32(tdb, vstring, DATABASE_VERSION);
+ }
+
+ ret = talloc_zero(ctx, struct samba3_policy);
+
+ tdb_fetch_uint32(tdb, "min password length", &ret->min_password_length);
+ tdb_fetch_uint32(tdb, "password history", &ret->password_history);
+ tdb_fetch_uint32(tdb, "user must logon to change pasword", &ret->user_must_logon_to_change_password);
+ tdb_fetch_uint32(tdb, "maximum password age", &ret->maximum_password_age);
+ tdb_fetch_uint32(tdb, "minimum password age", &ret->minimum_password_age);
+ tdb_fetch_uint32(tdb, "lockout duration", &ret->lockout_duration);
+ tdb_fetch_uint32(tdb, "reset count minutes", &ret->reset_count_minutes);
+ tdb_fetch_uint32(tdb, "bad lockout minutes", &ret->bad_lockout_minutes);
+ tdb_fetch_uint32(tdb, "disconnect time", &ret->disconnect_time);
+ tdb_fetch_uint32(tdb, "refuse machine password change", &ret->refuse_machine_password_change);
+
+ tdb_close(tdb);
+
+ return ret;
+}
+
diff --git a/source4/lib/samba3/policy.h b/source4/lib/samba3/policy.h
new file mode 100644
index 0000000000..b41f38a394
--- /dev/null
+++ b/source4/lib/samba3/policy.h
@@ -0,0 +1,37 @@
+/*
+ Unix SMB/CIFS implementation.
+ Copyright (C) Jelmer Vernooij 2005.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#ifndef _SAMBA3_POLICY_H /* _SAMBA3_POLICY_H */
+#define _SAMBA3_POLICY_H
+
+struct samba3_policy
+{
+ uint32_t min_password_length;
+ uint32_t password_history;
+ uint32_t user_must_logon_to_change_password;
+ uint32_t maximum_password_age;
+ uint32_t minimum_password_age;
+ uint32_t lockout_duration;
+ uint32_t reset_count_minutes;
+ uint32_t bad_lockout_minutes;
+ uint32_t disconnect_time;
+ uint32_t refuse_machine_password_change;
+};
+
+#endif /* _SAMBA3_POLICY_H */
diff --git a/source4/lib/samba3/samba3dump.c b/source4/lib/samba3/samba3dump.c
index 4071ba1bf9..72052092ff 100644
--- a/source4/lib/samba3/samba3dump.c
+++ b/source4/lib/samba3/samba3dump.c
@@ -20,11 +20,34 @@
*/
#include "includes.h"
+#include "lib/samba3/policy.h"
#include "lib/samba3/sam.h"
#include "lib/cmdline/popt_common.h"
static const char *libdir = "/var/lib/samba";
+static NTSTATUS print_policy(void)
+{
+ struct samba3_policy *ret;
+ char *policy_file;
+ TALLOC_CTX *mem_ctx = talloc_init(NULL);
+
+ policy_file = talloc_asprintf(mem_ctx, "%s/account_policy.tdb", libdir);
+
+ printf("Opening policy file %s\n", policy_file);
+
+ ret = samba3_read_account_policy(mem_ctx, policy_file);
+
+ if (ret == NULL)
+ return NT_STATUS_UNSUCCESSFUL;
+
+ printf("Min password length: %d\n", ret->min_password_length);
+
+ talloc_free(mem_ctx);
+
+ return NT_STATUS_OK;
+}
+
static NTSTATUS print_sam(void)
{
struct samba3_samaccount *accounts;
@@ -39,8 +62,10 @@ static NTSTATUS print_sam(void)
status = samba3_read_tdbsam(NULL, tdbsam_file, &accounts, &count);
if (NT_STATUS_IS_ERR(status)) {
fprintf(stderr, "Error reading tdbsam database %s\n", tdbsam_file);
+ SAFE_FREE(tdbsam_file);
return status;
}
+ SAFE_FREE(tdbsam_file);
for (i = 0; i < count; i++) {
printf("%d: %s\n", accounts[i].user_rid, accounts[i].username);
@@ -68,6 +93,7 @@ int main(int argc, char **argv)
}
print_sam();
+ print_policy();
poptFreeContext(pc);
diff --git a/source4/lib/tdb/include/tdbutil.h b/source4/lib/tdb/include/tdbutil.h
index 0d86ddc993..2f7c0ec234 100644
--- a/source4/lib/tdb/include/tdbutil.h
+++ b/source4/lib/tdb/include/tdbutil.h
@@ -38,7 +38,9 @@ int32_t tdb_change_int32_atomic(TDB_CONTEXT *tdb, const char *keystr, int32_t *o
int tdb_lock_bystring(TDB_CONTEXT *tdb, const char *keyval);
void tdb_unlock_bystring(TDB_CONTEXT *tdb, const char *keyval);
int32_t tdb_fetch_int32(TDB_CONTEXT *tdb, const char *keystr);
+BOOL tdb_store_uint32(TDB_CONTEXT *tdb, const char *keystr, uint32_t value);
int tdb_store_int32(TDB_CONTEXT *tdb, const char *keystr, int32_t v);
+BOOL tdb_fetch_uint32(TDB_CONTEXT *tdb, const char *keystr, uint32_t *value);
int tdb_traverse_delete_fn(TDB_CONTEXT *the_tdb, TDB_DATA key, TDB_DATA dbuf,
void *state);
int tdb_store_bystring(TDB_CONTEXT *tdb, const char *keystr, TDB_DATA data, int flags);