From 8e608dd4bf4f108e02274a9977ced04a0a270570 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Thu, 5 Jan 2006 09:03:13 +0000 Subject: [PATCH] r12720: By metze's request, rename the ntPwdHistory attribute to sambaNTPassword. Likewise lmPwdHistory -> sambaLMPwdHistory. The idea here is to avoid having conflicting formats when we get to replication. We know the base data matches, but we may need to use a module to munge formats. Andrew Bartlett --- source/dsdb/samdb/ldb_modules/password_hash.c | 64 +++++++++---------- source/rpc_server/samr/samr_password.c | 28 ++++---- source/setup/provision_init.ldif | 4 +- 3 files changed, 48 insertions(+), 48 deletions(-) diff --git a/source/dsdb/samdb/ldb_modules/password_hash.c b/source/dsdb/samdb/ldb_modules/password_hash.c index 80017548d2c..e0fc50f242d 100644 --- a/source/dsdb/samdb/ldb_modules/password_hash.c +++ b/source/dsdb/samdb/ldb_modules/password_hash.c @@ -72,12 +72,12 @@ static int password_hash_handle(struct ldb_module *module, struct ldb_request *r uint_t userAccountControl; const char *dnsDomain, *realm; const char *sambaPassword; - struct samr_Password *lmPwdHistory, *ntPwdHistory; + struct samr_Password *sambaLMPwdHistory, *sambaNTPwdHistory; struct samr_Password *lmPwdHash, *ntPwdHash; struct samr_Password *lmOldHash = NULL, *ntOldHash = NULL; - struct samr_Password *new_lmPwdHistory, *new_ntPwdHistory; + struct samr_Password *new_sambaLMPwdHistory, *new_sambaNTPwdHistory; struct samr_Password local_lmNewHash, local_ntNewHash; - int lmPwdHistory_len, ntPwdHistory_len; + int sambaLMPwdHistory_len, sambaNTPwdHistory_len; uint_t kvno; struct dom_sid *domain_sid; time_t now = time(NULL); @@ -105,8 +105,8 @@ static int password_hash_handle(struct ldb_module *module, struct ldb_request *r const char *domain_expression; const char *old_user_attrs[] = { "lmPwdHash", "ntPwdHash", NULL }; - const char *user_attrs[] = { "userAccountControl", "lmPwdHistory", - "ntPwdHistory", + const char *user_attrs[] = { "userAccountControl", "sambaLMPwdHistory", + "sambaNTPwdHistory", "ntPwdHash", "objectSid", "msDS-KeyVersionNumber", "objectClass", "userPrincipalName", @@ -274,10 +274,10 @@ static int password_hash_handle(struct ldb_module *module, struct ldb_request *r } userAccountControl = samdb_result_uint(res->msgs[0], "userAccountControl", 0); - lmPwdHistory_len = samdb_result_hashes(mem_ctx, res->msgs[0], - "lmPwdHistory", &lmPwdHistory); - ntPwdHistory_len = samdb_result_hashes(mem_ctx, res->msgs[0], - "ntPwdHistory", &ntPwdHistory); + sambaLMPwdHistory_len = samdb_result_hashes(mem_ctx, res->msgs[0], + "sambaLMPwdHistory", &sambaLMPwdHistory); + sambaNTPwdHistory_len = samdb_result_hashes(mem_ctx, res->msgs[0], + "sambaNTPwdHistory", &sambaNTPwdHistory); ntPwdHash = samdb_result_hash(mem_ctx, res->msgs[0], "ntPwdHash"); kvno = samdb_result_uint(res->msgs[0], "msDS-KeyVersionNumber", 0); @@ -588,61 +588,61 @@ static int password_hash_handle(struct ldb_module *module, struct ldb_request *r } } - CHECK_RET(ldb_msg_add_empty(modify_msg, "lmPwdHistory", + CHECK_RET(ldb_msg_add_empty(modify_msg, "sambaLMPwdHistory", LDB_FLAG_MOD_REPLACE)); - CHECK_RET(ldb_msg_add_empty(modify_msg, "ntPwdHistory", + CHECK_RET(ldb_msg_add_empty(modify_msg, "sambaNTPwdHistory", LDB_FLAG_MOD_REPLACE)); /* If we have something to put into the history, or an old * history element to expire, update the history */ if (pwdHistoryLength > 0 && - ((ntPwdHistory_len > 0) || (lmPwdHistory_len > 0) + ((sambaNTPwdHistory_len > 0) || (sambaLMPwdHistory_len > 0) || lmOldHash || ntOldHash)) { /* store the password history */ - new_lmPwdHistory = talloc_array(mem_ctx, struct samr_Password, + new_sambaLMPwdHistory = talloc_array(mem_ctx, struct samr_Password, pwdHistoryLength); - if (!new_lmPwdHistory) { + if (!new_sambaLMPwdHistory) { return LDB_ERR_OPERATIONS_ERROR; } - new_ntPwdHistory = talloc_array(mem_ctx, struct samr_Password, + new_sambaNTPwdHistory = talloc_array(mem_ctx, struct samr_Password, pwdHistoryLength); - if (!new_ntPwdHistory) { + if (!new_sambaNTPwdHistory) { return LDB_ERR_OPERATIONS_ERROR; } - for (i=0;ildb, mem_ctx, modify_msg, - "lmPwdHistory", - new_lmPwdHistory, - lmPwdHistory_len)); + "sambaLMPwdHistory", + new_sambaLMPwdHistory, + sambaLMPwdHistory_len)); CHECK_RET(samdb_msg_add_hashes(module->ldb, mem_ctx, modify_msg, - "ntPwdHistory", - new_ntPwdHistory, - ntPwdHistory_len)); + "sambaNTPwdHistory", + new_sambaNTPwdHistory, + sambaNTPwdHistory_len)); } /* Too much code above, we should check we got it close to reasonable */ diff --git a/source/rpc_server/samr/samr_password.c b/source/rpc_server/samr/samr_password.c index 39c077418fd..cc0f0aa3b7c 100644 --- a/source/rpc_server/samr/samr_password.c +++ b/source/rpc_server/samr/samr_password.c @@ -532,8 +532,8 @@ NTSTATUS samdb_set_password(struct ldb_context *ctx, TALLOC_CTX *mem_ctx, enum samr_RejectReason *reject_reason, struct samr_DomInfo1 **_dominfo) { - const char * const user_attrs[] = { "userAccountControl", "lmPwdHistory", - "ntPwdHistory", + const char * const user_attrs[] = { "userAccountControl", "sambaLMPwdHistory", + "sambaNTPwdHistory", "lmPwdHash", "ntPwdHash", "objectSid", "pwdLastSet", NULL }; @@ -544,9 +544,9 @@ NTSTATUS samdb_set_password(struct ldb_context *ctx, TALLOC_CTX *mem_ctx, int64_t minPwdAge; uint_t minPwdLength, pwdProperties, pwdHistoryLength; uint_t userAccountControl; - struct samr_Password *lmPwdHistory, *ntPwdHistory, *lmPwdHash, *ntPwdHash; + struct samr_Password *sambaLMPwdHistory, *sambaNTPwdHistory, *lmPwdHash, *ntPwdHash; struct samr_Password local_lmNewHash, local_ntNewHash; - int lmPwdHistory_len, ntPwdHistory_len; + int sambaLMPwdHistory_len, sambaNTPwdHistory_len; struct dom_sid *domain_sid; struct ldb_message **res; int count; @@ -563,10 +563,10 @@ NTSTATUS samdb_set_password(struct ldb_context *ctx, TALLOC_CTX *mem_ctx, return NT_STATUS_INTERNAL_DB_CORRUPTION; } userAccountControl = samdb_result_uint(res[0], "userAccountControl", 0); - lmPwdHistory_len = samdb_result_hashes(mem_ctx, res[0], - "lmPwdHistory", &lmPwdHistory); - ntPwdHistory_len = samdb_result_hashes(mem_ctx, res[0], - "ntPwdHistory", &ntPwdHistory); + sambaLMPwdHistory_len = samdb_result_hashes(mem_ctx, res[0], + "sambaLMPwdHistory", &sambaLMPwdHistory); + sambaNTPwdHistory_len = samdb_result_hashes(mem_ctx, res[0], + "sambaNTPwdHistory", &sambaNTPwdHistory); lmPwdHash = samdb_result_hash(mem_ctx, res[0], "lmPwdHash"); ntPwdHash = samdb_result_hash(mem_ctx, res[0], "ntPwdHash"); pwdLastSet = samdb_result_uint64(res[0], "pwdLastSet", 0); @@ -680,19 +680,19 @@ NTSTATUS samdb_set_password(struct ldb_context *ctx, TALLOC_CTX *mem_ctx, } /* check the password history */ - lmPwdHistory_len = MIN(lmPwdHistory_len, pwdHistoryLength); - ntPwdHistory_len = MIN(ntPwdHistory_len, pwdHistoryLength); + sambaLMPwdHistory_len = MIN(sambaLMPwdHistory_len, pwdHistoryLength); + sambaNTPwdHistory_len = MIN(sambaNTPwdHistory_len, pwdHistoryLength); - for (i=0; lmNewHash && ihash, lmPwdHistory[i].hash, 16) == 0) { + for (i=0; lmNewHash && ihash, sambaLMPwdHistory[i].hash, 16) == 0) { if (reject_reason) { *reject_reason = SAMR_REJECT_COMPLEXITY; } return NT_STATUS_PASSWORD_RESTRICTION; } } - for (i=0; ntNewHash && ihash, ntPwdHistory[i].hash, 16) == 0) { + for (i=0; ntNewHash && ihash, sambaNTPwdHistory[i].hash, 16) == 0) { if (reject_reason) { *reject_reason = SAMR_REJECT_COMPLEXITY; } diff --git a/source/setup/provision_init.ldif b/source/setup/provision_init.ldif index 5746fbfcda7..cac851e97bd 100644 --- a/source/setup/provision_init.ldif +++ b/source/setup/provision_init.ldif @@ -24,9 +24,9 @@ objectClass: CASE_INSENSITIVE sambaPassword: HIDDEN krb5Key: HIDDEN ntPwdHash: HIDDEN -ntPwdHistory: HIDDEN +sambaNTPwdHistory: HIDDEN lmPwdHash: HIDDEN -lmPwdHistory: HIDDEN +sambaLMPwdHistory: HIDDEN createTimestamp: HIDDEN modifyTimestamp: HIDDEN groupType: INTEGER