[pdbsql-cvs] SF.net SVN: pdbsql: [68] trunk

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Revision: 68
Author:   synnack
Date:     2006-08-20 12:28:53 -0700 (Sun, 20 Aug 2006)
ViewCVS:  http://svn.sourceforge.net/pdbsql/?rev=68&view=rev

Log Message:
-----------
Add password history feature and update documentation.
Fix logon hours handling in mysql.
Some formatting fixes.

Modified Paths:
--------------
    trunk/docs/mysql.dump
    trunk/docs/pgsql.dump
    trunk/pdb_mysql.c
    trunk/pdb_pgsql.c
    trunk/pdb_sql.c
Modified: trunk/docs/mysql.dump
===================================================================

--- trunk/docs/mysql.dump	2006-08-20 10:44:44 UTC (rev 67)
+++ trunk/docs/mysql.dump	2006-08-20 19:28:53 UTC (rev 68)
@@ -33,5 +33,6 @@
 	bad_password_count int(9) default NULL,
 	logon_count int(9) default '0',
 	logon_hours varchar(42) default NULL,
+	password_history text default NULL,
 	KEY username(username)
 );

Modified: trunk/docs/pgsql.dump
===================================================================
--- trunk/docs/pgsql.dump	2006-08-20 10:44:44 UTC (rev 67)
+++ trunk/docs/pgsql.dump	2006-08-20 19:28:53 UTC (rev 68)
@@ -1,3 +1,6 @@
+/* 
+ * Import this file with psql < pgsql.dump 
+ */
 CREATE TABLE users (
 	logon_time integer default NULL,
 	logoff_time integer default NULL,
@@ -30,6 +33,7 @@
 	bad_password_count integer default NULL,
 	logon_count integer default '0',
 	logon_hours varchar(42) default NULL,
+	password_history text default NULL,
 	UNIQUE (username),
 	UNIQUE (nt_username)
 );

Modified: trunk/pdb_mysql.c
===================================================================
--- trunk/pdb_mysql.c	2006-08-20 10:44:44 UTC (rev 67)
+++ trunk/pdb_mysql.c	2006-08-20 19:28:53 UTC (rev 68)
@@ -140,6 +140,20 @@
 	pdb_set_bad_password_count(u, xatol(row[26]), PDB_SET);
 	pdb_set_logon_count(u, xatol(row[27]), PDB_SET);
 	pdb_set_unknown_6(u, xatol(row[28]), PDB_SET);
+	pdb_set_hours(u, (uint8 *)row[29], PDB_SET);
+	
+	if (row[30]) {
+		uint8 pwhist[MAX_PW_HISTORY_LEN * PW_HISTORY_ENTRY_LEN];
+		int i;
+		
+		memset(&pwhist, 0, MAX_PW_HISTORY_LEN * PW_HISTORY_ENTRY_LEN);
+		for (i = 0; i < MAX_PW_HISTORY_LEN && i < strlen(row[30])/64; i++) {
+			pdb_gethexpwd(&(row[30])[i*64], &pwhist[i*PW_HISTORY_ENTRY_LEN]);
+			pdb_gethexpwd(&(row[30])[i*64+32], 
+					&pwhist[i*PW_HISTORY_ENTRY_LEN+PW_HISTORY_SALT_LEN]);
+		}
+		pdb_set_pw_history(u, pwhist, strlen(row[30])/64, PDB_SET);
+	}
 
 	return NT_STATUS_OK;
 }

Modified: trunk/pdb_pgsql.c
===================================================================
--- trunk/pdb_pgsql.c	2006-08-20 10:44:44 UTC (rev 67)
+++ trunk/pdb_pgsql.c	2006-08-20 19:28:53 UTC (rev 68)
@@ -176,9 +176,9 @@
     hours = PQunescapeBytea ( hours, &hours_len ) ;
     if ( hours_len > 0 )
        pdb_set_hours            ( u, hours, PDB_SET ) ;
-    free ( hours );
   }
   
+  
   if ( !PQgetisnull( r, row, 18 ) ) {
     string_to_sid( &sid, PQgetvalue( r, row, 18 ) ) ;
     pdb_set_user_sid ( u, &sid, PDB_SET ) ;
@@ -191,6 +191,21 @@
   
   if ( pdb_gethexpwd( PQgetvalue( r, row, 20 ), temp ), PDB_SET ) pdb_set_lanman_passwd( u, temp, PDB_SET ) ;
   if ( pdb_gethexpwd( PQgetvalue( r, row, 21 ), temp ), PDB_SET ) pdb_set_nt_passwd    ( u, temp, PDB_SET ) ;
+
+	if (!PQgetisnull( r, row, 30 ) ) {
+		uint8 pwhist[MAX_PW_HISTORY_LEN * PW_HISTORY_ENTRY_LEN];
+		int i;
+		char *history_string = PQgetvalue( r, row, 30);
+		
+		memset(&pwhist, 0, MAX_PW_HISTORY_LEN * PW_HISTORY_ENTRY_LEN);
+		for (i = 0; i < MAX_PW_HISTORY_LEN && i < strlen(history_string)/64; i++) {
+			pdb_gethexpwd(&(history_string)[i*64], &pwhist[i*PW_HISTORY_ENTRY_LEN]);
+			pdb_gethexpwd(&(history_string)[i*64+32], 
+					&pwhist[i*PW_HISTORY_ENTRY_LEN+PW_HISTORY_SALT_LEN]);
+		}
+		pdb_set_pw_history(u, pwhist, strlen(history_string)/64, PDB_SET);
+	}
+
   
   /* Only use plaintext password storage when lanman and nt are NOT used */
   if ( PQgetisnull( r, row, 20 ) || PQgetisnull( r, row, 21 ) ) pdb_set_plaintext_passwd( u, PQgetvalue( r, row, 22 ) ) ;

Modified: trunk/pdb_sql.c
===================================================================
--- trunk/pdb_sql.c	2006-08-20 10:44:44 UTC (rev 67)
+++ trunk/pdb_sql.c	2006-08-20 19:28:53 UTC (rev 68)
@@ -49,7 +49,8 @@
 #define CONFIG_BAD_PASSWORD_COUNT_DEFAULT		"bad_password_count"
 #define CONFIG_LOGON_COUNT_DEFAULT			"logon_count"
 #define CONFIG_UNKNOWN_6_DEFAULT			"unknown_6"
-#define CONFIG_LOGON_HOURS				"logon_hours"
+#define CONFIG_LOGON_HOURS_DEFAULT			"logon_hours"
+#define CONFIG_PASSWORD_HISTORY_DEFAULT			"password_history"
 
 /* Used to construct insert and update queries */
 
@@ -213,7 +214,7 @@
 	}
 
 	query = talloc_asprintf(mem_ctx,
-			 "SELECT %s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s FROM %s WHERE %s = '%s'",
+			 "SELECT %s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s FROM %s WHERE %s = '%s'",
 			 config_value_read(data, "logon time column",
 							   CONFIG_LOGON_TIME_DEFAULT),
 			 config_value_read(data, "logoff time column",
@@ -273,7 +274,9 @@
 			 config_value_read(data, "unknown 6 column",
 							   CONFIG_UNKNOWN_6_DEFAULT),
 			 config_value_read(data, "logon hours column",
-							   CONFIG_LOGON_HOURS),
+							   CONFIG_LOGON_HOURS_DEFAULT),
+			 config_value_read(data, "password history column",
+							   CONFIG_PASSWORD_HISTORY_DEFAULT),
 			 config_value(data, "table", CONFIG_TABLE_DEFAULT), 
 			 field_string, value
 				 );
@@ -467,7 +470,6 @@
 											  CONFIG_PROFILE_PATH_DEFAULT),
 						   pdb_get_profile_path(newpwd));
 	}
-/* acct_desc update [C] */
 	if (!isupdate || IS_SAM_CHANGED(newpwd, PDB_ACCTDESC)) {
  		some_field_affected = 1;
 		pdb_sql_string_field(query,
@@ -492,9 +494,6 @@
 						   pdb_get_homedir(newpwd));
 	}
 
-
-/* */
-
 	if (!isupdate || IS_SAM_CHANGED(newpwd, PDB_WORKSTATIONS)) {
  		some_field_affected = 1;
 		pdb_sql_string_field(query,
@@ -537,10 +536,33 @@
  		pdb_sql_string_field(query,
  							config_value_write(location,
  											   "logon hours column",
- 											   CONFIG_LOGON_HOURS),
+ 											   CONFIG_LOGON_HOURS_DEFAULT),
  							(const char *)pdb_get_hours(newpwd));
  	}
 
+ 	if (!isupdate || IS_SAM_CHANGED(newpwd, PDB_PWHISTORY)) {
+		uint32 pw_history_len = 0;
+		uint32 max_history_len = 0;
+		int i;
+		const uint8 *pwhist;
+		
+		pwhist = pdb_get_pw_history(newpwd, &pw_history_len);
+		
+		pdb_get_account_policy(AP_PASSWORD_HISTORY, &max_history_len);
+		
+		some_field_affected = 1;
+		for (i = 0; i < max_history_len && i < pw_history_len; i++) {
+			pdb_sethexpwd(&temp[i*64], &pwhist[i*PW_HISTORY_ENTRY_LEN], 0);
+			pdb_sethexpwd(&temp[i*64+32],
+					&pwhist[(i*PW_HISTORY_ENTRY_LEN)+PW_HISTORY_SALT_LEN], 0);		
+ 		}
+ 		pdb_sql_string_field(query,
+ 							config_value_write(location,
+ 											   "password history column",
+ 											   CONFIG_PASSWORD_HISTORY_DEFAULT),
+ 							temp);
+ 	}
+
  	if (!some_field_affected) {
 		talloc_free(query);
  		return NULL;


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.



