Author: gd Date: 2006-05-16 22:03:05 +0000 (Tue, 16 May 2006) New Revision: 15649
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=15649 Log: Allow to store 24 password history entries in ldapsam (same limit as on Windows). Fixes bug #1914. Guenther Modified: branches/SAMBA_3_0/source/include/smb.h branches/SAMBA_3_0/source/passdb/pdb_ldap.c trunk/source/include/smb.h trunk/source/passdb/pdb_ldap.c Changeset: Modified: branches/SAMBA_3_0/source/include/smb.h =================================================================== --- branches/SAMBA_3_0/source/include/smb.h 2006-05-16 19:54:31 UTC (rev 15648) +++ branches/SAMBA_3_0/source/include/smb.h 2006-05-16 22:03:05 UTC (rev 15649) @@ -738,6 +738,7 @@ #define PW_HISTORY_SALT_LEN 16 #define SALTED_MD5_HASH_LEN 16 #define PW_HISTORY_ENTRY_LEN (PW_HISTORY_SALT_LEN+SALTED_MD5_HASH_LEN) +#define MAX_PW_HISTORY_LEN 24 /* * Flags for account policy. Modified: branches/SAMBA_3_0/source/passdb/pdb_ldap.c =================================================================== --- branches/SAMBA_3_0/source/passdb/pdb_ldap.c 2006-05-16 19:54:31 UTC (rev 15648) +++ branches/SAMBA_3_0/source/passdb/pdb_ldap.c 2006-05-16 22:03:05 UTC (rev 15649) @@ -773,9 +773,9 @@ if (pwHistLen > 0){ uint8 *pwhist = NULL; int i; + char history_string[MAX_PW_HISTORY_LEN*64]; - /* We can only store (sizeof(pstring)-1)/64 password history entries. */ - pwHistLen = MIN(pwHistLen, ((sizeof(temp)-1)/64)); + pwHistLen = MIN(pwHistLen, MAX_PW_HISTORY_LEN); if ((pwhist = SMB_MALLOC(pwHistLen * PW_HISTORY_ENTRY_LEN)) == NULL){ DEBUG(0, ("init_sam_from_ldap: malloc failed!\n")); @@ -783,19 +783,20 @@ } memset(pwhist, '\0', pwHistLen * PW_HISTORY_ENTRY_LEN); - if (!smbldap_get_single_pstring (ldap_state->smbldap_state->ldap_struct, entry, - get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_PWD_HISTORY), temp)) { + if (!smbldap_get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry, + get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_PWD_HISTORY), + history_string, sizeof(history_string))) { /* leave as default - zeros */ } else { BOOL hex_failed = False; for (i = 0; i < pwHistLen; i++){ /* Get the 16 byte salt. */ - if (!pdb_gethexpwd(&temp[i*64], &pwhist[i*PW_HISTORY_ENTRY_LEN])) { + if (!pdb_gethexpwd(&history_string[i*64], &pwhist[i*PW_HISTORY_ENTRY_LEN])) { hex_failed = True; break; } /* Get the 16 byte MD5 hash of salt+passwd. */ - if (!pdb_gethexpwd(&temp[(i*64)+32], + if (!pdb_gethexpwd(&history_string[(i*64)+32], &pwhist[(i*PW_HISTORY_ENTRY_LEN)+PW_HISTORY_SALT_LEN])) { hex_failed = True; break; Modified: trunk/source/include/smb.h =================================================================== --- trunk/source/include/smb.h 2006-05-16 19:54:31 UTC (rev 15648) +++ trunk/source/include/smb.h 2006-05-16 22:03:05 UTC (rev 15649) @@ -735,6 +735,7 @@ #define PW_HISTORY_SALT_LEN 16 #define SALTED_MD5_HASH_LEN 16 #define PW_HISTORY_ENTRY_LEN (PW_HISTORY_SALT_LEN+SALTED_MD5_HASH_LEN) +#define MAX_PW_HISTORY_LEN 24 /* * Flags for account policy. Modified: trunk/source/passdb/pdb_ldap.c =================================================================== --- trunk/source/passdb/pdb_ldap.c 2006-05-16 19:54:31 UTC (rev 15648) +++ trunk/source/passdb/pdb_ldap.c 2006-05-16 22:03:05 UTC (rev 15649) @@ -773,9 +773,9 @@ if (pwHistLen > 0){ uint8 *pwhist = NULL; int i; + char history_string[MAX_PW_HISTORY_LEN*64]; - /* We can only store (sizeof(pstring)-1)/64 password history entries. */ - pwHistLen = MIN(pwHistLen, ((sizeof(temp)-1)/64)); + pwHistLen = MIN(pwHistLen, MAX_PW_HISTORY_LEN); if ((pwhist = SMB_MALLOC(pwHistLen * PW_HISTORY_ENTRY_LEN)) == NULL){ DEBUG(0, ("init_sam_from_ldap: malloc failed!\n")); @@ -783,19 +783,20 @@ } memset(pwhist, '\0', pwHistLen * PW_HISTORY_ENTRY_LEN); - if (!smbldap_get_single_pstring (ldap_state->smbldap_state->ldap_struct, entry, - get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_PWD_HISTORY), temp)) { + if (!smbldap_get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry, + get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_PWD_HISTORY), + history_string, sizeof(history_string))) { /* leave as default - zeros */ } else { BOOL hex_failed = False; for (i = 0; i < pwHistLen; i++){ /* Get the 16 byte salt. */ - if (!pdb_gethexpwd(&temp[i*64], &pwhist[i*PW_HISTORY_ENTRY_LEN])) { + if (!pdb_gethexpwd(&history_string[i*64], &pwhist[i*PW_HISTORY_ENTRY_LEN])) { hex_failed = True; break; } /* Get the 16 byte MD5 hash of salt+passwd. */ - if (!pdb_gethexpwd(&temp[(i*64)+32], + if (!pdb_gethexpwd(&history_string[(i*64)+32], &pwhist[(i*PW_HISTORY_ENTRY_LEN)+PW_HISTORY_SALT_LEN])) { hex_failed = True; break;
