nss-pam-ldapd branch master updated. 0.8.12-92-g31f9098
[
Date Prev][
Date Next]
[
Thread Prev][
Thread Next]
nss-pam-ldapd branch master updated. 0.8.12-92-g31f9098
- From: Commits of the nss-pam-ldapd project <nss-pam-ldapd-commits [at] lists.arthurdejong.org>
- To: nss-pam-ldapd-commits [at] lists.arthurdejong.org
- Reply-to: nss-pam-ldapd-users [at] lists.arthurdejong.org
- Subject: nss-pam-ldapd branch master updated. 0.8.12-92-g31f9098
- Date: Fri, 1 Mar 2013 17:37:48 +0100 (CET)
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "nss-pam-ldapd".
The branch, master has been updated
via 31f9098856d99a04cf96be8683fbf99b72ac6983 (commit)
from 1a1bb07bfa1c63bb70410b749452581b423e7297 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
http://arthurdejong.org/git/nss-pam-ldapd/commit/?id=31f9098856d99a04cf96be8683fbf99b72ac6983
commit 31f9098856d99a04cf96be8683fbf99b72ac6983
Author: Arthur de Jong <arthur@arthurdejong.org>
Date: Fri Mar 1 16:04:23 2013 +0100
move update_lastchange() function from shadow to pam code
diff --git a/nslcd/common.h b/nslcd/common.h
index 5167b95..e1a2037 100644
--- a/nslcd/common.h
+++ b/nslcd/common.h
@@ -118,9 +118,6 @@ MYLDAP_ENTRY *uid2entry(MYLDAP_SESSION *session, const char
*uid, int *rcp);
MUST_USE char *uid2dn(MYLDAP_SESSION *session, const char *uid, char *buf,
size_t buflen);
-/* try to update the shadowLastChange attribute of the entry if possible */
-int update_lastchange(MYLDAP_SESSION *session, const char *userdn);
-
/* use the user id to lookup an LDAP entry with the shadow attributes
requested */
MYLDAP_ENTRY *shadow_uid2entry(MYLDAP_SESSION *session, const char *username,
diff --git a/nslcd/pam.c b/nslcd/pam.c
index 6108159..2e09584 100644
--- a/nslcd/pam.c
+++ b/nslcd/pam.c
@@ -589,6 +589,74 @@ int nslcd_pam_sess_c(TFILE *fp, MYLDAP_SESSION *session)
return 0;
}
+extern const char *shadow_filter;
+
+/* try to update the shadowLastChange attribute of the entry if possible */
+static int update_lastchange(MYLDAP_SESSION *session, const char *userdn)
+{
+ MYLDAP_SEARCH *search;
+ MYLDAP_ENTRY *entry;
+ static const char *attrs[3];
+ const char *attr;
+ int rc;
+ const char **values;
+ LDAPMod mod, *mods[2];
+ char buffer[64], *strvals[2];
+ /* find the name of the attribute to use */
+ if ((attmap_shadow_shadowLastChange == NULL) ||
(attmap_shadow_shadowLastChange[0] == '\0'))
+ return LDAP_LOCAL_ERROR; /* attribute not mapped at all */
+ else if (strcmp(attmap_shadow_shadowLastChange,
"\"${shadowLastChange:--1}\"") == 0)
+ attr = "shadowLastChange";
+ else if (attmap_shadow_shadowLastChange[0] == '\"')
+ return LDAP_LOCAL_ERROR; /* other expressions not supported for now */
+ else
+ attr = attmap_shadow_shadowLastChange;
+ /* set up the attributes we need */
+ attrs[0] = attmap_shadow_uid;
+ attrs[1] = attr;
+ attrs[2] = NULL;
+ /* find the entry to see if the attribute is present */
+ search = myldap_search(session, userdn, LDAP_SCOPE_BASE, shadow_filter,
attrs, &rc);
+ if (search == NULL)
+ return rc;
+ entry = myldap_get_entry(search, &rc);
+ if (entry == NULL)
+ return rc;
+ values = myldap_get_values(entry, attr);
+ if ((values == NULL) || (values[0] == NULL) || (values[0][0] == '\0'))
+ return LDAP_NO_SUCH_ATTRIBUTE;
+ /* build the value for the new attribute */
+ if (strcasecmp(attr, "pwdLastSet") == 0)
+ {
+ /* for AD we use another timestamp */
+ if (mysnprintf(buffer, sizeof(buffer), "%ld000000000",
+ ((long int)time(NULL) / 100L + (134774L * 864L))))
+ return LDAP_LOCAL_ERROR;
+ }
+ else
+ {
+ /* time in days since Jan 1, 1970 */
+ if (mysnprintf(buffer, sizeof(buffer), "%ld",
+ ((long int)(time(NULL) / (long int)(60 * 60 * 24)))))
+ return LDAP_LOCAL_ERROR;
+ }
+ /* update the shadowLastChange attribute */
+ strvals[0] = buffer;
+ strvals[1] = NULL;
+ mod.mod_op = LDAP_MOD_REPLACE;
+ mod.mod_type = (char *)attr;
+ mod.mod_values = strvals;
+ mods[0] = &mod;
+ mods[1] = NULL;
+ rc = myldap_modify(session, userdn, mods);
+ if (rc != LDAP_SUCCESS)
+ log_log(LOG_WARNING, "%s: %s: modification failed: %s",
+ userdn, attr, ldap_err2string(rc));
+ else
+ log_log(LOG_DEBUG, "%s: %s: modification succeeded", userdn, attr);
+ return rc;
+}
+
/* perform an LDAP password modification, returns an LDAP status code */
static int try_pwmod(MYLDAP_SESSION *oldsession,
const char *binddn, const char *userdn,
diff --git a/nslcd/shadow.c b/nslcd/shadow.c
index 9a4f928..6e84d36 100644
--- a/nslcd/shadow.c
+++ b/nslcd/shadow.c
@@ -216,72 +216,6 @@ void get_shadow_properties(MYLDAP_ENTRY *entry, long
*lastchangedate,
}
}
-/* try to update the shadowLastChange attribute of the entry if possible */
-int update_lastchange(MYLDAP_SESSION *session, const char *userdn)
-{
- MYLDAP_SEARCH *search;
- MYLDAP_ENTRY *entry;
- static const char *attrs[3];
- const char *attr;
- int rc;
- const char **values;
- LDAPMod mod, *mods[2];
- char buffer[64], *strvals[2];
- /* find the name of the attribute to use */
- if ((attmap_shadow_shadowLastChange == NULL) ||
(attmap_shadow_shadowLastChange[0] == '\0'))
- return LDAP_LOCAL_ERROR; /* attribute not mapped at all */
- else if (strcmp(attmap_shadow_shadowLastChange,
"\"${shadowLastChange:--1}\"") == 0)
- attr = "shadowLastChange";
- else if (attmap_shadow_shadowLastChange[0] == '\"')
- return LDAP_LOCAL_ERROR; /* other expressions not supported for now */
- else
- attr = attmap_shadow_shadowLastChange;
- /* set up the attributes we need */
- attrs[0] = attmap_shadow_uid;
- attrs[1] = attr;
- attrs[2] = NULL;
- /* find the entry to see if the attribute is present */
- search = myldap_search(session, userdn, LDAP_SCOPE_BASE, shadow_filter,
attrs, &rc);
- if (search == NULL)
- return rc;
- entry = myldap_get_entry(search, &rc);
- if (entry == NULL)
- return rc;
- values = myldap_get_values(entry, attr);
- if ((values == NULL) || (values[0] == NULL) || (values[0][0] == '\0'))
- return LDAP_NO_SUCH_ATTRIBUTE;
- /* build the value for the new attribute */
- if (strcasecmp(attr, "pwdLastSet") == 0)
- {
- /* for AD we use another timestamp */
- if (mysnprintf(buffer, sizeof(buffer), "%ld000000000",
- ((long int)time(NULL) / 100L + (134774L * 864L))))
- return LDAP_LOCAL_ERROR;
- }
- else
- {
- /* time in days since Jan 1, 1970 */
- if (mysnprintf(buffer, sizeof(buffer), "%ld",
- ((long int)(time(NULL) / (long int)(60 * 60 * 24)))))
- return LDAP_LOCAL_ERROR;
- }
- /* update the shadowLastChange attribute */
- strvals[0] = buffer;
- strvals[1] = NULL;
- mod.mod_op = LDAP_MOD_REPLACE;
- mod.mod_type = (char *)attr;
- mod.mod_values = strvals;
- mods[0] = &mod;
- mods[1] = NULL;
- rc = myldap_modify(session, userdn, mods);
- if (rc != LDAP_SUCCESS)
- log_log(LOG_WARNING, "%s: %s: modification failed: %s",
- userdn, attr, ldap_err2string(rc));
- else
- log_log(LOG_DEBUG, "%s: %s: modification succeeded", userdn, attr);
- return rc;
-}
-
static int write_shadow(TFILE *fp, MYLDAP_ENTRY *entry, const char *requser)
{
int32_t tmpint32;
-----------------------------------------------------------------------
Summary of changes:
nslcd/common.h | 3 --
nslcd/pam.c | 68 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++
nslcd/shadow.c | 66 ------------------------------------------------------
3 files changed, 68 insertions(+), 69 deletions(-)
hooks/post-receive
--
nss-pam-ldapd
--
To unsubscribe send an email to
nss-pam-ldapd-commits-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-commits/
- nss-pam-ldapd branch master updated. 0.8.12-92-g31f9098,
Commits of the nss-pam-ldapd project
