The Samba-Bugzilla – Attachment 1905 Details for
Bug 1914
ldapsam is limited to 15 password history entries
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
allow 24 password history entries in ldapsam (same limit as Windows)
diff (text/plain), 2.01 KB, created by
Guenther Deschner
on 2006-05-16 08:29:19 UTC
(
hide
)
Description:
allow 24 password history entries in ldapsam (same limit as Windows)
Filename:
MIME Type:
Creator:
Guenther Deschner
Created:
2006-05-16 08:29:19 UTC
Size:
2.01 KB
patch
obsolete
>Index: include/smb.h >=================================================================== >--- include/smb.h (revision 15633) >+++ include/smb.h (working copy) >@@ -735,6 +735,7 @@ > #define PW_HISTORY_SALT_LEN 16 > #define SALTED_MD5_HASH_LEN 16 > #define PW_HISTORY_ENTRY_LEN (PW_HISTORY_SALT_LEN+SALTED_MD5_HASH_LEN) >+#define MAX_PW_HISTORY_LEN 24 > > /* > * Flags for account policy. >Index: passdb/pdb_ldap.c >=================================================================== >--- passdb/pdb_ldap.c (revision 15633) >+++ passdb/pdb_ldap.c (working copy) >@@ -773,9 +773,9 @@ > if (pwHistLen > 0){ > uint8 *pwhist = NULL; > int i; >+ char history_string[MAX_PW_HISTORY_LEN*64]; > >- /* We can only store (sizeof(pstring)-1)/64 password history entries. */ >- pwHistLen = MIN(pwHistLen, ((sizeof(temp)-1)/64)); >+ pwHistLen = MIN(pwHistLen, MAX_PW_HISTORY_LEN); > > if ((pwhist = SMB_MALLOC(pwHistLen * PW_HISTORY_ENTRY_LEN)) == NULL){ > DEBUG(0, ("init_sam_from_ldap: malloc failed!\n")); >@@ -783,19 +783,20 @@ > } > memset(pwhist, '\0', pwHistLen * PW_HISTORY_ENTRY_LEN); > >- if (!smbldap_get_single_pstring (ldap_state->smbldap_state->ldap_struct, entry, >- get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_PWD_HISTORY), temp)) { >+ if (!smbldap_get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry, >+ get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_PWD_HISTORY), >+ history_string, sizeof(history_string))) { > /* leave as default - zeros */ > } else { > BOOL hex_failed = False; > for (i = 0; i < pwHistLen; i++){ > /* Get the 16 byte salt. */ >- if (!pdb_gethexpwd(&temp[i*64], &pwhist[i*PW_HISTORY_ENTRY_LEN])) { >+ if (!pdb_gethexpwd(&history_string[i*64], &pwhist[i*PW_HISTORY_ENTRY_LEN])) { > hex_failed = True; > break; > } > /* Get the 16 byte MD5 hash of salt+passwd. */ >- if (!pdb_gethexpwd(&temp[(i*64)+32], >+ if (!pdb_gethexpwd(&history_string[(i*64)+32], > &pwhist[(i*PW_HISTORY_ENTRY_LEN)+PW_HISTORY_SALT_LEN])) { > hex_failed = True; > break;
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=1905">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 1914
: 1905