#pragma ident "%Z%%M% %I% %E% SMI"
/*
*
* Copyright (c) 2004-2005, Novell, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* * Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
* * Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* * The copyright holder's name is not used to endorse or promote products
* derived from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*/
/*
* Copyright 2007 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#include "ldap_main.h"
#include "kdb_ldap.h"
#include "ldap_pwd_policy.h"
#include "ldap_err.h"
#include <libintl.h>
"krbpwdmindiffchars", "krbpwdminlength",
"krbpwdhistorylength", NULL };
/*
* Function to create password policy object.
*/
{
/* Clear the global error string */
/* validate the input parameters */
return EINVAL;
GET_HANDLE();
if (st != 0)
goto cleanup;
/* get the first component of the dn to set the cn attribute */
goto cleanup;
}
goto cleanup;
strval[0] = "krbPwdPolicy";
goto cleanup;
(signed) policy->pw_max_life)) != 0)
(signed) policy->pw_min_life)) != 0)
(signed) policy->pw_min_classes)) != 0)
(signed) policy->pw_min_length)) != 0)
(signed) policy->pw_history_num)) != 0))
goto cleanup;
/* password policy object creation */
goto cleanup;
}
if (rdns)
return(st);
}
/*
* Function to modify password policy object.
*/
{
char *policy_dn;
/* Clear the global error string */
/* validate the input parameters */
return EINVAL;
GET_HANDLE();
if (st != 0)
goto cleanup;
(signed) policy->pw_max_life)) != 0)
(signed) policy->pw_min_life)) != 0)
(signed) policy->pw_min_classes)) != 0)
(signed) policy->pw_min_length)) != 0)
(signed) policy->pw_history_num)) != 0))
goto cleanup;
/* modify the password policy object. */
/*
* This will fail if the 'policy_dn' is anywhere other than under the realm
* container. This is correct behaviour. 'kdb5_ldap_util' will support
* management of only such policy objects.
*/
goto cleanup;
}
return(st);
}
char *pol_name,
{
int st = 0;
char *pol_dn;
/* Get the reference count */
/* Solaris Kerberos: trying to avoid memory leaks */
if (st != 0) {
}
return st;
}
char *pol_name,
char *pol_dn,
int *cnt)
{
/* Clear the global error string */
/* validate the input parameters */
return EINVAL;
GET_HANDLE();
*cnt = 0;
goto cleanup;
}
*cnt = 1;
#if 0 /************** Begin IFDEF'ed OUT *******************************/
#endif /**************** END IFDEF'ed OUT *******************************/
goto cleanup;
#if 0 /************** Begin IFDEF'ed OUT *******************************/
/* Get the reference count */
name,
"krbPwdPolicyReference",
&(*policy)->policy_refcnt,
ld);
#endif /**************** END IFDEF'ed OUT *******************************/
}
if (st != 0) {
}
}
return st;
}
/*
* Convert 'name' into a directory DN and call
* 'krb5_ldap_get_password_policy_from_dn'
*/
char *name;
int *cnt;
{
/* Clear the global error string */
/* validate the input parameters */
goto cleanup;
}
if (st != 0)
goto cleanup;
return st;
}
char *policy;
{
int mask = 0;
/* Clear the global error string */
/* validate the input parameters */
return EINVAL;
GET_HANDLE();
if (st != 0)
goto cleanup;
/* Ensure that the object is a password policy */
goto cleanup;
if (mask == 0) {
goto cleanup;
}
goto cleanup;
}
return st;
}
char *match_expr;
{
/* Clear the global error string */
GET_HANDLE();
goto cleanup;
}
LDAP_SEARCH(ldap_context->lrparams->realmdn, LDAP_SCOPE_ONELEVEL, "(objectclass=krbpwdpolicy)", password_policy_attributes);
if (st != 0)
goto cleanup;
if (attr_present == FALSE)
continue;
goto cleanup;
#if 0 /************** Begin IFDEF'ed OUT *******************************/
/* Get the reference count */
"krbPwdPolicyReference",
&(entry->policy_refcnt),
ld);
#endif /**************** END IFDEF'ed OUT *******************************/
/* XXX this will free policy so don't free it */
}
if (entry)
return st;
}
void
{
if (entry) {
}
return;
}