search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fix string overflow due to wrong size calculation
[Samba/gebeck_regimport.git] / source3 / lib / account_pol.c
blobc2c63493a6f6b758c0d4eab0358035d8f70c321d
1 /*
2 * Unix SMB/CIFS implementation.
3 * account policy storage
4 * Copyright (C) Jean François Micouleau 1998-2001.
5 * Copyright (C) Andrew Bartlett 2002
6 *
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
11 *
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, write to the Free Software
19 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
20 */
21
22 #include "includes.h"
23 static TDB_CONTEXT *tdb; /* used for driver files */
24
25 #define DATABASE_VERSION 1
26
27 /****************************************************************************
28 Open the account policy tdb.
29 ****************************************************************************/
30
31 BOOL init_account_policy(void)
32 {
33 static pid_t local_pid;
34 const char *vstring = "INFO/version";
35 uint32 version;
36
37 if (tdb && local_pid == sys_getpid())
38 return True;
39 tdb = tdb_open_log(lock_path("account_policy.tdb"), 0, TDB_DEFAULT, O_RDWR|O_CREAT, 0600);
40 if (!tdb) {
41 DEBUG(0,("Failed to open account policy database\n"));
42 return False;
43 }
44
45 local_pid = sys_getpid();
46
47 /* handle a Samba upgrade */
48 tdb_lock_bystring(tdb, vstring,0);
49 if (!tdb_fetch_uint32(tdb, vstring, &version) || version != DATABASE_VERSION) {
50 tdb_traverse(tdb, tdb_traverse_delete_fn, NULL);
51 tdb_store_uint32(tdb, vstring, DATABASE_VERSION);
52
53 account_policy_set(AP_MIN_PASSWORD_LEN, MINPASSWDLENGTH); /* 5 chars minimum */
54 account_policy_set(AP_PASSWORD_HISTORY, 0); /* don't keep any old password */
55 account_policy_set(AP_USER_MUST_LOGON_TO_CHG_PASS, 0); /* don't force user to logon */
56 account_policy_set(AP_MAX_PASSWORD_AGE, (uint32)-1); /* don't expire */
57 account_policy_set(AP_MIN_PASSWORD_AGE, 0); /* 0 days */
58 account_policy_set(AP_LOCK_ACCOUNT_DURATION, 30); /* lockout for 30 minutes */
59 account_policy_set(AP_RESET_COUNT_TIME, 30); /* reset after 30 minutes */
60 account_policy_set(AP_BAD_ATTEMPT_LOCKOUT, 0); /* don't lockout */
61 account_policy_set(AP_TIME_TO_LOGOUT, -1); /* don't force logout */
62 }
63 tdb_unlock_bystring(tdb, vstring);
64
65 return True;
66 }
67
68 static const struct {
69 int field;
70 const char *string;
71 } account_policy_names[] = {
72 {AP_MIN_PASSWORD_LEN, "min password length"},
73 {AP_PASSWORD_HISTORY, "password history"},
74 {AP_USER_MUST_LOGON_TO_CHG_PASS, "user must logon to change password"},
75 {AP_MAX_PASSWORD_AGE, "maximum password age"},
76 {AP_MIN_PASSWORD_AGE,"minimum password age"},
77 {AP_LOCK_ACCOUNT_DURATION, "lockout duration"},
78 {AP_RESET_COUNT_TIME, "reset count minutes"},
79 {AP_BAD_ATTEMPT_LOCKOUT, "bad lockout attempt"},
80 {AP_TIME_TO_LOGOUT, "disconnect time"},
81 {0, NULL}
82 };
83
84 /****************************************************************************
85 Get the account policy name as a string from its #define'ed number
86 ****************************************************************************/
87
88 static const char *decode_account_policy_name(int field)
89 {
90 int i;
91 for (i=0; account_policy_names[i].string; i++) {
92 if (field == account_policy_names[i].field)
93 return account_policy_names[i].string;
94 }
95 return NULL;
96
97 }
98
99 /****************************************************************************
100 Get the account policy name as a string from its #define'ed number
101 ****************************************************************************/
102
103 int account_policy_name_to_fieldnum(const char *name)
104 {
105 int i;
106 for (i=0; account_policy_names[i].string; i++) {
107 if (strcmp(name, account_policy_names[i].string) == 0)
108 return account_policy_names[i].field;
109 }
110 return 0;
111
112 }
113
114
115 /****************************************************************************
116 ****************************************************************************/
117 BOOL account_policy_get(int field, uint32 *value)
118 {
119 fstring name;
120
121 if(!init_account_policy())return False;
122
123 *value = 0;
124
125 fstrcpy(name, decode_account_policy_name(field));
126 if (!*name) {
127 DEBUG(1, ("account_policy_get: Field %d is not a valid account policy type! Cannot get, returning 0.\n", field));
128 return False;
129 }
130 if (!tdb_fetch_uint32(tdb, name, value)) {
131 DEBUG(1, ("account_policy_get: tdb_fetch_uint32 failed for efild %d (%s), returning 0", field, name));
132 return False;
133 }
134 DEBUG(10,("account_policy_get: %s:%d\n", name, *value));
135 return True;
136 }
137
138
139 /****************************************************************************
140 ****************************************************************************/
141 BOOL account_policy_set(int field, uint32 value)
142 {
143 fstring name;
144
145 if(!init_account_policy())return False;
146
147 fstrcpy(name, decode_account_policy_name(field));
148 if (!*name) {
149 DEBUG(1, ("Field %d is not a valid account policy type! Cannot set.\n", field));
150 return False;
151 }
152
153 if (!tdb_store_uint32(tdb, name, value)) {
154 DEBUG(1, ("tdb_store_uint32 failed for field %d (%s) on value %u", field, name, value));
155 return False;
156 }
157
158 DEBUG(10,("account_policy_set: %s:%d\n", name, value));
159
160 return True;
161 }
162
reg import