diff options
| author | Greg Hudson <ghudson@mit.edu> | 2012-07-26 12:25:01 -0400 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2012-07-26 12:25:01 -0400 |
| commit | 9c2e435d02d91018be41a55e0412b9256b40b583 (patch) | |
| tree | a0f0488053e2dd21e9596a49251a53400264b15a /src | |
| parent | db318b91b3fe7e30879e37bb16ef9b8852df9ee0 (diff) | |
| download | krb5-9c2e435d02d91018be41a55e0412b9256b40b583.tar.gz krb5-9c2e435d02d91018be41a55e0412b9256b40b583.tar.xz krb5-9c2e435d02d91018be41a55e0412b9256b40b583.zip | |
Factor out LDAP policy marshalling
Use a helper function add_policy_mods() in
krb5_ldap_create_password_policy() and krb5_ldap_put_password_policy()
to avoid duplicating code for each field.
Diffstat (limited to 'src')
| -rw-r--r-- | src/plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c | 87 |
1 files changed, 55 insertions, 32 deletions
diff --git a/src/plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c b/src/plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c index 03502c9a55..f65f626f13 100644 --- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c +++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c @@ -43,6 +43,57 @@ static char *password_policy_attributes[] = { "cn", "krbmaxpwdlife", "krbminpwdl "krbpwdfailurecountinterval", "krbpwdlockoutduration", NULL }; +/* Fill in mods with LDAP operations for the fields of policy, using the + * modification type op. mods must be freed by the caller on error. */ +static krb5_error_code +add_policy_mods(krb5_context context, LDAPMod ***mods, osa_policy_ent_t policy, + int op) +{ + krb5_error_code st; + + st = krb5_add_int_mem_ldap_mod(mods, "krbmaxpwdlife", op, + (int)policy->pw_max_life); + if (st) + return st; + + st = krb5_add_int_mem_ldap_mod(mods, "krbminpwdlife", op, + (int)policy->pw_min_life); + if (st) + return st; + + st = krb5_add_int_mem_ldap_mod(mods, "krbpwdmindiffchars", op, + (int)policy->pw_min_classes); + if (st) + return st; + + st = krb5_add_int_mem_ldap_mod(mods, "krbpwdminlength", op, + (int)policy->pw_min_length); + if (st) + return st; + + st = krb5_add_int_mem_ldap_mod(mods, "krbpwdhistorylength", op, + (int)policy->pw_history_num); + if (st) + return st; + + st = krb5_add_int_mem_ldap_mod(mods, "krbpwdmaxfailure", op, + (int)policy->pw_max_fail); + if (st) + return st; + + st = krb5_add_int_mem_ldap_mod(mods, "krbpwdfailurecountinterval", op, + (int)policy->pw_failcnt_interval); + if (st) + return st; + + st = krb5_add_int_mem_ldap_mod(mods, "krbpwdlockoutduration", op, + (int)policy->pw_lockout_duration); + if (st) + return st; + + return 0; +} + /* * Function to create password policy object. */ @@ -89,22 +140,8 @@ krb5_ldap_create_password_policy(krb5_context context, osa_policy_ent_t policy) if ((st=krb5_add_str_mem_ldap_mod(&mods, "objectclass", LDAP_MOD_ADD, strval)) != 0) goto cleanup; - if (((st=krb5_add_int_mem_ldap_mod(&mods, "krbmaxpwdlife", LDAP_MOD_ADD, - (signed) policy->pw_max_life)) != 0) - || ((st=krb5_add_int_mem_ldap_mod(&mods, "krbminpwdlife", LDAP_MOD_ADD, - (signed) policy->pw_min_life)) != 0) - || ((st=krb5_add_int_mem_ldap_mod(&mods, "krbpwdmindiffchars", LDAP_MOD_ADD, - (signed) policy->pw_min_classes)) != 0) - || ((st=krb5_add_int_mem_ldap_mod(&mods, "krbpwdminlength", LDAP_MOD_ADD, - (signed) policy->pw_min_length)) != 0) - || ((st=krb5_add_int_mem_ldap_mod(&mods, "krbpwdhistorylength", LDAP_MOD_ADD, - (signed) policy->pw_history_num)) != 0) - || ((st=krb5_add_int_mem_ldap_mod(&mods, "krbpwdmaxfailure", LDAP_MOD_ADD, - (signed) policy->pw_max_fail)) != 0) - || ((st=krb5_add_int_mem_ldap_mod(&mods, "krbpwdfailurecountinterval", LDAP_MOD_ADD, - (signed) policy->pw_failcnt_interval)) != 0) - || ((st=krb5_add_int_mem_ldap_mod(&mods, "krbpwdlockoutduration", LDAP_MOD_ADD, - (signed) policy->pw_lockout_duration)) != 0)) + st = add_policy_mods(context, &mods, policy, LDAP_MOD_ADD); + if (st) goto cleanup; /* password policy object creation */ @@ -153,22 +190,8 @@ krb5_ldap_put_password_policy(krb5_context context, osa_policy_ent_t policy) if (st != 0) goto cleanup; - if (((st=krb5_add_int_mem_ldap_mod(&mods, "krbmaxpwdlife", LDAP_MOD_REPLACE, - (signed) policy->pw_max_life)) != 0) - || ((st=krb5_add_int_mem_ldap_mod(&mods, "krbminpwdlife", LDAP_MOD_REPLACE, - (signed) policy->pw_min_life)) != 0) - || ((st=krb5_add_int_mem_ldap_mod(&mods, "krbpwdmindiffchars", LDAP_MOD_REPLACE, - (signed) policy->pw_min_classes)) != 0) - || ((st=krb5_add_int_mem_ldap_mod(&mods, "krbpwdminlength", LDAP_MOD_REPLACE, - (signed) policy->pw_min_length)) != 0) - || ((st=krb5_add_int_mem_ldap_mod(&mods, "krbpwdhistorylength", LDAP_MOD_REPLACE, - (signed) policy->pw_history_num)) != 0) - || ((st=krb5_add_int_mem_ldap_mod(&mods, "krbpwdmaxfailure", LDAP_MOD_REPLACE, - (signed) policy->pw_max_fail)) != 0) - || ((st=krb5_add_int_mem_ldap_mod(&mods, "krbpwdfailurecountinterval", LDAP_MOD_REPLACE, - (signed) policy->pw_failcnt_interval)) != 0) - || ((st=krb5_add_int_mem_ldap_mod(&mods, "krbpwdlockoutduration", LDAP_MOD_REPLACE, - (signed) policy->pw_lockout_duration)) != 0)) + st = add_policy_mods(context, &mods, policy, LDAP_MOD_REPLACE); + if (st) goto cleanup; /* modify the password policy object. */ |