diff options
-rw-r--r-- | mof/60_LMI_Account.mof | 17 | ||||
-rw-r--r-- | src/account/LMI_AccountProvider.c | 41 |
2 files changed, 43 insertions, 15 deletions
diff --git a/mof/60_LMI_Account.mof b/mof/60_LMI_Account.mof index 6bc99c8..a15c6fd 100644 --- a/mof/60_LMI_Account.mof +++ b/mof/60_LMI_Account.mof @@ -18,7 +18,7 @@ * Authors: Roman Rakus <rrakus@redhat.com> */ -[ Version("0.4.2"), +[ Version("0.4.3"), Description("Class representing Linux Account"), Provider("cmpi:cmpiLMI_Account") ] @@ -46,6 +46,21 @@ class LMI_Account: CIM_Account datetime AccountExpiration; [ Description ( + "In the case of an LDAP-derived instance, the " + "UserPassword property may contain an encrypted password " + "used to access the person\'s resources in a directory.\n" + "\n" + "When an instance of CIM_Account is retrieved and the underlying " + "account has a valid password, the value of the CIM_Account.UserPassword " + "property shall be an array of length zero to indicate that the " + "account has a password configured.\n" + "\n" + "When the underlying account does not have a valid password, " + "the CIM_Account.UserPassword property shall be NULL." ), + OctetString ] + string UserPassword[]; + + [ Description ( "Delete the user. Along with the user, the home directory and user's " "primary group are deleted. If the user is not owner of the home " "directory it is not deleted. However this directory can be deleted " diff --git a/src/account/LMI_AccountProvider.c b/src/account/LMI_AccountProvider.c index fdb06ff..9e09959 100644 --- a/src/account/LMI_AccountProvider.c +++ b/src/account/LMI_AccountProvider.c @@ -212,10 +212,11 @@ static CMPIStatus LMI_AccountEnumInstances( password = aux_lu_get_str(lue, LU_USERPASSWORD); } if (password) { - LMI_Account_Init_UserPassword(&la, 1); - LMI_Account_Set_UserPassword(&la, 0, password); + /* see DSP1034 note below */ + LMI_Account_Init_UserPassword(&la, 0); /* Assume all passwords (encrypted or not) are in ascii encoding */ LMI_Account_Set_UserPasswordEncoding(&la, 2); + password = NULL; } KReturnInstance(cr, la); @@ -329,23 +330,35 @@ static CMPIStatus LMI_AccountModifyInstance( goto fail; } + /* from DSP1034: + When an instance of CIM_Account is retrieved and the underlying account + has a valid password, the value of the CIM_Account.UserPassword property + shall be an array of length zero to indicate that the account has a + password configured. + When the underlying account does not have a valid password, the + CIM_Account.UserPassword property shall be NULL. + */ data = ci->ft->getProperty(ci, "UserPassword", NULL); ar = data.value.array; - if (ar && (arsize = ar->ft->getSize(ar, NULL) > 0)) + if (ar != NULL) { - vs = ar->ft->getElementAt(ar, 0, NULL).value.string; - value = vs->ft->getCharPtr(vs, NULL); - password = aux_lu_get_str(lue, LU_SHADOWPASSWORD); - if (strcmp(password, value) != 0) + if ((arsize = ar->ft->getSize(ar, NULL) > 0)) { - if (!lu_user_setpass(luc, lue, value, TRUE, &error)) + vs = ar->ft->getElementAt(ar, 0, NULL).value.string; + value = vs->ft->getCharPtr(vs, NULL); + password = aux_lu_get_str(lue, LU_SHADOWPASSWORD); + if (strcmp(password, value) != 0) { - rc = CMPI_RC_ERR_FAILED; - asprintf(&errmsg, "Error setting password: %s", - lu_strerror(error)); - goto fail; + if (!lu_user_setpass(luc, lue, value, TRUE, &error)) + { + rc = CMPI_RC_ERR_FAILED; + asprintf(&errmsg, "Error setting password: %s", + lu_strerror(error)); + goto fail; + } } } + /* zero array length means no change; password is configured */ } else { @@ -360,7 +373,7 @@ static CMPIStatus LMI_AccountModifyInstance( #define PARAMSTR(ATTR, VAR)\ g_value_init(&val, G_TYPE_STRING);\ - g_value_set_string(&val, (VAR));\ + g_value_set_string(&val, (VAR)); /* can handle NULL */ \ lu_ent_clear(lue, (ATTR));\ lu_ent_add(lue, (ATTR), &val);\ g_value_unset(&val);\ @@ -375,7 +388,7 @@ static CMPIStatus LMI_AccountModifyInstance( #define GETSTRVALUE(NAME)\ data = ci->ft->getProperty(ci, (NAME), NULL);\ vs = data.value.string;\ - value = vs->ft->getCharPtr(vs, NULL);\ + value = vs ? vs->ft->getCharPtr(vs, NULL) : NULL;\ #define GETDATEVALUE(NAME, VAR)\ (VAR).null = CMGetProperty(ci, (NAME), NULL).state == CMPI_nullValue;\ |