From 8d85b65a690e38e455ea084f35847f4adc87b843 Mon Sep 17 00:00:00 2001 From: Roman Rakus Date: Wed, 10 Oct 2012 15:59:59 +0200 Subject: Account: Password and user expiration Signed-off-by: Roman Rakus --- src/account/LMI_AccountProvider.c | 63 +++++++++++++++++++++++++-------------- 1 file changed, 41 insertions(+), 22 deletions(-) (limited to 'src') diff --git a/src/account/LMI_AccountProvider.c b/src/account/LMI_AccountProvider.c index 04f4857..e765d6b 100644 --- a/src/account/LMI_AccountProvider.c +++ b/src/account/LMI_AccountProvider.c @@ -61,9 +61,8 @@ static CMPIStatus LMI_AccountEnumInstances( const char *nameSpace = KNameSpace(cop); const char *hostname = get_system_name(); char *uid = NULL; - long expire, last_change, min_lifetime, max_lifetime; + long last_change, min_lifetime, max_lifetime, warn, inactive, expire; time_t last_login; - CMPIUint64 binTime = 0; CMPIStatus *rc = NULL; char *password = NULL; @@ -105,13 +104,47 @@ static CMPIStatus LMI_AccountEnumInstances( CMNewDateTimeFromBinary(_cb, DAYSTOMS(last_change),false, rc)); min_lifetime = aux_lu_get_long(lue, LU_SHADOWMIN) + last_change; - max_lifetime = aux_lu_get_long(lue, LU_SHADOWMAX) + last_change; + max_lifetime = aux_lu_get_long(lue, LU_SHADOWMAX); - LMI_Account_Set_PasswordMinLifetime(&la, - CMNewDateTimeFromBinary(_cb, DAYSTOMS(min_lifetime), false, rc)); + LMI_Account_Set_PasswordPossibleChange(&la, + CMNewDateTimeFromBinary(_cb, DAYSTOMS(min_lifetime), + false, rc)); - LMI_Account_Set_PasswordMaxLifetime(&la, - CMNewDateTimeFromBinary(_cb, DAYSTOMS(max_lifetime), false, rc)); + if (max_lifetime != 0 && max_lifetime != 99999) + { + max_lifetime += last_change; + LMI_Account_Set_PasswordExpiration(&la, + CMNewDateTimeFromBinary(_cb, DAYSTOMS(max_lifetime), false, rc)); + warn = aux_lu_get_long(lue, LU_SHADOWWARNING); + LMI_Account_Set_PasswordExpirationWarning(&la, + CMNewDateTimeFromBinary(_cb, DAYSTOMS(max_lifetime - warn), + false, rc)); + inactive = aux_lu_get_long(lue, LU_SHADOWINACTIVE); + if (inactive != -1) + { + LMI_Account_Set_PasswordInactivation(&la, + CMNewDateTimeFromBinary(_cb, + DAYSTOMS(max_lifetime + inactive), false, rc)); + } + } + else + { + LMI_Account_Null_PasswordExpiration(&la); + LMI_Account_Null_PasswordExpirationWarning(&la); + LMI_Account_Null_PasswordInactivation(&la); + } + + expire = aux_lu_get_long(lue, LU_SHADOWEXPIRE); + if (expire != -1) + { + LMI_Account_Set_AccountExpiration(&la, + CMNewDateTimeFromBinary(_cb, + DAYSTOMS(expire), false, rc)); + } + else + { + LMI_Account_Null_AccountExpiration(&la); + } last_login = aux_utmp_latest(aux_lu_get_str(lue, LU_USERNAME)); @@ -121,26 +154,11 @@ static CMPIStatus LMI_AccountEnumInstances( CMNewDateTimeFromBinary(_cb, last_login * 1000000, false, rc)); } - binTime = DAYSTOMS(aux_lu_get_long(lue, LU_SHADOWMIN)); - password = aux_lu_get_str(lue, LU_SHADOWPASSWORD); LMI_Account_Init_UserPassword(&la, 1); LMI_Account_Set_UserPassword(&la, 0, password); /* Assume all passwords (encrypted or not) are in ascii encoding */ LMI_Account_Set_UserPasswordEncoding(&la, 2); - if(strstr(password, "")) - - expire = aux_lu_get_long(lue, LU_SHADOWEXPIRE); - if (expire != -1) - { - binTime = DAYSTOMS(expire); - LMI_Account_Set_PasswordExpiration(&la, - CMNewDateTimeFromBinary(_cb, binTime, false, rc)); - } - else - { - LMI_Account_Null_PasswordExpiration(&la); - } KReturnInstance(cr, la); lu_ent_free(lue); @@ -400,6 +418,7 @@ KUint32 LMI_Account_RequestStateChange( return result; } + KONKRET_REGISTRATION( "root/cimv2", "LMI_Account", -- cgit