diff options
author | Simo Sorce <simo@redhat.com> | 2016-07-19 07:43:50 -0400 |
---|---|---|
committer | Simo Sorce <simo@redhat.com> | 2016-07-25 05:08:55 -0400 |
commit | ab4fcb0fe25e313c93caae3b90f68b4010a9f2eb (patch) | |
tree | 315537f674205346902bf5580832cfccea82633e /daemons/ipa-slapi-plugins | |
parent | f8bf8a62402a4385a7cc2f73b37b654b47713d60 (diff) | |
download | freeipa-ab4fcb0fe25e313c93caae3b90f68b4010a9f2eb.tar.gz freeipa-ab4fcb0fe25e313c93caae3b90f68b4010a9f2eb.tar.xz freeipa-ab4fcb0fe25e313c93caae3b90f68b4010a9f2eb.zip |
Simplify date manipulation in pwd plugin
Use a helper function to perform operations on dates in LDAP attributes.
Related to #2795
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: David Kupka <dkupka@redhat.com>
Diffstat (limited to 'daemons/ipa-slapi-plugins')
-rw-r--r-- | daemons/ipa-slapi-plugins/ipa-pwd-extop/common.c | 68 | ||||
-rw-r--r-- | daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd.h | 2 | ||||
-rw-r--r-- | daemons/ipa-slapi-plugins/ipa-pwd-extop/prepost.c | 31 |
3 files changed, 51 insertions, 50 deletions
diff --git a/daemons/ipa-slapi-plugins/ipa-pwd-extop/common.c b/daemons/ipa-slapi-plugins/ipa-pwd-extop/common.c index 0bb50fc31..cab7b7c7b 100644 --- a/daemons/ipa-slapi-plugins/ipa-pwd-extop/common.c +++ b/daemons/ipa-slapi-plugins/ipa-pwd-extop/common.c @@ -702,6 +702,33 @@ next: return kvno; } +int ipapwd_setdate(Slapi_Entry *source, Slapi_Mods *smods, const char *attr, + time_t date, bool remove) +{ + char timestr[GENERALIZED_TIME_LENGTH+1]; + struct tm utctime; + Slapi_Attr *t; + bool exists; + + exists = (slapi_entry_attr_find(source, attr, &t) == 0); + + if (remove) { + if (exists) { + slapi_mods_add_mod_values(smods, LDAP_MOD_DELETE, attr, NULL); + } + return LDAP_SUCCESS; + } + + if (!gmtime_r(&date, &utctime)) { + LOG_FATAL("failed to convert %s date\n", attr); + return LDAP_OPERATIONS_ERROR; + } + strftime(timestr, GENERALIZED_TIME_LENGTH + 1, "%Y%m%d%H%M%SZ", &utctime); + slapi_mods_add_string(smods, exists ? LDAP_MOD_REPLACE : LDAP_MOD_ADD, + attr, timestr); + return LDAP_SUCCESS; +} + /* Modify the Password attributes of the entry */ int ipapwd_SetPassword(struct ipapwd_krbcfg *krbcfg, struct ipapwd_data *data, int is_krb) @@ -711,8 +738,6 @@ int ipapwd_SetPassword(struct ipapwd_krbcfg *krbcfg, Slapi_Value **svals = NULL; Slapi_Value **ntvals = NULL; Slapi_Value **pwvals = NULL; - struct tm utctime; - char timestr[GENERALIZED_TIME_LENGTH+1]; char *nt = NULL; int is_smb = 0; int is_ipant = 0; @@ -764,34 +789,19 @@ int ipapwd_SetPassword(struct ipapwd_krbcfg *krbcfg, * keytab so don't set it on hosts. */ if (!is_host) { - /* change Last Password Change field with the current date */ - if (!gmtime_r(&(data->timeNow), &utctime)) { - LOG_FATAL("failed to retrieve current date (buggy gmtime_r ?)\n"); - ret = LDAP_OPERATIONS_ERROR; - goto free_and_return; - } - strftime(timestr, GENERALIZED_TIME_LENGTH + 1, - "%Y%m%d%H%M%SZ", &utctime); - slapi_mods_add_string(smods, LDAP_MOD_REPLACE, - "krbLastPwdChange", timestr); - - /* set Password Expiration date */ - if (!gmtime_r(&(data->expireTime), &utctime)) { - LOG_FATAL("failed to convert expiration date\n"); - ret = LDAP_OPERATIONS_ERROR; - goto free_and_return; - } - strftime(timestr, GENERALIZED_TIME_LENGTH + 1, - "%Y%m%d%H%M%SZ", &utctime); - slapi_mods_add_string(smods, LDAP_MOD_REPLACE, - "krbPasswordExpiration", timestr); - if (data->expireTime == 0) { - slapi_mods_add_string(smods, LDAP_MOD_DELETE, - "krbPasswordExpiration", timestr); - } - - } + /* change Last Password Change field with the current date */ + ret = ipapwd_setdate(data->target, smods, "krbLastPwdChange", + data->timeNow, false); + if (ret != LDAP_SUCCESS) + goto free_and_return; + + /* set Password Expiration date */ + ret = ipapwd_setdate(data->target, smods, "krbPasswordExpiration", + data->expireTime, (data->expireTime == 0)); + if (ret != LDAP_SUCCESS) + goto free_and_return; } + } if (nt && is_smb) { slapi_mods_add_string(smods, LDAP_MOD_REPLACE, diff --git a/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd.h b/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd.h index 83c022263..e96aa44d2 100644 --- a/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd.h +++ b/daemons/ipa-slapi-plugins/ipa-pwd-extop/ipapwd.h @@ -119,6 +119,8 @@ int ipapwd_gen_checks(Slapi_PBlock *pb, char **errMesg, int ipapwd_CheckPolicy(struct ipapwd_data *data); int ipapwd_getEntry(const char *dn, Slapi_Entry **e2, char **attrlist); int ipapwd_get_cur_kvno(Slapi_Entry *target); +int ipapwd_setdate(Slapi_Entry *source, Slapi_Mods *smods, const char *attr, + time_t date, bool remove); int ipapwd_SetPassword(struct ipapwd_krbcfg *krbcfg, struct ipapwd_data *data, int is_krb); Slapi_Value **ipapwd_setPasswordHistory(Slapi_Mods *smods, diff --git a/daemons/ipa-slapi-plugins/ipa-pwd-extop/prepost.c b/daemons/ipa-slapi-plugins/ipa-pwd-extop/prepost.c index 9d923d6fb..c62eae334 100644 --- a/daemons/ipa-slapi-plugins/ipa-pwd-extop/prepost.c +++ b/daemons/ipa-slapi-plugins/ipa-pwd-extop/prepost.c @@ -1028,8 +1028,6 @@ static int ipapwd_post_modadd(Slapi_PBlock *pb) struct ipapwd_operation *pwdop = NULL; Slapi_Mods *smods; Slapi_Value **pwvals; - struct tm utctime; - char timestr[GENERALIZED_TIME_LENGTH+1]; int ret; char *errMsg = "Internal operations error\n"; struct ipapwd_krbcfg *krbcfg = NULL; @@ -1115,29 +1113,19 @@ static int ipapwd_post_modadd(Slapi_PBlock *pb) (slapi_entry_attr_has_syntax_value(pwdop->pwdata.target, SLAPI_ATTR_OBJECTCLASS, ipahost)) == 0) { /* set Password Expiration date */ - if (!gmtime_r(&(pwdop->pwdata.expireTime), &utctime)) { - LOG_FATAL("failed to parse expiration date (buggy gmtime_r ?)\n"); + ret = ipapwd_setdate(pwdop->pwdata.target, smods, + "krbPasswordExpiration", + pwdop->pwdata.expireTime, + (pwdop->pwdata.expireTime == 0)); + if (ret != LDAP_SUCCESS) goto done; - } - strftime(timestr, GENERALIZED_TIME_LENGTH+1, - "%Y%m%d%H%M%SZ", &utctime); - slapi_mods_add_string(smods, LDAP_MOD_REPLACE, - "krbPasswordExpiration", timestr); - if (pwdop->pwdata.expireTime == 0) { - slapi_mods_add_string(smods, LDAP_MOD_DELETE, - "krbPasswordExpiration", timestr); - } /* change Last Password Change field with the current date */ - if (!gmtime_r(&(pwdop->pwdata.timeNow), &utctime)) { - LOG_FATAL("failed to parse current date (buggy gmtime_r ?)\n"); - slapi_value_free(&ipahost); + ret = ipapwd_setdate(pwdop->pwdata.target, smods, + "krbLastPwdChange", + pwdop->pwdata.timeNow, false); + if (ret != LDAP_SUCCESS) goto done; - } - strftime(timestr, GENERALIZED_TIME_LENGTH+1, - "%Y%m%d%H%M%SZ", &utctime); - slapi_mods_add_string(smods, LDAP_MOD_REPLACE, - "krbLastPwdChange", timestr); } slapi_value_free(&ipahost); } @@ -1391,6 +1379,7 @@ static int ipapwd_pre_bind(Slapi_PBlock *pb) SLAPI_USERPWD_ATTR, "ipaUserAuthType", "krbprincipalkey", "uid", "krbprincipalname", "objectclass", "passwordexpirationtime", "passwordhistory", "krbprincipalexpiration", "krbcanonicalname", + "krbPasswordExpiration", "krblastpwchange", NULL }; struct berval *credentials = NULL; |