[26774] in CVS-changelog-for-Kerberos-V5
krb5 commit: Factor out LDAP policy marshalling
daemon@ATHENA.MIT.EDU (Greg Hudson)
Thu Jul 26 12:25:34 2012
Date: Thu, 26 Jul 2012 12:25:28 -0400
From: Greg Hudson <ghudson@mit.edu>
Message-Id: <201207261625.q6QGPShj025127@drugstore.mit.edu>
To: cvs-krb5@mit.edu
Reply-To: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu
https://github.com/krb5/krb5/commit/9c2e435d02d91018be41a55e0412b9256b40b583
commit 9c2e435d02d91018be41a55e0412b9256b40b583
Author: Greg Hudson <ghudson@mit.edu>
Date: Thu Jul 26 12:25:01 2012 -0400
Factor out LDAP policy marshalling
Use a helper function add_policy_mods() in
krb5_ldap_create_password_policy() and krb5_ldap_put_password_policy()
to avoid duplicating code for each field.
src/plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c | 87 ++++++++++++-------
1 files changed, 55 insertions(+), 32 deletions(-)
diff --git a/src/plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c b/src/plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c
index 03502c9..f65f626 100644
--- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c
+++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c
@@ -43,6 +43,57 @@ static char *password_policy_attributes[] = { "cn", "krbmaxpwdlife", "krbminpwdl
"krbpwdfailurecountinterval",
"krbpwdlockoutduration", NULL };
+/* Fill in mods with LDAP operations for the fields of policy, using the
+ * modification type op. mods must be freed by the caller on error. */
+static krb5_error_code
+add_policy_mods(krb5_context context, LDAPMod ***mods, osa_policy_ent_t policy,
+ int op)
+{
+ krb5_error_code st;
+
+ st = krb5_add_int_mem_ldap_mod(mods, "krbmaxpwdlife", op,
+ (int)policy->pw_max_life);
+ if (st)
+ return st;
+
+ st = krb5_add_int_mem_ldap_mod(mods, "krbminpwdlife", op,
+ (int)policy->pw_min_life);
+ if (st)
+ return st;
+
+ st = krb5_add_int_mem_ldap_mod(mods, "krbpwdmindiffchars", op,
+ (int)policy->pw_min_classes);
+ if (st)
+ return st;
+
+ st = krb5_add_int_mem_ldap_mod(mods, "krbpwdminlength", op,
+ (int)policy->pw_min_length);
+ if (st)
+ return st;
+
+ st = krb5_add_int_mem_ldap_mod(mods, "krbpwdhistorylength", op,
+ (int)policy->pw_history_num);
+ if (st)
+ return st;
+
+ st = krb5_add_int_mem_ldap_mod(mods, "krbpwdmaxfailure", op,
+ (int)policy->pw_max_fail);
+ if (st)
+ return st;
+
+ st = krb5_add_int_mem_ldap_mod(mods, "krbpwdfailurecountinterval", op,
+ (int)policy->pw_failcnt_interval);
+ if (st)
+ return st;
+
+ st = krb5_add_int_mem_ldap_mod(mods, "krbpwdlockoutduration", op,
+ (int)policy->pw_lockout_duration);
+ if (st)
+ return st;
+
+ return 0;
+}
+
/*
* Function to create password policy object.
*/
@@ -89,22 +140,8 @@ krb5_ldap_create_password_policy(krb5_context context, osa_policy_ent_t policy)
if ((st=krb5_add_str_mem_ldap_mod(&mods, "objectclass", LDAP_MOD_ADD, strval)) != 0)
goto cleanup;
- if (((st=krb5_add_int_mem_ldap_mod(&mods, "krbmaxpwdlife", LDAP_MOD_ADD,
- (signed) policy->pw_max_life)) != 0)
- || ((st=krb5_add_int_mem_ldap_mod(&mods, "krbminpwdlife", LDAP_MOD_ADD,
- (signed) policy->pw_min_life)) != 0)
- || ((st=krb5_add_int_mem_ldap_mod(&mods, "krbpwdmindiffchars", LDAP_MOD_ADD,
- (signed) policy->pw_min_classes)) != 0)
- || ((st=krb5_add_int_mem_ldap_mod(&mods, "krbpwdminlength", LDAP_MOD_ADD,
- (signed) policy->pw_min_length)) != 0)
- || ((st=krb5_add_int_mem_ldap_mod(&mods, "krbpwdhistorylength", LDAP_MOD_ADD,
- (signed) policy->pw_history_num)) != 0)
- || ((st=krb5_add_int_mem_ldap_mod(&mods, "krbpwdmaxfailure", LDAP_MOD_ADD,
- (signed) policy->pw_max_fail)) != 0)
- || ((st=krb5_add_int_mem_ldap_mod(&mods, "krbpwdfailurecountinterval", LDAP_MOD_ADD,
- (signed) policy->pw_failcnt_interval)) != 0)
- || ((st=krb5_add_int_mem_ldap_mod(&mods, "krbpwdlockoutduration", LDAP_MOD_ADD,
- (signed) policy->pw_lockout_duration)) != 0))
+ st = add_policy_mods(context, &mods, policy, LDAP_MOD_ADD);
+ if (st)
goto cleanup;
/* password policy object creation */
@@ -153,22 +190,8 @@ krb5_ldap_put_password_policy(krb5_context context, osa_policy_ent_t policy)
if (st != 0)
goto cleanup;
- if (((st=krb5_add_int_mem_ldap_mod(&mods, "krbmaxpwdlife", LDAP_MOD_REPLACE,
- (signed) policy->pw_max_life)) != 0)
- || ((st=krb5_add_int_mem_ldap_mod(&mods, "krbminpwdlife", LDAP_MOD_REPLACE,
- (signed) policy->pw_min_life)) != 0)
- || ((st=krb5_add_int_mem_ldap_mod(&mods, "krbpwdmindiffchars", LDAP_MOD_REPLACE,
- (signed) policy->pw_min_classes)) != 0)
- || ((st=krb5_add_int_mem_ldap_mod(&mods, "krbpwdminlength", LDAP_MOD_REPLACE,
- (signed) policy->pw_min_length)) != 0)
- || ((st=krb5_add_int_mem_ldap_mod(&mods, "krbpwdhistorylength", LDAP_MOD_REPLACE,
- (signed) policy->pw_history_num)) != 0)
- || ((st=krb5_add_int_mem_ldap_mod(&mods, "krbpwdmaxfailure", LDAP_MOD_REPLACE,
- (signed) policy->pw_max_fail)) != 0)
- || ((st=krb5_add_int_mem_ldap_mod(&mods, "krbpwdfailurecountinterval", LDAP_MOD_REPLACE,
- (signed) policy->pw_failcnt_interval)) != 0)
- || ((st=krb5_add_int_mem_ldap_mod(&mods, "krbpwdlockoutduration", LDAP_MOD_REPLACE,
- (signed) policy->pw_lockout_duration)) != 0))
+ st = add_policy_mods(context, &mods, policy, LDAP_MOD_REPLACE);
+ if (st)
goto cleanup;
/* modify the password policy object. */
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5
