January 2006 - 389-commits - Fedora Mailing-Lists

[Fedora-directory-commits] adminutil/lib/libadminutil Makefile, 1.5, 1.6

by Doctor Conrad

Author: nhosoi Update of /cvs/dirsec/adminutil/lib/libadminutil In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv14188/lib/libadminutil Modified Files: Makefile Log Message: [Bug 172166] Admin Util build (IPF) 1) Ported onto HP-UX IPF (B.11.23). 2) Upgraded ICU version from 2.4 to 3.4. Index: Makefile =================================================================== RCS file: /cvs/dirsec/adminutil/lib/libadminutil/Makefile,v retrieving revision 1.5 retrieving revision 1.6 diff -u -r1.5 -r1.6 --- Makefile 15 Dec 2005 21:07:44 -0000 1.5 +++ Makefile 28 Jan 2006 02:29:58 -0000 1.6 @@ -26,7 +26,7 @@ MODULE=LibAdminUtil MODULE_CFLAGS= -include ../../nsdefs.mk +include ../../nsconfig.mk OBJLIBDIR=$(OBJDIR)/lib OBJDEST=$(OBJLIBDIR)/libadminutil @@ -58,7 +58,7 @@ LDAPLINK=-L$(LDAP_LIBPATH) $(addprefix -l, $(LDAP_SOLIB_NAMES)) $(addprefix -l, $(LDAP_SSLLIB_NAMES)) endif -DEPLIBS += $(NSPRLINK) $(LDAP_NOSSL_LINK) $(ICULINK) +DEPLIBS += $(NSPRLINK) $(LDAP_NOSSL_LINK) $(ICULINK) $(EXTRA_LIBS) ifeq ($(ARCH), SOLARIS) ifeq ($(NS_USE_NATIVE), 1)

17 years, 2 months

1
0
0 / 0

[Fedora-directory-commits] adminutil component_versions.mk, 1.1.1.1, 1.2 components.mk, 1.1.1.1, 1.2 nsconfig.mk, 1.6, 1.7 pkgadminutil.mk, 1.5, 1.6

by Doctor Conrad

Author: nhosoi Update of /cvs/dirsec/adminutil In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv14188 Modified Files: component_versions.mk components.mk nsconfig.mk pkgadminutil.mk Log Message: [Bug 172166] Admin Util build (IPF) 1) Ported onto HP-UX IPF (B.11.23). 2) Upgraded ICU version from 2.4 to 3.4. Index: component_versions.mk =================================================================== RCS file: /cvs/dirsec/adminutil/component_versions.mk,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- component_versions.mk 20 Jul 2005 22:51:30 -0000 1.1.1.1 +++ component_versions.mk 28 Jan 2006 02:29:52 -0000 1.2 @@ -60,7 +60,7 @@ # ICU ifndef ICU_VERSDIR - ICU_VERSDIR=libicu_2_4 + ICU_VERSDIR=libicu_3_4 endif ifndef ICU_RELDATE ICU_RELDATE=20040820 Index: components.mk =================================================================== RCS file: /cvs/dirsec/adminutil/components.mk,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- components.mk 20 Jul 2005 22:51:30 -0000 1.1.1.1 +++ components.mk 28 Jan 2006 02:29:52 -0000 1.2 @@ -228,7 +228,7 @@ ### ICU package ########################################## -ICU_LIB_VERSION = 24 +ICU_LIB_VERSION = 34 ifdef ICU_SOURCE_ROOT ICU_LIBPATH = $(ICU_SOURCE_ROOT)/built/lib ICU_BINPATH = $(ICU_SOURCE_ROOT)/built/bin Index: nsconfig.mk =================================================================== RCS file: /cvs/dirsec/adminutil/nsconfig.mk,v retrieving revision 1.6 retrieving revision 1.7 diff -u -r1.6 -r1.7 --- nsconfig.mk 19 Jan 2006 22:05:52 -0000 1.6 +++ nsconfig.mk 28 Jan 2006 02:29:52 -0000 1.7 @@ -180,22 +180,26 @@ endif ifeq ($(MODERNHP), 1) -CC=cc -Ae +ESlit CXX=/opt/aCC/bin/aCC +CC=cc -Ae ifeq ($(NSOS_RELEASE), B.11.23) + CC+=+Olit=all ifeq ($(USE_64), 1) BIT_SWITCH=+DD64 else BIT_SWITCH=+DD32 endif + IPF_CFLAGS=-DPIC else # 11.11 or earlier + CC+=+ESlit ifeq ($(USE_64), 1) BIT_SWITCH=+DA2.0W +DS2.0 else BIT_SWITCH=+DAportable +DS1.1 endif + IPF_CFLAGS= endif # B.11.23 -ARCH_CFLAGS=$(BIT_SWITCH) -D_HPUX_SOURCE -D_POSIX_C_SOURCE=199506L -D__STDC_EXT__ +z -DHPUX11 +ARCH_CFLAGS=$(BIT_SWITCH) -D_HPUX_SOURCE -D_POSIX_C_SOURCE=199506L -D__STDC_EXT__ +z -DHPUX11 $(IPF_CFLAGS) EXTRA_LIBS= -ldld -lm -lpthread else CC=cc Index: pkgadminutil.mk =================================================================== RCS file: /cvs/dirsec/adminutil/pkgadminutil.mk,v retrieving revision 1.5 retrieving revision 1.6 diff -u -r1.5 -r1.6 --- pkgadminutil.mk 6 Dec 2005 18:38:20 -0000 1.5 +++ pkgadminutil.mk 28 Jan 2006 02:29:52 -0000 1.6 @@ -88,7 +88,7 @@ cp -p $(ABS_ROOT)/include/libadmsslutil/*.h $(PKGDIR)/include/$(INCL_ADMINUTIL)/libadmsslutil # Don't package sslpset.h rm -f $(PKGDIR)/include/$(INCL_ADMINUTIL)/libadmsslutil/sslpset.h - cd $(ADMSERV_OBJDIR)/lib; tar cf - *.* | (cd $(PKGDIR)/lib; tar xf -) + @cd $(ADMSERV_OBJDIR)/lib; tar cf - *.* | (cd $(PKGDIR)/lib; tar xvf -) cp -p $(ADMSERV_OBJDIR)/lib/libadminutil/lib*.res $(PKGDIR)/lib/$(PROP_ADMINUTIL) pkgSBC:

17 years, 2 months

1
0
0 / 0

[Fedora-directory-commits] ldapserver/ldap/servers/slapd/tools Makefile, 1.10, 1.11

by Doctor Conrad

Author: nhosoi Update of /cvs/dirsec/ldapserver/ldap/servers/slapd/tools In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv14139 Modified Files: Makefile Log Message: [170348] RSEARCH needs to be updated Fixed the broken build (64-bit). LDFLAG (set in the tools/Makefile) was not passed to rsearch and ldclt. Index: Makefile =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/tools/Makefile,v retrieving revision 1.10 retrieving revision 1.11 diff -u -r1.10 -r1.11 --- Makefile 11 Jan 2006 01:54:24 -0000 1.10 +++ Makefile 28 Jan 2006 02:26:06 -0000 1.11 @@ -77,12 +77,16 @@ OBJS1 += $(OBJDEST)/pwenc.o ifeq ($(USE_64), 1) -ifeq ($(ARCH), HPUX) -LDFLAGS += -lpthread +DA2.0W +DS2.0 +Z -endif -ifeq ($(ARCH), SOLARIS) -LDFLAGS += -xarch=v9 -endif + ifeq ($(ARCH), HPUX) + ifeq ($(NSOS_RELEASE),B.11.23) + LDFLAGS += -lpthread +DD64 + else + LDFLAGS += -lpthread +DA2.0W +DS2.0 +Z + endif + endif + ifeq ($(ARCH), SOLARIS) + LDFLAGS += -xarch=v9 + endif endif CFLAGS += $(ARCH_CFLAGS) @@ -200,10 +204,10 @@ $(MKDIR) $(OBJDEST) buildRsearch: - cd rsearch; $(MAKE) + cd rsearch; $(MAKE) LDFLAGS="$(LDFLAGS)" buildLdclt: - cd ldclt; $(MAKE) + cd ldclt; $(MAKE) LDFLAGS="$(LDFLAGS)" clean: -$(RM) $(ALL_OBJS)

17 years, 2 months

1
0
0 / 0

[Fedora-directory-commits] ldapserver/ldap/servers/slapd/tools/ldclt Makefile, 1.1, 1.2 port.h, 1.1, 1.2

by Doctor Conrad

Author: nhosoi Update of /cvs/dirsec/ldapserver/ldap/servers/slapd/tools/ldclt In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv29079 Modified Files: Makefile port.h Log Message: [164596] LDCLT distributed with Directory Server Fixed broken build on Solaris. 1) removed redeclared getsubopt in port.h 2) defined _XOPEN_SOURCE 500 for Linux Index: Makefile =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/tools/ldclt/Makefile,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- Makefile 11 Jan 2006 01:54:30 -0000 1.1 +++ Makefile 27 Jan 2006 03:05:12 -0000 1.2 @@ -102,7 +102,11 @@ ADDLIBS = $(LDAPLIBS) $(SPEC_LIBS) $(SYSTEM_LIBS) $(END) -CFLAGS+=-DLDAP_DONT_USE_SMARTHEAP +CFLAGS+=-DLDAP_DONT_USE_SMARTHEAP + +ifeq ($(ARCH), Linux) +CFLAGS+=-D_XOPEN_SOURCE=500 +endif EXTRA_LIBS_DEP = $(LDAPSDK_DEP) $(DB_LIB_DEP) $(LDAP_COMMON_LIBS_DEP) Index: port.h =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/tools/ldclt/port.h,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- port.h 11 Jan 2006 01:54:30 -0000 1.1 +++ port.h 27 Jan 2006 03:05:12 -0000 1.2 @@ -104,8 +104,6 @@ #else /* _WIN32 */ -extern int getsubopt(char **optionp, char **tokens, char **valuep); - /************************************************************************/ /************************************************************************/ /**************** Unix section ***********************/

17 years, 2 months

1
0
0 / 0

[Fedora-directory-commits] ldapserver/ldap/servers/slapd libglobs.c, 1.6, 1.7 libslapd.def, 1.14, 1.15 modify.c, 1.7, 1.8 proto-slap.h, 1.15, 1.16 pw.c, 1.8, 1.9 slap.h, 1.9, 1.10

by Doctor Conrad

Author: nkinder Update of /cvs/dirsec/ldapserver/ldap/servers/slapd In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv19454 Modified Files: libglobs.c libslapd.def modify.c proto-slap.h pw.c slap.h Log Message: 178867 - Enhanced password syntax checking Index: libglobs.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/libglobs.c,v retrieving revision 1.6 retrieving revision 1.7 diff -u -r1.6 -r1.7 --- libglobs.c 19 Apr 2005 22:07:36 -0000 1.6 +++ libglobs.c 25 Jan 2006 16:51:39 -0000 1.7 @@ -277,6 +277,33 @@ {CONFIG_PW_MINLENGTH_ATTRIBUTE, config_set_pw_minlength, NULL, 0, (void**)&global_slapdFrontendConfig.pw_policy.pw_minlength, CONFIG_INT, NULL}, + {CONFIG_PW_MINDIGITS_ATTRIBUTE, config_set_pw_mindigits, + NULL, 0, + (void**)&global_slapdFrontendConfig.pw_policy.pw_mindigits, CONFIG_INT, NULL}, + {CONFIG_PW_MINALPHAS_ATTRIBUTE, config_set_pw_minalphas, + NULL, 0, + (void**)&global_slapdFrontendConfig.pw_policy.pw_minalphas, CONFIG_INT, NULL}, + {CONFIG_PW_MINUPPERS_ATTRIBUTE, config_set_pw_minuppers, + NULL, 0, + (void**)&global_slapdFrontendConfig.pw_policy.pw_minuppers, CONFIG_INT, NULL}, + {CONFIG_PW_MINLOWERS_ATTRIBUTE, config_set_pw_minlowers, + NULL, 0, + (void**)&global_slapdFrontendConfig.pw_policy.pw_minlowers, CONFIG_INT, NULL}, + {CONFIG_PW_MINSPECIALS_ATTRIBUTE, config_set_pw_minspecials, + NULL, 0, + (void**)&global_slapdFrontendConfig.pw_policy.pw_minspecials, CONFIG_INT, NULL}, + {CONFIG_PW_MIN8BIT_ATTRIBUTE, config_set_pw_min8bit, + NULL, 0, + (void**)&global_slapdFrontendConfig.pw_policy.pw_min8bit, CONFIG_INT, NULL}, + {CONFIG_PW_MAXREPEATS_ATTRIBUTE, config_set_pw_maxrepeats, + NULL, 0, + (void**)&global_slapdFrontendConfig.pw_policy.pw_maxrepeats, CONFIG_INT, NULL}, + {CONFIG_PW_MINCATEGORIES_ATTRIBUTE, config_set_pw_mincategories, + NULL, 0, + (void**)&global_slapdFrontendConfig.pw_policy.pw_mincategories, CONFIG_INT, NULL}, + {CONFIG_PW_MINTOKENLENGTH_ATTRIBUTE, config_set_pw_mintokenlength, + NULL, 0, + (void**)&global_slapdFrontendConfig.pw_policy.pw_mintokenlength, CONFIG_INT, NULL}, {CONFIG_ERRORLOG_ATTRIBUTE, config_set_errorlog, NULL, 0, (void**)&global_slapdFrontendConfig.errorlog, CONFIG_STRING_OR_EMPTY, NULL}, @@ -751,7 +778,16 @@ cfg->pw_policy.pw_must_change = LDAP_OFF; cfg->pw_policy.pw_syntax = LDAP_OFF; cfg->pw_policy.pw_exp = LDAP_OFF; - cfg->pw_policy.pw_minlength = 6; + cfg->pw_policy.pw_minlength = 8; + cfg->pw_policy.pw_mindigits = 0; + cfg->pw_policy.pw_minalphas = 0; + cfg->pw_policy.pw_minuppers = 0; + cfg->pw_policy.pw_minlowers = 0; + cfg->pw_policy.pw_minspecials = 0; + cfg->pw_policy.pw_min8bit = 0; + cfg->pw_policy.pw_maxrepeats = 0; + cfg->pw_policy.pw_mincategories = 3; + cfg->pw_policy.pw_mintokenlength = 3; cfg->pw_policy.pw_maxage = 8640000; /* 100 days */ cfg->pw_policy.pw_minage = 0; cfg->pw_policy.pw_warning = 86400; /* 1 day */ @@ -1340,6 +1376,276 @@ } int +config_set_pw_mindigits( const char *attrname, char *value, char *errorbuf, int apply ) { + int retVal = LDAP_SUCCESS, minDigits = 0; + slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig(); + + if ( config_value_is_null( attrname, value, errorbuf, 0 )) { + return LDAP_OPERATIONS_ERROR; + } + + minDigits = atoi(value); + if ( minDigits < 0 || minDigits > 64 ) { + PR_snprintf ( errorbuf, SLAPI_DSE_RETURNTEXT_SIZE, + "password minimum number of digits \"%s\" is invalid. " + "The minimum number of digits must range from 0 to 64.", + value ); + retVal = LDAP_OPERATIONS_ERROR; + return retVal; + } + + if ( apply ) { + CFG_LOCK_WRITE(slapdFrontendConfig); + + slapdFrontendConfig->pw_policy.pw_mindigits = minDigits; + + CFG_UNLOCK_WRITE(slapdFrontendConfig); + } + + return retVal; +} + +int +config_set_pw_minalphas( const char *attrname, char *value, char *errorbuf, int apply ) { + int retVal = LDAP_SUCCESS, minAlphas = 0; + slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig(); + + if ( config_value_is_null( attrname, value, errorbuf, 0 )) { + return LDAP_OPERATIONS_ERROR; + } + + minAlphas = atoi(value); + if ( minAlphas < 0 || minAlphas > 64 ) { + PR_snprintf ( errorbuf, SLAPI_DSE_RETURNTEXT_SIZE, + "password minimum number of alphas \"%s\" is invalid. " + "The minimum number of alphas must range from 0 to 64.", + value ); + retVal = LDAP_OPERATIONS_ERROR; + return retVal; + } + + if ( apply ) { + CFG_LOCK_WRITE(slapdFrontendConfig); + + slapdFrontendConfig->pw_policy.pw_minalphas = minAlphas; + + CFG_UNLOCK_WRITE(slapdFrontendConfig); + } + + return retVal; +} + +int +config_set_pw_minuppers( const char *attrname, char *value, char *errorbuf, int apply ) { + int retVal = LDAP_SUCCESS, minUppers = 0; + slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig(); + + if ( config_value_is_null( attrname, value, errorbuf, 0 )) { + return LDAP_OPERATIONS_ERROR; + } + + minUppers = atoi(value); + if ( minUppers < 0 || minUppers > 64 ) { + PR_snprintf ( errorbuf, SLAPI_DSE_RETURNTEXT_SIZE, + "password minimum number of uppercase characters \"%s\" is invalid. " + "The minimum number of uppercase characters must range from 0 to 64.", + value ); + retVal = LDAP_OPERATIONS_ERROR; + return retVal; + } + + if ( apply ) { + CFG_LOCK_WRITE(slapdFrontendConfig); + + slapdFrontendConfig->pw_policy.pw_minuppers = minUppers; + + CFG_UNLOCK_WRITE(slapdFrontendConfig); + } + + return retVal; +} + +int +config_set_pw_minlowers( const char *attrname, char *value, char *errorbuf, int apply ) { + int retVal = LDAP_SUCCESS, minLowers = 0; + slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig(); + + if ( config_value_is_null( attrname, value, errorbuf, 0 )) { + return LDAP_OPERATIONS_ERROR; + } + + minLowers = atoi(value); + if ( minLowers < 0 || minLowers > 64 ) { + PR_snprintf ( errorbuf, SLAPI_DSE_RETURNTEXT_SIZE, + "password minimum number of lowercase characters \"%s\" is invalid. " + "The minimum number of lowercase characters must range from 0 to 64.", + value ); + retVal = LDAP_OPERATIONS_ERROR; + return retVal; + } + + if ( apply ) { + CFG_LOCK_WRITE(slapdFrontendConfig); + + slapdFrontendConfig->pw_policy.pw_minlowers = minLowers; + + CFG_UNLOCK_WRITE(slapdFrontendConfig); + } + + return retVal; +} + +int +config_set_pw_minspecials( const char *attrname, char *value, char *errorbuf, int apply ) { + int retVal = LDAP_SUCCESS, minSpecials = 0; + slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig(); + + if ( config_value_is_null( attrname, value, errorbuf, 0 )) { + return LDAP_OPERATIONS_ERROR; + } + + minSpecials = atoi(value); + if ( minSpecials < 0 || minSpecials > 64 ) { + PR_snprintf ( errorbuf, SLAPI_DSE_RETURNTEXT_SIZE, + "password minimum number of special characters \"%s\" is invalid. " + "The minimum number of special characters must range from 0 to 64.", + value ); + retVal = LDAP_OPERATIONS_ERROR; + return retVal; + } + + if ( apply ) { + CFG_LOCK_WRITE(slapdFrontendConfig); + + slapdFrontendConfig->pw_policy.pw_minspecials = minSpecials; + + CFG_UNLOCK_WRITE(slapdFrontendConfig); + } + + return retVal; +} + +int +config_set_pw_min8bit( const char *attrname, char *value, char *errorbuf, int apply ) { + int retVal = LDAP_SUCCESS, min8bit = 0; + slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig(); + + if ( config_value_is_null( attrname, value, errorbuf, 0 )) { + return LDAP_OPERATIONS_ERROR; + } + + min8bit = atoi(value); + if ( min8bit < 0 || min8bit > 64 ) { + PR_snprintf ( errorbuf, SLAPI_DSE_RETURNTEXT_SIZE, + "password minimum number of 8-bit characters \"%s\" is invalid. " + "The minimum number of 8-bit characters must range from 0 to 64.", + value ); + retVal = LDAP_OPERATIONS_ERROR; + return retVal; + } + + if ( apply ) { + CFG_LOCK_WRITE(slapdFrontendConfig); + + slapdFrontendConfig->pw_policy.pw_min8bit = min8bit; + + CFG_UNLOCK_WRITE(slapdFrontendConfig); + } + + return retVal; +} + +int +config_set_pw_maxrepeats( const char *attrname, char *value, char *errorbuf, int apply ) { + int retVal = LDAP_SUCCESS, maxRepeats = 0; + slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig(); + + if ( config_value_is_null( attrname, value, errorbuf, 0 )) { + return LDAP_OPERATIONS_ERROR; + } + + maxRepeats = atoi(value); + if ( maxRepeats < 0 || maxRepeats > 64 ) { + PR_snprintf ( errorbuf, SLAPI_DSE_RETURNTEXT_SIZE, + "password maximum number of repeated characters \"%s\" is invalid. " + "The maximum number of repeated characters must range from 0 to 64.", + value ); + retVal = LDAP_OPERATIONS_ERROR; + return retVal; + } + + if ( apply ) { + CFG_LOCK_WRITE(slapdFrontendConfig); + + slapdFrontendConfig->pw_policy.pw_maxrepeats = maxRepeats; + + CFG_UNLOCK_WRITE(slapdFrontendConfig); + } + + return retVal; +} + +int +config_set_pw_mincategories( const char *attrname, char *value, char *errorbuf, int apply ) { + int retVal = LDAP_SUCCESS, minCategories = 0; + slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig(); + + if ( config_value_is_null( attrname, value, errorbuf, 0 )) { + return LDAP_OPERATIONS_ERROR; + } + + minCategories = atoi(value); + if ( minCategories < 1 || minCategories > 5 ) { + PR_snprintf ( errorbuf, SLAPI_DSE_RETURNTEXT_SIZE, + "password minimum number of categories \"%s\" is invalid. " + "The minimum number of categories must range from 1 to 5.", + value ); + retVal = LDAP_OPERATIONS_ERROR; + return retVal; + } + + if ( apply ) { + CFG_LOCK_WRITE(slapdFrontendConfig); + + slapdFrontendConfig->pw_policy.pw_mincategories = minCategories; + + CFG_UNLOCK_WRITE(slapdFrontendConfig); + } + + return retVal; +} + +int +config_set_pw_mintokenlength( const char *attrname, char *value, char *errorbuf, int apply ) { + int retVal = LDAP_SUCCESS, minTokenLength = 0; + slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig(); + + if ( config_value_is_null( attrname, value, errorbuf, 0 )) { + return LDAP_OPERATIONS_ERROR; + } + + minTokenLength = atoi(value); + if ( minTokenLength < 1 || minTokenLength > 64 ) { + PR_snprintf ( errorbuf, SLAPI_DSE_RETURNTEXT_SIZE, + "password minimum token length \"%s\" is invalid. " + "The minimum token length must range from 1 to 64.", + value ); + retVal = LDAP_OPERATIONS_ERROR; + return retVal; + } + + if ( apply ) { + CFG_LOCK_WRITE(slapdFrontendConfig); + + slapdFrontendConfig->pw_policy.pw_mintokenlength = minTokenLength; + + CFG_UNLOCK_WRITE(slapdFrontendConfig); + } + + return retVal; +} + +int config_set_pw_maxfailure( const char *attrname, char *value, char *errorbuf, int apply ) { int retVal = LDAP_SUCCESS, maxFailure = 0; slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig(); @@ -2793,6 +3099,114 @@ return retVal; } +int +config_get_pw_mindigits() { + slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig(); + int retVal; + + CFG_LOCK_READ(slapdFrontendConfig); + retVal = slapdFrontendConfig->pw_policy.pw_mindigits; + CFG_UNLOCK_READ(slapdFrontendConfig); + + return retVal; +} + +int +config_get_pw_minalphas() { + slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig(); + int retVal; + + CFG_LOCK_READ(slapdFrontendConfig); + retVal = slapdFrontendConfig->pw_policy.pw_minalphas; + CFG_UNLOCK_READ(slapdFrontendConfig); + + return retVal; +} + +int +config_get_pw_minuppers() { + slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig(); + int retVal; + + CFG_LOCK_READ(slapdFrontendConfig); + retVal = slapdFrontendConfig->pw_policy.pw_minuppers; + CFG_UNLOCK_READ(slapdFrontendConfig); + + return retVal; +} + +int +config_get_pw_minlowers() { + slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig(); + int retVal; + + CFG_LOCK_READ(slapdFrontendConfig); + retVal = slapdFrontendConfig->pw_policy.pw_minlowers; + CFG_UNLOCK_READ(slapdFrontendConfig); + + return retVal; +} + +int +config_get_pw_minspecials() { + slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig(); + int retVal; + + CFG_LOCK_READ(slapdFrontendConfig); + retVal = slapdFrontendConfig->pw_policy.pw_minspecials; + CFG_UNLOCK_READ(slapdFrontendConfig); + + return retVal; +} + +int +config_get_pw_min8bit() { + slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig(); + int retVal; + + CFG_LOCK_READ(slapdFrontendConfig); + retVal = slapdFrontendConfig->pw_policy.pw_min8bit; + CFG_UNLOCK_READ(slapdFrontendConfig); + + return retVal; +} + +int +config_get_pw_maxrepeats() { + slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig(); + int retVal; + + CFG_LOCK_READ(slapdFrontendConfig); + retVal = slapdFrontendConfig->pw_policy.pw_maxrepeats; + CFG_UNLOCK_READ(slapdFrontendConfig); + + return retVal; +} + +int +config_get_pw_mincategories() { + slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig(); + int retVal; + + CFG_LOCK_READ(slapdFrontendConfig); + retVal = slapdFrontendConfig->pw_policy.pw_mincategories; + CFG_UNLOCK_READ(slapdFrontendConfig); + + return retVal; +} + +int +config_get_pw_mintokenlength() { + slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig(); + int retVal; + + CFG_LOCK_READ(slapdFrontendConfig); + retVal = slapdFrontendConfig->pw_policy.pw_mintokenlength; + CFG_UNLOCK_READ(slapdFrontendConfig); + + return retVal; +} + int config_get_pw_maxfailure() { slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig(); Index: libslapd.def =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/libslapd.def,v retrieving revision 1.14 retrieving revision 1.15 diff -u -r1.14 -r1.15 --- libslapd.def 29 Oct 2005 02:28:07 -0000 1.14 +++ libslapd.def 25 Jan 2006 16:51:39 -0000 1.15 @@ -1179,3 +1179,22 @@ sasl_map_done @1179 slapd_SECITEM_FreeItem @1180 slapi_op_type_to_string @1181 +; password syntax functions + config_set_pw_mindigits @1190 + config_set_pw_minalphas @1191 + config_set_pw_minuppers @1192 + config_set_pw_minlowers @1193 + config_set_pw_minspecials @1194 + config_set_pw_min8bit @1195 + config_set_pw_maxrepeats @1196 + config_set_pw_mincategories @1197 + config_set_pw_mintokenlength @1198 + config_get_pw_mindigits @1199 + config_get_pw_minalphas @1200 + config_get_pw_minuppers @1201 + config_get_pw_minlowers @1202 + config_get_pw_minspecials @1203 + config_get_pw_min8bit @1204 + config_get_pw_maxrepeats @1205 + config_get_pw_mincategories @1206 + config_get_pw_mintokenlength @1207 Index: modify.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/modify.c,v retrieving revision 1.7 retrieving revision 1.8 diff -u -r1.7 -r1.8 --- modify.c 19 Apr 2005 22:07:36 -0000 1.7 +++ modify.c 25 Jan 2006 16:51:39 -0000 1.8 @@ -65,7 +65,7 @@ static int modify_internal_pb (Slapi_PBlock *pb); static void op_shared_modify (Slapi_PBlock *pb, int pw_change, char *old_pw); static void remove_mod (Slapi_Mods *smods, const char *type, Slapi_Mods *smod_unhashed); -static int op_shared_allow_pw_change (Slapi_PBlock *pb, LDAPMod *mod, char **old_pw); +static int op_shared_allow_pw_change (Slapi_PBlock *pb, LDAPMod *mod, char **old_pw, Slapi_Mods *smods); #ifdef LDAP_DEBUG static const char* @@ -279,7 +279,7 @@ strcasecmp( mod->mod_type, SLAPI_USERPWD_ATTR ) == 0 ) { /* assumes controls have already been decoded and placed in the pblock */ - pw_change = op_shared_allow_pw_change (pb, mod, &old_pw); + pw_change = op_shared_allow_pw_change (pb, mod, &old_pw, &smods); if (pw_change == -1) { goto free_and_return; } @@ -432,7 +432,8 @@ int opresult = 0; LDAPMod **normalized_mods = NULL; LDAPMod **mods; - LDAPMod **mod; + LDAPMod **mod; + Slapi_Mods smods; int pw_change = 0; char *old_pw = NULL; @@ -469,7 +470,8 @@ { if ((*mod)->mod_bvalues != NULL && strcasecmp((*mod)->mod_type, SLAPI_USERPWD_ATTR) == 0) { - pw_change = op_shared_allow_pw_change (pb, *mod, &old_pw); + slapi_mods_init_passin(&smods, mods); + pw_change = op_shared_allow_pw_change (pb, *mod, &old_pw, &smods); if (pw_change == -1) { /* The internal result code will already have been set by op_shared_allow_pw_change() */ @@ -865,7 +867,7 @@ } } -static int op_shared_allow_pw_change (Slapi_PBlock *pb, LDAPMod *mod, char **old_pw) +static int op_shared_allow_pw_change (Slapi_PBlock *pb, LDAPMod *mod, char **old_pw, Slapi_Mods *smods) { int isroot, internal_op, repl_op, pwresponse_req = 0; char *dn; @@ -953,7 +955,7 @@ /* check password syntax; remember the old password; error sent directly from check_pw_syntax function */ valuearray_init_bervalarray(mod->mod_bvalues, &values); - switch (check_pw_syntax (pb, &sdn, values, old_pw, NULL, 1)) + switch (check_pw_syntax_ext (pb, &sdn, values, old_pw, NULL, 1, smods)) { case 0: /* success */ rc = 1; Index: proto-slap.h =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/proto-slap.h,v retrieving revision 1.15 retrieving revision 1.16 diff -u -r1.15 -r1.16 --- proto-slap.h 12 Jan 2006 00:28:57 -0000 1.15 +++ proto-slap.h 25 Jan 2006 16:51:39 -0000 1.16 @@ -268,6 +268,15 @@ int config_set_pwpolicy_local(const char *attrname, char *value, char *errorbuf, int apply ); int config_set_pw_syntax(const char *attrname, char *value, char *errorbuf, int apply ); int config_set_pw_minlength(const char *attrname, char *value, char *errorbuf, int apply ); +int config_set_pw_mindigits(const char *attrname, char *value, char *errorbuf, int apply ); +int config_set_pw_minalphas(const char *attrname, char *value, char *errorbuf, int apply ); +int config_set_pw_minuppers(const char *attrname, char *value, char *errorbuf, int apply ); +int config_set_pw_minlowers(const char *attrname, char *value, char *errorbuf, int apply ); +int config_set_pw_minspecials(const char *attrname, char *value, char *errorbuf, int apply ); +int config_set_pw_min8bit(const char *attrname, char *value, char *errorbuf, int apply ); +int config_set_pw_maxrepeats(const char *attrname, char *value, char *errorbuf, int apply ); +int config_set_pw_mincategories(const char *attrname, char *value, char *errorbuf, int apply ); +int config_set_pw_mintokenlength(const char *attrname, char *value, char *errorbuf, int apply ); int config_set_pw_exp(const char *attrname, char *value, char *errorbuf, int apply ); int config_set_pw_maxage(const char *attrname, char *value, char *errorbuf, int apply ); int config_set_pw_minage(const char *attrname, char *value, char *errorbuf, int apply ); @@ -322,6 +331,15 @@ int config_get_pw_must_change(); int config_get_pw_syntax(); int config_get_pw_minlength(); +int config_get_pw_mindigits(); +int config_get_pw_minalphas(); +int config_get_pw_minuppers(); +int config_get_pw_minlowers(); +int config_get_pw_minspecials(); +int config_get_pw_min8bit(); +int config_get_pw_maxrepeats(); +int config_get_pw_mincategories(); +int config_get_pw_mintokenlength(); int config_get_pw_maxfailure(); int config_get_pw_inhistory(); long config_get_pw_lockduration(); @@ -694,6 +712,8 @@ int update_pw_info( Slapi_PBlock *pb , char *old_pw ); int check_pw_syntax( Slapi_PBlock *pb, const Slapi_DN *sdn, Slapi_Value **vals, char **old_pw, Slapi_Entry *e, int mod_op ); +int check_pw_syntax_ext( Slapi_PBlock *pb, const Slapi_DN *sdn, Slapi_Value **vals, + char **old_pw, Slapi_Entry *e, int mod_op, Slapi_Mods *smods ); int check_account_lock( Slapi_PBlock *pb, Slapi_Entry * bind_target_entry, int pwresponse_req); int check_pw_minage( Slapi_PBlock *pb, const Slapi_DN *sdn, struct berval **vals) ; void add_password_attrs( Slapi_PBlock *pb, Operation *op, Slapi_Entry *e ); Index: pw.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/pw.c,v retrieving revision 1.8 retrieving revision 1.9 diff -u -r1.8 -r1.9 --- pw.c 19 Apr 2005 22:07:36 -0000 1.8 +++ pw.c 25 Jan 2006 16:51:39 -0000 1.9 @@ -62,7 +62,8 @@ static int pw_in_history(Slapi_Value **history_vals, const Slapi_Value *pw_val); static int update_pw_history( Slapi_PBlock *pb, char *dn, char *old_pw ); -static int check_trivial_words (Slapi_PBlock *, Slapi_Entry *, Slapi_Value **, char *attrtype ); +static int check_trivial_words (Slapi_PBlock *, Slapi_Entry *, Slapi_Value **, + char *attrtype, int toklen, Slapi_Mods *smods ); static int pw_boolean_str2value (const char *str); /* static LDAPMod* pw_malloc_mod (char* name, char* value, int mod_op); */ @@ -715,19 +716,39 @@ check_pw_syntax ( Slapi_PBlock *pb, const Slapi_DN *sdn, Slapi_Value **vals, char **old_pw, Slapi_Entry *e, int mod_op) { + return ( check_pw_syntax_ext(pb, sdn, vals, old_pw, e, mod_op, NULL) ); +} + +int +check_pw_syntax_ext ( Slapi_PBlock *pb, const Slapi_DN *sdn, Slapi_Value **vals, + char **old_pw, Slapi_Entry *e, int mod_op, Slapi_Mods *smods) +{ Slapi_Attr* attr; - int i, pwresponse_req = 0; + int i, pwresponse_req = 0; char *dn= (char*)slapi_sdn_get_ndn(sdn); /* jcm - Had to cast away const */ + char *pwd = NULL; + char *p = NULL; passwdPolicy *pwpolicy = NULL; pwpolicy = new_passwdPolicy(pb, dn); slapi_pblock_get ( pb, SLAPI_PWPOLICY, &pwresponse_req ); if ( pwpolicy->pw_syntax == 1 ) { - /* check for the minimum password lenght */ for ( i = 0; vals[ i ] != NULL; ++i ) { - if ( pwpolicy->pw_minlength - > (int)slapi_value_get_length(vals[ i ]) ) { /* jcm: had to cast unsigned int to signed int */ + int num_digits = 0; + int num_alphas = 0; + int num_uppers = 0; + int num_lowers = 0; + int num_specials = 0; + int num_8bit = 0; + int num_repeated = 0; + int max_repeated = 0; + int num_categories = 0; + + /* check for the minimum password length */ + if ( pwpolicy->pw_minlength > + ldap_utf8characters((char *)slapi_value_get_string( vals[i] )) ) + { if ( pwresponse_req == 1 ) { slapi_pwpolicy_make_response_control ( pb, -1, -1, LDAP_PWPOLICY_PWDTOOSHORT ); @@ -738,10 +759,95 @@ delete_passwdPolicy(&pwpolicy); return ( 1 ); } + + /* check character types */ + pwd = (char *)slapi_value_get_string( vals[i] ); + p = pwd; + /* + pwdlen = slapi_value_get_length( vals[i] ); + for ( j = 0; j < pwdlen; j++ ) { + */ + while ( p && *p ) + { + if ( ldap_utf8isdigit( p ) ) { + num_digits++; + } else if ( ldap_utf8isalpha( p ) ) { + num_alphas++; + if ( slapi_utf8isLower( p ) ) { + num_lowers++; + } else { + num_uppers++; + } + } else { + /* check if this is an 8-bit char */ + if ( *p & 128 ) { + num_8bit++; + } else { + num_specials++; + } + } + + /* check for repeating characters. If this is the + first char of the password, no need to check */ + if ( pwd != p ) { + int len = ldap_utf8len( p ); + char *prev_p = ldap_utf8prev( p ); + + if ( len == ldap_utf8len( prev_p ) ) + { + if ( memcmp( p, prev_p, len ) == 0 ) + { + num_repeated++; + if ( max_repeated < num_repeated ) { + max_repeated = num_repeated; + } + } else { + num_repeated = 0; + } + } else { + num_repeated = 0; + } + } + + p = ldap_utf8next( p ); + } + + /* tally up the number of character categories */ + if ( num_digits > 0 ) + ++num_categories; + if ( num_uppers > 0 ) + ++num_categories; + if ( num_lowers > 0 ) + ++num_categories; + if ( num_specials > 0 ) + ++num_categories; + if ( num_8bit > 0 ) + ++num_categories; + + /* check for character based syntax limits */ + if ( ( pwpolicy->pw_mindigits > num_digits ) || + ( pwpolicy->pw_minalphas > num_alphas ) || + ( pwpolicy->pw_minuppers > num_uppers ) || + ( pwpolicy->pw_minlowers > num_lowers ) || + ( pwpolicy->pw_minspecials > num_specials ) || + ( pwpolicy->pw_min8bit > num_8bit ) || + ( (pwpolicy->pw_maxrepeats != 0) && (pwpolicy->pw_maxrepeats < (max_repeated + 1)) ) || + ( pwpolicy->pw_mincategories > num_categories ) ) + { + if ( pwresponse_req == 1 ) { + slapi_pwpolicy_make_response_control ( pb, -1, -1, + LDAP_PWPOLICY_INVALIDPWDSYNTAX ); + } + pw_send_ldap_result ( pb, + LDAP_CONSTRAINT_VIOLATION, NULL, + "invalid password syntax", 0, NULL ); + delete_passwdPolicy(&pwpolicy); + return ( 1 ); + } } } - /* get the entry and check for the password history and syntax if this is called by a modify operation */ + /* get the entry and check for the password history if this is called by a modify operation */ if ( mod_op ) { /* retrieve the entry */ e = get_entry ( pb, dn ); @@ -808,19 +914,24 @@ *old_pw = NULL; } } + } - if ( pwpolicy->pw_syntax == 1 ) { - /* check for trivial words */ - if ( check_trivial_words ( pb, e, vals, "uid" ) == 1 || - check_trivial_words ( pb, e, vals, "cn" ) == 1 || - check_trivial_words ( pb, e, vals, "sn" ) == 1 || - check_trivial_words ( pb, e, vals, "givenname" ) == 1 || - check_trivial_words ( pb, e, vals, "ou" ) == 1 || - check_trivial_words ( pb, e, vals, "mail" ) == 1) { - slapi_entry_free( e ); - delete_passwdPolicy(&pwpolicy); - return 1; + /* check for trivial words if syntax checking is enabled */ + if ( pwpolicy->pw_syntax == 1 ) { + /* e is null if this is an add operation*/ + if ( check_trivial_words ( pb, e, vals, "uid", pwpolicy->pw_mintokenlength, smods ) == 1 || + check_trivial_words ( pb, e, vals, "cn", pwpolicy->pw_mintokenlength, smods ) == 1 || + check_trivial_words ( pb, e, vals, "sn", pwpolicy->pw_mintokenlength, smods ) == 1 || + check_trivial_words ( pb, e, vals, "givenname", pwpolicy->pw_mintokenlength, smods ) == 1 || + check_trivial_words ( pb, e, vals, "ou", pwpolicy->pw_mintokenlength, smods ) == 1 || + check_trivial_words ( pb, e, vals, "mail", pwpolicy->pw_mintokenlength, smods ) == 1) + { + if ( mod_op ) { + slapi_entry_free( e ); } + + delete_passwdPolicy(&pwpolicy); + return 1; } } @@ -1122,33 +1233,91 @@ } static int -check_trivial_words (Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Value **vals, char *attrtype ) +check_trivial_words (Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Value **vals, char *attrtype, + int toklen, Slapi_Mods *smods ) { - Slapi_Attr *attr; - int i, pwresponse_req = 0; + Slapi_Attr *attr = NULL; + Slapi_Mod *smodp = NULL, *smod = NULL; + Slapi_ValueSet *vs = NULL; + Slapi_Value *valp = NULL; + struct berval *bvp = NULL; + int i, pwresponse_req = 0; + + vs = slapi_valueset_new(); slapi_pblock_get ( pb, SLAPI_PWPOLICY, &pwresponse_req ); - attr = attrlist_find(e->e_attrs, attrtype); - if (attr && !valueset_isempty(&attr->a_present_values)) + + /* Get a list of present values for attrtype in the existing entry, if there is one */ + if (e != NULL ) { - Slapi_Value **va= attr_get_present_values(attr); - for ( i = 0; va[i] != NULL; i++ ) + if ( (attr = attrlist_find(e->e_attrs, attrtype)) && + (!valueset_isempty(&attr->a_present_values)) ) { - if( strcasecmp( slapi_value_get_string(va[i]), slapi_value_get_string(vals[0])) == 0) /* JCM Innards */ + /* Add present values to valueset */ + slapi_attr_get_valueset( attr, &vs ); + } + } + + /* Get a list of new values for attrtype from the operation */ + if ( (smod = slapi_mod_new()) && smods ) + { + for (smodp = slapi_mods_get_first_smod(smods, smod); + smodp != NULL; smodp = slapi_mods_get_next_smod(smods, smod) ) + { + /* Operation has new values for attrtype */ + if ( PL_strcasecmp(attrtype, slapi_mod_get_type(smodp)) == 0 ) { - if ( pwresponse_req == 1 ) { + /* iterate through smodp values and add them if they don't exist */ + for ( bvp = slapi_mod_get_first_value( smodp ); bvp != NULL; + bvp = slapi_mod_get_next_value( smodp ) ) + { + /* Add new value to valueset */ + valp = slapi_value_new_berval( bvp ); + slapi_valueset_add_value_ext( vs, valp, SLAPI_VALUE_FLAG_PASSIN ); + valp = NULL; + } + } + } + /* Free smod */ + slapi_mod_free(&smod); + smod = NULL; + smodp = NULL; + } + + /* If valueset isn't empty, we need to check if the password contains the values */ + if ( slapi_valueset_count(vs) != 0 ) + { + for ( i = slapi_valueset_first_value( vs, &valp); + (i != -1) && (valp != NULL); + i = slapi_valueset_next_value( vs, i, &valp) ) + { + /* If the value is smaller than the max token length, + * we don't need to check the password */ + if ( ldap_utf8characters(slapi_value_get_string( valp )) < toklen ) + continue; + + /* See if the password contains the value */ + if ( PL_strcasestr( slapi_value_get_string( vals[0] ), + slapi_value_get_string( valp ) ) ) + { + if ( pwresponse_req == 1 ) + { slapi_pwpolicy_make_response_control ( pb, -1, -1, LDAP_PWPOLICY_INVALIDPWDSYNTAX ); } pw_send_ldap_result ( pb, LDAP_CONSTRAINT_VIOLATION, NULL, - "Password failed triviality check." - " Please choose a different password.", - 0, NULL ); - return ( 1 ); + "invalid password syntax", 0, NULL ); + + /* Free valueset */ + slapi_valueset_free( vs ); + return ( 1 ); } - } + } } + + /* Free valueset */ + slapi_valueset_free( vs ); return ( 0 ); } @@ -1361,6 +1530,60 @@ } } else + if (!strcasecmp(attr_name, "passwordmindigits")) { + if ((sval = attr_get_present_values(attr))) { + pwdpolicy->pw_mindigits = slapi_value_get_int(*sval); + } + } + else + if (!strcasecmp(attr_name, "passwordminalphas")) { + if ((sval = attr_get_present_values(attr))) { + pwdpolicy->pw_minalphas = slapi_value_get_int(*sval); + } + } + else + if (!strcasecmp(attr_name, "passwordminuppers")) { + if ((sval = attr_get_present_values(attr))) { + pwdpolicy->pw_minuppers = slapi_value_get_int(*sval); + } + } + else + if (!strcasecmp(attr_name, "passwordminlowers")) { + if ((sval = attr_get_present_values(attr))) { + pwdpolicy->pw_minlowers = slapi_value_get_int(*sval); + } + } + else + if (!strcasecmp(attr_name, "passwordminspecials")) { + if ((sval = attr_get_present_values(attr))) { + pwdpolicy->pw_minspecials = slapi_value_get_int(*sval); + } + } + else + if (!strcasecmp(attr_name, "passwordmin8bit")) { + if ((sval = attr_get_present_values(attr))) { + pwdpolicy->pw_min8bit = slapi_value_get_int(*sval); + } + } + else + if (!strcasecmp(attr_name, "passwordmaxrepeats")) { + if ((sval = attr_get_present_values(attr))) { + pwdpolicy->pw_maxrepeats = slapi_value_get_int(*sval); + } + } + else + if (!strcasecmp(attr_name, "passwordmincategories")) { + if ((sval = attr_get_present_values(attr))) { + pwdpolicy->pw_mincategories = slapi_value_get_int(*sval); + } + } + else + if (!strcasecmp(attr_name, "passwordmintokenlength")) { + if ((sval = attr_get_present_values(attr))) { + pwdpolicy->pw_mintokenlength = slapi_value_get_int(*sval); + } + } + else if (!strcasecmp(attr_name, "passwordexp")) { if ((sval = attr_get_present_values(attr))) { pwdpolicy->pw_exp = Index: slap.h =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/slap.h,v retrieving revision 1.9 retrieving revision 1.10 diff -u -r1.9 -r1.10 --- slap.h 19 Apr 2005 22:07:37 -0000 1.9 +++ slap.h 25 Jan 2006 16:51:39 -0000 1.10 @@ -1661,6 +1661,15 @@ #define CONFIG_PW_MUSTCHANGE_ATTRIBUTE "passwordMustChange" #define CONFIG_PW_SYNTAX_ATTRIBUTE "passwordCheckSyntax" #define CONFIG_PW_MINLENGTH_ATTRIBUTE "passwordMinLength" +#define CONFIG_PW_MINDIGITS_ATTRIBUTE "passwordMinDigits" +#define CONFIG_PW_MINALPHAS_ATTRIBUTE "passwordMinAlphas" +#define CONFIG_PW_MINUPPERS_ATTRIBUTE "passwordMinUppers" +#define CONFIG_PW_MINLOWERS_ATTRIBUTE "passwordMinLowers" +#define CONFIG_PW_MINSPECIALS_ATTRIBUTE "passwordMinSpecials" +#define CONFIG_PW_MIN8BIT_ATTRIBUTE "passwordMin8Bit" +#define CONFIG_PW_MAXREPEATS_ATTRIBUTE "passwordMaxRepeats" +#define CONFIG_PW_MINCATEGORIES_ATTRIBUTE "passwordMinCategories" +#define CONFIG_PW_MINTOKENLENGTH_ATTRIBUTE "passwordMinTokenLength" #define CONFIG_PW_EXP_ATTRIBUTE "passwordExp" #define CONFIG_PW_MAXAGE_ATTRIBUTE "passwordMaxAge" #define CONFIG_PW_MINAGE_ATTRIBUTE "passwordMinAge" @@ -1715,6 +1724,15 @@ int pw_must_change; /* 1 - indicates that users must change pwd upon reset */ int pw_syntax; int pw_minlength; + int pw_mindigits; + int pw_minalphas; + int pw_minuppers; + int pw_minlowers; + int pw_minspecials; + int pw_min8bit; + int pw_maxrepeats; + int pw_mincategories; + int pw_mintokenlength; int pw_exp; long pw_maxage; long pw_minage;

17 years, 2 months

1
0
0 / 0

[Fedora-directory-commits] setuputil/installer/unix/lib Makefile, 1.1.1.1, 1.2

by Doctor Conrad

Author: nhosoi Update of /cvs/dirsec/setuputil/installer/unix/lib In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv13522/installer/unix/lib Modified Files: Makefile Log Message: Supporting build on HP-UX IPF. Index: Makefile =================================================================== RCS file: /cvs/dirsec/setuputil/installer/unix/lib/Makefile,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- Makefile 29 Jul 2005 22:16:32 -0000 1.1.1.1 +++ Makefile 19 Jan 2006 23:10:11 -0000 1.2 @@ -87,9 +87,9 @@ $(DISTINC): mkdir -p $(DISTINC) -$(LIBS): $(OBJS) $(CURSES) +$(LIBS): $(OBJS) $(AR) $? - $(RANLIB) $@ + $(RANLIB) $@ $(CURSES) $(STAGE): $(DISTINC) cp $(INCS) $(DISTINC)

17 years, 2 months

1
0
0 / 0

[Fedora-directory-commits] setuputil nsarch, 1.3, 1.4 nsconfig.mk, 1.3, 1.4

by Doctor Conrad

Author: nhosoi Update of /cvs/dirsec/setuputil In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv13522 Modified Files: nsarch nsconfig.mk Log Message: Supporting build on HP-UX IPF. Index: nsarch =================================================================== RCS file: /cvs/dirsec/setuputil/nsarch,v retrieving revision 1.3 retrieving revision 1.4 diff -u -r1.3 -r1.4 --- nsarch 16 Dec 2005 18:14:26 -0000 1.3 +++ nsarch 19 Jan 2006 23:10:03 -0000 1.4 @@ -451,6 +451,14 @@ NS_RELEASE="${HPUX_REV}" ns_printf exit 0 ;; + ia64:HP-UX:*:*) + HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'` + GNU_NAME="${UNAME_MACHINE}-hp-hpux${HPUX_REV}" + NS_NAME="HPUX" + NS_PRETTY_NAME="HP-UX" + NS_RELEASE="${HPUX_REV}" + ns_printf + exit 0 ;; 3050*:HI-UX:*:*) sed 's/^ //' << EOF >dummy.c #include <unistd.h> Index: nsconfig.mk =================================================================== RCS file: /cvs/dirsec/setuputil/nsconfig.mk,v retrieving revision 1.3 retrieving revision 1.4 diff -u -r1.3 -r1.4 --- nsconfig.mk 16 Dec 2005 01:07:52 -0000 1.3 +++ nsconfig.mk 19 Jan 2006 23:10:03 -0000 1.4 @@ -206,7 +206,12 @@ #------------------- ifeq ($(ARCH), HPUX) #------------------- -DLL_SUFFIX=sl +HPUX_ARCH = $(shell uname -m) +ifeq ($(HPUX_ARCH), ia64) + DLL_SUFFIX=so +else + DLL_SUFFIX=sl +endif LDAP_DLL_SUFFIX=$(DLL_SUFFIX) ifeq ($(NSOS_RELEASE), B.11.00) @@ -215,16 +220,27 @@ ifeq ($(NSOS_RELEASE), B.11.11) MODERNHP=1 endif +ifeq ($(NSOS_RELEASE), B.11.23) + MODERNHP=1 +endif ifdef MODERNHP CC=cc -Ae +ESlit CXX=aCC -ifeq ($(USE_64), 1) -BIT_SWITCH=+DA2.0W +DS2.0 -DHPUX_64 -Wl,+s -else -BIT_SWITCH=+DAportable +DS1.1 -Wl,+s -endif -ARCH_CFLAGS=$(BIT_SWITCH) -D_HPUX_SOURCE -D_POSIX_C_SOURCE=199506L -D__STDC_EXT__ +z -DHPUX11 +ifeq ($(NSOS_RELEASE), B.11.23) + ifeq ($(USE_64), 1) + BIT_SWITCH=+DD64 + else + BIT_SWITCH=+DD32 + endif +else # 11.11 or earlier + ifeq ($(USE_64), 1) + BIT_SWITCH=+DA2.0W +DS2.0 + else + BIT_SWITCH=+DAportable +DS1.1 + endif +endif # B.11.23 +ARCH_CFLAGS=$(BIT_SWITCH) -D_HPUX_SOURCE -D_POSIX_C_SOURCE=199506L -D__STDC_EXT__ +z -DHPUX11 EXTRA_LIBS= -ldld -lm -lpthread else CC=cc @@ -232,6 +248,10 @@ EXTRA_LIBS= -ldld -lm -ldce endif +ifeq ($(USE_64), 1) + ARCH_CFLAGS+=-DHPUX_64 +endif + CCC=$(CXX) ARCH_DEBUG=-g

17 years, 2 months

1
0
0 / 0

[Fedora-directory-commits] adminutil nsarch, 1.3, 1.4 nsconfig.mk, 1.5, 1.6

by Doctor Conrad

Author: nhosoi Update of /cvs/dirsec/adminutil In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv10606 Modified Files: nsarch nsconfig.mk Log Message: [172166] Admin Util build (IPF) Supporting build on HP-UX IPF. Index: nsarch =================================================================== RCS file: /cvs/dirsec/adminutil/nsarch,v retrieving revision 1.3 retrieving revision 1.4 diff -u -r1.3 -r1.4 --- nsarch 16 Dec 2005 18:15:59 -0000 1.3 +++ nsarch 19 Jan 2006 22:05:52 -0000 1.4 @@ -451,6 +451,14 @@ NS_RELEASE="${HPUX_REV}" ns_printf exit 0 ;; + ia64:HP-UX:*:*) + HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'` + GNU_NAME="${UNAME_MACHINE}-hp-hpux${HPUX_REV}" + NS_NAME="HPUX" + NS_PRETTY_NAME="HP-UX" + NS_RELEASE="${HPUX_REV}" + ns_printf + exit 0 ;; 3050*:HI-UX:*:*) sed 's/^ //' << EOF >dummy.c #include <unistd.h> Index: nsconfig.mk =================================================================== RCS file: /cvs/dirsec/adminutil/nsconfig.mk,v retrieving revision 1.5 retrieving revision 1.6 diff -u -r1.5 -r1.6 --- nsconfig.mk 15 Dec 2005 21:06:22 -0000 1.5 +++ nsconfig.mk 19 Jan 2006 22:05:52 -0000 1.6 @@ -175,15 +175,26 @@ ifeq ($(NSOS_RELEASE), B.11.11) MODERNHP=1 endif +ifeq ($(NSOS_RELEASE), B.11.23) + MODERNHP=1 +endif ifeq ($(MODERNHP), 1) CC=cc -Ae +ESlit CXX=/opt/aCC/bin/aCC -ifeq ($(USE_64), 1) -BIT_SWITCH=+DA2.0W +DS2.0 -else -BIT_SWITCH=+DAportable +DS1.1 -endif +ifeq ($(NSOS_RELEASE), B.11.23) + ifeq ($(USE_64), 1) + BIT_SWITCH=+DD64 + else + BIT_SWITCH=+DD32 + endif +else # 11.11 or earlier + ifeq ($(USE_64), 1) + BIT_SWITCH=+DA2.0W +DS2.0 + else + BIT_SWITCH=+DAportable +DS1.1 + endif +endif # B.11.23 ARCH_CFLAGS=$(BIT_SWITCH) -D_HPUX_SOURCE -D_POSIX_C_SOURCE=199506L -D__STDC_EXT__ +z -DHPUX11 EXTRA_LIBS= -ldld -lm -lpthread else

17 years, 2 months

1
0
0 / 0

[Fedora-directory-commits] adminserver/base Makefile,1.16,1.17

by Doctor Conrad

Author: rmeggins Update of /cvs/dirsec/adminserver/base In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv16896/adminserver/base Modified Files: Makefile Log Message: It's a little bit tricky. The base package is a dependency of both the main admin server package and the directory server package. However, it works if you just create a zero length .zip file for the base archive - you get a warning when running setup, but everything installs correctly. While it's not perfect (it will be addressed for the next major release) it will at least allow those developers who do not want to use java at all to build and install. You must use "make NOJAVA=1 ..." to build and package admin server without java. Index: Makefile =================================================================== RCS file: /cvs/dirsec/adminserver/base/Makefile,v retrieving revision 1.16 retrieving revision 1.17 diff -u -r1.16 -r1.17 --- Makefile 18 Nov 2005 21:16:39 -0000 1.16 +++ Makefile 18 Jan 2006 18:24:25 -0000 1.17 @@ -149,13 +149,14 @@ cd $(PKGTOP); $(TAR) cvfX $(RELTOP)/base.tar $(RELTOP)/base.ex base -rm $(RELTOP)/base.tar.gz $(RELTOP)/base.ex cd $(RELTOP); gzip -f base.tar -endif +endif pkguxClient: rm -rf $(CLIENT_DIR) rm -f $(BASEDIR)/ns$(BASE_CLIENT).zip +ifndef NOJAVA -$(MKDIR) $(CLIENT_DIR)/$(JAVA_DIR) -$(MKDIR) $(CONSOLE_HELP) -$(CHMOD) 0777 $(CLIENT_DIR)/$(JAVA_DIR) @@ -211,6 +212,11 @@ cd $(CLIENT_DIR) ; \ $(IZIP) $(BASEDIR)/ns$(BASE_CLIENT).zip * ; +else # NOJAVA + -$(MKDIR) $(BASEDIR) + touch $(BASEDIR)/ns$(BASE_CLIENT).zip +endif # NOJAVA + ifeq ($(ARCH), Linux) $(PERL) fixPI.pl SETUP_BASE ../include/version.h ../$(NSPLATFORM_DIR)/buildnum.dat $(BUILD_SECURITY) base.inf $(BASEDIR)/base.inf else

17 years, 2 months

1
0
0 / 0

[Fedora-directory-commits] adminserver/admserv Makefile, 1.6, 1.7 pkgadmin.mk, 1.34, 1.35

by Doctor Conrad

Author: rmeggins Update of /cvs/dirsec/adminserver/admserv In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv16896/adminserver/admserv Modified Files: Makefile pkgadmin.mk Log Message: It's a little bit tricky. The base package is a dependency of both the main admin server package and the directory server package. However, it works if you just create a zero length .zip file for the base archive - you get a warning when running setup, but everything installs correctly. While it's not perfect (it will be addressed for the next major release) it will at least allow those developers who do not want to use java at all to build and install. You must use "make NOJAVA=1 ..." to build and package admin server without java. Index: Makefile =================================================================== RCS file: /cvs/dirsec/adminserver/admserv/Makefile,v retrieving revision 1.6 retrieving revision 1.7 diff -u -r1.6 -r1.7 --- Makefile 29 Sep 2005 22:11:58 -0000 1.6 +++ Makefile 18 Jan 2006 18:24:20 -0000 1.7 @@ -33,12 +33,21 @@ MFLAGS := endif +ALLTARGETS = do-src do-cgi-src do-html +ifndef NOJAVA +ALLTARGETS += do-console +endif + +ALLTARGETS += do-cfg + ifeq ($(ARCH), WINNT) -all: do-src do-cgi-src do-html do-console do-cfg do-viewurl do-inst do-ldap-stuffs do-icons -else -all: do-src do-cgi-src do-html do-console do-cfg do-inst do-ldap-stuffs do-icons +ALLTARGETS += do-viewurl endif +ALLTARGETS += do-inst do-ldap-stuffs do-icons + +all: $(ALLTARGETS) + do-src: # cd src; $(MAKE) BUILD_MODULE=HTTP_ADMIN $(MFLAGS) mkdir -p $(OBJDIR)/admin-lib Index: pkgadmin.mk =================================================================== RCS file: /cvs/dirsec/adminserver/admserv/pkgadmin.mk,v retrieving revision 1.34 retrieving revision 1.35 diff -u -r1.34 -r1.35 --- pkgadmin.mk 8 Dec 2005 02:37:25 -0000 1.34 +++ pkgadmin.mk 18 Jan 2006 18:24:20 -0000 1.35 @@ -139,6 +139,11 @@ endif endif +ifndef NOJAVA +ALLTARGETS = pkguxClient +endif +ALLTARGETS += pkguxAdmin pkgSetup pkgSBC + ifneq ($(strip $(ADM_VERSION)),) all: -if [ ! -d $(PKGTOP) ]; then \ @@ -150,7 +155,7 @@ cd $(PKGTOP); $(TAR) xf $(ADM_RELEASE)/admserv.tar else -all: pkguxClient pkguxAdmin pkgSetup pkgSBC +all: $(ALLTARGETS) endif @@ -185,8 +190,10 @@ # Note: need to do admin-nickname rather than admin-serv --MLM -$(MKDIR) $(ADMIN_DIR)/dist +ifndef NOJAVA -$(MKDIR) $(ADMIN_DIR)/java/jars -$(MKDIR) $(ADMIN_DIR)/java/html/en +endif # NOJAVA -$(MKDIR) $(ADMIN_DIR)/admin-serv -$(MKDIR) $(ADMIN_DIR)/admin-serv/config @@ -262,6 +269,7 @@ cp -p $(ADMINUTIL_LIBPATH)/adminutil-properties/* $(ADMIN_DIR)/bin/admin/lib/adminutil-properties ; \ fi +ifndef NOJAVA cd $(ADMSERV_OBJDIR)/cmdln; \ cp -p admconfig $(ADMIN_DIR)/bin/admin; @@ -269,6 +277,7 @@ find *.html *.gif *.jpg | $(CPIO) $(ADMIN_DIR)/java/html cd $(ADMIN_JARS)/.. ; \ find *.html | $(CPIO) $(ADMIN_DIR)/java/html/en +endif # NOJAVA cp $(BUILD_ROOT)/lib/ldaputil/certmap.conf $(ADMIN_DIR)/shared/config cp -p $(BUILD_ROOT)/admserv/cfgstuff/httpd.conf $(ADMIN_DIR)/shared/config/template/httpd.conf.tmpl

17 years, 2 months

1
0
0 / 0

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

389-commits January 2006