Univention Bugzilla – Attachment 3900 Details for
Bug 24703
Passwort Rotation auf S4 Servern
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch für das Quellpaket ldb, der ein neues Modul univention_machine_secret hinzufügt.
add_ldb_module_univention_machine_secret.patch (text/plain), 7.47 KB, created by
Arvid Requate
on 2011-11-25 14:24 CET
(
hide
)
Description:
Patch für das Quellpaket ldb, der ein neues Modul univention_machine_secret hinzufügt.
Filename:
MIME Type:
Creator:
Arvid Requate
Created:
2011-11-25 14:24 CET
Size:
7.47 KB
patch
obsolete
>This Patch adds an example LDB module "univention_machine_secret" to the source package ldb. > >Below you find an example script that can be used to register the module with /var/tmp/secrets.ldb. > >------------------------------------------------------------ >#!/bin/sh > >LDB_FILE='/var/tmp/secrets.ldb' >ADDITIONAL_MODULE='univention_machine_secret' > ># Order matters: the samba_secrets module must come last >current_modules=$(ldbsearch -H "$LDB_FILE" -b '@MODULES' -s base @LIST | sed -n 's/@LIST: \(.*\)/\1/p') > >ldif() { > echo "dn: @MODULES" > echo "changetype: modify" > echo "replace: @LIST" > echo "@LIST: $ADDITIONAL_MODULE" > for module in $current_modules; do > echo "@LIST: $module" > done >} > >ldif | ldbmodify -H "$LDB_FILE" >------------------------------------------------------------ > > >diff -Nuar ldb-1.1.2.orig/modules/univention_machine_secret.c ldb-1.1.2/modules/univention_machine_secret.c >--- ldb-1.1.2.orig/modules/univention_machine_secret.c 1970-01-01 01:00:00.000000000 +0100 >+++ ldb-1.1.2/modules/univention_machine_secret.c 2011-10-20 23:51:04.000000000 +0200 >@@ -0,0 +1,151 @@ >+/* >+ * Samba LDB module univention_machine_secret >+ * sample LDB Module for storing /tmp/machine.secret >+ * >+ * Copyright 2011-2012 Univention GmbH >+ * >+ * http://www.univention.de/ >+ * >+ * All rights reserved. >+ * >+ * The source code of this program is made available >+ * under the terms of the GNU Affero General Public License version 3 >+ * (GNU AGPL V3) as published by the Free Software Foundation. >+ * >+ * Binary versions of this program provided by Univention to you as >+ * well as other copyrighted, protected or trademarked materials like >+ * Logos, graphics, fonts, specific documentations and configurations, >+ * cryptographic keys etc. are subject to a license agreement between >+ * you and Univention and not subject to the GNU AGPL V3. >+ * >+ * In the case you use this program under the terms of the GNU AGPL V3, >+ * the program is provided in the hope that it will be useful, >+ * but WITHOUT ANY WARRANTY; without even the implied warranty of >+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the >+ * GNU Affero General Public License for more details. >+ * >+ * You should have received a copy of the GNU Affero General Public >+ * License with the Debian GNU/Linux or Univention distribution in file >+ * /usr/share/common-licenses/AGPL-3; if not, see >+ * <http://www.gnu.org/licenses/>. >+ */ >+ >+/* univention_machine_secret was derived from the tests/sample_module >+ >+ Unix SMB/CIFS implementation. >+ Samba utility functions >+ Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2007 >+ >+ ** NOTE! The following LGPL license applies to the ldb >+ ** library. This does NOT imply that all of Samba is released >+ ** under the LGPL >+ >+ This library is free software; you can redistribute it and/or >+ modify it under the terms of the GNU Lesser General Public >+ License as published by the Free Software Foundation; either >+ version 3 of the License, or (at your option) any later version. >+ >+ This library is distributed in the hope that it will be useful, >+ but WITHOUT ANY WARRANTY; without even the implied warranty of >+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU >+ Lesser General Public License for more details. >+ >+ You should have received a copy of the GNU Lesser General Public >+ License along with this library; if not, see <http://www.gnu.org/licenses/>. >+*/ >+ >+#include "ldb_module.h" >+#include <unistd.h> >+#include <fcntl.h> >+ >+static int univention_machine_secret_add(struct ldb_module *module, struct ldb_request *req) >+{ >+ struct ldb_message_element *attribute; >+ struct ldb_context *ldb; >+ TALLOC_CTX *tmp_ctx; >+ char hostname[256]; >+ struct ldb_result *res = NULL; >+ int fd; >+ int ret; >+ ldb = ldb_module_get_ctx(module); >+ ldb_debug(ldb, LDB_DEBUG_TRACE, ("LDB_univention_machine_secret: ldb_add\n")); >+ >+ ret = ldb_next_request(module, req); >+ >+ if ( ret == LDB_SUCCESS ) { >+ attribute = ldb_msg_find_element(req->op.add.message, "secret"); >+ if (attribute) { >+ ldb = ldb_module_get_ctx(module); >+ tmp_ctx = talloc_new(module); >+ hostname[255] = '\0'; >+ gethostname(hostname, 255); >+ static const char * const attrs[] = { "dn", NULL }; >+ ret = ldb_search(ldb, tmp_ctx, &res, req->op.mod.message->dn, LDB_SCOPE_BASE, attrs, "samAccountName=%s$", hostname); >+ if ( ret == LDB_SUCCESS && attribute->num_values == 1 ) { >+ ldb_debug(ldb, LDB_DEBUG_TRACE, ("LDB_univention_machine_secret: ldb_add: secret modified: %s\n", (const char *)attribute->values[0].data)); >+ fd = open("/tmp/machine.secret", O_WRONLY |O_CREAT |O_TRUNC); >+ if (fd != -1) { >+ write(fd, (const char *)attribute->values[0].data, attribute->values[0].length); >+ close(fd); >+ } else { >+ ldb_debug(ldb, LDB_DEBUG_ERROR, ("LDB_univention_machine_secret: error opening file /tmp/machine.secret\n")); >+ } >+ } >+ talloc_free(tmp_ctx); >+ } >+ } >+ >+ return ret; >+} >+ >+static int univention_machine_secret_modify(struct ldb_module *module, struct ldb_request *req) >+{ >+ struct ldb_message_element *attribute; >+ struct ldb_context *ldb; >+ TALLOC_CTX *tmp_ctx; >+ char hostname[256]; >+ struct ldb_result *res = NULL; >+ int fd; >+ int ret; >+ ldb = ldb_module_get_ctx(module); >+ ldb_debug(ldb, LDB_DEBUG_TRACE, ("LDB_univention_machine_secret: ldb_modify\n")); >+ >+ ret = ldb_next_request(module, req); >+ >+ if ( ret == LDB_SUCCESS ) { >+ attribute = ldb_msg_find_element(req->op.mod.message, "secret"); >+ if (attribute) { >+ ldb = ldb_module_get_ctx(module); >+ tmp_ctx = talloc_new(module); >+ hostname[255] = '\0'; >+ gethostname(hostname, 255); >+ static const char * const attrs[] = { "dn", NULL }; >+ ret = ldb_search(ldb, tmp_ctx, &res, req->op.mod.message->dn, LDB_SCOPE_BASE, attrs, "samAccountName=%s$", hostname); >+ if ( ret == LDB_SUCCESS && attribute->num_values == 1 ) { >+ ldb_debug(ldb, LDB_DEBUG_TRACE, ("LDB_univention_machine_secret: ldb_modify: secret modified: %s\n", (const char *)attribute->values[0].data)); >+ fd = open("/tmp/machine.secret", O_WRONLY |O_CREAT |O_TRUNC); >+ if (fd != -1) { >+ write(fd, (const char *)attribute->values[0].data, attribute->values[0].length); >+ close(fd); >+ } else { >+ ldb_debug(ldb, LDB_DEBUG_ERROR, ("LDB_univention_machine_secret: error opening file /tmp/machine.secret\n")); >+ } >+ } >+ talloc_free(tmp_ctx); >+ } >+ } >+ >+ return ret; >+} >+ >+static struct ldb_module_ops ldb_univention_machine_secret_module_ops = { >+ .name = "univention_machine_secret", >+ .add = univention_machine_secret_add, >+ .modify = univention_machine_secret_modify, >+}; >+ >+int ldb_univention_machine_secret_init(const char *version) >+{ >+ LDB_MODULE_CHECK_VERSION(version); >+ return ldb_register_module(&ldb_univention_machine_secret_module_ops); >+} >diff -Nuar ldb-1.1.2.orig/wscript ldb-1.1.2/wscript >--- ldb-1.1.2.orig/wscript 2011-10-20 23:43:33.000000000 +0200 >+++ ldb-1.1.2/wscript 2011-10-20 23:40:39.000000000 +0200 >@@ -204,6 +204,14 @@ > deps='ldb', > subsystem='ldb') > >+ bld.SAMBA_MODULE('ldb_univention_machine_secret', >+ 'modules/univention_machine_secret.c', >+ init_function='ldb_univention_machine_secret_init', >+ internal_module=False, >+ module_init_name='ldb_init_module', >+ deps='ldb', >+ subsystem='ldb') >+ > bld.SAMBA_MODULE('ldb_sample', > 'tests/sample_module.c', > init_function='ldb_sample_init',
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
Actions:
View
|
Diff
Attachments on
bug 24703
: 3900 |
3969
|
4508
|
4509