Author: Vince Brimhall Subject: Passdb backend update_login_attempts --- source/auth/auth_sam.c +++ source/auth/auth_sam.c 2005-03-01 11:57:06.559571770 -0700 @@ -258,6 +258,11 @@ nt_status = sam_password_ok(auth_context, mem_ctx, sampass, user_info, &user_sess_key, &lm_sess_key); + /* Notify passdb backend of login success/failure. If not NT_STATUS_OK the backend doesn't like the login */ + NTSTATUS update_login_attempts_status = pdb_update_login_attempts(sampass, NT_STATUS_IS_OK(nt_status)); + if (!NT_STATUS_IS_OK(update_login_attempts_status)) + nt_status = update_login_attempts_status; + if (!NT_STATUS_IS_OK(nt_status)) { if (NT_STATUS_EQUAL(nt_status,NT_STATUS_WRONG_PASSWORD) && pdb_get_acct_ctrl(sampass) &ACB_NORMAL) { --- source/include/passdb.h +++ source/include/passdb.h 2005-03-01 11:57:14.995553783 -0700 @@ -241,7 +241,7 @@ * this SAMBA will load. Increment this if *ANY* changes are made to the interface. */ -#define PASSDB_INTERFACE_VERSION 6 +#define PASSDB_INTERFACE_VERSION 7 typedef struct pdb_context { @@ -267,6 +267,9 @@ NTSTATUS (*pdb_delete_sam_account)(struct pdb_context *, SAM_ACCOUNT *username); + NTSTATUS (*pdb_update_login_attempts)(struct pdb_context *context, + SAM_ACCOUNT *sam_acct, BOOL success); + NTSTATUS (*pdb_getgrsid)(struct pdb_context *context, GROUP_MAP *map, DOM_SID sid); NTSTATUS (*pdb_getgrgid)(struct pdb_context *context, GROUP_MAP *map, gid_t gid); @@ -365,6 +368,9 @@ NTSTATUS (*delete_sam_account)(struct pdb_methods *, SAM_ACCOUNT *username); + NTSTATUS (*update_login_attempts)(struct pdb_methods *methods, + SAM_ACCOUNT *sam_acct, BOOL success); + NTSTATUS (*getgrsid)(struct pdb_methods *methods, GROUP_MAP *map, DOM_SID sid); NTSTATUS (*getgrgid)(struct pdb_methods *methods, GROUP_MAP *map, gid_t gid); --- source/passdb/pdb_interface.c +++ source/passdb/pdb_interface.c 2005-03-01 11:57:14.544608200 -0700 @@ -325,6 +325,26 @@ return sam_acct->methods->delete_sam_account(sam_acct->methods, sam_acct); } +static NTSTATUS context_update_login_attempts(struct pdb_context *context, + SAM_ACCOUNT *sam_acct, + BOOL success) +{ + NTSTATUS ret = NT_STATUS_UNSUCCESSFUL; + + if (!context) { + DEBUG(0, ("invalid pdb_context specified!\n")); + return ret; + } + + if (!sam_acct || !sam_acct->methods){ + DEBUG(0, ("invalid sam_acct specified\n")); + return ret; + } + + return sam_acct->methods-> + update_login_attempts(sam_acct->methods, sam_acct, success); +} + static NTSTATUS context_getgrsid(struct pdb_context *context, GROUP_MAP *map, DOM_SID sid) { @@ -730,6 +750,7 @@ (*context)->pdb_add_sam_account = context_add_sam_account; (*context)->pdb_update_sam_account = context_update_sam_account; (*context)->pdb_delete_sam_account = context_delete_sam_account; + (*context)->pdb_update_login_attempts = context_update_login_attempts; (*context)->pdb_getgrsid = context_getgrsid; (*context)->pdb_getgrgid = context_getgrgid; (*context)->pdb_getgrnam = context_getgrnam; @@ -972,6 +993,17 @@ return NT_STATUS_IS_OK(pdb_context->pdb_delete_sam_account(pdb_context, sam_acct)); } +NTSTATUS pdb_update_login_attempts(SAM_ACCOUNT *sam_acct, BOOL success) +{ + struct pdb_context *pdb_context = pdb_get_static_context(False); + + if (!pdb_context) { + return NT_STATUS_NOT_IMPLEMENTED; + } + + return pdb_context->pdb_update_login_attempts(pdb_context, sam_acct, success); +} + BOOL pdb_getgrsid(GROUP_MAP *map, DOM_SID sid) { struct pdb_context *pdb_context = pdb_get_static_context(False); @@ -1244,6 +1276,11 @@ return NT_STATUS_NOT_IMPLEMENTED; } +static NTSTATUS pdb_default_update_login_attempts (struct pdb_methods *methods, SAM_ACCOUNT *newpwd, BOOL success) +{ + return NT_STATUS_OK; +} + static NTSTATUS pdb_default_setsampwent(struct pdb_methods *methods, BOOL update, uint16 acb_mask) { return NT_STATUS_NOT_IMPLEMENTED; @@ -1277,6 +1314,7 @@ (*methods)->add_sam_account = pdb_default_add_sam_account; (*methods)->update_sam_account = pdb_default_update_sam_account; (*methods)->delete_sam_account = pdb_default_delete_sam_account; + (*methods)->update_login_attempts = pdb_default_update_login_attempts; (*methods)->getgrsid = pdb_default_getgrsid; (*methods)->getgrgid = pdb_default_getgrgid;