static struct json_object password_change_json(
struct ldb_module *module,
const struct ldb_request *request,
- const struct ldb_reply *reply)
+ const struct ldb_reply *reply,
+ bool public_key_changed)
{
struct ldb_context *ldb = NULL;
const struct dom_sid *sid = NULL;
remote = dsdb_audit_get_remote_address(ldb);
sid = dsdb_audit_get_user_sid(module);
dn = dsdb_audit_get_primary_dn(request);
- action = get_password_action(request, reply);
unique_session_token = dsdb_audit_get_unique_session_token(module);
- event_id = get_password_windows_event_id(request, reply);
-
+ if (public_key_changed) {
+ action = "Public key change";
+ event_id = EVT_ID_DIRECTORY_OBJECT_CHANGE;
+ } else {
+ action = get_password_action(request, reply);
+ event_id = get_password_windows_event_id(request, reply);
+ }
audit = json_new_object();
if (json_is_invalid(&audit)) {
goto failure;
TALLOC_CTX *mem_ctx,
struct ldb_module *module,
const struct ldb_request *request,
- const struct ldb_reply *reply)
+ const struct ldb_reply *reply,
+ bool is_public_key_change)
{
struct ldb_context *ldb = NULL;
const char *remote_host = NULL;
remote_host = dsdb_audit_get_remote_host(ldb, ctx);
sid = dsdb_audit_get_user_sid(module);
timestamp = audit_get_timestamp(ctx);
- action = get_password_action(request, reply);
+
+ if (is_public_key_change) {
+ action = "Public key change";
+ } else {
+ action = get_password_action(request, reply);
+ }
dn = dsdb_audit_get_primary_dn(request);
log_entry = talloc_asprintf(
ctx,
module,
request,
- reply);
+ reply,
+ false);
audit_log_human_text(
PASSWORD_HR_TAG,
entry,
&& audit_private->send_password_events)) {
if (password_changed) {
struct json_object json;
- json = password_change_json(module, request, reply);
+ json = password_change_json(module, request, reply, false);
audit_log_json(
&json,
DBGC_DSDB_PWD_AUDIT_JSON,
rc = gettimeofday(&tv, NULL);
assert_return_code(rc, errno);
before = tv.tv_sec;
- json = password_change_json(module, req, reply);
+ json = password_change_json(module, req, reply, false);
assert_int_equal(3, json_object_size(json.root));
rc = gettimeofday(&tv, NULL);
assert_return_code(rc, errno);
before = tv.tv_sec;
- json = password_change_json(module, req, reply);
+ json = password_change_json(module, req, reply, false);
assert_int_equal(3, json_object_size(json.root));
reply = talloc_zero(ctx, struct ldb_reply);
reply->error = LDB_SUCCESS;
- line = password_change_human_readable(ctx, module, req, reply);
+ line = password_change_human_readable(ctx, module, req, reply, false);
assert_non_null(line);
/*
reply = talloc_zero(ctx, struct ldb_reply);
reply->error = LDB_SUCCESS;
- line = password_change_human_readable(ctx, module, req, reply);
+ line = password_change_human_readable(ctx, module, req, reply, false);
assert_non_null(line);
/*
*/
will_return(__wrap_json_new_object, false);
- json = password_change_json(module, req, reply);
+ json = password_change_json(module, req, reply, false);
assert_true(json_is_invalid(&json));
will_return(__wrap_json_new_object, true);
will_return(__wrap_json_add_version, JSON_ERROR);
- json = password_change_json(module, req, reply);
+ json = password_change_json(module, req, reply, false);
assert_true(json_is_invalid(&json));
/*
will_return(__wrap_json_add_version, 0);
will_return(__wrap_json_new_object, false);
- json = password_change_json(module, req, reply);
+ json = password_change_json(module, req, reply, false);
assert_true(json_is_invalid(&json));
/*
will_return(__wrap_json_new_object, true);
will_return(__wrap_json_add_timestamp, JSON_ERROR);
- json = password_change_json(module, req, reply);
+ json = password_change_json(module, req, reply, false);
assert_true(json_is_invalid(&json));
/*
will_return(__wrap_json_new_object, true);
will_return(__wrap_json_add_timestamp, 0);
- json = password_change_json(module, req, reply);
+ json = password_change_json(module, req, reply, false);
assert_false(json_is_invalid(&json));
json_free(&json);
projects / thirdparty / samba.git / commitdiff
