The Samba-Bugzilla – Attachment 2719 Details for
Bug 4630
Endless Password Expiration in 3.0.25
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Complete patch
patch-3.0.25.diff (text/plain), 10.59 KB, created by
Gerald (Jerry) Carter (dead mail address)
on 2007-05-22 07:20:42 UTC
(
hide
)
Description:
Complete patch
Filename:
MIME Type:
Creator:
Gerald (Jerry) Carter (dead mail address)
Created:
2007-05-22 07:20:42 UTC
Size:
10.59 KB
patch
obsolete
>Index: samba-3.0.25/source/configure.in >=================================================================== >--- samba-3.0.25.orig/source/configure.in 2007-05-21 15:46:31.000000000 -0500 >+++ samba-3.0.25/source/configure.in 2007-05-21 15:46:40.000000000 -0500 >@@ -1936,6 +1936,14 @@ > fi > > >+AC_CACHE_CHECK([for 64 bit time_t],samba_cv_SIZEOF_TIME_T,[ >+AC_TRY_RUN([#include <time.h> >+main() { exit((sizeof(time_t) == 8) ? 0 : 1); }], >+samba_cv_SIZEOF_TIME_T=yes,samba_cv_SIZEOF_TIME_T=no,samba_cv_SIZEOF_TIME_T=cross)]) >+if test x"$samba_cv_SIZEOF_TIME_T" = x"yes"; then >+ AC_DEFINE(SIZEOF_TIME_T,8,[The size of the 'time_t' type]) >+fi >+ > AC_CACHE_CHECK([for 64 bit off_t],samba_cv_SIZEOF_OFF_T,[ > AC_TRY_RUN([#include <stdio.h> > #include <sys/stat.h> >Index: samba-3.0.25/source/lib/time.c >=================================================================== >--- samba-3.0.25.orig/source/lib/time.c 2007-05-21 15:46:31.000000000 -0500 >+++ samba-3.0.25/source/lib/time.c 2007-05-21 15:46:40.000000000 -0500 >@@ -95,7 +95,13 @@ > if (t == (time_t)-1) { > *nt = (NTTIME)-1LL; > return; >- } >+ } >+ >+ if (t == TIME_T_MAX) { >+ *nt = 0x7fffffffffffffffLL; >+ return; >+ } >+ > if (t == 0) { > *nt = 0; > return; >@@ -301,7 +307,9 @@ > static fstring buf; > struct tm *tm = localtime(&t); > >- if (!tm) { >+ if (t == TIME_T_MAX) { >+ slprintf(buf,sizeof(buf)-1,"never"); >+ } else if (!tm) { > slprintf(buf,sizeof(buf)-1,"%ld seconds since the Epoch",(long)t); > } else { > #ifndef HAVE_STRFTIME >@@ -554,6 +562,37 @@ > ((TIME_FIXUP_CONSTANT_INT + (uint64_t)tv->tv_sec) * 1000000)); > } > >+/************************************************************** >+ Handle conversions between time_t and uint32, taking care to >+ preserve the "special" values. >+**************************************************************/ >+ >+uint32 convert_time_t_to_uint32(time_t t) >+{ >+#if (defined(SIZEOF_TIME_T) && (SIZEOF_TIME_T == 8)) >+ /* time_t is 64-bit. */ >+ if (t == 0x8000000000000000LL) { >+ return 0x80000000; >+ } else if (t == 0x7FFFFFFFFFFFFFFFLL) { >+ return 0x7FFFFFFF; >+ } >+#endif >+ return (uint32)t; >+} >+ >+time_t convert_uint32_to_time_t(uint32 u) >+{ >+#if (defined(SIZEOF_TIME_T) && (SIZEOF_TIME_T == 8)) >+ /* time_t is 64-bit. */ >+ if (u == 0x80000000) { >+ return (time_t)0x8000000000000000LL; >+ } else if (u == 0x7FFFFFFF) { >+ return (time_t)0x7FFFFFFFFFFFFFFFLL; >+ } >+#endif >+ return (time_t)u; >+} >+ > /******************************************************************* > Yield the difference between *A and *B, in seconds, ignoring leap seconds. > ********************************************************************/ >Index: samba-3.0.25/source/passdb/passdb.c >=================================================================== >--- samba-3.0.25.orig/source/passdb/passdb.c 2007-05-21 15:46:31.000000000 -0500 >+++ samba-3.0.25/source/passdb/passdb.c 2007-05-21 15:46:40.000000000 -0500 >@@ -914,13 +914,13 @@ > goto done; > } > >- pdb_set_logon_time(sampass, logon_time, PDB_SET); >- pdb_set_logoff_time(sampass, logoff_time, PDB_SET); >- pdb_set_kickoff_time(sampass, kickoff_time, PDB_SET); >- pdb_set_bad_password_time(sampass, bad_password_time, PDB_SET); >- pdb_set_pass_can_change_time(sampass, pass_can_change_time, PDB_SET); >- pdb_set_pass_must_change_time(sampass, pass_must_change_time, PDB_SET); >- pdb_set_pass_last_set_time(sampass, pass_last_set_time, PDB_SET); >+ pdb_set_logon_time(sampass, convert_uint32_to_time_t(logon_time), PDB_SET); >+ pdb_set_logoff_time(sampass, convert_uint32_to_time_t(logoff_time), PDB_SET); >+ pdb_set_kickoff_time(sampass, convert_uint32_to_time_t(kickoff_time), PDB_SET); >+ pdb_set_bad_password_time(sampass, convert_uint32_to_time_t(bad_password_time), PDB_SET); >+ pdb_set_pass_can_change_time(sampass, convert_uint32_to_time_t(pass_can_change_time), PDB_SET); >+ pdb_set_pass_must_change_time(sampass, convert_uint32_to_time_t(pass_must_change_time), PDB_SET); >+ pdb_set_pass_last_set_time(sampass, convert_uint32_to_time_t(pass_last_set_time), PDB_SET); > > pdb_set_username(sampass, username, PDB_SET); > pdb_set_domain(sampass, domain, PDB_SET); >@@ -1102,13 +1102,13 @@ > *buf = NULL; > buflen = 0; > >- logon_time = (uint32)pdb_get_logon_time(sampass); >- logoff_time = (uint32)pdb_get_logoff_time(sampass); >- kickoff_time = (uint32)pdb_get_kickoff_time(sampass); >- bad_password_time = (uint32)pdb_get_bad_password_time(sampass); >- pass_can_change_time = (uint32)pdb_get_pass_can_change_time_noncalc(sampass); >- pass_must_change_time = (uint32)pdb_get_pass_must_change_time(sampass); >- pass_last_set_time = (uint32)pdb_get_pass_last_set_time(sampass); >+ logon_time = convert_time_t_to_uint32(pdb_get_logon_time(sampass)); >+ logoff_time = convert_time_t_to_uint32(pdb_get_logoff_time(sampass)); >+ kickoff_time = convert_time_t_to_uint32(pdb_get_kickoff_time(sampass)); >+ bad_password_time = convert_time_t_to_uint32(pdb_get_bad_password_time(sampass)); >+ pass_can_change_time = convert_time_t_to_uint32(pdb_get_pass_can_change_time_noncalc(sampass)); >+ pass_must_change_time = convert_time_t_to_uint32(pdb_get_pass_must_change_time(sampass)); >+ pass_last_set_time = convert_time_t_to_uint32(pdb_get_pass_last_set_time(sampass)); > > user_rid = pdb_get_user_rid(sampass); > group_rid = pdb_get_group_rid(sampass); >@@ -1392,7 +1392,7 @@ > LastBadPassword = pdb_get_bad_password_time(sampass); > DEBUG(7, ("LastBadPassword=%d, resettime=%d, current time=%d.\n", > (uint32) LastBadPassword, resettime, (uint32)time(NULL))); >- if (time(NULL) > (LastBadPassword + (time_t)resettime*60)){ >+ if (time(NULL) > (LastBadPassword + convert_uint32_to_time_t(resettime)*60)){ > pdb_set_bad_password_count(sampass, 0, PDB_CHANGED); > pdb_set_bad_password_time(sampass, 0, PDB_CHANGED); > if (updated) { >@@ -1445,7 +1445,7 @@ > return True; > } > >- if ((time(NULL) > (LastBadPassword + (time_t) duration * 60))) { >+ if ((time(NULL) > (LastBadPassword + convert_uint32_to_time_t(duration) * 60))) { > pdb_set_acct_ctrl(sampass, > pdb_get_acct_ctrl(sampass) & ~ACB_AUTOLOCK, > PDB_CHANGED); >Index: samba-3.0.25/source/utils/pdbedit.c >=================================================================== >--- samba-3.0.25.orig/source/utils/pdbedit.c 2007-05-21 15:46:31.000000000 -0500 >+++ samba-3.0.25/source/utils/pdbedit.c 2007-05-21 15:46:40.000000000 -0500 >@@ -285,14 +285,14 @@ > lm_passwd, > nt_passwd, > pdb_encode_acct_ctrl(pdb_get_acct_ctrl(sam_pwent),NEW_PW_FORMAT_SPACE_PADDED_LEN), >- (uint32)pdb_get_pass_last_set_time(sam_pwent)); >+ (uint32)convert_time_t_to_uint32(pdb_get_pass_last_set_time(sam_pwent))); > } else { > uid = nametouid(pdb_get_username(sam_pwent)); > printf ("%s:%lu:%s\n", pdb_get_username(sam_pwent), (unsigned long)uid, > pdb_get_fullname(sam_pwent)); > } > >- return 0; >+ return 0; > } > > /********************************************************* >Index: samba-3.0.25/source/rpc_server/srv_lsa_ds_nt.c >=================================================================== >--- samba-3.0.25.orig/source/rpc_server/srv_lsa_ds_nt.c 2007-05-21 15:46:31.000000000 -0500 >+++ samba-3.0.25/source/rpc_server/srv_lsa_ds_nt.c 2007-05-21 15:46:41.000000000 -0500 >@@ -84,16 +84,16 @@ > > basic->dnsname_ptr = 1; > init_unistr2( &basic->dns_domain, dnsdomain, UNI_STR_TERMINATE); >+ >+ /* FIXME!! We really should fill in the correct forest >+ name. Should get this information from winbindd. */ > basic->forestname_ptr = 1; > init_unistr2( &basic->forest_domain, dnsdomain, UNI_STR_TERMINATE); > } else { >- get_mydnsdomname(dnsdomain); >- strlower_m(dnsdomain); >- >- basic->dnsname_ptr = 1; >- init_unistr2( &basic->dns_domain, dnsdomain, UNI_FLAGS_NONE); >- basic->forestname_ptr = 1; >- init_unistr2( &basic->forest_domain, dnsdomain, UNI_FLAGS_NONE); >+ /* security = domain should not fill in the dns or >+ forest name */ >+ basic->dnsname_ptr = 0; >+ basic->forestname_ptr = 0; > } > > *info = basic; >Index: samba-3.0.25/source/passdb/lookup_sid.c >=================================================================== >--- samba-3.0.25.orig/source/passdb/lookup_sid.c 2007-05-21 15:46:30.000000000 -0500 >+++ samba-3.0.25/source/passdb/lookup_sid.c 2007-05-21 15:46:41.000000000 -0500 >@@ -1329,7 +1329,6 @@ > > if (!winbind_uid_to_sid(psid, uid)) { > if (!winbind_ping()) { >- DEBUG(2, ("WARNING: Winbindd not running, mapping ids with legacy code\n")); > legacy_uid_to_sid(psid, uid); > return; > } >@@ -1359,7 +1358,6 @@ > > if (!winbind_gid_to_sid(psid, gid)) { > if (!winbind_ping()) { >- DEBUG(2, ("WARNING: Winbindd not running, mapping ids with legacy code\n")); > legacy_gid_to_sid(psid, gid); > return; > } >@@ -1393,7 +1391,6 @@ > > if (!winbind_sid_to_uid(puid, psid)) { > if (!winbind_ping()) { >- DEBUG(2, ("WARNING: Winbindd not running, mapping ids with legacy code\n")); > return legacy_sid_to_uid(psid, puid); > } > >@@ -1432,7 +1429,6 @@ > > if ( !winbind_sid_to_gid(pgid, psid) ) { > if (!winbind_ping()) { >- DEBUG(2, ("WARNING: Winbindd not running, mapping ids with legacy code\n")); > return legacy_sid_to_gid(psid, pgid); > } > >Index: samba-3.0.25/source/smbd/uid.c >=================================================================== >--- samba-3.0.25.orig/source/smbd/uid.c 2007-05-21 15:46:29.000000000 -0500 >+++ samba-3.0.25/source/smbd/uid.c 2007-05-21 15:46:42.000000000 -0500 >@@ -156,7 +156,9 @@ > char group_c; > BOOL must_free_token = False; > NT_USER_TOKEN *token = NULL; >- >+ int num_groups = 0; >+ gid_t *group_list = NULL; >+ > if (!conn) { > DEBUG(2,("change_to_user: Connection not open\n")); > return(False); >@@ -195,14 +197,14 @@ > if (conn->force_user) /* security = share sets this too */ { > uid = conn->uid; > gid = conn->gid; >- current_user.ut.groups = conn->groups; >- current_user.ut.ngroups = conn->ngroups; >+ group_list = conn->groups; >+ num_groups = conn->ngroups; > token = conn->nt_user_token; > } else if (vuser) { > uid = conn->admin_user ? 0 : vuser->uid; > gid = vuser->gid; >- current_user.ut.ngroups = vuser->n_groups; >- current_user.ut.groups = vuser->groups; >+ num_groups = vuser->n_groups; >+ group_list = vuser->groups; > token = vuser->nt_user_token; > } else { > DEBUG(2,("change_to_user: Invalid vuid used %d in accessing " >@@ -235,8 +237,8 @@ > */ > > int i; >- for (i = 0; i < current_user.ut.ngroups; i++) { >- if (current_user.ut.groups[i] == conn->gid) { >+ for (i = 0; i < num_groups; i++) { >+ if (group_list[i] == conn->gid) { > gid = conn->gid; > gid_to_sid(&token->user_sids[1], gid); > break; >@@ -248,6 +250,12 @@ > } > } > >+ /* Now set current_user since we will immediately also call >+ set_sec_ctx() */ >+ >+ current_user.ut.ngroups = num_groups; >+ current_user.ut.groups = group_list; >+ > set_sec_ctx(uid, gid, current_user.ut.ngroups, current_user.ut.groups, > token); >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 4630
:
2704
|
2705
|
2714
| 2719