Attachment 4283 Details for Bug 6471 – Proposed patch for disactivating the check of password expiration.

[patch] Proposed patch for disactivating the check of password expiration.

password_expire_with_kpasswd.patch (text/plain), 1.14 KB, created by Matthieu Patou on 2009-06-13 14:07:03 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Matthieu Patou

Created: 2009-06-13 14:07:03 UTC

Size: 1.14 KB

patch

obsolete

>diff --git a/source4/heimdal/kdc/kerberos5.c b/source4/heimdal/kdc/kerberos5.c
>index 941a2e0..2749a9c 100644
>--- a/source4/heimdal/kdc/kerberos5.c
>+++ b/source4/heimdal/kdc/kerberos5.c
>@@ -1352,6 +1352,11 @@ _kdc_as_rep(krb5_context context,
>     if(ret)
> 	goto out;
> 
>+    if (!strncmp(server_name,"kadmin/changepw@",16)) {
>+      /* Set change_pw flag for the client so that in kdc-glue.c accountExpire could be modified */
>+      client->entry.flags.change_pw = 1;
>+      
>+    }
>     ret = _kdc_windc_client_access(context, client, req, &e_data);
>     if(ret)
> 	goto out;
>diff --git a/source4/kdc/pac-glue.c b/source4/kdc/pac-glue.c
>index 411e752..ef6d5a6 100644
>--- a/source4/kdc/pac-glue.c
>+++ b/source4/kdc/pac-glue.c
>@@ -272,6 +272,13 @@ krb5_error_code samba_kdc_check_client_access(void *priv,
> 		}
> 	}
> 
>+  if (entry_ex->entry.flags.change_pw && entry_ex->entry.flags.client) {
>+    
>+    struct ldb_val *v = ldb_msg_find_ldb_val(p->msg, "pwdLastSet");
>+    char* oldExpire = v->data;
>+    v->data="9223372036854775807";
>+    v->length=19;
>+  }
> 	/* we allow all kinds of trusts here */
> 	nt_status = authsam_account_ok(tmp_ctx, 
> 				       p->samdb,

Actions: View

Attachments on bug 6471: 4283 | 4289