The Samba-Bugzilla – Attachment 5179 Details for
Bug 4347
check password history before incrasing badPasswordCount
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch to fix the unlock regression.
0001-s3-auth-fix-account-unlock-regression-introduced-wit.patch (text/plain), 2.77 KB, created by
Michael Adam
on 2010-01-14 08:16:11 UTC
(
hide
)
Description:
Patch to fix the unlock regression.
Filename:
MIME Type:
Creator:
Michael Adam
Created:
2010-01-14 08:16:11 UTC
Size:
2.77 KB
patch
obsolete
>From 179e63ae9aa93984ea3d237c1039460c5acf01a5 Mon Sep 17 00:00:00 2001 >From: Michael Adam <obnox@samba.org> >Date: Thu, 14 Jan 2010 14:24:35 +0100 >Subject: [PATCH] s3:auth: fix account unlock regression introduced with fix for bug #4347 >MIME-Version: 1.0 >Content-Type: text/plain; charset=utf-8 >Content-Transfer-Encoding: 8bit > >By an oversight, the patchset for #4347 made the unlocking of a locked >account after the lockout duration ineffective. >Thanks to Björn for finding this! > >Michael >--- > source3/auth/auth_sam.c | 12 +++++------- > 1 files changed, 5 insertions(+), 7 deletions(-) > >diff --git a/source3/auth/auth_sam.c b/source3/auth/auth_sam.c >index 1dd8fc9..01b2517 100644 >--- a/source3/auth/auth_sam.c >+++ b/source3/auth/auth_sam.c >@@ -369,7 +369,6 @@ static NTSTATUS check_sam_security(const struct auth_context *auth_context, > DATA_BLOB user_sess_key = data_blob_null; > DATA_BLOB lm_sess_key = data_blob_null; > bool updated_autolock = False, updated_badpw = False; >- uint32_t acct_ctrl; > const char *username; > const uint8_t *nt_pw; > const uint8_t *lm_pw; >@@ -399,22 +398,21 @@ static NTSTATUS check_sam_security(const struct auth_context *auth_context, > return NT_STATUS_NO_SUCH_USER; > } > >- acct_ctrl = pdb_get_acct_ctrl(sampass); > username = pdb_get_username(sampass); > nt_pw = pdb_get_nt_passwd(sampass); > lm_pw = pdb_get_lanman_passwd(sampass); > > /* see if autolock flag needs to be updated */ >- if (acct_ctrl & ACB_NORMAL) >+ if (pdb_get_acct_ctrl(sampass) & ACB_NORMAL) > pdb_update_autolock_flag(sampass, &updated_autolock); > /* Quit if the account was locked out. */ >- if (acct_ctrl & ACB_AUTOLOCK) { >+ if (pdb_get_acct_ctrl(sampass) & ACB_AUTOLOCK) { > DEBUG(3,("check_sam_security: Account for user %s was locked out.\n", username)); > return NT_STATUS_ACCOUNT_LOCKED_OUT; > } > > nt_status = sam_password_ok(auth_context, mem_ctx, >- username, acct_ctrl, lm_pw, nt_pw, >+ username, pdb_get_acct_ctrl(sampass), lm_pw, nt_pw, > user_info, &user_sess_key, &lm_sess_key); > > /* Notify passdb backend of login success/failure. If not >@@ -426,7 +424,7 @@ static NTSTATUS check_sam_security(const struct auth_context *auth_context, > bool increment_bad_pw_count = false; > > if (NT_STATUS_EQUAL(nt_status,NT_STATUS_WRONG_PASSWORD) && >- acct_ctrl & ACB_NORMAL && >+ pdb_get_acct_ctrl(sampass) & ACB_NORMAL && > NT_STATUS_IS_OK(update_login_attempts_status)) > { > increment_bad_pw_count = >@@ -457,7 +455,7 @@ static NTSTATUS check_sam_security(const struct auth_context *auth_context, > goto done; > } > >- if ((acct_ctrl & ACB_NORMAL) && >+ if ((pdb_get_acct_ctrl(sampass) & ACB_NORMAL) && > (pdb_get_bad_password_count(sampass) > 0)){ > pdb_set_bad_password_count(sampass, 0, PDB_CHANGED); > pdb_set_bad_password_time(sampass, 0, PDB_CHANGED); >-- >1.6.3.3 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=5179">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Flags:
bjacke
:
review+
Actions:
View
Attachments on
bug 4347
:
5144
|
5145
|
5169
| 5179