The Samba-Bugzilla – Attachment 7104 Details for
Bug 8561
Password change settings not fully observed
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
git-am fix for 3.5.x.
0001-Fix-bug-8561-Password-change-settings-not-fully-obse.patch (text/plain), 4.34 KB, created by
Jeremy Allison
on 2011-11-15 21:31:16 UTC
(
hide
)
Description:
git-am fix for 3.5.x.
Filename:
MIME Type:
Creator:
Jeremy Allison
Created:
2011-11-15 21:31:16 UTC
Size:
4.34 KB
patch
obsolete
>From c2e15f390d11d09bd9ae1f7be800967c818ac720 Mon Sep 17 00:00:00 2001 >From: Jeremy Allison <jra@samba.org> >Date: Tue, 15 Nov 2011 13:30:22 -0800 >Subject: [PATCH] Fix bug #8561 - Password change settings not fully observed. > >--- > source3/include/proto.h | 1 + > source3/passdb/pdb_get_set.c | 40 +++++++++++++++++++++++++++++++++---- > source3/rpc_server/srv_samr_nt.c | 2 +- > 3 files changed, 37 insertions(+), 6 deletions(-) > >diff --git a/source3/include/proto.h b/source3/include/proto.h >index 2e04ca1..579fc1b 100644 >--- a/source3/include/proto.h >+++ b/source3/include/proto.h >@@ -4492,6 +4492,7 @@ bool pdb_set_group_sid_from_rid (struct samu *sampass, uint32 grid, enum pdb_val > > /* The following definitions come from passdb/pdb_get_set.c */ > >+bool pdb_is_password_change_time_max(time_t test_time); > uint32 pdb_get_acct_ctrl(const struct samu *sampass); > time_t pdb_get_logon_time(const struct samu *sampass); > time_t pdb_get_logoff_time(const struct samu *sampass); >diff --git a/source3/passdb/pdb_get_set.c b/source3/passdb/pdb_get_set.c >index 6126517..678dc61 100644 >--- a/source3/passdb/pdb_get_set.c >+++ b/source3/passdb/pdb_get_set.c >@@ -37,6 +37,36 @@ > #define PDB_NOT_QUITE_NULL "" > > /********************************************************************* >+ Test if a change time is a max value. Copes with old and new values >+ of max. >+ ********************************************************************/ >+ >+bool pdb_is_password_change_time_max(time_t test_time) >+{ >+ if (test_time == get_time_t_max()) { >+ return true; >+ } >+#if (defined(SIZEOF_TIME_T) && (SIZEOF_TIME_T == 8)) >+ if (test_time == 0x7FFFFFFFFFFFFFFFLL) { >+ return true; >+ } >+#endif >+ if (test_time == 0x7FFFFFFF) { >+ return true; >+ } >+ return false; >+} >+ >+/********************************************************************* >+ Return an unchanging version of max password change time - 0x7FFFFFFF. >+ ********************************************************************/ >+ >+time_t pdb_password_change_time_max(void) >+{ >+ return 0x7FFFFFFF; >+} >+ >+/********************************************************************* > Collection of get...() functions for struct samu. > ********************************************************************/ > >@@ -84,7 +114,7 @@ time_t pdb_get_pass_can_change_time(const struct samu *sampass) > we're trying to update this real value from the sampass > to indicate that the user cannot change their password. jmcd > */ >- if (sampass->pass_can_change_time == get_time_t_max() && >+ if (pdb_is_password_change_time_max(sampass->pass_can_change_time) && > pdb_get_init_flags(sampass, PDB_CANCHANGETIME) == PDB_CHANGED) > return sampass->pass_can_change_time; > >@@ -110,18 +140,18 @@ time_t pdb_get_pass_must_change_time(const struct samu *sampass) > return (time_t) 0; > > if (sampass->acct_ctrl & ACB_PWNOEXP) >- return get_time_t_max(); >+ return pdb_password_change_time_max(); > > if (!pdb_get_account_policy(PDB_POLICY_MAX_PASSWORD_AGE, &expire) > || expire == (uint32)-1 || expire == 0) >- return get_time_t_max(); >+ return pdb_password_change_time_max(); > > return sampass->pass_last_set_time + expire; > } > > bool pdb_get_pass_can_change(const struct samu *sampass) > { >- if (sampass->pass_can_change_time == get_time_t_max() && >+ if (pdb_is_password_change_time_max(sampass->pass_can_change_time) && > sampass->pass_last_set_time != 0) > return False; > return True; >@@ -1001,7 +1031,7 @@ bool pdb_set_backend_private_data(struct samu *sampass, void *private_data, > bool pdb_set_pass_can_change(struct samu *sampass, bool canchange) > { > return pdb_set_pass_can_change_time(sampass, >- canchange ? 0 : get_time_t_max(), >+ canchange ? 0 : pdb_password_change_time_max(), > PDB_CHANGED); > } > >diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c >index e98e4aa..487fb3d 100644 >--- a/source3/rpc_server/srv_samr_nt.c >+++ b/source3/rpc_server/srv_samr_nt.c >@@ -2877,7 +2877,7 @@ static NTSTATUS get_user_info_21(TALLOC_CTX *mem_ctx, > unix_to_nt_time(&r->allow_password_change, pdb_get_pass_can_change_time(pw)); > > must_change_time = pdb_get_pass_must_change_time(pw); >- if (must_change_time == get_time_t_max()) { >+ if (pdb_is_password_change_time_max(must_change_time)) { > unix_to_nt_time_abs(&force_password_change, must_change_time); > } else { > unix_to_nt_time(&force_password_change, must_change_time); >-- >1.7.3.1 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Flags:
metze
:
review+
Actions:
View
Attachments on
bug 8561
:
7050
|
7055
| 7104 |
7105