svn commit: samba r8454 - branches/SAMBA_3_0/source/param branches/SAMBA_3_0/source/smbd trunk/source/param trunk/source/smbd

gd at samba.org gd at samba.org
Thu Jul 14 08:02:12 GMT 2005 

Author: gd
Date: 2005-07-14 08:02:10 +0000 (Thu, 14 Jul 2005)
New Revision: 8454

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=8454

Log:
Fix Bug #2502

Removing deprecated lp_min_password_length (the same functionality is
provided by the account policy).

Note that we now allow to set passwords less then 5 chars (if the admins
decides to do so by setting the account policy).

Thanks to Daniel Beschorner <db at unit-netz.de>

Guenther

Modified:
   branches/SAMBA_3_0/source/param/loadparm.c
   branches/SAMBA_3_0/source/smbd/chgpasswd.c
   trunk/source/param/loadparm.c
   trunk/source/smbd/chgpasswd.c


Changeset:
Modified: branches/SAMBA_3_0/source/param/loadparm.c
===================================================================
--- branches/SAMBA_3_0/source/param/loadparm.c	2005-07-14 07:35:48 UTC (rev 8453)
+++ branches/SAMBA_3_0/source/param/loadparm.c	2005-07-14 08:02:10 UTC (rev 8454)
@@ -221,7 +221,6 @@
 	int machine_password_timeout;
 	int change_notify_timeout;
 	int map_to_guest;
-	int min_passwd_length;
 	int oplock_break_wait_time;
 	int winbind_cache_time;
 	int winbind_max_idle_children;
@@ -823,8 +822,6 @@
 	{"server schannel", P_ENUM, P_GLOBAL, &Globals.serverSchannel, NULL, enum_bool_auto, FLAG_BASIC | FLAG_ADVANCED}, 
 	{"allow trusted domains", P_BOOL, P_GLOBAL, &Globals.bAllowTrustedDomains, NULL, NULL, FLAG_ADVANCED}, 
 	{"hosts equiv", P_STRING, P_GLOBAL, &Globals.szHostsEquiv, NULL, NULL, FLAG_ADVANCED}, 
-	{"min password length", P_INTEGER, P_GLOBAL, &Globals.min_passwd_length, NULL, NULL, FLAG_DEPRECATED}, 
-	{"min passwd length", P_INTEGER, P_GLOBAL, &Globals.min_passwd_length, NULL, NULL, FLAG_DEPRECATED}, 
 	{"map to guest", P_ENUM, P_GLOBAL, &Globals.map_to_guest, NULL, enum_map_to_guest, FLAG_ADVANCED}, 
 	{"null passwords", P_BOOL, P_GLOBAL, &Globals.bNullPasswords, NULL, NULL, FLAG_ADVANCED}, 
 	{"obey pam restrictions", P_BOOL, P_GLOBAL, &Globals.bObeyPamRestrictions, NULL, NULL, FLAG_ADVANCED}, 
@@ -1491,7 +1488,6 @@
 	/* Note, that we will use NTLM2 session security (which is different), if it is available */
 
 	Globals.map_to_guest = 0;	/* By Default, "Never" */
-	Globals.min_passwd_length = MINPASSWDLENGTH;	/* By Default, 5. */
 	Globals.oplock_break_wait_time = 0;	/* By Default, 0 msecs. */
 	Globals.enhanced_browsing = True; 
 	Globals.iLockSpinCount = 3; /* Try 3 times. */
@@ -1882,7 +1878,6 @@
 FN_GLOBAL_INTEGER(lp_machine_password_timeout, &Globals.machine_password_timeout)
 FN_GLOBAL_INTEGER(lp_change_notify_timeout, &Globals.change_notify_timeout)
 FN_GLOBAL_INTEGER(lp_map_to_guest, &Globals.map_to_guest)
-FN_GLOBAL_INTEGER(lp_min_passwd_length, &Globals.min_passwd_length)
 FN_GLOBAL_INTEGER(lp_oplock_break_wait_time, &Globals.oplock_break_wait_time)
 FN_GLOBAL_INTEGER(lp_lock_spin_count, &Globals.iLockSpinCount)
 FN_GLOBAL_INTEGER(lp_lock_sleep_time, &Globals.iLockSpinTime)

Modified: branches/SAMBA_3_0/source/smbd/chgpasswd.c
===================================================================
--- branches/SAMBA_3_0/source/smbd/chgpasswd.c	2005-07-14 07:35:48 UTC (rev 8453)
+++ branches/SAMBA_3_0/source/smbd/chgpasswd.c	2005-07-14 08:02:10 UTC (rev 8454)
@@ -1017,7 +1017,6 @@
 		return NT_STATUS_ACCOUNT_RESTRICTION;
 	}
 
-	/* FIXME: AP_MIN_PASSWORD_LEN and lp_min_passwd_length() need to be merged - gd */
 	if (account_policy_get(AP_MIN_PASSWORD_LEN, &min_len) && (str_charnum(new_passwd) < min_len)) {
 		DEBUG(1, ("user %s cannot change password - password too short\n", 
 			  username));
@@ -1026,16 +1025,6 @@
 /* 		return NT_STATUS_PWD_TOO_SHORT; */
 	}
 
-	/* Take the passed information and test it for minimum criteria */
-	/* Minimum password length */
-	if (str_charnum(new_passwd) < lp_min_passwd_length()) {
-		/* too short, must be at least MINPASSWDLENGTH */
-		DEBUG(1, ("Password Change: user %s, New password is shorter than minimum password length = %d\n",
-		       username, lp_min_passwd_length()));
-		return NT_STATUS_PASSWORD_RESTRICTION;
-/* 		return NT_STATUS_PWD_TOO_SHORT; */
-	}
-
 	if (check_passwd_history(hnd,new_passwd)) {
 		return NT_STATUS_PASSWORD_RESTRICTION;
 	}

Modified: trunk/source/param/loadparm.c
===================================================================
--- trunk/source/param/loadparm.c	2005-07-14 07:35:48 UTC (rev 8453)
+++ trunk/source/param/loadparm.c	2005-07-14 08:02:10 UTC (rev 8454)
@@ -223,7 +223,6 @@
 	int machine_password_timeout;
 	int change_notify_timeout;
 	int map_to_guest;
-	int min_passwd_length;
 	int oplock_break_wait_time;
 	int winbind_cache_time;
 	int winbind_max_idle_children;
@@ -827,8 +826,6 @@
 	{"server schannel", P_ENUM, P_GLOBAL, &Globals.serverSchannel, NULL, enum_bool_auto, FLAG_BASIC | FLAG_ADVANCED}, 
 	{"allow trusted domains", P_BOOL, P_GLOBAL, &Globals.bAllowTrustedDomains, NULL, NULL, FLAG_ADVANCED}, 
 	{"hosts equiv", P_STRING, P_GLOBAL, &Globals.szHostsEquiv, NULL, NULL, FLAG_ADVANCED}, 
-	{"min password length", P_INTEGER, P_GLOBAL, &Globals.min_passwd_length, NULL, NULL, FLAG_DEPRECATED},
-	{"min passwd length", P_INTEGER, P_GLOBAL, &Globals.min_passwd_length, NULL, NULL, FLAG_DEPRECATED}, 
 	{"map to guest", P_ENUM, P_GLOBAL, &Globals.map_to_guest, NULL, enum_map_to_guest, FLAG_ADVANCED}, 
 	{"null passwords", P_BOOL, P_GLOBAL, &Globals.bNullPasswords, NULL, NULL, FLAG_ADVANCED}, 
 	{"obey pam restrictions", P_BOOL, P_GLOBAL, &Globals.bObeyPamRestrictions, NULL, NULL, FLAG_ADVANCED}, 
@@ -1498,7 +1495,6 @@
 	/* Note, that we will use NTLM2 session security (which is different), if it is available */
 
 	Globals.map_to_guest = 0;	/* By Default, "Never" */
-	Globals.min_passwd_length = MINPASSWDLENGTH;	/* By Default, 5. */
 	Globals.oplock_break_wait_time = 0;	/* By Default, 0 msecs. */
 	Globals.enhanced_browsing = True; 
 	Globals.iLockSpinCount = 3; /* Try 3 times. */
@@ -1890,7 +1886,6 @@
 FN_GLOBAL_INTEGER(lp_machine_password_timeout, &Globals.machine_password_timeout)
 FN_GLOBAL_INTEGER(lp_change_notify_timeout, &Globals.change_notify_timeout)
 FN_GLOBAL_INTEGER(lp_map_to_guest, &Globals.map_to_guest)
-FN_GLOBAL_INTEGER(lp_min_passwd_length, &Globals.min_passwd_length)
 FN_GLOBAL_INTEGER(lp_oplock_break_wait_time, &Globals.oplock_break_wait_time)
 FN_GLOBAL_INTEGER(lp_lock_spin_count, &Globals.iLockSpinCount)
 FN_GLOBAL_INTEGER(lp_lock_sleep_time, &Globals.iLockSpinTime)

Modified: trunk/source/smbd/chgpasswd.c
===================================================================
--- trunk/source/smbd/chgpasswd.c	2005-07-14 07:35:48 UTC (rev 8453)
+++ trunk/source/smbd/chgpasswd.c	2005-07-14 08:02:10 UTC (rev 8454)
@@ -1017,7 +1017,6 @@
 		return NT_STATUS_ACCOUNT_RESTRICTION;
 	}
 
-	/* FIXME: AP_MIN_PASSWORD_LEN and lp_min_passwd_length() need to be merged - gd */
 	if (pdb_get_account_policy(AP_MIN_PASSWORD_LEN, &min_len) && (str_charnum(new_passwd) < min_len)) {
 		DEBUG(1, ("user %s cannot change password - password too short\n", 
 			  username));
@@ -1026,16 +1025,6 @@
 /* 		return NT_STATUS_PWD_TOO_SHORT; */
 	}
 
-	/* Take the passed information and test it for minimum criteria */
-	/* Minimum password length */
-	if (str_charnum(new_passwd) < lp_min_passwd_length()) {
-		/* too short, must be at least MINPASSWDLENGTH */
-		DEBUG(1, ("Password Change: user %s, New password is shorter than minimum password length = %d\n",
-		       username, lp_min_passwd_length()));
-		return NT_STATUS_PASSWORD_RESTRICTION;
-/* 		return NT_STATUS_PWD_TOO_SHORT; */
-	}
-
 	if (check_passwd_history(hnd,new_passwd)) {
 		return NT_STATUS_PASSWORD_RESTRICTION;
 	}

More information about the samba-cvs mailing list