svn commit: samba r18636 - in branches/SAMBA_4_0/source: dsdb/samdb
kdc librpc/idl
gd at samba.org
gd at samba.org
Mon Sep 18 21:00:00 GMT 2006
Author: gd
Date: 2006-09-18 21:00:00 +0000 (Mon, 18 Sep 2006)
New Revision: 18636
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=18636
Log:
Excessive testing with pam_winbind within Samba3 revealed a new samr
reject reason code while password changing: SAMR_REJECT_IN_HISTORY which
is different from SAMR_REJECT_COMPLEXITY.
torture test to follow as well.
Guenther
Modified:
branches/SAMBA_4_0/source/dsdb/samdb/samdb.c
branches/SAMBA_4_0/source/kdc/kpasswdd.c
branches/SAMBA_4_0/source/librpc/idl/misc.idl
Changeset:
Modified: branches/SAMBA_4_0/source/dsdb/samdb/samdb.c
===================================================================
--- branches/SAMBA_4_0/source/dsdb/samdb/samdb.c 2006-09-18 20:56:54 UTC (rev 18635)
+++ branches/SAMBA_4_0/source/dsdb/samdb/samdb.c 2006-09-18 21:00:00 UTC (rev 18636)
@@ -1282,13 +1282,13 @@
if (pwdHistoryLength > 0) {
if (lmNewHash && lmPwdHash && memcmp(lmNewHash->hash, lmPwdHash->hash, 16) == 0) {
if (reject_reason) {
- *reject_reason = SAMR_REJECT_COMPLEXITY;
+ *reject_reason = SAMR_REJECT_IN_HISTORY;
}
return NT_STATUS_PASSWORD_RESTRICTION;
}
if (ntNewHash && ntPwdHash && memcmp(ntNewHash->hash, ntPwdHash->hash, 16) == 0) {
if (reject_reason) {
- *reject_reason = SAMR_REJECT_COMPLEXITY;
+ *reject_reason = SAMR_REJECT_IN_HISTORY;
}
return NT_STATUS_PASSWORD_RESTRICTION;
}
@@ -1301,7 +1301,7 @@
for (i=0; lmNewHash && i<sambaLMPwdHistory_len;i++) {
if (memcmp(lmNewHash->hash, sambaLMPwdHistory[i].hash, 16) == 0) {
if (reject_reason) {
- *reject_reason = SAMR_REJECT_COMPLEXITY;
+ *reject_reason = SAMR_REJECT_IN_HISTORY;
}
return NT_STATUS_PASSWORD_RESTRICTION;
}
@@ -1309,7 +1309,7 @@
for (i=0; ntNewHash && i<sambaNTPwdHistory_len;i++) {
if (memcmp(ntNewHash->hash, sambaNTPwdHistory[i].hash, 16) == 0) {
if (reject_reason) {
- *reject_reason = SAMR_REJECT_COMPLEXITY;
+ *reject_reason = SAMR_REJECT_IN_HISTORY;
}
return NT_STATUS_PASSWORD_RESTRICTION;
}
Modified: branches/SAMBA_4_0/source/kdc/kpasswdd.c
===================================================================
--- branches/SAMBA_4_0/source/kdc/kpasswdd.c 2006-09-18 20:56:54 UTC (rev 18635)
+++ branches/SAMBA_4_0/source/kdc/kpasswdd.c 2006-09-18 21:00:00 UTC (rev 18636)
@@ -134,6 +134,9 @@
case SAMR_REJECT_COMPLEXITY:
reject_string = "Password does not meet complexity requirements";
break;
+ case SAMR_REJECT_IN_HISTORY:
+ reject_string = "Password is already in password history";
+ break;
case SAMR_REJECT_OTHER:
default:
reject_string = talloc_asprintf(mem_ctx, "Password must be at least %d characters long, and cannot match any of your %d previous passwords",
Modified: branches/SAMBA_4_0/source/librpc/idl/misc.idl
===================================================================
--- branches/SAMBA_4_0/source/librpc/idl/misc.idl 2006-09-18 20:56:54 UTC (rev 18635)
+++ branches/SAMBA_4_0/source/librpc/idl/misc.idl 2006-09-18 21:00:00 UTC (rev 18636)
@@ -40,7 +40,8 @@
typedef [public,v1_enum] enum {
SAMR_REJECT_OTHER = 0,
SAMR_REJECT_TOO_SHORT = 1,
- SAMR_REJECT_COMPLEXITY = 2
+ SAMR_REJECT_IN_HISTORY = 2,
+ SAMR_REJECT_COMPLEXITY = 5
} samr_RejectReason;
More information about the samba-cvs
mailing list