[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-983-g639c9cc

Matthias Dieter Wallnöfer mdw at samba.org
Fri Aug 14 02:34:50 MDT 2009 

The branch, master has been updated
       via  639c9ccb93e2766d865c769fa8c53a7c3d5f307c (commit)
       via  44dfb2902e338924736447236989c6ed231f411b (commit)
       via  e2b12c6f6acf9ed833bf584cd2556a83d59b01eb (commit)
       via  6dab7c9dbec1d8eb29990a616f1e446dc4d016eb (commit)
      from  093148c1f0eca1ee40552c8eddfdc1ba2554d64e (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 639c9ccb93e2766d865c769fa8c53a7c3d5f307c
Author: Matthias Dieter Wallnöfer <mwallnoefer at yahoo.de>
Date:   Thu Aug 13 23:04:34 2009 +0200

    s4: Correct the parameter logic of the "setpassword" script
    
    Either the username or the filter are allowed. If both are given the filter is
    going to be used due to a higher precedence.

commit 44dfb2902e338924736447236989c6ed231f411b
Author: Matthias Dieter Wallnöfer <mwallnoefer at yahoo.de>
Date:   Thu Aug 13 11:37:38 2009 +0200

    s4: Better way to call "dom_sid_to_rid" from ldap.py

commit e2b12c6f6acf9ed833bf584cd2556a83d59b01eb
Author: Matthias Dieter Wallnöfer <mwallnoefer at yahoo.de>
Date:   Thu Aug 13 10:43:42 2009 +0200

    s4: Remove obsolete "samdb_password_quality_ok" function (it's just a one-line wrapper)

commit 6dab7c9dbec1d8eb29990a616f1e446dc4d016eb
Author: Matthias Dieter Wallnöfer <mwallnoefer at yahoo.de>
Date:   Thu Aug 13 09:50:19 2009 +0200

    s4: cracknames.c: Change the handling of the NT_STATUS_NO_MEMORY status results
    
    With the previous check I got random failures when trying to connect to the
    LDAP server.

-----------------------------------------------------------------------

Summary of changes:
 source4/dsdb/common/util.c                 |   11 +----------
 source4/dsdb/samdb/cracknames.c            |   10 ++++++----
 source4/lib/ldb/tests/python/ldap.py       |    6 ++----
 source4/scripting/python/samba/__init__.py |   10 ++++++++++
 source4/setup/setpassword                  |   11 ++++-------
 5 files changed, 23 insertions(+), 25 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c
index 5c5386b..af31f17 100644
--- a/source4/dsdb/common/util.c
+++ b/source4/dsdb/common/util.c
@@ -1560,15 +1560,6 @@ int samdb_search_for_parent_domain(struct ldb_context *ldb, TALLOC_CTX *mem_ctx,
 	return ret;
 }
 
-/*
-  check that a password is sufficiently complex
-*/
-static bool samdb_password_complexity_ok(const char *pass)
-{
-	return check_password_quality(pass);
-}
-
-
 
 /*
   set the user password using plaintext, obeying any user or domain
@@ -1716,7 +1707,7 @@ NTSTATUS samdb_set_password(struct ldb_context *ctx, TALLOC_CTX *mem_ctx,
 
 			/* possibly check password complexity */
 			if (restrictions && (pwdProperties & DOMAIN_PASSWORD_COMPLEX) &&
-			    !samdb_password_complexity_ok(new_pass)) {
+			    !check_password_quality(new_pass)) {
 				if (reject_reason) {
 					*reject_reason = SAMR_REJECT_COMPLEXITY;
 				}
diff --git a/source4/dsdb/samdb/cracknames.c b/source4/dsdb/samdb/cracknames.c
index 8e97c45..723f513 100644
--- a/source4/dsdb/samdb/cracknames.c
+++ b/source4/dsdb/samdb/cracknames.c
@@ -1278,6 +1278,9 @@ NTSTATUS crack_name_to_nt4_name(TALLOC_CTX *mem_ctx,
 	}
 
 	*nt4_domain = talloc_strdup(mem_ctx, info1.result_name);
+	if (*nt4_domain == NULL) {
+		return NT_STATUS_NO_MEMORY;
+	}
 
 	p = strchr(*nt4_domain, '\\');
 	if (!p) {
@@ -1287,10 +1290,9 @@ NTSTATUS crack_name_to_nt4_name(TALLOC_CTX *mem_ctx,
 
 	if (p[1]) {
 		*nt4_account = talloc_strdup(mem_ctx, &p[1]);
-	}
-
-	if (!*nt4_account || !*nt4_domain) {
-		return NT_STATUS_NO_MEMORY;
+		if (*nt4_account == NULL) {
+			return NT_STATUS_NO_MEMORY;
+		}
 	}
 
 	return NT_STATUS_OK;
diff --git a/source4/lib/ldb/tests/python/ldap.py b/source4/lib/ldb/tests/python/ldap.py
index 00fb307..24c6226 100755
--- a/source4/lib/ldb/tests/python/ldap.py
+++ b/source4/lib/ldb/tests/python/ldap.py
@@ -18,10 +18,8 @@ from ldb import ERR_NO_SUCH_OBJECT, ERR_ATTRIBUTE_OR_VALUE_EXISTS
 from ldb import ERR_ENTRY_ALREADY_EXISTS, ERR_UNWILLING_TO_PERFORM
 from ldb import ERR_NOT_ALLOWED_ON_NON_LEAF, ERR_OTHER, ERR_INVALID_DN_SYNTAX
 from ldb import Message, Dn
-from samba import Ldb
+from samba import Ldb, param, dom_sid_to_rid
 from subunit import SubunitTestRunner
-from samba import param
-from samba import glue
 import unittest
 
 parser = optparse.OptionParser("ldap [options] <host>")
@@ -173,7 +171,7 @@ class BasicTests(unittest.TestCase):
         self.assertTrue(len(res1) == 1)
         primary_group_token = int(res1[0]["primaryGroupToken"][0])
 
-	rid = glue.dom_sid_to_rid(ldb.schema_format_value("objectSID", res1[0]["objectSID"][0]))
+	rid = dom_sid_to_rid(ldb.schema_format_value("objectSID", res1[0]["objectSID"][0]))
         self.assertEquals(primary_group_token, rid)
 
 # Has to wait until we support read-only generated attributes correctly
diff --git a/source4/scripting/python/samba/__init__.py b/source4/scripting/python/samba/__init__.py
index 164803b..e6875b3 100644
--- a/source4/scripting/python/samba/__init__.py
+++ b/source4/scripting/python/samba/__init__.py
@@ -242,6 +242,16 @@ def valid_netbios_name(name):
             return False
     return True
 
+
+def dom_sid_to_rid(sid_str):
+    """Converts a domain SID to the relative RID.
+
+    :param sid_str: The domain SID formatted as string
+    """
+
+    return glue.dom_sid_to_rid(sid_str)
+
+
 version = glue.version
 
 DS_BEHAVIOR_WIN2000 = glue.DS_BEHAVIOR_WIN2000
diff --git a/source4/setup/setpassword b/source4/setup/setpassword
index 3505adf..513730d 100755
--- a/source4/setup/setpassword
+++ b/source4/setup/setpassword
@@ -52,7 +52,10 @@ def message(text):
 	if not opts.quiet:
 		print text
 
-if len(args) == 0:
+filter = opts.filter
+
+if (len(args) == 0) and (filter is None):
+	print "Either the username or '--filter' must be specified!"
 	parser.print_usage()
 	sys.exit(1)
 
@@ -60,16 +63,10 @@ password = opts.newpassword;
 if password is None:
 	password = getpass("New Password: ")
 
-filter = opts.filter
-
 if filter is None:
 	username = args[0]
-	if username is None:
-		print "Either username or --filter must be specified"
-
 	filter = "(&(objectclass=user)(samAccountName=%s))" % (username)
 
-
 lp = sambaopts.get_loadparm()
 creds = credopts.get_credentials(lp)
 


-- 
Samba Shared Repository

More information about the samba-cvs mailing list