[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-983-g639c9cc
Matthias Dieter Wallnöfer
mdw at samba.org
Fri Aug 14 02:34:50 MDT 2009
The branch, master has been updated
via 639c9ccb93e2766d865c769fa8c53a7c3d5f307c (commit)
via 44dfb2902e338924736447236989c6ed231f411b (commit)
via e2b12c6f6acf9ed833bf584cd2556a83d59b01eb (commit)
via 6dab7c9dbec1d8eb29990a616f1e446dc4d016eb (commit)
from 093148c1f0eca1ee40552c8eddfdc1ba2554d64e (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 639c9ccb93e2766d865c769fa8c53a7c3d5f307c
Author: Matthias Dieter Wallnöfer <mwallnoefer at yahoo.de>
Date: Thu Aug 13 23:04:34 2009 +0200
s4: Correct the parameter logic of the "setpassword" script
Either the username or the filter are allowed. If both are given the filter is
going to be used due to a higher precedence.
commit 44dfb2902e338924736447236989c6ed231f411b
Author: Matthias Dieter Wallnöfer <mwallnoefer at yahoo.de>
Date: Thu Aug 13 11:37:38 2009 +0200
s4: Better way to call "dom_sid_to_rid" from ldap.py
commit e2b12c6f6acf9ed833bf584cd2556a83d59b01eb
Author: Matthias Dieter Wallnöfer <mwallnoefer at yahoo.de>
Date: Thu Aug 13 10:43:42 2009 +0200
s4: Remove obsolete "samdb_password_quality_ok" function (it's just a one-line wrapper)
commit 6dab7c9dbec1d8eb29990a616f1e446dc4d016eb
Author: Matthias Dieter Wallnöfer <mwallnoefer at yahoo.de>
Date: Thu Aug 13 09:50:19 2009 +0200
s4: cracknames.c: Change the handling of the NT_STATUS_NO_MEMORY status results
With the previous check I got random failures when trying to connect to the
LDAP server.
-----------------------------------------------------------------------
Summary of changes:
source4/dsdb/common/util.c | 11 +----------
source4/dsdb/samdb/cracknames.c | 10 ++++++----
source4/lib/ldb/tests/python/ldap.py | 6 ++----
source4/scripting/python/samba/__init__.py | 10 ++++++++++
source4/setup/setpassword | 11 ++++-------
5 files changed, 23 insertions(+), 25 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c
index 5c5386b..af31f17 100644
--- a/source4/dsdb/common/util.c
+++ b/source4/dsdb/common/util.c
@@ -1560,15 +1560,6 @@ int samdb_search_for_parent_domain(struct ldb_context *ldb, TALLOC_CTX *mem_ctx,
return ret;
}
-/*
- check that a password is sufficiently complex
-*/
-static bool samdb_password_complexity_ok(const char *pass)
-{
- return check_password_quality(pass);
-}
-
-
/*
set the user password using plaintext, obeying any user or domain
@@ -1716,7 +1707,7 @@ NTSTATUS samdb_set_password(struct ldb_context *ctx, TALLOC_CTX *mem_ctx,
/* possibly check password complexity */
if (restrictions && (pwdProperties & DOMAIN_PASSWORD_COMPLEX) &&
- !samdb_password_complexity_ok(new_pass)) {
+ !check_password_quality(new_pass)) {
if (reject_reason) {
*reject_reason = SAMR_REJECT_COMPLEXITY;
}
diff --git a/source4/dsdb/samdb/cracknames.c b/source4/dsdb/samdb/cracknames.c
index 8e97c45..723f513 100644
--- a/source4/dsdb/samdb/cracknames.c
+++ b/source4/dsdb/samdb/cracknames.c
@@ -1278,6 +1278,9 @@ NTSTATUS crack_name_to_nt4_name(TALLOC_CTX *mem_ctx,
}
*nt4_domain = talloc_strdup(mem_ctx, info1.result_name);
+ if (*nt4_domain == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
p = strchr(*nt4_domain, '\\');
if (!p) {
@@ -1287,10 +1290,9 @@ NTSTATUS crack_name_to_nt4_name(TALLOC_CTX *mem_ctx,
if (p[1]) {
*nt4_account = talloc_strdup(mem_ctx, &p[1]);
- }
-
- if (!*nt4_account || !*nt4_domain) {
- return NT_STATUS_NO_MEMORY;
+ if (*nt4_account == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
}
return NT_STATUS_OK;
diff --git a/source4/lib/ldb/tests/python/ldap.py b/source4/lib/ldb/tests/python/ldap.py
index 00fb307..24c6226 100755
--- a/source4/lib/ldb/tests/python/ldap.py
+++ b/source4/lib/ldb/tests/python/ldap.py
@@ -18,10 +18,8 @@ from ldb import ERR_NO_SUCH_OBJECT, ERR_ATTRIBUTE_OR_VALUE_EXISTS
from ldb import ERR_ENTRY_ALREADY_EXISTS, ERR_UNWILLING_TO_PERFORM
from ldb import ERR_NOT_ALLOWED_ON_NON_LEAF, ERR_OTHER, ERR_INVALID_DN_SYNTAX
from ldb import Message, Dn
-from samba import Ldb
+from samba import Ldb, param, dom_sid_to_rid
from subunit import SubunitTestRunner
-from samba import param
-from samba import glue
import unittest
parser = optparse.OptionParser("ldap [options] <host>")
@@ -173,7 +171,7 @@ class BasicTests(unittest.TestCase):
self.assertTrue(len(res1) == 1)
primary_group_token = int(res1[0]["primaryGroupToken"][0])
- rid = glue.dom_sid_to_rid(ldb.schema_format_value("objectSID", res1[0]["objectSID"][0]))
+ rid = dom_sid_to_rid(ldb.schema_format_value("objectSID", res1[0]["objectSID"][0]))
self.assertEquals(primary_group_token, rid)
# Has to wait until we support read-only generated attributes correctly
diff --git a/source4/scripting/python/samba/__init__.py b/source4/scripting/python/samba/__init__.py
index 164803b..e6875b3 100644
--- a/source4/scripting/python/samba/__init__.py
+++ b/source4/scripting/python/samba/__init__.py
@@ -242,6 +242,16 @@ def valid_netbios_name(name):
return False
return True
+
+def dom_sid_to_rid(sid_str):
+ """Converts a domain SID to the relative RID.
+
+ :param sid_str: The domain SID formatted as string
+ """
+
+ return glue.dom_sid_to_rid(sid_str)
+
+
version = glue.version
DS_BEHAVIOR_WIN2000 = glue.DS_BEHAVIOR_WIN2000
diff --git a/source4/setup/setpassword b/source4/setup/setpassword
index 3505adf..513730d 100755
--- a/source4/setup/setpassword
+++ b/source4/setup/setpassword
@@ -52,7 +52,10 @@ def message(text):
if not opts.quiet:
print text
-if len(args) == 0:
+filter = opts.filter
+
+if (len(args) == 0) and (filter is None):
+ print "Either the username or '--filter' must be specified!"
parser.print_usage()
sys.exit(1)
@@ -60,16 +63,10 @@ password = opts.newpassword;
if password is None:
password = getpass("New Password: ")
-filter = opts.filter
-
if filter is None:
username = args[0]
- if username is None:
- print "Either username or --filter must be specified"
-
filter = "(&(objectclass=user)(samAccountName=%s))" % (username)
-
lp = sambaopts.get_loadparm()
creds = credopts.get_credentials(lp)
--
Samba Shared Repository
More information about the samba-cvs
mailing list