[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha7-1517-ga21bfc4

Günther Deschner gd at samba.org
Fri May 8 22:07:40 GMT 2009


The branch, master has been updated
       via  a21bfc4daff9e67750021d96ffa0c1e6e4cd3472 (commit)
       via  705f36b804093f656498f7963768a418672cd422 (commit)
      from  d0100947002a892dff22aefd2491e3a66aaf3a07 (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit a21bfc4daff9e67750021d96ffa0c1e6e4cd3472
Author: Günther Deschner <gd at samba.org>
Date:   Sat May 9 00:03:50 2009 +0200

    s3-samr: Fix SetUserInfo level 16 and 21 w.r.t. ACB_AUTOLOCK acct_flag.
    
    It is not allowed to *set* this flag remotely if it has been not set already.
    
    Found by torture test.
    
    Guenther

commit 705f36b804093f656498f7963768a418672cd422
Author: Günther Deschner <gd at samba.org>
Date:   Sat May 9 00:02:00 2009 +0200

    s3-samr: Fix SetUserInfo level 7 when there has been no name change.
    
    Found by torture test.
    
    Guenther

-----------------------------------------------------------------------

Summary of changes:
 source3/rpc_server/srv_samr_nt.c   |    6 ++++++
 source3/rpc_server/srv_samr_util.c |   10 ++++++++++
 2 files changed, 16 insertions(+), 0 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index 0d87ad8..17e111d 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -4013,6 +4013,12 @@ static NTSTATUS set_user_info_7(TALLOC_CTX *mem_ctx,
 	   code (like UNSUCCESSFUL instead of ALREADY_EXISTS). */
 
 	rc = can_create(mem_ctx, id7->account_name.string);
+
+	/* when there is nothing to change, we're done here */
+	if (NT_STATUS_EQUAL(rc, NT_STATUS_USER_EXISTS) &&
+	    strequal(id7->account_name.string, pdb_get_username(pwd))) {
+		return NT_STATUS_OK;
+	}
 	if (!NT_STATUS_IS_OK(rc)) {
 		return rc;
 	}
diff --git a/source3/rpc_server/srv_samr_util.c b/source3/rpc_server/srv_samr_util.c
index 8f136b1..69daa31 100644
--- a/source3/rpc_server/srv_samr_util.c
+++ b/source3/rpc_server/srv_samr_util.c
@@ -534,6 +534,16 @@ void copy_id21_to_sam_passwd(const char *log_prefix,
 		DEBUG(10,("%s SAMR_FIELD_ACCT_FLAGS: %08X -> %08X\n", l,
 			pdb_get_acct_ctrl(to), from->acct_flags));
 		if (from->acct_flags != pdb_get_acct_ctrl(to)) {
+
+			/* You cannot autolock an unlocked account via
+			 * setuserinfo calls, so make sure to remove the
+			 * ACB_AUTOLOCK bit here - gd */
+
+			if ((from->acct_flags & ACB_AUTOLOCK) &&
+			    !(pdb_get_acct_ctrl(to) & ACB_AUTOLOCK)) {
+				from->acct_flags &= ~ACB_AUTOLOCK;
+			}
+
 			if (!(from->acct_flags & ACB_AUTOLOCK) &&
 			     (pdb_get_acct_ctrl(to) & ACB_AUTOLOCK)) {
 				/* We're unlocking a previously locked user. Reset bad password counts.


-- 
Samba Shared Repository


More information about the samba-cvs mailing list