[SCM] Samba Shared Repository - branch master updated

Matthias Dieter Wallnöfer mdw at samba.org
Tue Jul 6 13:54:54 MDT 2010 

The branch, master has been updated
       via  502bddf... s4:new_partition LDB module - fix an uninitalised variable warning
       via  b03040c... s4:SAMR rpc server - "SetUserInfo" - fix the implementation of the expire flag
       via  7f15ca4... s4:SAMR rpc server - "QueryUserInfo" - send back the password expired flag on level 21
       via  9c81357... s4:dsdb - samdb_result_force_password_change - also when "pwdLastSet" is "-1" we shouldn't force a password change
      from  293d3eb... s3-selftest: add "make testenv" target to Makefile.

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 502bddf7676b8061a877e7c83b647a64963c3efe
Author: Matthias Dieter Wallnöfer <mdw at samba.org>
Date:   Tue Jul 6 17:51:00 2010 +0200

    s4:new_partition LDB module - fix an uninitalised variable warning
    
    > [ 651/1946] Compiling dsdb/samdb/ldb_modules/new_partition.c
    > ../dsdb/samdb/ldb_modules/new_partition.c: In function 'new_partition_add':
    > ../dsdb/samdb/ldb_modules/new_partition.c:195: warning: 'down_req' may be used uninitialized in this function
    The "down_req" variable isn't used anymore.

commit b03040c5a903e24a8216b9245f2925eb2205cd67
Author: Matthias Dieter Wallnöfer <mdw at samba.org>
Date:   Mon Jul 5 17:42:40 2010 +0200

    s4:SAMR rpc server - "SetUserInfo" - fix the implementation of the expire flag
    
    It has to consider the "password_expires" flag to known if the "pwdLastSet" has
    to be updated or to be resetted.

commit 7f15ca4427ae07520a457fa8f19991f6e350205b
Author: Matthias Dieter Wallnöfer <mdw at samba.org>
Date:   Mon Jul 5 15:54:21 2010 +0200

    s4:SAMR rpc server - "QueryUserInfo" - send back the password expired flag on level 21
    
    Taken from the s3 server code

commit 9c8135785ad7b2bee4a0d37470dc37fed04a6516
Author: Matthias Dieter Wallnöfer <mdw at samba.org>
Date:   Mon Jul 5 16:55:50 2010 +0200

    s4:dsdb - samdb_result_force_password_change - also when "pwdLastSet" is "-1" we shouldn't force a password change
    
    This value is set by the ADUC console.

-----------------------------------------------------------------------

Summary of changes:
 source4/dsdb/common/util.c                     |   12 ++++++--
 source4/dsdb/samdb/ldb_modules/new_partition.c |    3 +-
 source4/rpc_server/samr/dcesrv_samr.c          |   32 +++++++++++++++++++++---
 3 files changed, 38 insertions(+), 9 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c
index 80736b1..d248038 100644
--- a/source4/dsdb/common/util.c
+++ b/source4/dsdb/common/util.c
@@ -520,8 +520,10 @@ NTTIME samdb_result_force_password_change(struct ldb_context *sam_ldb,
 					  struct ldb_dn *domain_dn, 
 					  struct ldb_message *msg)
 {
-	uint64_t attr_time = samdb_result_uint64(msg, "pwdLastSet", 0);
-	uint32_t userAccountControl = samdb_result_uint64(msg, "userAccountControl", 0);
+	int64_t attr_time = samdb_result_int64(msg, "pwdLastSet", 0);
+	uint32_t userAccountControl = ldb_msg_find_attr_as_uint(msg,
+								"userAccountControl",
+								0);
 	int64_t maxPwdAge;
 
 	/* Machine accounts don't expire, and there is a flag for 'no expiry' */
@@ -533,8 +535,12 @@ NTTIME samdb_result_force_password_change(struct ldb_context *sam_ldb,
 	if (attr_time == 0) {
 		return 0;
 	}
+	if (attr_time == -1) {
+		return 0x7FFFFFFFFFFFFFFFULL;
+	}
 
-	maxPwdAge = samdb_search_int64(sam_ldb, mem_ctx, 0, domain_dn, "maxPwdAge", NULL);
+	maxPwdAge = samdb_search_int64(sam_ldb, mem_ctx, 0, domain_dn,
+				       "maxPwdAge", NULL);
 	if (maxPwdAge == 0) {
 		return 0x7FFFFFFFFFFFFFFFULL;
 	} else {
diff --git a/source4/dsdb/samdb/ldb_modules/new_partition.c b/source4/dsdb/samdb/ldb_modules/new_partition.c
index 63c9200..a6102d6 100644
--- a/source4/dsdb/samdb/ldb_modules/new_partition.c
+++ b/source4/dsdb/samdb/ldb_modules/new_partition.c
@@ -135,7 +135,6 @@ static int np_part_search_callback(struct ldb_request *req, struct ldb_reply *ar
 static int new_partition_add(struct ldb_module *module, struct ldb_request *req)
 {
 	struct ldb_context *ldb;
-	struct ldb_request *down_req;
 	struct np_context *ac;
 	int ret;
 
@@ -192,7 +191,7 @@ static int new_partition_add(struct ldb_module *module, struct ldb_request *req)
 	}
 
 	/* go on with the call chain */
-	return ldb_next_request(module, down_req);
+	return ldb_next_request(module, req);
 }
 
 _PUBLIC_ const struct ldb_module_ops ldb_new_partition_module_ops = {
diff --git a/source4/rpc_server/samr/dcesrv_samr.c b/source4/rpc_server/samr/dcesrv_samr.c
index 882bf3f..cca828a 100644
--- a/source4/rpc_server/samr/dcesrv_samr.c
+++ b/source4/rpc_server/samr/dcesrv_samr.c
@@ -3063,10 +3063,15 @@ static NTSTATUS dcesrv_samr_QueryUserInfo(struct dcesrv_call_state *dce_call, TA
 		QUERY_RID   (msg, info21.rid,                  "objectSid");
 		QUERY_UINT  (msg, info21.primary_gid,          "primaryGroupID");
 		QUERY_AFLAGS(msg, info21.acct_flags,           "userAccountControl");
-		info->info21.fields_present = 0x00FFFFFF;
+		info->info21.fields_present = 0x08FFFFFF;
 		QUERY_LHOURS(msg, info21.logon_hours,          "logonHours");
 		QUERY_UINT  (msg, info21.bad_password_count,   "badPwdCount");
 		QUERY_UINT  (msg, info21.logon_count,          "logonCount");
+		if ((info->info21.acct_flags & ACB_PW_EXPIRED) != 0) {
+			info->info21.password_expired = PASS_MUST_CHANGE_AT_NEXT_LOGON;
+		} else {
+			info->info21.password_expired = PASS_DONT_CHANGE_AT_NEXT_LOGON;
+		}
 		QUERY_UINT  (msg, info21.country_code,         "countryCode");
 		QUERY_UINT  (msg, info21.code_page,            "codePage");
 		break;
@@ -3276,9 +3281,16 @@ static NTSTATUS dcesrv_samr_SetUserInfo(struct dcesrv_call_state *dce_call, TALL
 			}
 		}
 
+
 		IFSET(SAMR_FIELD_EXPIRED_FLAG) {
+			NTTIME t = 0;
 			struct ldb_message_element *set_el;
-			if (samdb_msg_add_uint64(sam_ctx, mem_ctx, msg, "pwdLastSet", 0) != LDB_SUCCESS) {
+			if (r->in.info->info21.password_expired
+					== PASS_DONT_CHANGE_AT_NEXT_LOGON) {
+				unix_to_nt_time(&t, time(NULL));
+			}
+			if (samdb_msg_add_uint64(sam_ctx, mem_ctx, msg,
+						 "pwdLastSet", t) != LDB_SUCCESS) {
 				return NT_STATUS_NO_MEMORY;
 			}
 			set_el = ldb_msg_find_element(msg, "pwdLastSet");
@@ -3358,8 +3370,14 @@ static NTSTATUS dcesrv_samr_SetUserInfo(struct dcesrv_call_state *dce_call, TALL
 		}
 
 		IFSET(SAMR_FIELD_EXPIRED_FLAG) {
+			NTTIME t = 0;
 			struct ldb_message_element *set_el;
-			if (samdb_msg_add_uint64(sam_ctx, mem_ctx, msg, "pwdLastSet", 0) != LDB_SUCCESS) {
+			if (r->in.info->info23.info.password_expired
+					== PASS_DONT_CHANGE_AT_NEXT_LOGON) {
+				unix_to_nt_time(&t, time(NULL));
+			}
+			if (samdb_msg_add_uint64(sam_ctx, mem_ctx, msg,
+						 "pwdLastSet", t) != LDB_SUCCESS) {
 				return NT_STATUS_NO_MEMORY;
 			}
 			set_el = ldb_msg_find_element(msg, "pwdLastSet");
@@ -3460,8 +3478,14 @@ static NTSTATUS dcesrv_samr_SetUserInfo(struct dcesrv_call_state *dce_call, TALL
 		}
 
 		IFSET(SAMR_FIELD_EXPIRED_FLAG) {
+			NTTIME t = 0;
 			struct ldb_message_element *set_el;
-			if (samdb_msg_add_uint64(sam_ctx, mem_ctx, msg, "pwdLastSet", 0) != LDB_SUCCESS) {
+			if (r->in.info->info25.info.password_expired
+					== PASS_DONT_CHANGE_AT_NEXT_LOGON) {
+				unix_to_nt_time(&t, time(NULL));
+			}
+			if (samdb_msg_add_uint64(sam_ctx, mem_ctx, msg,
+						 "pwdLastSet", t) != LDB_SUCCESS) {
 				return NT_STATUS_NO_MEMORY;
 			}
 			set_el = ldb_msg_find_element(msg, "pwdLastSet");


-- 
Samba Shared Repository

More information about the samba-cvs mailing list