[SCM] Samba Shared Repository - branch v3-6-test updated

Karolin Seeger kseeger at samba.org
Wed Nov 16 12:26:47 MST 2011 

The branch, v3-6-test has been updated
       via  fc394c3 Fix bug #8561 - Password change settings not fully observed.
      from  ec72b63 s3:smb2_server: grant credits in async interim responses (bug #8357)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test


- Log -----------------------------------------------------------------
commit fc394c33e3c201b0db620d9c46afedf852cec9a8
Author: Jeremy Allison <jra at samba.org>
Date:   Tue Nov 15 15:42:50 2011 -0800

    Fix bug #8561 - Password change settings not fully observed.
    
    Based on commit 3ede4ffe969f806ba2363b62c09673c32a4ec296 in master
    (with a change to set the header prototype in the correct file).

-----------------------------------------------------------------------

Summary of changes:
 source3/passdb/pdb_get_set.c          |   38 +++++++++++++++++++++++++++++---
 source3/passdb/proto.h                |    1 +
 source3/rpc_server/samr/srv_samr_nt.c |    2 +-
 3 files changed, 36 insertions(+), 5 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/passdb/pdb_get_set.c b/source3/passdb/pdb_get_set.c
index 782c08f..a276c16 100644
--- a/source3/passdb/pdb_get_set.c
+++ b/source3/passdb/pdb_get_set.c
@@ -39,6 +39,36 @@
 #define PDB_NOT_QUITE_NULL ""
 
 /*********************************************************************
+ Test if a change time is a max value. Copes with old and new values
+ of max.
+ ********************************************************************/
+
+bool pdb_is_password_change_time_max(time_t test_time)
+{
+	if (test_time == get_time_t_max()) {
+		return true;
+	}
+#if (defined(SIZEOF_TIME_T) && (SIZEOF_TIME_T == 8))
+	if (test_time == 0x7FFFFFFFFFFFFFFFLL) {
+		return true;
+	}
+#endif
+	if (test_time == 0x7FFFFFFF) {
+		return true;
+	}
+	return false;
+}
+
+/*********************************************************************
+ Return an unchanging version of max password change time - 0x7FFFFFFF.
+ ********************************************************************/
+
+time_t pdb_password_change_time_max(void)
+{
+	return 0x7FFFFFFF;
+}
+
+/*********************************************************************
  Collection of get...() functions for struct samu.
  ********************************************************************/
 
@@ -86,7 +116,7 @@ time_t pdb_get_pass_can_change_time(const struct samu *sampass)
 	   we're trying to update this real value from the sampass
 	   to indicate that the user cannot change their password.  jmcd
 	*/
-	if (sampass->pass_can_change_time == get_time_t_max() &&
+	if (pdb_is_password_change_time_max(sampass->pass_can_change_time) &&
 	    IS_SAM_CHANGED(sampass, PDB_CANCHANGETIME))
 		return sampass->pass_can_change_time;
 
@@ -112,7 +142,7 @@ time_t pdb_get_pass_must_change_time(const struct samu *sampass)
 		return (time_t) 0;
 
 	if (sampass->acct_ctrl & ACB_PWNOEXP)
-		return get_time_t_max();
+		return pdb_password_change_time_max();
 
 	if (!pdb_get_account_policy(PDB_POLICY_MAX_PASSWORD_AGE, &expire)
 	    || expire == (uint32_t)-1 || expire == 0)
@@ -123,7 +153,7 @@ time_t pdb_get_pass_must_change_time(const struct samu *sampass)
 
 bool pdb_get_pass_can_change(const struct samu *sampass)
 {
-	if (sampass->pass_can_change_time == get_time_t_max())
+	if (pdb_is_password_change_time_max(sampass->pass_can_change_time))
 		return False;
 	return True;
 }
@@ -958,7 +988,7 @@ bool pdb_set_backend_private_data(struct samu *sampass, void *private_data,
 bool pdb_set_pass_can_change(struct samu *sampass, bool canchange)
 {
 	return pdb_set_pass_can_change_time(sampass, 
-				     canchange ? 0 : get_time_t_max(),
+				     canchange ? 0 : pdb_password_change_time_max(),
 				     PDB_CHANGED);
 }
 
diff --git a/source3/passdb/proto.h b/source3/passdb/proto.h
index 8b95b72..0ac812f 100644
--- a/source3/passdb/proto.h
+++ b/source3/passdb/proto.h
@@ -112,6 +112,7 @@ bool pdb_set_group_sid_from_rid (struct samu *sampass, uint32_t grid, enum pdb_v
 
 /* The following definitions come from passdb/pdb_get_set.c  */
 
+bool pdb_is_password_change_time_max(time_t test_time);
 uint32_t pdb_get_acct_ctrl(const struct samu *sampass);
 time_t pdb_get_logon_time(const struct samu *sampass);
 time_t pdb_get_logoff_time(const struct samu *sampass);
diff --git a/source3/rpc_server/samr/srv_samr_nt.c b/source3/rpc_server/samr/srv_samr_nt.c
index dad06f7..78ef1ba 100644
--- a/source3/rpc_server/samr/srv_samr_nt.c
+++ b/source3/rpc_server/samr/srv_samr_nt.c
@@ -2824,7 +2824,7 @@ static NTSTATUS get_user_info_21(TALLOC_CTX *mem_ctx,
 	unix_to_nt_time(&r->allow_password_change, pdb_get_pass_can_change_time(pw));
 
 	must_change_time = pdb_get_pass_must_change_time(pw);
-	if (must_change_time == get_time_t_max()) {
+	if (pdb_is_password_change_time_max(must_change_time)) {
 		unix_to_nt_time_abs(&force_password_change, must_change_time);
 	} else {
 		unix_to_nt_time(&force_password_change, must_change_time);


-- 
Samba Shared Repository

More information about the samba-cvs mailing list