Author: jmcd Date: 2006-09-20 17:58:16 +0000 (Wed, 20 Sep 2006) New Revision: 18726
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=18726 Log: Password time stuff from SAMBA_3_0. I'll keep them in sync next time. Modified: branches/SAMBA_3_0_23/source/passdb/pdb_get_set.c branches/SAMBA_3_0_23/source/rpc_parse/parse_samr.c branches/SAMBA_3_0_23/source/rpc_server/srv_samr_util.c Changeset: Modified: branches/SAMBA_3_0_23/source/passdb/pdb_get_set.c =================================================================== --- branches/SAMBA_3_0_23/source/passdb/pdb_get_set.c 2006-09-20 17:56:50 UTC (rev 18725) +++ branches/SAMBA_3_0_23/source/passdb/pdb_get_set.c 2006-09-20 17:58:16 UTC (rev 18726) @@ -72,12 +72,32 @@ time_t pdb_get_pass_can_change_time(const struct samu *sampass) { - return sampass->pass_can_change_time; + uint32 allow; + + if (sampass->pass_last_set_time == 0) + return (time_t) 0; + + if (!pdb_get_account_policy(AP_MIN_PASSWORD_AGE, &allow)) + allow = 0; + + return sampass->pass_last_set_time + allow; } time_t pdb_get_pass_must_change_time(const struct samu *sampass) { - return sampass->pass_must_change_time; + uint32 expire; + + if (sampass->pass_last_set_time == 0) + return (time_t) 0; + + if (sampass->acct_ctrl & ACB_PWNOEXP) + return get_time_t_max(); + + if (!pdb_get_account_policy(AP_MAX_PASSWORD_AGE, &expire) + || expire == (uint32)-1 || expire == 0) + return get_time_t_max(); + + return sampass->pass_last_set_time + expire; } uint16 pdb_get_logon_divs(const struct samu *sampass) Modified: branches/SAMBA_3_0_23/source/rpc_parse/parse_samr.c =================================================================== --- branches/SAMBA_3_0_23/source/rpc_parse/parse_samr.c 2006-09-20 17:56:50 UTC (rev 18725) +++ branches/SAMBA_3_0_23/source/rpc_parse/parse_samr.c 2006-09-20 17:58:16 UTC (rev 18726) @@ -6208,6 +6208,7 @@ pass_last_set_time, pass_can_change_time, pass_must_change_time; + time_t must_change_time; const char* user_name = pdb_get_username(pw); const char* full_name = pdb_get_fullname(pw); const char* home_dir = pdb_get_homedir(pw); @@ -6232,12 +6233,16 @@ } /* Create NTTIME structs */ - unix_to_nt_time (&logon_time, pdb_get_logon_time(pw)); - unix_to_nt_time (&logoff_time, pdb_get_logoff_time(pw)); + unix_to_nt_time (&logon_time, pdb_get_logon_time(pw)); + unix_to_nt_time (&logoff_time, pdb_get_logoff_time(pw)); unix_to_nt_time (&kickoff_time, pdb_get_kickoff_time(pw)); - unix_to_nt_time (&pass_last_set_time, pdb_get_pass_last_set_time(pw)); - unix_to_nt_time (&pass_can_change_time, pdb_get_pass_can_change_time(pw)); - unix_to_nt_time (&pass_must_change_time,pdb_get_pass_must_change_time(pw)); + unix_to_nt_time (&pass_last_set_time, pdb_get_pass_last_set_time(pw)); + unix_to_nt_time (&pass_can_change_time,pdb_get_pass_can_change_time(pw)); + must_change_time = pdb_get_pass_must_change_time(pw); + if (must_change_time == get_time_t_max()) + unix_to_nt_time_abs(&pass_must_change_time, must_change_time); + else + unix_to_nt_time(&pass_must_change_time, must_change_time); /* structure assignment */ usr->logon_time = logon_time; Modified: branches/SAMBA_3_0_23/source/rpc_server/srv_samr_util.c =================================================================== --- branches/SAMBA_3_0_23/source/rpc_server/srv_samr_util.c 2006-09-20 17:56:50 UTC (rev 18725) +++ branches/SAMBA_3_0_23/source/rpc_server/srv_samr_util.c 2006-09-20 17:58:16 UTC (rev 18726) @@ -284,26 +284,16 @@ } } - DEBUG(10,("INFO_21 PASS_MUST_CHANGE_AT_NEXT_LOGON: %02X\n",from->passmustchange)); - if (from->passmustchange==PASS_MUST_CHANGE_AT_NEXT_LOGON) { - pdb_set_pass_must_change_time(to,0, PDB_CHANGED); - } else { - uint32 expire; - time_t new_time; - if (pdb_get_pass_must_change_time(to) == 0) { - if (!pdb_get_account_policy(AP_MAX_PASSWORD_AGE, &expire) - || expire == (uint32)-1) { - new_time = get_time_t_max(); - } else { - time_t old_time = pdb_get_pass_last_set_time(to); - new_time = old_time + expire; - if ((new_time) < time(0)) { - new_time = time(0) + expire; - } - } - if (!pdb_set_pass_must_change_time (to, new_time, PDB_CHANGED)) { - DEBUG (0, ("pdb_set_pass_must_change_time failed!\n")); - } + /* If the must change flag is set, the last set time goes to zero. + the must change and can change fields also do, but they are + calculated from policy, not set from the wire */ + + if (from->fields_present & ACCT_EXPIRED_FLAG) { + DEBUG(10,("INFO_21 PASS_MUST_CHANGE_AT_NEXT_LOGON: %02X\n",from->passmustchange)); + if (from->passmustchange == PASS_MUST_CHANGE_AT_NEXT_LOGON) { + pdb_set_pass_last_set_time(to, 0, PDB_CHANGED); + } else { + pdb_set_pass_last_set_time(to, time(NULL),PDB_CHANGED); } } @@ -524,26 +514,16 @@ } } - DEBUG(10,("INFO_23 PASS_MUST_CHANGE_AT_NEXT_LOGON: %02X\n",from->passmustchange)); - if (from->passmustchange==PASS_MUST_CHANGE_AT_NEXT_LOGON) { - pdb_set_pass_must_change_time(to,0, PDB_CHANGED); - } else { - uint32 expire; - time_t new_time; - if (pdb_get_pass_must_change_time(to) == 0) { - if (!pdb_get_account_policy(AP_MAX_PASSWORD_AGE, &expire) - || expire == (uint32)-1) { - new_time = get_time_t_max(); - } else { - time_t old_time = pdb_get_pass_last_set_time(to); - new_time = old_time + expire; - if ((new_time) < time(0)) { - new_time = time(0) + expire; - } - } - if (!pdb_set_pass_must_change_time (to, new_time, PDB_CHANGED)) { - DEBUG (0, ("pdb_set_pass_must_change_time failed!\n")); - } + /* If the must change flag is set, the last set time goes to zero. + the must change and can change fields also do, but they are + calculated from policy, not set from the wire */ + + if (from->fields_present & ACCT_EXPIRED_FLAG) { + DEBUG(10,("INFO_23 PASS_MUST_CHANGE_AT_NEXT_LOGON: %02X\n",from->passmustchange)); + if (from->passmustchange == PASS_MUST_CHANGE_AT_NEXT_LOGON) { + pdb_set_pass_last_set_time(to, 0, PDB_CHANGED); + } else { + pdb_set_pass_last_set_time(to, time(NULL),PDB_CHANGED); } }