[SCM] Samba Shared Repository - branch master updated

[Andrew Tridgell]

The branch, master has been updated
       via  323c744 s4-auth: removed the password combinations code in auth_unix
      from  8563d5c s3-rpc_server: run minimal_includes.pl.

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 323c7445713d17989452b99bbb541248bb2388eb
Author: Andrew Tridgell <tri...@samba.org>
Date:   Thu May 5 13:59:08 2011 +1000

    s4-auth: removed the password combinations code in auth_unix
    
    this code never did anything due to a typo, and was untested. We
    should not be inluding a password cracker in Samba anyway.
    
    Pair-Programmed-With: Andrew Bartlett <abart...@samba.org>
    
    Autobuild-User: Andrew Tridgell <tri...@samba.org>
    Autobuild-Date: Thu May  5 07:00:14 CEST 2011 on sn-devel-104

-----------------------------------------------------------------------

Summary of changes:
 source4/auth/ntlm/auth_unix.c |   43 +++-------------------------------------
 1 files changed, 4 insertions(+), 39 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source4/auth/ntlm/auth_unix.c b/source4/auth/ntlm/auth_unix.c
index 743cb81..7fdb4b3 100644
--- a/source4/auth/ntlm/auth_unix.c
+++ b/source4/auth/ntlm/auth_unix.c
@@ -737,46 +737,11 @@ static NTSTATUS check_unix_password(TALLOC_CTX *ctx, 
struct loadparm_context *lp
                return nt_status;
        }
 
-       if ( user_info->flags | USER_INFO_CASE_INSENSITIVE_PASSWORD) {
-               return nt_status;
-       }
-
-       /* if the password was given to us with mixed case then we don't
-        * need to proceed as we know it hasn't been case modified by the
-        * client */
-       if (strhasupper(password) && strhaslower(password)) {
-               return nt_status;
-       }
-
-       /* make a copy of it */
-       pwcopy = talloc_strdup(ctx, password);
-       if (!pwcopy)
-               return NT_STATUS_NO_MEMORY;
-
-       /* try all lowercase if it's currently all uppercase */
-       if (strhasupper(pwcopy)) {
-               strlower(pwcopy);
-               nt_status = password_check(username, pwcopy, crypted, salt);
-               if NT_STATUS_IS_OK(nt_status) {
-                       *ret_passwd = pws;
-                       return nt_status;
-               }
-       }
-
-       /* give up? */
-       if (level < 1) {
-               return NT_STATUS_WRONG_PASSWORD;
-       }
-
-       /* last chance - all combinations of up to level chars upper! */
-       strlower(pwcopy);
+       /* we no longer try different case combinations here. The use
+        * of this code is now web auth, where trying different case
+        * combinations makes no sense
+        */
 
-#if 0
-        if (NT_STATUS_IS_OK(nt_status = string_combinations(pwcopy, 
password_check, level))) {
-               *ret_passwd = pws;
-               return nt_status;
-       }
-#endif   
        return NT_STATUS_WRONG_PASSWORD;
 }
 


-- 
Samba Shared Repository