Author: jerry Date: 2007-09-28 03:56:12 +0000 (Fri, 28 Sep 2007) New Revision: 25401
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=25401 Log: BUG 4982: Don't delete lanman hashes on invalid logins when using the "lanman auth = no". Tested by Guenter Kukkukk. Modified: branches/SAMBA_3_2/source/auth/auth_sam.c branches/SAMBA_3_2/source/passdb/pdb_interface.c branches/SAMBA_3_2_0/source/auth/auth_sam.c branches/SAMBA_3_2_0/source/passdb/pdb_interface.c Changeset: Modified: branches/SAMBA_3_2/source/auth/auth_sam.c =================================================================== --- branches/SAMBA_3_2/source/auth/auth_sam.c 2007-09-28 03:54:42 UTC (rev 25400) +++ branches/SAMBA_3_2/source/auth/auth_sam.c 2007-09-28 03:56:12 UTC (rev 25401) @@ -294,14 +294,16 @@ nt_status = sam_password_ok(auth_context, mem_ctx, sampass, user_info, &user_sess_key, &lm_sess_key); - /* Notify passdb backend of login success/failure. If not NT_STATUS_OK the backend doesn't like the login */ + /* Notify passdb backend of login success/failure. If not + NT_STATUS_OK the backend doesn't like the login */ + update_login_attempts_status = pdb_update_login_attempts(sampass, NT_STATUS_IS_OK(nt_status)); - if (!NT_STATUS_IS_OK(update_login_attempts_status)) - nt_status = update_login_attempts_status; if (!NT_STATUS_IS_OK(nt_status)) { if (NT_STATUS_EQUAL(nt_status,NT_STATUS_WRONG_PASSWORD) && - pdb_get_acct_ctrl(sampass) &ACB_NORMAL) { + pdb_get_acct_ctrl(sampass) &ACB_NORMAL && + NT_STATUS_IS_OK(update_login_attempts_status)) + { pdb_increment_bad_password_count(sampass); updated_badpw = True; } else { Modified: branches/SAMBA_3_2/source/passdb/pdb_interface.c =================================================================== --- branches/SAMBA_3_2/source/passdb/pdb_interface.c 2007-09-28 03:54:42 UTC (rev 25400) +++ branches/SAMBA_3_2/source/passdb/pdb_interface.c 2007-09-28 03:56:12 UTC (rev 25401) @@ -1168,7 +1168,7 @@ static NTSTATUS pdb_default_update_login_attempts (struct pdb_methods *methods, struct samu *newpwd, BOOL success) { - return NT_STATUS_OK; + return NT_STATUS_NOT_IMPLEMENTED; } static NTSTATUS pdb_default_setsampwent(struct pdb_methods *methods, BOOL update, uint32 acb_mask) Modified: branches/SAMBA_3_2_0/source/auth/auth_sam.c =================================================================== --- branches/SAMBA_3_2_0/source/auth/auth_sam.c 2007-09-28 03:54:42 UTC (rev 25400) +++ branches/SAMBA_3_2_0/source/auth/auth_sam.c 2007-09-28 03:56:12 UTC (rev 25401) @@ -294,14 +294,16 @@ nt_status = sam_password_ok(auth_context, mem_ctx, sampass, user_info, &user_sess_key, &lm_sess_key); - /* Notify passdb backend of login success/failure. If not NT_STATUS_OK the backend doesn't like the login */ + /* Notify passdb backend of login success/failure. If not + NT_STATUS_OK the backend doesn't like the login */ + update_login_attempts_status = pdb_update_login_attempts(sampass, NT_STATUS_IS_OK(nt_status)); - if (!NT_STATUS_IS_OK(update_login_attempts_status)) - nt_status = update_login_attempts_status; if (!NT_STATUS_IS_OK(nt_status)) { if (NT_STATUS_EQUAL(nt_status,NT_STATUS_WRONG_PASSWORD) && - pdb_get_acct_ctrl(sampass) &ACB_NORMAL) { + pdb_get_acct_ctrl(sampass) &ACB_NORMAL && + NT_STATUS_IS_OK(update_login_attempts_status)) + { pdb_increment_bad_password_count(sampass); updated_badpw = True; } else { Modified: branches/SAMBA_3_2_0/source/passdb/pdb_interface.c =================================================================== --- branches/SAMBA_3_2_0/source/passdb/pdb_interface.c 2007-09-28 03:54:42 UTC (rev 25400) +++ branches/SAMBA_3_2_0/source/passdb/pdb_interface.c 2007-09-28 03:56:12 UTC (rev 25401) @@ -1168,7 +1168,7 @@ static NTSTATUS pdb_default_update_login_attempts (struct pdb_methods *methods, struct samu *newpwd, BOOL success) { - return NT_STATUS_OK; + return NT_STATUS_NOT_IMPLEMENTED; } static NTSTATUS pdb_default_setsampwent(struct pdb_methods *methods, BOOL update, uint32 acb_mask)