The branch, master has been updated
via f4b73f4... s3: Slightly simpify samr_ValidatePassword_Reset
via 3a362b4... s3: Slightly simpify samr_ValidatePassword_Change
via 6f998b4... s3: Slightly simplify the logic of
check_password_complexity()
via b0b077f... s3: Fix some nonempty blank lines
from 4567bf9... s3-winreg_nt: Fixed QueryValue with data=NULL to get the
length.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit f4b73f4e240cee0cc24dc29c84473d6068ab3139
Author: Volker Lendecke <[email protected]>
Date: Fri Apr 16 15:06:17 2010 +0200
s3: Slightly simpify samr_ValidatePassword_Reset
commit 3a362b45c623afb031798570836cebef3e5ebc8a
Author: Volker Lendecke <[email protected]>
Date: Fri Apr 16 15:06:03 2010 +0200
s3: Slightly simpify samr_ValidatePassword_Change
commit 6f998b4b9a46f48b98b947f79bf9c83ec7a0b9fd
Author: Volker Lendecke <[email protected]>
Date: Fri Apr 16 15:00:54 2010 +0200
s3: Slightly simplify the logic of check_password_complexity()
The whole routine was just one if-branch. Do an early return instead.
commit b0b077f27c8f87dedf8fc7898c54e2c2575c1be6
Author: Volker Lendecke <[email protected]>
Date: Fri Apr 16 14:16:40 2010 +0200
s3: Fix some nonempty blank lines
-----------------------------------------------------------------------
Summary of changes:
source3/rpc_server/srv_samr_nt.c | 50 ++++++++++++++++++-----------------
source3/smbd/chgpasswd.c | 54 ++++++++++++++++++++-----------------
2 files changed, 55 insertions(+), 49 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index 3626cbd..3ebfe39 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -6697,19 +6697,20 @@ static enum samr_ValidationStatus
samr_ValidatePassword_Change(TALLOC_CTX *mem_c
{
NTSTATUS status;
- if (req->password.string) {
- if (strlen(req->password.string) <
dom_pw_info->min_password_length) {
+ if (req->password.string == NULL) {
+ SAMR_VALIDATION_STATUS_SUCCESS;
+ }
+ if (strlen(req->password.string) < dom_pw_info->min_password_length) {
+ ZERO_STRUCT(rep->info);
+ return SAMR_VALIDATION_STATUS_PWD_TOO_SHORT;
+ }
+ if (dom_pw_info->password_properties & DOMAIN_PASSWORD_COMPLEX) {
+ status = check_password_complexity(req->account.string,
+ req->password.string,
+ NULL);
+ if (!NT_STATUS_IS_OK(status)) {
ZERO_STRUCT(rep->info);
- return SAMR_VALIDATION_STATUS_PWD_TOO_SHORT;
- }
- if (dom_pw_info->password_properties & DOMAIN_PASSWORD_COMPLEX)
{
- status = check_password_complexity(req->account.string,
- req->password.string,
- NULL);
- if (!NT_STATUS_IS_OK(status)) {
- ZERO_STRUCT(rep->info);
- return
SAMR_VALIDATION_STATUS_NOT_COMPLEX_ENOUGH;
- }
+ return SAMR_VALIDATION_STATUS_NOT_COMPLEX_ENOUGH;
}
}
@@ -6726,19 +6727,20 @@ static enum samr_ValidationStatus
samr_ValidatePassword_Reset(TALLOC_CTX *mem_ct
{
NTSTATUS status;
- if (req->password.string) {
- if (strlen(req->password.string) <
dom_pw_info->min_password_length) {
+ if (req->password.string == NULL) {
+ return SAMR_VALIDATION_STATUS_SUCCESS;
+ }
+ if (strlen(req->password.string) < dom_pw_info->min_password_length) {
+ ZERO_STRUCT(rep->info);
+ return SAMR_VALIDATION_STATUS_PWD_TOO_SHORT;
+ }
+ if (dom_pw_info->password_properties & DOMAIN_PASSWORD_COMPLEX) {
+ status = check_password_complexity(req->account.string,
+ req->password.string,
+ NULL);
+ if (!NT_STATUS_IS_OK(status)) {
ZERO_STRUCT(rep->info);
- return SAMR_VALIDATION_STATUS_PWD_TOO_SHORT;
- }
- if (dom_pw_info->password_properties & DOMAIN_PASSWORD_COMPLEX)
{
- status = check_password_complexity(req->account.string,
- req->password.string,
- NULL);
- if (!NT_STATUS_IS_OK(status)) {
- ZERO_STRUCT(rep->info);
- return
SAMR_VALIDATION_STATUS_NOT_COMPLEX_ENOUGH;
- }
+ return SAMR_VALIDATION_STATUS_NOT_COMPLEX_ENOUGH;
}
}
diff --git a/source3/smbd/chgpasswd.c b/source3/smbd/chgpasswd.c
index dcefc82..dc58cc2 100644
--- a/source3/smbd/chgpasswd.c
+++ b/source3/smbd/chgpasswd.c
@@ -3,17 +3,17 @@
Samba utility functions
Copyright (C) Andrew Tridgell 1992-1998
Copyright (C) Andrew Bartlett 2001-2004
-
+
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
-
+
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
@@ -651,7 +651,7 @@ bool check_lanman_password(char *user, uchar * pass1,
DEBUG(0, ("samu_new() failed!\n"));
return False;
}
-
+
become_root();
ret = pdb_getsampwnam(sampass, user);
unbecome_root();
@@ -661,7 +661,7 @@ bool check_lanman_password(char *user, uchar * pass1,
TALLOC_FREE(sampass);
return False;
}
-
+
acct_ctrl = pdb_get_acct_ctrl (sampass);
lanman_pw = pdb_get_lanman_passwd (sampass);
@@ -721,7 +721,7 @@ bool change_lanman_password(struct samu *sampass, uchar
*pass2)
DEBUG(0,("change_lanman_password: no smb password entry.\n"));
return False;
}
-
+
acct_ctrl = pdb_get_acct_ctrl(sampass);
pwd = pdb_get_lanman_passwd(sampass);
@@ -1115,30 +1115,34 @@ NTSTATUS check_password_complexity(const char *username,
enum samPwdChangeReason *samr_reject_reason)
{
TALLOC_CTX *tosctx = talloc_tos();
+ int check_ret;
+ char *cmd;
/* Use external script to check password complexity */
- if (lp_check_password_script() && *(lp_check_password_script())) {
- int check_ret;
- char *cmd;
+ if ((lp_check_password_script() == NULL)
+ || (*(lp_check_password_script()) == '\0')) {
+ return NT_STATUS_OK;
+ }
- cmd = talloc_string_sub(tosctx, lp_check_password_script(),
"%u", username);
- if (!cmd) {
- return NT_STATUS_PASSWORD_RESTRICTION;
- }
+ cmd = talloc_string_sub(tosctx, lp_check_password_script(), "%u",
+ username);
+ if (!cmd) {
+ return NT_STATUS_PASSWORD_RESTRICTION;
+ }
- check_ret = smbrunsecret(cmd, password);
- DEBUG(5,("check_password_complexity: check password script (%s)
returned [%d]\n",
- cmd, check_ret));
- TALLOC_FREE(cmd);
+ check_ret = smbrunsecret(cmd, password);
+ DEBUG(5,("check_password_complexity: check password script (%s) "
+ "returned [%d]\n", cmd, check_ret));
+ TALLOC_FREE(cmd);
- if (check_ret != 0) {
- DEBUG(1,("check_password_complexity: "
- "check password script said new password is not
good enough!\n"));
- if (samr_reject_reason) {
- *samr_reject_reason =
SAM_PWD_CHANGE_NOT_COMPLEX;
- }
- return NT_STATUS_PASSWORD_RESTRICTION;
+ if (check_ret != 0) {
+ DEBUG(1,("check_password_complexity: "
+ "check password script said new password is not good "
+ "enough!\n"));
+ if (samr_reject_reason) {
+ *samr_reject_reason = SAM_PWD_CHANGE_NOT_COMPLEX;
}
+ return NT_STATUS_PASSWORD_RESTRICTION;
}
return NT_STATUS_OK;
@@ -1242,7 +1246,7 @@ NTSTATUS change_oem_password(struct samu *hnd, char
*old_passwd, char *new_passw
* Conditional on lp_unix_password_sync() because we don't want
* to touch the unix db unless we have admin permission.
*/
-
+
if(lp_unix_password_sync() &&
!chgpasswd(username, pass, old_passwd, new_passwd, as_root)) {
TALLOC_FREE(pass);
--
Samba Shared Repository
