[SCM] Samba Shared Repository - branch v3-6-test updated

Karolin Seeger Thu, 26 May 2011 11:17:26 -0700

The branch, v3-6-test has been updated
       via  12c0c8b Actually make use of the SMBTA_SUBRELEASE define in 
smb_traffic_analyzer.h. This will allow to introduce new features or fixes into 
the protocol after the 3.6.0 release. The client software is designed to take 
care for the subrelease number.
       via  4ae564d Fix bug #7054 - X account flag does not work when 
pwdlastset is 0.
      from  c173b7b s3-testparm Warn about incorrect use of 'password server'


http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test


- Log -----------------------------------------------------------------
commit 12c0c8bc79ec762f983be6955fe14f8561bf6bfd
Author: Holger Hetterich <[email protected]>
Date:   Sun Feb 20 11:32:39 2011 +0100

    Actually make use of the SMBTA_SUBRELEASE define in smb_traffic_analyzer.h. 
This will allow to introduce new features or fixes into the protocol after the 
3.6.0 release. The client software is designed to take care for the subrelease 
number.
    
    Fix bug #8154 (Actually make use of SMBTA subversion numbers).

commit 4ae564df76c99a3866188dfb7e5a236188e97350
Author: Jeremy Allison <[email protected]>
Date:   Mon May 23 17:14:47 2011 -0700

    Fix bug #7054 - X account flag does not work when pwdlastset is 0.
    
    Don't allow pass_last_set_time to be set to zero (which means
    "user must change password on next logon") if user object doesn't
    allow password change.
    
    Don't automatically allow user object password change if
    "user must change password on next logon" is set.
    
    Jim please check.
    
    Jeremy.

-----------------------------------------------------------------------

Summary of changes:
 source3/modules/vfs_smb_traffic_analyzer.c |   11 +++++++++++
 source3/modules/vfs_smb_traffic_analyzer.h |    2 +-
 source3/passdb/pdb_get_set.c               |    3 +--
 source3/rpc_server/samr/srv_samr_util.c    |   11 ++++++++++-
 4 files changed, 23 insertions(+), 4 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/modules/vfs_smb_traffic_analyzer.c 
b/source3/modules/vfs_smb_traffic_analyzer.c
index e441f9c..07264be 100644
--- a/source3/modules/vfs_smb_traffic_analyzer.c
+++ b/source3/modules/vfs_smb_traffic_analyzer.c
@@ -417,6 +417,17 @@ static void 
smb_traffic_analyzer_send_data(vfs_handle_struct *handle,
         */
        char state_flags[9] = "000000\0";
 
+       /**
+        * The first byte of the state flag string represents
+        * the modules protocol subversion number, defined
+        * in smb_traffic_analyzer.h. smbtatools/smbtad are designed
+        * to handle not yet implemented protocol enhancements
+        * by ignoring them. By recognizing the SMBTA_SUBRELEASE
+        * smbtatools can tell the user to update the client
+        * software.
+        */
+       state_flags[0] = SMBTA_SUBRELEASE;
+
        SMB_VFS_HANDLE_GET_DATA(handle, rf_sock, struct refcounted_sock, 
return);
 
        if (rf_sock == NULL || rf_sock->sock == -1) {
diff --git a/source3/modules/vfs_smb_traffic_analyzer.h 
b/source3/modules/vfs_smb_traffic_analyzer.h
index bfc0614..817ffd8 100644
--- a/source3/modules/vfs_smb_traffic_analyzer.h
+++ b/source3/modules/vfs_smb_traffic_analyzer.h
@@ -77,7 +77,7 @@
  */
 
 /* Protocol subrelease number */
-#define SMBTA_SUBRELEASE 0
+#define SMBTA_SUBRELEASE '0'
 
 /*
  * Every data block sends a number of blocks sending common data
diff --git a/source3/passdb/pdb_get_set.c b/source3/passdb/pdb_get_set.c
index 6c1a2ab..782c08f 100644
--- a/source3/passdb/pdb_get_set.c
+++ b/source3/passdb/pdb_get_set.c
@@ -123,8 +123,7 @@ time_t pdb_get_pass_must_change_time(const struct samu 
*sampass)
 
 bool pdb_get_pass_can_change(const struct samu *sampass)
 {
-       if (sampass->pass_can_change_time == get_time_t_max() &&
-           sampass->pass_last_set_time != 0)
+       if (sampass->pass_can_change_time == get_time_t_max())
                return False;
        return True;
 }
diff --git a/source3/rpc_server/samr/srv_samr_util.c 
b/source3/rpc_server/samr/srv_samr_util.c
index 2912332..d052846 100644
--- a/source3/rpc_server/samr/srv_samr_util.c
+++ b/source3/rpc_server/samr/srv_samr_util.c
@@ -612,7 +612,16 @@ void copy_id21_to_sam_passwd(const char *log_prefix,
                DEBUG(10,("%s SAMR_FIELD_EXPIRED_FLAG: %02X\n", l,
                        from->password_expired));
                if (from->password_expired != 0) {
-                       pdb_set_pass_last_set_time(to, 0, PDB_CHANGED);
+                       /* Only allow the set_time to zero (which means
+                          "User Must Change Password on Next Login"
+                          if the user object allows password change. */
+                       if (pdb_get_pass_can_change(to)) {
+                               pdb_set_pass_last_set_time(to, 0, PDB_CHANGED);
+                       } else {
+                               DEBUG(10,("%s Disallowing set of 'User Must "
+                                       "Change Password on Next Login' as "
+                                       "user object disallows this.\n", l));
+                       }
                } else {
                        /* A subtlety here: some windows commands will
                           clear the expired flag even though it's not


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v3-6-test updated

Reply via email to