summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2006-10-16 01:19:01 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 14:21:06 -0500
commit379e6598e128e5e63a10bd6a81ede01d3965a8be (patch)
tree6f0323d0f20ee68df672a42523c29ab7952b9274
parent9b9215d0f40b9f14512b6be51ee3fd6dc7b00ce7 (diff)
downloadsamba-379e6598e128e5e63a10bd6a81ede01d3965a8be.tar.gz
samba-379e6598e128e5e63a10bd6a81ede01d3965a8be.tar.bz2
samba-379e6598e128e5e63a10bd6a81ede01d3965a8be.zip
r19308: Merge samsync fixes from SAMBA_4_0_RELEASE
Andrew Bartlett (This used to be commit 331003239972d80864211377e864f7e469bd3d77)
-rw-r--r--source4/dsdb/samdb/ldb_modules/password_hash.c16
-rw-r--r--source4/libnet/libnet_samsync_ldb.c19
2 files changed, 27 insertions, 8 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/password_hash.c b/source4/dsdb/samdb/ldb_modules/password_hash.c
index d8ef9176fd..6f24c7fa4c 100644
--- a/source4/dsdb/samdb/ldb_modules/password_hash.c
+++ b/source4/dsdb/samdb/ldb_modules/password_hash.c
@@ -102,7 +102,7 @@ static int add_password_hashes(struct ldb_module *module, struct ldb_message *ms
sambaPassword = ldb_msg_find_attr_as_string(msg, "sambaPassword", NULL);
if (sambaPassword == NULL) { /* impossible, what happened ?! */
- return LDB_ERR_OPERATIONS_ERROR;
+ return LDB_ERR_CONSTRAINT_VIOLATION;
}
if (is_mod) {
@@ -634,6 +634,20 @@ static int password_hash_add(struct ldb_module *module, struct ldb_request *req)
return LDB_ERR_CONSTRAINT_VIOLATION;
}
+ if (sambaAttr && sambaAttr->num_values == 0) {
+ ldb_set_errstring(module->ldb, "sambaPassword must have a value!\n");
+ return LDB_ERR_CONSTRAINT_VIOLATION;
+ }
+
+ if (ntAttr && (ntAttr->num_values == 0)) {
+ ldb_set_errstring(module->ldb, "lmPwdHash must have a value!\n");
+ return LDB_ERR_CONSTRAINT_VIOLATION;
+ }
+ if (lmAttr && (lmAttr->num_values == 0)) {
+ ldb_set_errstring(module->ldb, "lmPwdHash must have a value!\n");
+ return LDB_ERR_CONSTRAINT_VIOLATION;
+ }
+
h = ph_init_handle(req, module, PH_ADD);
if (!h) {
return LDB_ERR_OPERATIONS_ERROR;
diff --git a/source4/libnet/libnet_samsync_ldb.c b/source4/libnet/libnet_samsync_ldb.c
index 8912393231..31591e6246 100644
--- a/source4/libnet/libnet_samsync_ldb.c
+++ b/source4/libnet/libnet_samsync_ldb.c
@@ -128,11 +128,14 @@ static NTSTATUS samsync_ldb_handle_domain(TALLOC_CTX *mem_ctx,
}
if (database == SAM_DATABASE_DOMAIN) {
+ const struct ldb_dn *partitions_basedn;
const char *domain_attrs[] = {"nETBIOSName", "nCName", NULL};
struct ldb_message **msgs_domain;
int ret_domain;
- ret_domain = gendb_search(state->sam_ldb, mem_ctx, NULL, &msgs_domain, domain_attrs,
+ partitions_basedn = samdb_partitions_dn(state->sam_ldb, mem_ctx);
+
+ ret_domain = gendb_search(state->sam_ldb, mem_ctx, partitions_basedn, &msgs_domain, domain_attrs,
"(&(&(nETBIOSName=%s)(objectclass=crossRef))(ncName=*))",
domain_name);
if (ret_domain == -1) {
@@ -354,21 +357,23 @@ static NTSTATUS samsync_ldb_handle_user(TALLOC_CTX *mem_ctx,
return NT_STATUS_NO_MEMORY;
}
- /* Passwords. Ensure there is no plaintext stored against
- * this entry, as we only have hashes */
- samdb_msg_add_delete(state->sam_ldb, mem_ctx, msg,
- "sambaPassword");
+ if (!add) {
+ /* Passwords. Ensure there is no plaintext stored against
+ * this entry, as we only have hashes */
+ samdb_msg_add_delete(state->sam_ldb, mem_ctx, msg,
+ "sambaPassword");
+ }
if (user->lm_password_present) {
samdb_msg_add_hash(state->sam_ldb, mem_ctx, msg,
"lmPwdHash", &user->lmpassword);
- } else {
+ } else if (!add) {
samdb_msg_add_delete(state->sam_ldb, mem_ctx, msg,
"lmPwdHash");
}
if (user->nt_password_present) {
samdb_msg_add_hash(state->sam_ldb, mem_ctx, msg,
"ntPwdHash", &user->ntpassword);
- } else {
+ } else if (!add) {
samdb_msg_add_delete(state->sam_ldb, mem_ctx, msg,
"ntPwdHash");
}