- fix handling of 0 last_change_time and must_change_time

- move the arbitrary 21 day timeout to local.h
(This used to be commit 11075f543470c3283accce0246d0b2983420695a)

6 files changed, 77 insertions, 74 deletions

diff --git a/source3/auth/auth_sam.c b/source3/auth/auth_sam.c
index 8159ad988f..304e5be44b 100644
--- a/source3/auth/auth_sam.c
+++ b/source3/auth/auth_sam.c
@@ -204,7 +204,7 @@ NTSTATUS sam_account_ok(SAM_ACCOUNT *sampass, const auth_usersupplied_info *user
 	DEBUG(4,("smb_password_ok: Checking SMB password for user %s\n",sampass->username));
 
 	/* Quit if the account was disabled. */
-	if(acct_ctrl & ACB_DISABLED) {
+	if (acct_ctrl & ACB_DISABLED) {
 		DEBUG(1,("Account for user '%s' was disabled.\n", sampass->username));
 		return NT_STATUS_ACCOUNT_DISABLED;
 	}
@@ -212,52 +212,53 @@ NTSTATUS sam_account_ok(SAM_ACCOUNT *sampass, const auth_usersupplied_info *user
 	/* Test account expire time */
 	
 	kickoff_time = pdb_get_kickoff_time(sampass);
-	if (kickoff_time != (time_t)-1) {
-		if (time(NULL) > kickoff_time) {
-			DEBUG(1,("Account for user '%s' has expried.\n", sampass->username));
-			DEBUG(3,("Account expired at '%ld' unix time.\n", (long)kickoff_time));
-			return NT_STATUS_ACCOUNT_EXPIRED;
-		}
+	if (kickoff_time != 0 && time(NULL) > kickoff_time) {
+		DEBUG(1,("Account for user '%s' has expried.\n", sampass->username));
+		DEBUG(3,("Account expired at '%ld' unix time.\n", (long)kickoff_time));
+		return NT_STATUS_ACCOUNT_EXPIRED;
 	}
 
 	/* Test workstation. Workstation list is comma separated. */
 
 	workstation_list = strdup(pdb_get_workstations(sampass));
 
-	if (workstation_list) {
-		if (*workstation_list) {
-			BOOL invalid_ws = True;
-			char *s = workstation_list;
+	if (!workstation_list) return NT_STATUS_NO_MEMORY;
+
+	if (*workstation_list) {
+		BOOL invalid_ws = True;
+		char *s = workstation_list;
 			
-			fstring tok;
+		fstring tok;
 			
-			while (next_token(&s, tok, ",", sizeof(tok))) {
-				DEBUG(10,("checking for workstation match %s and %s (len=%d)\n",
-					  tok, user_info->wksta_name.str, user_info->wksta_name.len));
-				if(strequal(tok, user_info->wksta_name.str)) {
-					invalid_ws = False;
-					break;
-				}
+		while (next_token(&s, tok, ",", sizeof(tok))) {
+			DEBUG(10,("checking for workstation match %s and %s (len=%d)\n",
+				  tok, user_info->wksta_name.str, user_info->wksta_name.len));
+			if(strequal(tok, user_info->wksta_name.str)) {
+				invalid_ws = False;
+				break;
 			}
-			
-			SAFE_FREE(workstation_list);		
-			if (invalid_ws) 
-				return NT_STATUS_INVALID_WORKSTATION;
-		} else {
-			SAFE_FREE(workstation_list);
 		}
+		
+		SAFE_FREE(workstation_list);		
+		if (invalid_ws) 
+			return NT_STATUS_INVALID_WORKSTATION;
 	} else {
-		return NT_STATUS_NO_MEMORY;
+		SAFE_FREE(workstation_list);
 	}
+
 	
 	{
 		time_t must_change_time = pdb_get_pass_must_change_time(sampass);
-		if (must_change_time == 0) {
-			DEBUG(1,("Account for user '%s' must change password at next logon! (ie now).\n", sampass->username));
+		time_t last_set_time = pdb_get_pass_last_set_time(sampass);
+
+		/* check for immediate expiry "must change at next logon" */
+		if (must_change_time == 0 && last_set_time != 0) {
+			DEBUG(1,("Account for user '%s' password must change!.\n", sampass->username));
 			return NT_STATUS_PASSWORD_MUST_CHANGE;
 		}
 
-		if (must_change_time != (time_t)-1 && must_change_time < time(NULL)) {
+		/* check for expired password */
+		if (must_change_time < time(NULL) && must_change_time != 0) {
 			DEBUG(1,("Account for user '%s' password expired!.\n", sampass->username));
 			DEBUG(1,("Password expired at '%ld' unix time.\n", (long)must_change_time));
 			return NT_STATUS_PASSWORD_EXPIRED;
@@ -265,12 +266,12 @@ NTSTATUS sam_account_ok(SAM_ACCOUNT *sampass, const auth_usersupplied_info *user
 	}
 
 	if (acct_ctrl & ACB_DOMTRUST) {
-		DEBUG(0,("session_trust_account: Domain trust account %s denied by server\n", sampass->username));
+		DEBUG(2,("session_trust_account: Domain trust account %s denied by server\n", sampass->username));
 		return NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT;
 	}
 	
 	if (acct_ctrl & ACB_SVRTRUST) {
-		DEBUG(0,("session_trust_account: Server trust account %s denied by server\n", sampass->username));
+		DEBUG(2,("session_trust_account: Server trust account %s denied by server\n", sampass->username));
 		return NT_STATUS_NOLOGON_SERVER_TRUST_ACCOUNT;
 	}
 	
diff --git a/source3/include/local.h b/source3/include/local.h
index e9e4fb2d35..53ef564610 100644
--- a/source3/include/local.h
+++ b/source3/include/local.h
@@ -186,4 +186,7 @@
 #define SESSION_TEMPLATE "smb/%d"
 #endif
 
+/* the maximum age in seconds of a password. Should be a lp_ parameter */
+#define MAX_PASSWORD_AGE (21*24*60*60)
+
 #endif
diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c
index 75f2d432f2..2ffbe42f8c 100644
--- a/source3/passdb/passdb.c
+++ b/source3/passdb/passdb.c
@@ -79,11 +79,11 @@ static BOOL pdb_fill_default_sam(SAM_ACCOUNT *user)
 	
 	ZERO_STRUCTP(user);
 	user->logon_time            = (time_t)0;
-	user->logoff_time           = (time_t)-1;
-	user->kickoff_time          = (time_t)-1;
-	user->pass_last_set_time    = (time_t)-1;
-	user->pass_can_change_time  = (time_t)-1;
-	user->pass_must_change_time = (time_t)-1;
+	user->logoff_time           = (time_t)0;
+	user->kickoff_time          = (time_t)0;
+	user->pass_last_set_time    = (time_t)0;
+	user->pass_can_change_time  = (time_t)0;
+	user->pass_must_change_time = (time_t)0;
 
 	user->unknown_3 = 0x00ffffff; 	/* don't know */
 	user->logon_divs = 168; 	/* hours per week */
diff --git a/source3/passdb/pdb_smbpasswd.c b/source3/passdb/pdb_smbpasswd.c
index bca7541782..f487dcf347 100644
--- a/source3/passdb/pdb_smbpasswd.c
+++ b/source3/passdb/pdb_smbpasswd.c
@@ -1219,10 +1219,11 @@ static BOOL build_sam_account(SAM_ACCOUNT *sam_pass, struct smb_passwd *pw_buf)
 	
 	pdb_set_dir_drive     (sam_pass, lp_logon_drive());
 
-	/* FIXME!!  What should this be set to?  New smb.conf parameter maybe?
-	   max password age?   For now, we'll use the current time + 21 days. 
-	   --jerry */
-	pdb_set_pass_must_change_time (sam_pass, time(NULL)+1814400);
+	/* the smbpasswd format doesn't have a must change time field, so
+	   we can't get this right. The best we can do is to set this to 
+	   some time in the future. 21 days seems as reasonable as any other value :) 
+	*/
+	pdb_set_pass_must_change_time (sam_pass, pw_buf->pass_last_set_time + MAX_PASSWORD_AGE);
 
 	/* check if this is a user account or a machine account */
 	if (samlogon_user[strlen(samlogon_user)-1] != '$')
diff --git a/source3/passdb/pdb_tdb.c b/source3/passdb/pdb_tdb.c
index 9b932b7821..43eefa5c7a 100644
--- a/source3/passdb/pdb_tdb.c
+++ b/source3/passdb/pdb_tdb.c
@@ -466,9 +466,6 @@ BOOL pdb_getsampwent(SAM_ACCOUNT *user)
 	pdb_set_uid (user, uid);
 	pdb_set_gid (user, gid);
 
-	/* 21 days from present */
-	pdb_set_pass_must_change_time(user, time(NULL)+1814400);	
-
 	standard_sub_advanced(-1, pdb_get_username(user), "", gid, pdb_get_logon_script(user));
 	standard_sub_advanced(-1, pdb_get_username(user), "", gid, pdb_get_profile_path(user));
 	standard_sub_advanced(-1, pdb_get_username(user), "", gid, pdb_get_homedir(user));
diff --git a/source3/smbd/auth_smbpasswd.c b/source3/smbd/auth_smbpasswd.c
index 8159ad988f..304e5be44b 100644
--- a/source3/smbd/auth_smbpasswd.c
+++ b/source3/smbd/auth_smbpasswd.c
@@ -204,7 +204,7 @@ NTSTATUS sam_account_ok(SAM_ACCOUNT *sampass, const auth_usersupplied_info *user
 	DEBUG(4,("smb_password_ok: Checking SMB password for user %s\n",sampass->username));
 
 	/* Quit if the account was disabled. */
-	if(acct_ctrl & ACB_DISABLED) {
+	if (acct_ctrl & ACB_DISABLED) {
 		DEBUG(1,("Account for user '%s' was disabled.\n", sampass->username));
 		return NT_STATUS_ACCOUNT_DISABLED;
 	}
@@ -212,52 +212,53 @@ NTSTATUS sam_account_ok(SAM_ACCOUNT *sampass, const auth_usersupplied_info *user
 	/* Test account expire time */
 	
 	kickoff_time = pdb_get_kickoff_time(sampass);
-	if (kickoff_time != (time_t)-1) {
-		if (time(NULL) > kickoff_time) {
-			DEBUG(1,("Account for user '%s' has expried.\n", sampass->username));
-			DEBUG(3,("Account expired at '%ld' unix time.\n", (long)kickoff_time));
-			return NT_STATUS_ACCOUNT_EXPIRED;
-		}
+	if (kickoff_time != 0 && time(NULL) > kickoff_time) {
+		DEBUG(1,("Account for user '%s' has expried.\n", sampass->username));
+		DEBUG(3,("Account expired at '%ld' unix time.\n", (long)kickoff_time));
+		return NT_STATUS_ACCOUNT_EXPIRED;
 	}
 
 	/* Test workstation. Workstation list is comma separated. */
 
 	workstation_list = strdup(pdb_get_workstations(sampass));
 
-	if (workstation_list) {
-		if (*workstation_list) {
-			BOOL invalid_ws = True;
-			char *s = workstation_list;
+	if (!workstation_list) return NT_STATUS_NO_MEMORY;
+
+	if (*workstation_list) {
+		BOOL invalid_ws = True;
+		char *s = workstation_list;
 			
-			fstring tok;
+		fstring tok;
 			
-			while (next_token(&s, tok, ",", sizeof(tok))) {
-				DEBUG(10,("checking for workstation match %s and %s (len=%d)\n",
-					  tok, user_info->wksta_name.str, user_info->wksta_name.len));
-				if(strequal(tok, user_info->wksta_name.str)) {
-					invalid_ws = False;
-					break;
-				}
+		while (next_token(&s, tok, ",", sizeof(tok))) {
+			DEBUG(10,("checking for workstation match %s and %s (len=%d)\n",
+				  tok, user_info->wksta_name.str, user_info->wksta_name.len));
+			if(strequal(tok, user_info->wksta_name.str)) {
+				invalid_ws = False;
+				break;
 			}
-			
-			SAFE_FREE(workstation_list);		
-			if (invalid_ws) 
-				return NT_STATUS_INVALID_WORKSTATION;
-		} else {
-			SAFE_FREE(workstation_list);
 		}
+		
+		SAFE_FREE(workstation_list);		
+		if (invalid_ws) 
+			return NT_STATUS_INVALID_WORKSTATION;
 	} else {
-		return NT_STATUS_NO_MEMORY;
+		SAFE_FREE(workstation_list);
 	}
+
 	
 	{
 		time_t must_change_time = pdb_get_pass_must_change_time(sampass);
-		if (must_change_time == 0) {
-			DEBUG(1,("Account for user '%s' must change password at next logon! (ie now).\n", sampass->username));
+		time_t last_set_time = pdb_get_pass_last_set_time(sampass);
+
+		/* check for immediate expiry "must change at next logon" */
+		if (must_change_time == 0 && last_set_time != 0) {
+			DEBUG(1,("Account for user '%s' password must change!.\n", sampass->username));
 			return NT_STATUS_PASSWORD_MUST_CHANGE;
 		}
 
-		if (must_change_time != (time_t)-1 && must_change_time < time(NULL)) {
+		/* check for expired password */
+		if (must_change_time < time(NULL) && must_change_time != 0) {
 			DEBUG(1,("Account for user '%s' password expired!.\n", sampass->username));
 			DEBUG(1,("Password expired at '%ld' unix time.\n", (long)must_change_time));
 			return NT_STATUS_PASSWORD_EXPIRED;
@@ -265,12 +266,12 @@ NTSTATUS sam_account_ok(SAM_ACCOUNT *sampass, const auth_usersupplied_info *user
 	}
 
 	if (acct_ctrl & ACB_DOMTRUST) {
-		DEBUG(0,("session_trust_account: Domain trust account %s denied by server\n", sampass->username));
+		DEBUG(2,("session_trust_account: Domain trust account %s denied by server\n", sampass->username));
 		return NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT;
 	}
 	
 	if (acct_ctrl & ACB_SVRTRUST) {
-		DEBUG(0,("session_trust_account: Server trust account %s denied by server\n", sampass->username));
+		DEBUG(2,("session_trust_account: Server trust account %s denied by server\n", sampass->username));
 		return NT_STATUS_NOLOGON_SERVER_TRUST_ACCOUNT;
 	}