diff options
| author | Jeremy Allison <jra@samba.org> | 2010-01-27 16:42:06 -0800 |
|---|---|---|
| committer | Jeremy Allison <jra@samba.org> | 2010-01-27 16:42:06 -0800 |
| commit | 627fb85092f728065b6d772c41aeb75018154e86 (patch) | |
| tree | a49d1fb2c44883a36e3adb6dde25c812b492e03b /source3/passdb/login_cache.c | |
| parent | 8e26aa3d7cec968584283634fe3dce5553387c8c (diff) | |
| download | samba-627fb85092f728065b6d772c41aeb75018154e86.tar.gz samba-627fb85092f728065b6d772c41aeb75018154e86.tar.bz2 samba-627fb85092f728065b6d772c41aeb75018154e86.zip | |
Fix bug #7072 - Accounts can't be unlocked from ldap.
Fix suggested by Andy Hanton <andyhanton@gmail.com>. The LOGIN_CACHE
struct contains two time_t entries, but was being written to and
read from via tdb_pack/tdb_unpack functions using explicit 32-bit int specifiers.
This would break on machines with a 64-bit time_t. Use correct int
sizes for tdb_pack/tdb_unpack.
We have to fix this properly before 2037 :-).
Jeremy.
Diffstat (limited to 'source3/passdb/login_cache.c')
| -rw-r--r-- | source3/passdb/login_cache.c | 22 |
1 files changed, 15 insertions, 7 deletions
diff --git a/source3/passdb/login_cache.c b/source3/passdb/login_cache.c index 2a6350045b..5e1c9775cd 100644 --- a/source3/passdb/login_cache.c +++ b/source3/passdb/login_cache.c @@ -68,6 +68,7 @@ LOGIN_CACHE * login_cache_read(struct samu *sampass) char *keystr; TDB_DATA databuf; LOGIN_CACHE *entry; + uint32_t entry_timestamp = 0, bad_password_time = 0; if (!login_cache_init()) return NULL; @@ -92,17 +93,22 @@ LOGIN_CACHE * login_cache_read(struct samu *sampass) SAFE_FREE(databuf.dptr); return NULL; } + ZERO_STRUCTP(entry); if (tdb_unpack (databuf.dptr, databuf.dsize, SAM_CACHE_FORMAT, &entry->entry_timestamp, &entry->acct_ctrl, - &entry->bad_password_count, - &entry->bad_password_time) == -1) { + &entry->bad_password_count, + &bad_password_time) == -1) { DEBUG(7, ("No cache entry found\n")); SAFE_FREE(entry); SAFE_FREE(databuf.dptr); return NULL; } + /* Deal with possible 64-bit time_t. */ + entry->entry_timestamp = (time_t)entry_timestamp; + entry->bad_password_time = (time_t)bad_password_time; + SAFE_FREE(databuf.dptr); DEBUG(5, ("Found login cache entry: timestamp %12u, flags 0x%x, count %d, time %12u\n", @@ -116,6 +122,8 @@ bool login_cache_write(const struct samu *sampass, LOGIN_CACHE entry) char *keystr; TDB_DATA databuf; bool ret; + uint32_t entry_timestamp; + uint32_t bad_password_time = (uint32_t)entry.bad_password_time; if (!login_cache_init()) return False; @@ -130,14 +138,14 @@ bool login_cache_write(const struct samu *sampass, LOGIN_CACHE entry) return False; } - entry.entry_timestamp = time(NULL); + entry_timestamp = (uint32_t)time(NULL); databuf.dsize = tdb_pack(NULL, 0, SAM_CACHE_FORMAT, - entry.entry_timestamp, + entry_timestamp, entry.acct_ctrl, entry.bad_password_count, - entry.bad_password_time); + bad_password_time); databuf.dptr = SMB_MALLOC_ARRAY(uint8, databuf.dsize); if (!databuf.dptr) { SAFE_FREE(keystr); @@ -145,10 +153,10 @@ bool login_cache_write(const struct samu *sampass, LOGIN_CACHE entry) } if (tdb_pack(databuf.dptr, databuf.dsize, SAM_CACHE_FORMAT, - entry.entry_timestamp, + entry_timestamp, entry.acct_ctrl, entry.bad_password_count, - entry.bad_password_time) + bad_password_time) != databuf.dsize) { SAFE_FREE(keystr); SAFE_FREE(databuf.dptr); |