diff options
author | Andrew Bartlett <abartlet@samba.org> | 2012-04-19 10:39:56 +1000 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2012-04-19 12:34:33 +0200 |
commit | 4471778d7846e0c5d5989e522ee214a3b4ded153 (patch) | |
tree | 176828701c4c6411df07487c83aac8bfcf8eb53b /source3 | |
parent | cf39ef363782dae8d9b73bb249f2321c924c1dc8 (diff) | |
download | samba-4471778d7846e0c5d5989e522ee214a3b4ded153.tar.gz samba-4471778d7846e0c5d5989e522ee214a3b4ded153.tar.bz2 samba-4471778d7846e0c5d5989e522ee214a3b4ded153.zip |
s3-passdb: Remove unused sampass->pass_must_change_time
There is no need to call pdb_set_pass_must_change_time() because
nothing ever consults that value. It is always calculated from the
domain policy.
Also, this means we no longer store the value in LDAP. The value
would only ever be set when migrating from tdbsam or smbpasswd, not on
password changes, so would become incorrect over time.
Andrew Bartlett
Diffstat (limited to 'source3')
-rw-r--r-- | source3/include/passdb.h | 3 | ||||
-rw-r--r-- | source3/passdb/passdb.c | 5 | ||||
-rw-r--r-- | source3/passdb/pdb_get_set.c | 6 | ||||
-rw-r--r-- | source3/passdb/pdb_ldap.c | 20 | ||||
-rw-r--r-- | source3/passdb/pdb_samba4.c | 1 | ||||
-rw-r--r-- | source3/passdb/py_passdb.c | 7 | ||||
-rw-r--r-- | source3/torture/pdbtest.c | 6 |
7 files changed, 3 insertions, 45 deletions
diff --git a/source3/include/passdb.h b/source3/include/passdb.h index 2a3844d932..905a5d1955 100644 --- a/source3/include/passdb.h +++ b/source3/include/passdb.h @@ -183,7 +183,6 @@ enum pdb_elements { PDB_KICKOFFTIME, PDB_BAD_PASSWORD_TIME, PDB_CANCHANGETIME, - PDB_MUSTCHANGETIME, PDB_PLAINTEXT_PW, PDB_USERNAME, PDB_FULLNAME, @@ -267,7 +266,6 @@ struct samu { time_t bad_password_time; /* last bad password entered */ time_t pass_last_set_time; /* password last set time */ time_t pass_can_change_time; /* password can change time */ - time_t pass_must_change_time; /* password must change time */ const char *username; /* UNIX username string */ const char *domain; /* Windows Domain name */ @@ -752,7 +750,6 @@ bool pdb_set_logoff_time(struct samu *sampass, time_t mytime, enum pdb_value_sta bool pdb_set_kickoff_time(struct samu *sampass, time_t mytime, enum pdb_value_state flag); bool pdb_set_bad_password_time(struct samu *sampass, time_t mytime, enum pdb_value_state flag); bool pdb_set_pass_can_change_time(struct samu *sampass, time_t mytime, enum pdb_value_state flag); -bool pdb_set_pass_must_change_time(struct samu *sampass, time_t mytime, enum pdb_value_state flag); bool pdb_set_pass_last_set_time(struct samu *sampass, time_t mytime, enum pdb_value_state flag); bool pdb_set_hours_len(struct samu *sampass, uint32_t len, enum pdb_value_state flag); bool pdb_set_logon_divs(struct samu *sampass, uint16_t hours, enum pdb_value_state flag); diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c index 276e0314c8..6d3f42e720 100644 --- a/source3/passdb/passdb.c +++ b/source3/passdb/passdb.c @@ -93,7 +93,6 @@ struct samu *samu_new( TALLOC_CTX *ctx ) user->pass_can_change_time = (time_t)0; user->logoff_time = get_time_t_max(); user->kickoff_time = get_time_t_max(); - user->pass_must_change_time = get_time_t_max(); user->fields_present = 0x00ffffff; user->logon_divs = 168; /* hours per week */ user->hours_len = 21; /* 21 times 8 bits = 168 */ @@ -1028,7 +1027,6 @@ static bool init_samu_from_buffer_v0(struct samu *sampass, uint8_t *buf, uint32_ pdb_set_logoff_time(sampass, logoff_time, PDB_SET); pdb_set_kickoff_time(sampass, kickoff_time, PDB_SET); pdb_set_pass_can_change_time(sampass, pass_can_change_time, PDB_SET); - pdb_set_pass_must_change_time(sampass, pass_must_change_time, PDB_SET); pdb_set_pass_last_set_time(sampass, pass_last_set_time, PDB_SET); pdb_set_username(sampass, username, PDB_SET); @@ -1219,7 +1217,6 @@ static bool init_samu_from_buffer_v1(struct samu *sampass, uint8_t *buf, uint32_ /* Change from V0 is addition of bad_password_time field. */ pdb_set_bad_password_time(sampass, bad_password_time, PDB_SET); pdb_set_pass_can_change_time(sampass, pass_can_change_time, PDB_SET); - pdb_set_pass_must_change_time(sampass, pass_must_change_time, PDB_SET); pdb_set_pass_last_set_time(sampass, pass_last_set_time, PDB_SET); pdb_set_username(sampass, username, PDB_SET); @@ -1410,7 +1407,6 @@ static bool init_samu_from_buffer_v2(struct samu *sampass, uint8_t *buf, uint32_ pdb_set_kickoff_time(sampass, kickoff_time, PDB_SET); pdb_set_bad_password_time(sampass, bad_password_time, PDB_SET); pdb_set_pass_can_change_time(sampass, pass_can_change_time, PDB_SET); - pdb_set_pass_must_change_time(sampass, pass_must_change_time, PDB_SET); pdb_set_pass_last_set_time(sampass, pass_last_set_time, PDB_SET); pdb_set_username(sampass, username, PDB_SET); @@ -1646,7 +1642,6 @@ static bool init_samu_from_buffer_v3(struct samu *sampass, uint8_t *buf, uint32_ pdb_set_kickoff_time(sampass, convert_uint32_t_to_time_t(kickoff_time), PDB_SET); pdb_set_bad_password_time(sampass, convert_uint32_t_to_time_t(bad_password_time), PDB_SET); pdb_set_pass_can_change_time(sampass, convert_uint32_t_to_time_t(pass_can_change_time), PDB_SET); - pdb_set_pass_must_change_time(sampass, convert_uint32_t_to_time_t(pass_must_change_time), PDB_SET); pdb_set_pass_last_set_time(sampass, convert_uint32_t_to_time_t(pass_last_set_time), PDB_SET); pdb_set_username(sampass, username, PDB_SET); diff --git a/source3/passdb/pdb_get_set.c b/source3/passdb/pdb_get_set.c index 7575af293a..a9b22bbb40 100644 --- a/source3/passdb/pdb_get_set.c +++ b/source3/passdb/pdb_get_set.c @@ -400,12 +400,6 @@ bool pdb_set_pass_can_change_time(struct samu *sampass, time_t mytime, enum pdb_ return pdb_set_init_flags(sampass, PDB_CANCHANGETIME, flag); } -bool pdb_set_pass_must_change_time(struct samu *sampass, time_t mytime, enum pdb_value_state flag) -{ - sampass->pass_must_change_time = mytime; - return pdb_set_init_flags(sampass, PDB_MUSTCHANGETIME, flag); -} - bool pdb_set_pass_last_set_time(struct samu *sampass, time_t mytime, enum pdb_value_state flag) { sampass->pass_last_set_time = mytime; diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c index 04541e881d..6b911d2915 100644 --- a/source3/passdb/pdb_ldap.c +++ b/source3/passdb/pdb_ldap.c @@ -662,18 +662,6 @@ static bool init_sam_from_ldap(struct ldapsam_privates *ldap_state, pass_can_change_time, PDB_SET); } - temp = smbldap_talloc_single_attribute( - ldap_state->smbldap_state->ldap_struct, - entry, - get_userattr_key2string(ldap_state->schema_ver, - LDAP_ATTR_PWD_MUST_CHANGE), - ctx); - if (temp) { - pass_must_change_time = (time_t) atol(temp); - pdb_set_pass_must_change_time(sampass, - pass_must_change_time, PDB_SET); - } - /* recommend that 'gecos' and 'displayName' should refer to the same * attribute OID. userFullName depreciated, only used by Samba * primary rules of LDAP: don't make a new attribute when one is already defined @@ -1338,14 +1326,6 @@ static bool init_ldap_from_sam (struct ldapsam_privates *ldap_state, get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_PWD_CAN_CHANGE), temp); SAFE_FREE(temp); - if (asprintf(&temp, "%li", (long int)pdb_get_pass_must_change_time(sampass)) < 0) { - return false; - } - if (need_update(sampass, PDB_MUSTCHANGETIME)) - smbldap_make_mod(ldap_state->smbldap_state->ldap_struct, existing, mods, - get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_PWD_MUST_CHANGE), temp); - SAFE_FREE(temp); - if ((pdb_get_acct_ctrl(sampass)&(ACB_WSTRUST|ACB_SVRTRUST|ACB_DOMTRUST)) || (lp_ldap_passwd_sync()!=LDAP_PASSWD_SYNC_ONLY)) { diff --git a/source3/passdb/pdb_samba4.c b/source3/passdb/pdb_samba4.c index 2b785fa424..024c293aa1 100644 --- a/source3/passdb/pdb_samba4.c +++ b/source3/passdb/pdb_samba4.c @@ -564,7 +564,6 @@ static int pdb_samba4_replace_by_sam(struct pdb_samba4_state *state, PDB_LOGOFFTIME, PDB_BAD_PASSWORD_TIME, PDB_CANCHANGETIME, - these are calculated per policy, not stored - PDB_MUSTCHANGETIME, - these are calculated per policy, not stored PDB_DOMAIN, PDB_NTUSERNAME, - this makes no sense, and never really did PDB_LOGONDIVS, diff --git a/source3/passdb/py_passdb.c b/source3/passdb/py_passdb.c index 46f2e90f3d..d0ef567738 100644 --- a/source3/passdb/py_passdb.c +++ b/source3/passdb/py_passdb.c @@ -198,10 +198,9 @@ static int py_samu_set_pass_must_change_time(PyObject *obj, PyObject *value, voi struct samu *sam_acct = (struct samu *)pytalloc_get_ptr(obj); PY_CHECK_TYPE(&PyInt_Type, value, return -1;); - if (!pdb_set_pass_must_change_time(sam_acct, PyInt_AsLong(value), PDB_CHANGED)) { - return -1; - } - return 0; + + /* TODO: make this not a get/set or give a better exception */ + return -1; } static PyObject *py_samu_get_username(PyObject *obj, void *closure) diff --git a/source3/torture/pdbtest.c b/source3/torture/pdbtest.c index 9f9ca0c40a..1257eff9f6 100644 --- a/source3/torture/pdbtest.c +++ b/source3/torture/pdbtest.c @@ -409,12 +409,6 @@ int main(int argc, char **argv) pdb_get_account_policy(PDB_POLICY_MIN_PASSWORD_AGE, &min_age); pdb_set_pass_last_set_time(out, time(NULL), PDB_SET); - if (expire == 0 || expire == (uint32)-1) { - pdb_set_pass_must_change_time(out, get_time_t_max(), PDB_SET); - } else { - pdb_set_pass_must_change_time(out, time(NULL)+expire, PDB_SET); - } - if (min_age == (uint32)-1) { pdb_set_pass_can_change_time(out, 0, PDB_SET); } else { |