From e04dda6a2ab35eb2e4dc18a8a0507517175a655e Mon Sep 17 00:00:00 2001 From: Jim McDonough Date: Wed, 20 Sep 2006 17:25:46 +0000 Subject: r18722: Fix up password change times. The can change and must change times are calculated based on the last change time, policies, and acb flags. Next step will be to not bother storing them. Right now I'm just trying to get them reported correctly. (This used to be commit fd5761c9e52cbf8f1f7e45e71693598b27ecbf57) --- source3/passdb/pdb_get_set.c | 24 ++++++++++++++++++++++-- 1 file changed, 22 insertions(+), 2 deletions(-) (limited to 'source3/passdb/pdb_get_set.c') diff --git a/source3/passdb/pdb_get_set.c b/source3/passdb/pdb_get_set.c index 6d437867af..7aac8f5856 100644 --- a/source3/passdb/pdb_get_set.c +++ b/source3/passdb/pdb_get_set.c @@ -72,12 +72,32 @@ time_t pdb_get_pass_last_set_time(const struct samu *sampass) time_t pdb_get_pass_can_change_time(const struct samu *sampass) { - return sampass->pass_can_change_time; + uint32 allow; + + if (sampass->pass_last_set_time == 0) + return (time_t) 0; + + if (!pdb_get_account_policy(AP_MIN_PASSWORD_AGE, &allow)) + allow = 0; + + return sampass->pass_last_set_time + allow; } time_t pdb_get_pass_must_change_time(const struct samu *sampass) { - return sampass->pass_must_change_time; + uint32 expire; + + if (sampass->pass_last_set_time == 0) + return (time_t) 0; + + if (sampass->acct_ctrl & ACB_PWNOEXP) + return get_time_t_max(); + + if (!pdb_get_account_policy(AP_MAX_PASSWORD_AGE, &expire) + || expire == (uint32)-1 || expire == 0) + return get_time_t_max(); + + return sampass->pass_last_set_time + expire; } uint16 pdb_get_logon_divs(const struct samu *sampass) -- cgit