From 4471778d7846e0c5d5989e522ee214a3b4ded153 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Thu, 19 Apr 2012 10:39:56 +1000 Subject: s3-passdb: Remove unused sampass->pass_must_change_time There is no need to call pdb_set_pass_must_change_time() because nothing ever consults that value. It is always calculated from the domain policy. Also, this means we no longer store the value in LDAP. The value would only ever be set when migrating from tdbsam or smbpasswd, not on password changes, so would become incorrect over time. Andrew Bartlett --- source3/passdb/passdb.c | 5 ----- source3/passdb/pdb_get_set.c | 6 ------ source3/passdb/pdb_ldap.c | 20 -------------------- source3/passdb/pdb_samba4.c | 1 - source3/passdb/py_passdb.c | 7 +++---- 5 files changed, 3 insertions(+), 36 deletions(-) (limited to 'source3/passdb') diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c index 276e0314c8..6d3f42e720 100644 --- a/source3/passdb/passdb.c +++ b/source3/passdb/passdb.c @@ -93,7 +93,6 @@ struct samu *samu_new( TALLOC_CTX *ctx ) user->pass_can_change_time = (time_t)0; user->logoff_time = get_time_t_max(); user->kickoff_time = get_time_t_max(); - user->pass_must_change_time = get_time_t_max(); user->fields_present = 0x00ffffff; user->logon_divs = 168; /* hours per week */ user->hours_len = 21; /* 21 times 8 bits = 168 */ @@ -1028,7 +1027,6 @@ static bool init_samu_from_buffer_v0(struct samu *sampass, uint8_t *buf, uint32_ pdb_set_logoff_time(sampass, logoff_time, PDB_SET); pdb_set_kickoff_time(sampass, kickoff_time, PDB_SET); pdb_set_pass_can_change_time(sampass, pass_can_change_time, PDB_SET); - pdb_set_pass_must_change_time(sampass, pass_must_change_time, PDB_SET); pdb_set_pass_last_set_time(sampass, pass_last_set_time, PDB_SET); pdb_set_username(sampass, username, PDB_SET); @@ -1219,7 +1217,6 @@ static bool init_samu_from_buffer_v1(struct samu *sampass, uint8_t *buf, uint32_ /* Change from V0 is addition of bad_password_time field. */ pdb_set_bad_password_time(sampass, bad_password_time, PDB_SET); pdb_set_pass_can_change_time(sampass, pass_can_change_time, PDB_SET); - pdb_set_pass_must_change_time(sampass, pass_must_change_time, PDB_SET); pdb_set_pass_last_set_time(sampass, pass_last_set_time, PDB_SET); pdb_set_username(sampass, username, PDB_SET); @@ -1410,7 +1407,6 @@ static bool init_samu_from_buffer_v2(struct samu *sampass, uint8_t *buf, uint32_ pdb_set_kickoff_time(sampass, kickoff_time, PDB_SET); pdb_set_bad_password_time(sampass, bad_password_time, PDB_SET); pdb_set_pass_can_change_time(sampass, pass_can_change_time, PDB_SET); - pdb_set_pass_must_change_time(sampass, pass_must_change_time, PDB_SET); pdb_set_pass_last_set_time(sampass, pass_last_set_time, PDB_SET); pdb_set_username(sampass, username, PDB_SET); @@ -1646,7 +1642,6 @@ static bool init_samu_from_buffer_v3(struct samu *sampass, uint8_t *buf, uint32_ pdb_set_kickoff_time(sampass, convert_uint32_t_to_time_t(kickoff_time), PDB_SET); pdb_set_bad_password_time(sampass, convert_uint32_t_to_time_t(bad_password_time), PDB_SET); pdb_set_pass_can_change_time(sampass, convert_uint32_t_to_time_t(pass_can_change_time), PDB_SET); - pdb_set_pass_must_change_time(sampass, convert_uint32_t_to_time_t(pass_must_change_time), PDB_SET); pdb_set_pass_last_set_time(sampass, convert_uint32_t_to_time_t(pass_last_set_time), PDB_SET); pdb_set_username(sampass, username, PDB_SET); diff --git a/source3/passdb/pdb_get_set.c b/source3/passdb/pdb_get_set.c index 7575af293a..a9b22bbb40 100644 --- a/source3/passdb/pdb_get_set.c +++ b/source3/passdb/pdb_get_set.c @@ -400,12 +400,6 @@ bool pdb_set_pass_can_change_time(struct samu *sampass, time_t mytime, enum pdb_ return pdb_set_init_flags(sampass, PDB_CANCHANGETIME, flag); } -bool pdb_set_pass_must_change_time(struct samu *sampass, time_t mytime, enum pdb_value_state flag) -{ - sampass->pass_must_change_time = mytime; - return pdb_set_init_flags(sampass, PDB_MUSTCHANGETIME, flag); -} - bool pdb_set_pass_last_set_time(struct samu *sampass, time_t mytime, enum pdb_value_state flag) { sampass->pass_last_set_time = mytime; diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c index 04541e881d..6b911d2915 100644 --- a/source3/passdb/pdb_ldap.c +++ b/source3/passdb/pdb_ldap.c @@ -662,18 +662,6 @@ static bool init_sam_from_ldap(struct ldapsam_privates *ldap_state, pass_can_change_time, PDB_SET); } - temp = smbldap_talloc_single_attribute( - ldap_state->smbldap_state->ldap_struct, - entry, - get_userattr_key2string(ldap_state->schema_ver, - LDAP_ATTR_PWD_MUST_CHANGE), - ctx); - if (temp) { - pass_must_change_time = (time_t) atol(temp); - pdb_set_pass_must_change_time(sampass, - pass_must_change_time, PDB_SET); - } - /* recommend that 'gecos' and 'displayName' should refer to the same * attribute OID. userFullName depreciated, only used by Samba * primary rules of LDAP: don't make a new attribute when one is already defined @@ -1338,14 +1326,6 @@ static bool init_ldap_from_sam (struct ldapsam_privates *ldap_state, get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_PWD_CAN_CHANGE), temp); SAFE_FREE(temp); - if (asprintf(&temp, "%li", (long int)pdb_get_pass_must_change_time(sampass)) < 0) { - return false; - } - if (need_update(sampass, PDB_MUSTCHANGETIME)) - smbldap_make_mod(ldap_state->smbldap_state->ldap_struct, existing, mods, - get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_PWD_MUST_CHANGE), temp); - SAFE_FREE(temp); - if ((pdb_get_acct_ctrl(sampass)&(ACB_WSTRUST|ACB_SVRTRUST|ACB_DOMTRUST)) || (lp_ldap_passwd_sync()!=LDAP_PASSWD_SYNC_ONLY)) { diff --git a/source3/passdb/pdb_samba4.c b/source3/passdb/pdb_samba4.c index 2b785fa424..024c293aa1 100644 --- a/source3/passdb/pdb_samba4.c +++ b/source3/passdb/pdb_samba4.c @@ -564,7 +564,6 @@ static int pdb_samba4_replace_by_sam(struct pdb_samba4_state *state, PDB_LOGOFFTIME, PDB_BAD_PASSWORD_TIME, PDB_CANCHANGETIME, - these are calculated per policy, not stored - PDB_MUSTCHANGETIME, - these are calculated per policy, not stored PDB_DOMAIN, PDB_NTUSERNAME, - this makes no sense, and never really did PDB_LOGONDIVS, diff --git a/source3/passdb/py_passdb.c b/source3/passdb/py_passdb.c index 46f2e90f3d..d0ef567738 100644 --- a/source3/passdb/py_passdb.c +++ b/source3/passdb/py_passdb.c @@ -198,10 +198,9 @@ static int py_samu_set_pass_must_change_time(PyObject *obj, PyObject *value, voi struct samu *sam_acct = (struct samu *)pytalloc_get_ptr(obj); PY_CHECK_TYPE(&PyInt_Type, value, return -1;); - if (!pdb_set_pass_must_change_time(sam_acct, PyInt_AsLong(value), PDB_CHANGED)) { - return -1; - } - return 0; + + /* TODO: make this not a get/set or give a better exception */ + return -1; } static PyObject *py_samu_get_username(PyObject *obj, void *closure) -- cgit