From e83c7d0141c0726a74c7be48914e94bac7167ab1 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Fri, 10 Feb 2006 23:09:00 +0000 Subject: r13442: Implement samr_chgpasswd_user3 server-side. Guenther (This used to be commit f60eddc0a4dfe623e5f115533a62c03810fd5f38) --- source3/smbd/chgpasswd.c | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) (limited to 'source3/smbd') diff --git a/source3/smbd/chgpasswd.c b/source3/smbd/chgpasswd.c index 0798541cb5..501aba3336 100644 --- a/source3/smbd/chgpasswd.c +++ b/source3/smbd/chgpasswd.c @@ -703,7 +703,8 @@ NTSTATUS pass_oem_change(char *user, uchar password_encrypted_with_lm_hash[516], const uchar old_lm_hash_encrypted[16], uchar password_encrypted_with_nt_hash[516], - const uchar old_nt_hash_encrypted[16]) + const uchar old_nt_hash_encrypted[16], + uint32 *reject_reason) { pstring new_passwd; SAM_ACCOUNT *sampass = NULL; @@ -718,7 +719,7 @@ NTSTATUS pass_oem_change(char *user, /* We've already checked the old password here.... */ become_root(); - nt_status = change_oem_password(sampass, NULL, new_passwd, True); + nt_status = change_oem_password(sampass, NULL, new_passwd, True, reject_reason); unbecome_root(); memset(new_passwd, 0, sizeof(new_passwd)); @@ -1007,7 +1008,7 @@ static BOOL check_passwd_history(SAM_ACCOUNT *sampass, const char *plaintext) is correct before calling. JRA. ************************************************************/ -NTSTATUS change_oem_password(SAM_ACCOUNT *hnd, char *old_passwd, char *new_passwd, BOOL as_root) +NTSTATUS change_oem_password(SAM_ACCOUNT *hnd, char *old_passwd, char *new_passwd, BOOL as_root, uint32 *samr_reject_reason) { uint32 min_len, min_age; struct passwd *pass = NULL; @@ -1040,11 +1041,17 @@ NTSTATUS change_oem_password(SAM_ACCOUNT *hnd, char *old_passwd, char *new_passw DEBUG(1, ("user %s cannot change password - password too short\n", username)); DEBUGADD(1, (" account policy min password len = %d\n", min_len)); + if (samr_reject_reason) { + *samr_reject_reason = REJECT_REASON_TOO_SHORT; + } return NT_STATUS_PASSWORD_RESTRICTION; /* return NT_STATUS_PWD_TOO_SHORT; */ } if (check_passwd_history(hnd,new_passwd)) { + if (samr_reject_reason) { + *samr_reject_reason = REJECT_REASON_IN_HISTORY; + } return NT_STATUS_PASSWORD_RESTRICTION; } @@ -1063,6 +1070,9 @@ NTSTATUS change_oem_password(SAM_ACCOUNT *hnd, char *old_passwd, char *new_passw if (check_ret != 0) { DEBUG(1, ("change_oem_password: check password script said new password is not good enough!\n")); + if (samr_reject_reason) { + *samr_reject_reason = REJECT_REASON_NOT_COMPLEX; + } return NT_STATUS_PASSWORD_RESTRICTION; } } -- cgit