CVE-2021-20251 auth4: Inline samdb_result_effective_badPwdCount() in authsam_logon_su...

By bringing this function inline it can then be split out in a
subsequent commit.

Based on work by Gary Lockyer <gary@catalyst.net.nz>

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>

diff --git a/source4/auth/sam.c b/source4/auth/sam.c
index 9e4da42632d60172437731ec19e42dd008cfa32c..698324e5cc0d184f81077adb7c71dca123428385 100644 (file)
--- a/source4/auth/sam.c
+++ b/source4/auth/sam.c
@@ -1479,11 +1479,17 @@ get_transaction:
 
        lockoutTime = ldb_msg_find_attr_as_int64(msg, "lockoutTime", 0);
        dbBadPwdCount = ldb_msg_find_attr_as_int(msg, "badPwdCount", 0);
+       tv_now = timeval_current();
+       now = timeval_to_nttime(&tv_now);
+
        if (interactive_or_kerberos) {
                badPwdCount = dbBadPwdCount;
        } else {
-               badPwdCount = samdb_result_effective_badPwdCount(sam_ctx, mem_ctx,
-                                                                domain_dn, msg);
+               int64_t lockOutObservationWindow =
+                       samdb_result_msds_LockoutObservationWindow(
+                               sam_ctx, mem_ctx, domain_dn, msg);
+               badPwdCount = dsdb_effective_badPwdCount(
+                       msg, lockOutObservationWindow, now);
        }
        lastLogonTimestamp =
                ldb_msg_find_attr_as_int64(msg, "lastLogonTimestamp", 0);
@@ -1521,9 +1527,6 @@ get_transaction:
                }
        }
 
-       tv_now = timeval_current();
-       now = timeval_to_nttime(&tv_now);
-
        if (interactive_or_kerberos ||
            (badPwdCount != 0 && lockoutTime == 0)) {
                ret = samdb_msg_add_int64(sam_ctx, msg_mod, msg_mod,