From: Andrew Bartlett Date: Thu, 19 Apr 2012 00:39:56 +0000 (+1000) Subject: s3-passdb: Remove unused sampass->pass_must_change_time X-Git-Tag: samba-4.0.0alpha20~192 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4471778d7846e0c5d5989e522ee214a3b4ded153;p=thirdparty%2Fsamba.git s3-passdb: Remove unused sampass->pass_must_change_time There is no need to call pdb_set_pass_must_change_time() because nothing ever consults that value. It is always calculated from the domain policy. Also, this means we no longer store the value in LDAP. The value would only ever be set when migrating from tdbsam or smbpasswd, not on password changes, so would become incorrect over time. Andrew Bartlett --- diff --git a/source3/include/passdb.h b/source3/include/passdb.h index 2a3844d932e..905a5d19557 100644 --- a/source3/include/passdb.h +++ b/source3/include/passdb.h @@ -183,7 +183,6 @@ enum pdb_elements { PDB_KICKOFFTIME, PDB_BAD_PASSWORD_TIME, PDB_CANCHANGETIME, - PDB_MUSTCHANGETIME, PDB_PLAINTEXT_PW, PDB_USERNAME, PDB_FULLNAME, @@ -267,7 +266,6 @@ struct samu { time_t bad_password_time; /* last bad password entered */ time_t pass_last_set_time; /* password last set time */ time_t pass_can_change_time; /* password can change time */ - time_t pass_must_change_time; /* password must change time */ const char *username; /* UNIX username string */ const char *domain; /* Windows Domain name */ @@ -752,7 +750,6 @@ bool pdb_set_logoff_time(struct samu *sampass, time_t mytime, enum pdb_value_sta bool pdb_set_kickoff_time(struct samu *sampass, time_t mytime, enum pdb_value_state flag); bool pdb_set_bad_password_time(struct samu *sampass, time_t mytime, enum pdb_value_state flag); bool pdb_set_pass_can_change_time(struct samu *sampass, time_t mytime, enum pdb_value_state flag); -bool pdb_set_pass_must_change_time(struct samu *sampass, time_t mytime, enum pdb_value_state flag); bool pdb_set_pass_last_set_time(struct samu *sampass, time_t mytime, enum pdb_value_state flag); bool pdb_set_hours_len(struct samu *sampass, uint32_t len, enum pdb_value_state flag); bool pdb_set_logon_divs(struct samu *sampass, uint16_t hours, enum pdb_value_state flag); diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c index 276e0314c84..6d3f42e720f 100644 --- a/source3/passdb/passdb.c +++ b/source3/passdb/passdb.c @@ -93,7 +93,6 @@ struct samu *samu_new( TALLOC_CTX *ctx ) user->pass_can_change_time = (time_t)0; user->logoff_time = get_time_t_max(); user->kickoff_time = get_time_t_max(); - user->pass_must_change_time = get_time_t_max(); user->fields_present = 0x00ffffff; user->logon_divs = 168; /* hours per week */ user->hours_len = 21; /* 21 times 8 bits = 168 */ @@ -1028,7 +1027,6 @@ static bool init_samu_from_buffer_v0(struct samu *sampass, uint8_t *buf, uint32_ pdb_set_logoff_time(sampass, logoff_time, PDB_SET); pdb_set_kickoff_time(sampass, kickoff_time, PDB_SET); pdb_set_pass_can_change_time(sampass, pass_can_change_time, PDB_SET); - pdb_set_pass_must_change_time(sampass, pass_must_change_time, PDB_SET); pdb_set_pass_last_set_time(sampass, pass_last_set_time, PDB_SET); pdb_set_username(sampass, username, PDB_SET); @@ -1219,7 +1217,6 @@ static bool init_samu_from_buffer_v1(struct samu *sampass, uint8_t *buf, uint32_ /* Change from V0 is addition of bad_password_time field. */ pdb_set_bad_password_time(sampass, bad_password_time, PDB_SET); pdb_set_pass_can_change_time(sampass, pass_can_change_time, PDB_SET); - pdb_set_pass_must_change_time(sampass, pass_must_change_time, PDB_SET); pdb_set_pass_last_set_time(sampass, pass_last_set_time, PDB_SET); pdb_set_username(sampass, username, PDB_SET); @@ -1410,7 +1407,6 @@ static bool init_samu_from_buffer_v2(struct samu *sampass, uint8_t *buf, uint32_ pdb_set_kickoff_time(sampass, kickoff_time, PDB_SET); pdb_set_bad_password_time(sampass, bad_password_time, PDB_SET); pdb_set_pass_can_change_time(sampass, pass_can_change_time, PDB_SET); - pdb_set_pass_must_change_time(sampass, pass_must_change_time, PDB_SET); pdb_set_pass_last_set_time(sampass, pass_last_set_time, PDB_SET); pdb_set_username(sampass, username, PDB_SET); @@ -1646,7 +1642,6 @@ static bool init_samu_from_buffer_v3(struct samu *sampass, uint8_t *buf, uint32_ pdb_set_kickoff_time(sampass, convert_uint32_t_to_time_t(kickoff_time), PDB_SET); pdb_set_bad_password_time(sampass, convert_uint32_t_to_time_t(bad_password_time), PDB_SET); pdb_set_pass_can_change_time(sampass, convert_uint32_t_to_time_t(pass_can_change_time), PDB_SET); - pdb_set_pass_must_change_time(sampass, convert_uint32_t_to_time_t(pass_must_change_time), PDB_SET); pdb_set_pass_last_set_time(sampass, convert_uint32_t_to_time_t(pass_last_set_time), PDB_SET); pdb_set_username(sampass, username, PDB_SET); diff --git a/source3/passdb/pdb_get_set.c b/source3/passdb/pdb_get_set.c index 7575af293a3..a9b22bbb409 100644 --- a/source3/passdb/pdb_get_set.c +++ b/source3/passdb/pdb_get_set.c @@ -400,12 +400,6 @@ bool pdb_set_pass_can_change_time(struct samu *sampass, time_t mytime, enum pdb_ return pdb_set_init_flags(sampass, PDB_CANCHANGETIME, flag); } -bool pdb_set_pass_must_change_time(struct samu *sampass, time_t mytime, enum pdb_value_state flag) -{ - sampass->pass_must_change_time = mytime; - return pdb_set_init_flags(sampass, PDB_MUSTCHANGETIME, flag); -} - bool pdb_set_pass_last_set_time(struct samu *sampass, time_t mytime, enum pdb_value_state flag) { sampass->pass_last_set_time = mytime; diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c index 04541e881de..6b911d29150 100644 --- a/source3/passdb/pdb_ldap.c +++ b/source3/passdb/pdb_ldap.c @@ -662,18 +662,6 @@ static bool init_sam_from_ldap(struct ldapsam_privates *ldap_state, pass_can_change_time, PDB_SET); } - temp = smbldap_talloc_single_attribute( - ldap_state->smbldap_state->ldap_struct, - entry, - get_userattr_key2string(ldap_state->schema_ver, - LDAP_ATTR_PWD_MUST_CHANGE), - ctx); - if (temp) { - pass_must_change_time = (time_t) atol(temp); - pdb_set_pass_must_change_time(sampass, - pass_must_change_time, PDB_SET); - } - /* recommend that 'gecos' and 'displayName' should refer to the same * attribute OID. userFullName depreciated, only used by Samba * primary rules of LDAP: don't make a new attribute when one is already defined @@ -1338,14 +1326,6 @@ static bool init_ldap_from_sam (struct ldapsam_privates *ldap_state, get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_PWD_CAN_CHANGE), temp); SAFE_FREE(temp); - if (asprintf(&temp, "%li", (long int)pdb_get_pass_must_change_time(sampass)) < 0) { - return false; - } - if (need_update(sampass, PDB_MUSTCHANGETIME)) - smbldap_make_mod(ldap_state->smbldap_state->ldap_struct, existing, mods, - get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_PWD_MUST_CHANGE), temp); - SAFE_FREE(temp); - if ((pdb_get_acct_ctrl(sampass)&(ACB_WSTRUST|ACB_SVRTRUST|ACB_DOMTRUST)) || (lp_ldap_passwd_sync()!=LDAP_PASSWD_SYNC_ONLY)) { diff --git a/source3/passdb/pdb_samba4.c b/source3/passdb/pdb_samba4.c index 2b785fa4245..024c293aa1d 100644 --- a/source3/passdb/pdb_samba4.c +++ b/source3/passdb/pdb_samba4.c @@ -564,7 +564,6 @@ static int pdb_samba4_replace_by_sam(struct pdb_samba4_state *state, PDB_LOGOFFTIME, PDB_BAD_PASSWORD_TIME, PDB_CANCHANGETIME, - these are calculated per policy, not stored - PDB_MUSTCHANGETIME, - these are calculated per policy, not stored PDB_DOMAIN, PDB_NTUSERNAME, - this makes no sense, and never really did PDB_LOGONDIVS, diff --git a/source3/passdb/py_passdb.c b/source3/passdb/py_passdb.c index 46f2e90f3d3..d0ef5677382 100644 --- a/source3/passdb/py_passdb.c +++ b/source3/passdb/py_passdb.c @@ -198,10 +198,9 @@ static int py_samu_set_pass_must_change_time(PyObject *obj, PyObject *value, voi struct samu *sam_acct = (struct samu *)pytalloc_get_ptr(obj); PY_CHECK_TYPE(&PyInt_Type, value, return -1;); - if (!pdb_set_pass_must_change_time(sam_acct, PyInt_AsLong(value), PDB_CHANGED)) { - return -1; - } - return 0; + + /* TODO: make this not a get/set or give a better exception */ + return -1; } static PyObject *py_samu_get_username(PyObject *obj, void *closure) diff --git a/source3/torture/pdbtest.c b/source3/torture/pdbtest.c index 9f9ca0c40a9..1257eff9f6e 100644 --- a/source3/torture/pdbtest.c +++ b/source3/torture/pdbtest.c @@ -409,12 +409,6 @@ int main(int argc, char **argv) pdb_get_account_policy(PDB_POLICY_MIN_PASSWORD_AGE, &min_age); pdb_set_pass_last_set_time(out, time(NULL), PDB_SET); - if (expire == 0 || expire == (uint32)-1) { - pdb_set_pass_must_change_time(out, get_time_t_max(), PDB_SET); - } else { - pdb_set_pass_must_change_time(out, time(NULL)+expire, PDB_SET); - } - if (min_age == (uint32)-1) { pdb_set_pass_can_change_time(out, 0, PDB_SET); } else {