mirror of
https://github.com/samba-team/samba.git
synced 2024-12-24 21:34:56 +03:00
check_password_script: Add a DEBUG message for timeouts
Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz> Pair-programmed-with: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
parent
ef0cbc5560
commit
21295155cc
@ -1981,6 +1981,15 @@ int samdb_search_for_parent_domain(struct ldb_context *ldb, TALLOC_CTX *mem_ctx,
|
|||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static void pwd_timeout_debug(struct tevent_context *unused1,
|
||||||
|
struct tevent_timer *unused2,
|
||||||
|
struct timeval unused3,
|
||||||
|
void *unused4)
|
||||||
|
{
|
||||||
|
DEBUG(0, ("WARNING: check_password_complexity: password script "
|
||||||
|
"took more than 1 second to run\n"));
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Performs checks on a user password (plaintext UNIX format - attribute
|
* Performs checks on a user password (plaintext UNIX format - attribute
|
||||||
@ -2032,12 +2041,18 @@ enum samr_ValidationStatus samdb_check_password(TALLOC_CTX *mem_ctx,
|
|||||||
return SAMR_VALIDATION_STATUS_PASSWORD_FILTER_ERROR;
|
return SAMR_VALIDATION_STATUS_PASSWORD_FILTER_ERROR;
|
||||||
}
|
}
|
||||||
|
|
||||||
req = samba_runcmd_send(mem_ctx, event_ctx,
|
/* Gives a warning after 1 second, terminates after 10 */
|
||||||
tevent_timeval_current_ofs(0, 10000000),
|
tevent_add_timer(event_ctx, event_ctx,
|
||||||
|
tevent_timeval_current_ofs(1, 0),
|
||||||
|
pwd_timeout_debug, NULL);
|
||||||
|
|
||||||
|
req = samba_runcmd_send(event_ctx, event_ctx,
|
||||||
|
tevent_timeval_current_ofs(10, 0),
|
||||||
100, 100, cmd, NULL);
|
100, 100, cmd, NULL);
|
||||||
run_cmd = tevent_req_data(req, struct samba_runcmd_state);
|
run_cmd = tevent_req_data(req, struct samba_runcmd_state);
|
||||||
if (write(run_cmd->fd_stdin, utf8_pw, utf8_len) != utf8_len) {
|
if (write(run_cmd->fd_stdin, utf8_pw, utf8_len) != utf8_len) {
|
||||||
TALLOC_FREE(password_script);
|
TALLOC_FREE(password_script);
|
||||||
|
TALLOC_FREE(event_ctx);
|
||||||
return SAMR_VALIDATION_STATUS_PASSWORD_FILTER_ERROR;
|
return SAMR_VALIDATION_STATUS_PASSWORD_FILTER_ERROR;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -2046,23 +2061,31 @@ enum samr_ValidationStatus samdb_check_password(TALLOC_CTX *mem_ctx,
|
|||||||
|
|
||||||
if (!tevent_req_poll(req, event_ctx)) {
|
if (!tevent_req_poll(req, event_ctx)) {
|
||||||
TALLOC_FREE(password_script);
|
TALLOC_FREE(password_script);
|
||||||
|
TALLOC_FREE(event_ctx);
|
||||||
return SAMR_VALIDATION_STATUS_PASSWORD_FILTER_ERROR;
|
return SAMR_VALIDATION_STATUS_PASSWORD_FILTER_ERROR;
|
||||||
}
|
}
|
||||||
|
|
||||||
check_ret = samba_runcmd_recv(req, &error);
|
check_ret = samba_runcmd_recv(req, &error);
|
||||||
TALLOC_FREE(req);
|
TALLOC_FREE(event_ctx);
|
||||||
|
|
||||||
DEBUG(5,("check_password_complexity: check password script (%s) "
|
if (error == ETIMEDOUT) {
|
||||||
"returned [%d]\n", password_script, check_ret));
|
DEBUG(0, ("check_password_complexity: check password script took too long!\n"));
|
||||||
TALLOC_FREE(password_script);
|
TALLOC_FREE(password_script);
|
||||||
|
return SAMR_VALIDATION_STATUS_PASSWORD_FILTER_ERROR;
|
||||||
|
} else {
|
||||||
|
DEBUG(5,("check_password_complexity: check password script (%s) "
|
||||||
|
"returned [%d]\n", password_script, check_ret));
|
||||||
|
|
||||||
if (check_ret != 0) {
|
if (check_ret != 0) {
|
||||||
DEBUG(1,("check_password_complexity: "
|
DEBUG(1,("check_password_complexity: "
|
||||||
"check password script said new password is not good "
|
"check password script said new password is not good "
|
||||||
"enough!\n"));
|
"enough!\n"));
|
||||||
return SAMR_VALIDATION_STATUS_NOT_COMPLEX_ENOUGH;
|
TALLOC_FREE(password_script);
|
||||||
|
return SAMR_VALIDATION_STATUS_NOT_COMPLEX_ENOUGH;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
TALLOC_FREE(password_script);
|
||||||
return SAMR_VALIDATION_STATUS_SUCCESS;
|
return SAMR_VALIDATION_STATUS_SUCCESS;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user