IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
By an oversight, the patchset for #4347 made the unlocking of a locked
account after the lockout duration ineffective.
Thanks to Björn for finding this!
Michael
Adding this comment makes me think, I could also
have changed make_server_info_sam() talloc_move
instead of talloc_steal, but that would have
changed the signature... Well the comment is a
first step. :-)
Michael
So that a later talloc_free would not harm. I could have used
talloc_move instead of talloc steal in make_server_info_sam(),
but this would have required a change of the signature.
Michael
This is in preparation to extending check_sam_security to also check
against the password history before updating the bad password count.
This way, sam_password_ok can more easily be reused for that purpose.
Michael
data_blob(mem_ctx, 16) does not use mem_ctx as a talloc ctx but
copies 16 bytes from mem_ctx into the newly allocated data blob.
This can not have been intentional. A blank uint8_t array of
length 16 is allocated by passing NULL instead of mem_ctx.
And using data_blob_talloc(mem_ctx, NULL, 16) adds the allocated
blank 16 byte array to mem_ctx - so this is what must have been
intended.
Michael
This commit is mostly to cope with the removal of SamOemHash (replaced
by arcfour_crypt()) and other collisions (such as changed function
arguments compared to Samba3).
We still provide creds_hash3 until Samba3 uses the credentials code in
netlogon server
Andrew Bartlett
bugs in various places whilst doing this (places that assumed
BOOL == int). I also need to fix the Samba4 pidl generation
(next checkin).
Jeremy.
(This used to be commit f35a266b3c)
- make sure never to free an uninitialised variable
- ensure to free result on getpwnam_alloc failure
Andrew Bartlett
(This used to be commit 5fe3328e66)
talloc_free()'ed at the end of a session.
Rework the passwd cache code to use talloc_unlink and
talloc_reference, to more carefully manage the cache.
Andrew Bartlett
(This used to be commit e3e0ec25e6)
password at next logon" code. The "password last set time" of zero now
means "user must change password", because that's how windows seems to
use it. The "can change" and "must change" times are now calculated
based on the "last set" time and policies.
We use the "can change" field now to indicate that a user cannot change
a password by putting MAX_TIME_T in it (so long as "last set" time isn't
zero). Based on this, we set the password-can-change bit in the
faked secdesc.
(This used to be commit 21abbeaee9)