diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2013-10-31 16:59:16 +1300 |
|---|---|---|
| committer | Stefan Metzmacher <metze@samba.org> | 2014-04-02 17:12:45 +0200 |
| commit | 56d3e528bd31a4ee0d24fa476aeff8eaf2da236b (patch) | |
| tree | 07b56269403c2d72a003afafc789c60dd709f4f1 | |
| parent | 3f8f9972f491228b2bbe8880cc139387e9332b09 (diff) | |
| download | samba-56d3e528bd31a4ee0d24fa476aeff8eaf2da236b.tar.gz samba-56d3e528bd31a4ee0d24fa476aeff8eaf2da236b.tar.xz samba-56d3e528bd31a4ee0d24fa476aeff8eaf2da236b.zip | |
s3-auth: Only call pdb_get_acct_ctrl() once in check_sam_security
Change-Id: I43792711543e25c50c29ab5a24d16f614c670cca
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
| -rw-r--r-- | source3/auth/check_samsec.c | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/source3/auth/check_samsec.c b/source3/auth/check_samsec.c index 7c97170328..8bcd40e2de 100644 --- a/source3/auth/check_samsec.c +++ b/source3/auth/check_samsec.c @@ -379,6 +379,7 @@ NTSTATUS check_sam_security(const DATA_BLOB *challenge, const char *username; const uint8_t *nt_pw; const uint8_t *lm_pw; + uint32_t acct_ctrl; /* the returned struct gets kept on the server_info, by means of a steal further down */ @@ -401,19 +402,20 @@ NTSTATUS check_sam_security(const DATA_BLOB *challenge, return NT_STATUS_NO_SUCH_USER; } + acct_ctrl = pdb_get_acct_ctrl(sampass); username = pdb_get_username(sampass); nt_pw = pdb_get_nt_passwd(sampass); lm_pw = pdb_get_lanman_passwd(sampass); /* Quit if the account was locked out. */ - if (pdb_get_acct_ctrl(sampass) & ACB_AUTOLOCK) { + if (acct_ctrl & ACB_AUTOLOCK) { DEBUG(3,("check_sam_security: Account for user %s was locked out.\n", username)); TALLOC_FREE(sampass); return NT_STATUS_ACCOUNT_LOCKED_OUT; } nt_status = sam_password_ok(mem_ctx, - username, pdb_get_acct_ctrl(sampass), + username, acct_ctrl, challenge, lm_pw, nt_pw, user_info, &user_sess_key, &lm_sess_key); @@ -426,7 +428,7 @@ NTSTATUS check_sam_security(const DATA_BLOB *challenge, bool increment_bad_pw_count = false; if (NT_STATUS_EQUAL(nt_status,NT_STATUS_WRONG_PASSWORD) && - pdb_get_acct_ctrl(sampass) & ACB_NORMAL && + (acct_ctrl & ACB_NORMAL) && NT_STATUS_IS_OK(update_login_attempts_status)) { increment_bad_pw_count = @@ -456,7 +458,7 @@ NTSTATUS check_sam_security(const DATA_BLOB *challenge, goto done; } - if ((pdb_get_acct_ctrl(sampass) & ACB_NORMAL) && + if ((acct_ctrl & ACB_NORMAL) && (pdb_get_bad_password_count(sampass) > 0)){ pdb_set_bad_password_count(sampass, 0, PDB_CHANGED); pdb_set_bad_password_time(sampass, 0, PDB_CHANGED); |