diff options
| author | Jeremy Allison <jra@samba.org> | 2010-01-27 17:16:04 -0800 |
|---|---|---|
| committer | Karolin Seeger <kseeger@samba.org> | 2010-02-24 16:25:09 +0100 |
| commit | 00388e6b8776c4e54ca0d0b566a50a19e0f6d78f (patch) | |
| tree | fbd5d8d42826b720771541ed1c9e60238f49d9d2 | |
| parent | 153357b9bb4d70a168c81cb9ff2da437eae823fc (diff) | |
| download | samba-00388e6b8776c4e54ca0d0b566a50a19e0f6d78f.tar.gz samba-00388e6b8776c4e54ca0d0b566a50a19e0f6d78f.tar.xz samba-00388e6b8776c4e54ca0d0b566a50a19e0f6d78f.zip | |
Fix bug #7072 - Accounts can't be unlocked from ldap.
Fix suggested by Andy Hanton <andyhanton@gmail.com>. The LOGIN_CACHE
struct contains two time_t entries, but was being written to and
read from via tdb_pack/tdb_unpack functions using explicit 32-bit int specifiers.
This would break on machines with a 64-bit time_t. Use correct int
sizes for tdb_pack/tdb_unpack.
We have to fix this properly before 2037 :-).
Contains fixes from master 627fb85092f728065b6d772c41aeb75018154e86
and 69fd8461b8792f4fee1b61db03953044565492c6.
Jeremy.
(cherry picked from commit 0b36486fa7d2689635018c2fc883860251dc8066)
| -rw-r--r-- | source/passdb/login_cache.c | 25 |
1 files changed, 17 insertions, 8 deletions
diff --git a/source/passdb/login_cache.c b/source/passdb/login_cache.c index 4e14293e73b..a0d78063fce 100644 --- a/source/passdb/login_cache.c +++ b/source/passdb/login_cache.c @@ -67,6 +67,7 @@ LOGIN_CACHE * login_cache_read(struct samu *sampass) char *keystr; TDB_DATA databuf; LOGIN_CACHE *entry; + uint32_t entry_timestamp = 0, bad_password_time = 0; if (!login_cache_init()) return NULL; @@ -91,17 +92,23 @@ LOGIN_CACHE * login_cache_read(struct samu *sampass) SAFE_FREE(databuf.dptr); return NULL; } + ZERO_STRUCTP(entry); if (tdb_unpack (databuf.dptr, databuf.dsize, SAM_CACHE_FORMAT, - &entry->entry_timestamp, &entry->acct_ctrl, - &entry->bad_password_count, - &entry->bad_password_time) == -1) { + &entry_timestamp, + &entry->acct_ctrl, + &entry->bad_password_count, + &bad_password_time) == -1) { DEBUG(7, ("No cache entry found\n")); SAFE_FREE(entry); SAFE_FREE(databuf.dptr); return NULL; } + /* Deal with possible 64-bit time_t. */ + entry->entry_timestamp = (time_t)entry_timestamp; + entry->bad_password_time = (time_t)bad_password_time; + SAFE_FREE(databuf.dptr); DEBUG(5, ("Found login cache entry: timestamp %12u, flags 0x%x, count %d, time %12u\n", @@ -115,6 +122,8 @@ bool login_cache_write(const struct samu *sampass, LOGIN_CACHE entry) char *keystr; TDB_DATA databuf; bool ret; + uint32_t entry_timestamp; + uint32_t bad_password_time = (uint32_t)entry.bad_password_time; if (!login_cache_init()) return False; @@ -129,14 +138,14 @@ bool login_cache_write(const struct samu *sampass, LOGIN_CACHE entry) return False; } - entry.entry_timestamp = time(NULL); + entry_timestamp = (uint32_t)time(NULL); databuf.dsize = tdb_pack(NULL, 0, SAM_CACHE_FORMAT, - entry.entry_timestamp, + entry_timestamp, entry.acct_ctrl, entry.bad_password_count, - entry.bad_password_time); + bad_password_time); databuf.dptr = SMB_MALLOC_ARRAY(uint8, databuf.dsize); if (!databuf.dptr) { SAFE_FREE(keystr); @@ -144,10 +153,10 @@ bool login_cache_write(const struct samu *sampass, LOGIN_CACHE entry) } if (tdb_pack(databuf.dptr, databuf.dsize, SAM_CACHE_FORMAT, - entry.entry_timestamp, + entry_timestamp, entry.acct_ctrl, entry.bad_password_count, - entry.bad_password_time) + bad_password_time) != databuf.dsize) { SAFE_FREE(keystr); SAFE_FREE(databuf.dptr); |