r873: converted samba4 to use real 64 bit integers instead of

[jra/samba/.git] / source4 / auth / auth_sam.c

diff --git a/source4/auth/auth_sam.c b/source4/auth/auth_sam.c
index 3c35031643c8c8f07d419125eeab724c702924e7..549b5ab36271a0104728fa2cc2cc475faff1e283 100644 (file)
--- a/source4/auth/auth_sam.c
+++ b/source4/auth/auth_sam.c
@@ -91,28 +91,28 @@ static NTSTATUS sam_account_ok(TALLOC_CTX *mem_ctx,
 
        /* Test account expire time */
        
-       if (!nt_time_is_zero(acct_expiry) && time(NULL) > nt_time_to_unix(acct_expiry)) {
+       if ((*acct_expiry) != 0 && time(NULL) > nt_time_to_unix(*acct_expiry)) {
                DEBUG(1,("sam_account_ok: Account for user '%s' has expired.\n", username));
                DEBUG(3,("sam_account_ok: Account expired at '%s'.\n", 
-                        nt_time_string(mem_ctx, acct_expiry)));
+                        nt_time_string(mem_ctx, *acct_expiry)));
                return NT_STATUS_ACCOUNT_EXPIRED;
        }
 
        if (!(acct_flags & ACB_PWNOEXP)) {
 
                /* check for immediate expiry "must change at next logon" */
-               if (nt_time_is_zero(must_change_time) && !nt_time_is_zero(last_set_time)) {
+               if (*must_change_time == 0 && *last_set_time != 0) {
                        DEBUG(1,("sam_account_ok: Account for user '%s' password must change!.\n", 
                                 username));
                        return NT_STATUS_PASSWORD_MUST_CHANGE;
                }
 
                /* check for expired password */
-               if (!nt_time_is_zero(must_change_time) && nt_time_to_unix(must_change_time) < time(NULL)) {
+               if ((*must_change_time) != 0 && nt_time_to_unix(*must_change_time) < time(NULL)) {
                        DEBUG(1,("sam_account_ok: Account for user '%s' password expired!.\n", 
                                 username));
                        DEBUG(1,("sam_account_ok: Password expired at '%s' unix time.\n", 
-                                nt_time_string(mem_ctx, must_change_time)));
+                                nt_time_string(mem_ctx, *must_change_time)));
                        return NT_STATUS_PASSWORD_EXPIRED;
                }
        }
@@ -183,14 +183,13 @@ static NTSTATUS check_sam_security(const struct auth_context *auth_context,
        uint_t ret_domain;
 
        const char *domain_dn;
+       const char *domain_sid;
 
        NTSTATUS nt_status;
        DATA_BLOB user_sess_key = data_blob(NULL, 0);
        DATA_BLOB lm_sess_key = data_blob(NULL, 0);
        uint8 *lm_pwd, *nt_pwd;
 
-       struct dom_sid *domain_sid;
-
        const char *attrs[] = {"unicodePwd", "lmPwdHash", "ntPwdHash", 
                               "userAccountControl",
                               "pwdLastSet",
@@ -228,28 +227,27 @@ static NTSTATUS check_sam_security(const struct auth_context *auth_context,
                return NT_STATUS_INTERNAL_DB_CORRUPTION;
        }
        
-       domain_sid = dom_sid_parse_talloc(mem_ctx, samdb_result_string(msgs[0], "objectSid", NULL));
+       domain_sid = samdb_result_sid_prefix(mem_ctx, msgs[0], "objectSid");
        if (!domain_sid) {
                samdb_close(sam_ctx);
                return NT_STATUS_INTERNAL_DB_CORRUPTION;
        }
 
-       sid_split_rid(domain_sid, NULL);
-
        /* find the domain's DN */
        ret_domain = samdb_search(sam_ctx, mem_ctx, NULL, &msgs_domain, domain_attrs,
                           "(&(objectSid=%s)(objectclass=domain))", 
-                          dom_sid_string(mem_ctx, domain_sid));
+                          domain_sid);
 
        if (ret_domain == 0) {
                DEBUG(3,("check_sam_security: Couldn't find domain [%s] in passdb file.\n", 
-                        dom_sid_string(mem_ctx, domain_sid)));
+                        domain_sid));
                samdb_close(sam_ctx);
                return NT_STATUS_NO_SUCH_USER;
        }
 
        if (ret_domain > 1) {
-               DEBUG(1,("Found %d records matching domain [%s]\n", ret_domain, dom_sid_string(mem_ctx, domain_sid)));
+               DEBUG(1,("Found %d records matching domain [%s]\n", 
+                        ret_domain, domain_sid));
                samdb_close(sam_ctx);
                return NT_STATUS_INTERNAL_DB_CORRUPTION;
        }