r8454: Fix Bug #2502

Removing deprecated lp_min_password_length (the same functionality is
provided by the account policy).

Note that we now allow to set passwords less then 5 chars (if the admins
decides to do so by setting the account policy).

Thanks to Daniel Beschorner <db@unit-netz.de>

Guenther
(This used to be commit fd91378925f7e3541df4f31bd461dabc1da523a9)

diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index a1dcf2849106ed096dcaf22d6e7e701c2545ef0e..49e63666c9953276c217326a90d5c8e9e9176890 100644 (file)
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -221,7 +221,6 @@ typedef struct
        int machine_password_timeout;
        int change_notify_timeout;
        int map_to_guest;
-       int min_passwd_length;
        int oplock_break_wait_time;
        int winbind_cache_time;
        int winbind_max_idle_children;
@@ -823,8 +822,6 @@ static struct parm_struct parm_table[] = {
        {"server schannel", P_ENUM, P_GLOBAL, &Globals.serverSchannel, NULL, enum_bool_auto, FLAG_BASIC | FLAG_ADVANCED}, 
        {"allow trusted domains", P_BOOL, P_GLOBAL, &Globals.bAllowTrustedDomains, NULL, NULL, FLAG_ADVANCED}, 
        {"hosts equiv", P_STRING, P_GLOBAL, &Globals.szHostsEquiv, NULL, NULL, FLAG_ADVANCED}, 
-       {"min password length", P_INTEGER, P_GLOBAL, &Globals.min_passwd_length, NULL, NULL, FLAG_DEPRECATED}, 
-       {"min passwd length", P_INTEGER, P_GLOBAL, &Globals.min_passwd_length, NULL, NULL, FLAG_DEPRECATED}, 
        {"map to guest", P_ENUM, P_GLOBAL, &Globals.map_to_guest, NULL, enum_map_to_guest, FLAG_ADVANCED}, 
        {"null passwords", P_BOOL, P_GLOBAL, &Globals.bNullPasswords, NULL, NULL, FLAG_ADVANCED}, 
        {"obey pam restrictions", P_BOOL, P_GLOBAL, &Globals.bObeyPamRestrictions, NULL, NULL, FLAG_ADVANCED}, 
@@ -1491,7 +1488,6 @@ static void init_globals(void)
        /* Note, that we will use NTLM2 session security (which is different), if it is available */
 
        Globals.map_to_guest = 0;       /* By Default, "Never" */
-       Globals.min_passwd_length = MINPASSWDLENGTH;    /* By Default, 5. */
        Globals.oplock_break_wait_time = 0;     /* By Default, 0 msecs. */
        Globals.enhanced_browsing = True; 
        Globals.iLockSpinCount = 3; /* Try 3 times. */
@@ -1882,7 +1878,6 @@ FN_GLOBAL_INTEGER(lp_lm_interval, &Globals.lm_interval)
 FN_GLOBAL_INTEGER(lp_machine_password_timeout, &Globals.machine_password_timeout)
 FN_GLOBAL_INTEGER(lp_change_notify_timeout, &Globals.change_notify_timeout)
 FN_GLOBAL_INTEGER(lp_map_to_guest, &Globals.map_to_guest)
-FN_GLOBAL_INTEGER(lp_min_passwd_length, &Globals.min_passwd_length)
 FN_GLOBAL_INTEGER(lp_oplock_break_wait_time, &Globals.oplock_break_wait_time)
 FN_GLOBAL_INTEGER(lp_lock_spin_count, &Globals.iLockSpinCount)
 FN_GLOBAL_INTEGER(lp_lock_sleep_time, &Globals.iLockSpinTime)

diff --git a/source3/smbd/chgpasswd.c b/source3/smbd/chgpasswd.c
index 56e5727b7d952cd60253ee834b582c96b8ed848c..f445ca3365b4a61fbc75599a24e375f63bc596d2 100644 (file)
--- a/source3/smbd/chgpasswd.c
+++ b/source3/smbd/chgpasswd.c
@@ -1017,7 +1017,6 @@ NTSTATUS change_oem_password(SAM_ACCOUNT *hnd, char *old_passwd, char *new_passw
                return NT_STATUS_ACCOUNT_RESTRICTION;
        }
 
-       /* FIXME: AP_MIN_PASSWORD_LEN and lp_min_passwd_length() need to be merged - gd */
        if (account_policy_get(AP_MIN_PASSWORD_LEN, &min_len) && (str_charnum(new_passwd) < min_len)) {
                DEBUG(1, ("user %s cannot change password - password too short\n", 
                          username));
@@ -1026,16 +1025,6 @@ NTSTATUS change_oem_password(SAM_ACCOUNT *hnd, char *old_passwd, char *new_passw
 /*             return NT_STATUS_PWD_TOO_SHORT; */
        }
 
-       /* Take the passed information and test it for minimum criteria */
-       /* Minimum password length */
-       if (str_charnum(new_passwd) < lp_min_passwd_length()) {
-               /* too short, must be at least MINPASSWDLENGTH */
-               DEBUG(1, ("Password Change: user %s, New password is shorter than minimum password length = %d\n",
-                      username, lp_min_passwd_length()));
-               return NT_STATUS_PASSWORD_RESTRICTION;
-/*             return NT_STATUS_PWD_TOO_SHORT; */
-       }
-
        if (check_passwd_history(hnd,new_passwd)) {
                return NT_STATUS_PASSWORD_RESTRICTION;
        }