Fix 4993068: Don't check password history when dpm sets the password
This fixes a crash caused by permission problems when we try to update the password history and discover there's no password salt. The code attempts to create the salt, which triggers the exception. This could be fixed by wrapping the call with a clearCallingIdentity()/ restoreCallingIdentity(ident). However, while looking at it, it occurred to me that this can cause unexpected failures if the DPM tries to set the password twice or happens to set it to something in the password history. Instead, we should *always* allow the DPM to reset the password to whatever it wants, provided it passes the minimum password criteria. Change-Id: I1505b24f9c097ee5c2c44e4bf378ba90095b113b
This commit is contained in:
@ -1556,13 +1556,6 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
LockPatternUtils utils = new LockPatternUtils(mContext);
|
||||
if(utils.checkPasswordHistory(password)) {
|
||||
Slog.w(TAG, "resetPassword: password is the same as one of the last "
|
||||
+ getPasswordHistoryLength(null) + " passwords");
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
int callingUid = Binder.getCallingUid();
|
||||
|
Reference in New Issue
Block a user