svn commit: samba r2848 - in trunk/source/smbd: .

Thu Oct 7 14:07:32 GMT 2004

Author: mimir
Date: 2004-10-07 14:07:32 +0000 (Thu, 07 Oct 2004)
New Revision: 2848

WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=samba&path=/trunk/source/smbd&rev=2848&nolog=1

Log:
Big patch. Switch from secrets_* functions to new trust passwords
api integrated with passdb interface.

- use pdb_* trust passwords interface instead of secrets_*
- hook trust passwords migration function just before all of
  smbd starts


rafal

Modified:
   trunk/source/smbd/process.c
   trunk/source/smbd/server.c


Changeset:
Modified: trunk/source/smbd/process.c
===================================================================

--- trunk/source/smbd/process.c	2004-10-07 14:03:57 UTC (rev 2847)
+++ trunk/source/smbd/process.c	2004-10-07 14:07:32 UTC (rev 2848)
@@ -1327,6 +1327,8 @@
 
 static BOOL timeout_processing(int deadtime, int *select_timeout, time_t *last_timeout_processing_time)
 {
+	NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
+	SAM_TRUST_PASSWD *trust = NULL;
 	static time_t last_keepalive_sent_time = 0;
 	static time_t last_idle_closed_check = 0;
 	time_t t;
@@ -1407,9 +1409,6 @@
 					password change */
 			lp_security() == SEC_DOMAIN) {
 
-		unsigned char trust_passwd_hash[16];
-		time_t lct;
-
 		/*
 		 * We're in domain level security, and the code that
 		 * read the machine password flagged that the machine
@@ -1425,11 +1424,19 @@
 machine %s in domain %s.\n", global_myname(), lp_workgroup() ));
 			return True;
 		}
-
-		if(!secrets_fetch_trust_account_password(lp_workgroup(), trust_passwd_hash, &lct, NULL)) {
+		
+		nt_status = pdb_init_trustpw(&trust);
+		if (!NT_STATUS_IS_OK(nt_status)) {
+			DEBUG(0, ("Couldn't initialise trust password\n"));
+			return False;
+		}
+		
+		nt_status = pdb_gettrustpwnam(trust, lp_workgroup());
+		if (!NT_STATUS_IS_OK(nt_status)) {			
 			DEBUG(0,("process: unable to read the machine account password for \
 machine %s in domain %s.\n", global_myname(), lp_workgroup()));
 			secrets_lock_trust_account_password(lp_workgroup(), False);
+			trust->free_fn(&trust);
 			return True;
 		}
 
@@ -1437,9 +1444,10 @@
 		 * Make sure someone else hasn't already done this.
 		 */
 
-		if(t < lct + lp_machine_password_timeout()) {
+		if(t < pdb_get_tp_mod_time(trust) + lp_machine_password_timeout()) {
 			global_machine_password_needs_changing = False;
 			secrets_lock_trust_account_password(lp_workgroup(), False);
+			trust->free_fn(&trust);
 			return True;
 		}
 
@@ -1448,6 +1456,9 @@
 		change_trust_account_password( lp_workgroup(), NULL);
 		global_machine_password_needs_changing = False;
 		secrets_lock_trust_account_password(lp_workgroup(), False);
+		
+		/* free trust password structure */
+		trust->free_fn(&trust);
 	}
 
 	/*

Modified: trunk/source/smbd/server.c
===================================================================
--- trunk/source/smbd/server.c	2004-10-07 14:03:57 UTC (rev 2847)
+++ trunk/source/smbd/server.c	2004-10-07 14:07:32 UTC (rev 2848)
@@ -621,6 +621,8 @@
 
 static BOOL init_structs(void )
 {
+	int pass_num = 0;
+
 	/*
 	 * Set the machine NETBIOS name if not already
 	 * set from the config file.
@@ -640,6 +642,9 @@
 
 	secrets_init();
 
+	/* migrate trust passwords to passdb if not migrated yet */
+	pass_num = migrate_trust_passwords();
+
 	return True;
 }
 

