svn commit: samba r2848 - in trunk/source/smbd: .
mimir at samba.org
mimir at samba.org
Thu Oct 7 14:07:32 GMT 2004
Author: mimir
Date: 2004-10-07 14:07:32 +0000 (Thu, 07 Oct 2004)
New Revision: 2848
WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=samba&path=/trunk/source/smbd&rev=2848&nolog=1
Log:
Big patch. Switch from secrets_* functions to new trust passwords
api integrated with passdb interface.
- use pdb_* trust passwords interface instead of secrets_*
- hook trust passwords migration function just before all of
smbd starts
rafal
Modified:
trunk/source/smbd/process.c
trunk/source/smbd/server.c
Changeset:
Modified: trunk/source/smbd/process.c
===================================================================
--- trunk/source/smbd/process.c 2004-10-07 14:03:57 UTC (rev 2847)
+++ trunk/source/smbd/process.c 2004-10-07 14:07:32 UTC (rev 2848)
@@ -1327,6 +1327,8 @@
static BOOL timeout_processing(int deadtime, int *select_timeout, time_t *last_timeout_processing_time)
{
+ NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
+ SAM_TRUST_PASSWD *trust = NULL;
static time_t last_keepalive_sent_time = 0;
static time_t last_idle_closed_check = 0;
time_t t;
@@ -1407,9 +1409,6 @@
password change */
lp_security() == SEC_DOMAIN) {
- unsigned char trust_passwd_hash[16];
- time_t lct;
-
/*
* We're in domain level security, and the code that
* read the machine password flagged that the machine
@@ -1425,11 +1424,19 @@
machine %s in domain %s.\n", global_myname(), lp_workgroup() ));
return True;
}
-
- if(!secrets_fetch_trust_account_password(lp_workgroup(), trust_passwd_hash, &lct, NULL)) {
+
+ nt_status = pdb_init_trustpw(&trust);
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ DEBUG(0, ("Couldn't initialise trust password\n"));
+ return False;
+ }
+
+ nt_status = pdb_gettrustpwnam(trust, lp_workgroup());
+ if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0,("process: unable to read the machine account password for \
machine %s in domain %s.\n", global_myname(), lp_workgroup()));
secrets_lock_trust_account_password(lp_workgroup(), False);
+ trust->free_fn(&trust);
return True;
}
@@ -1437,9 +1444,10 @@
* Make sure someone else hasn't already done this.
*/
- if(t < lct + lp_machine_password_timeout()) {
+ if(t < pdb_get_tp_mod_time(trust) + lp_machine_password_timeout()) {
global_machine_password_needs_changing = False;
secrets_lock_trust_account_password(lp_workgroup(), False);
+ trust->free_fn(&trust);
return True;
}
@@ -1448,6 +1456,9 @@
change_trust_account_password( lp_workgroup(), NULL);
global_machine_password_needs_changing = False;
secrets_lock_trust_account_password(lp_workgroup(), False);
+
+ /* free trust password structure */
+ trust->free_fn(&trust);
}
/*
Modified: trunk/source/smbd/server.c
===================================================================
--- trunk/source/smbd/server.c 2004-10-07 14:03:57 UTC (rev 2847)
+++ trunk/source/smbd/server.c 2004-10-07 14:07:32 UTC (rev 2848)
@@ -621,6 +621,8 @@
static BOOL init_structs(void )
{
+ int pass_num = 0;
+
/*
* Set the machine NETBIOS name if not already
* set from the config file.
@@ -640,6 +642,9 @@
secrets_init();
+ /* migrate trust passwords to passdb if not migrated yet */
+ pass_num = migrate_trust_passwords();
+
return True;
}
More information about the samba-cvs
mailing list