svn commit: samba r7988 - in branches/SAMBA_4_0/source: include lib setup

Wed Jun 29 02:28:57 GMT 2005

Author: abartlet
Date: 2005-06-29 02:28:57 +0000 (Wed, 29 Jun 2005)
New Revision: 7988

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=7988

Log:
Store the KVNO for the machine account, and set it up in the provision.

Andrew Bartlett

Modified:
   branches/SAMBA_4_0/source/include/credentials.h
   branches/SAMBA_4_0/source/lib/credentials.c
   branches/SAMBA_4_0/source/setup/provision.ldif
   branches/SAMBA_4_0/source/setup/secrets.ldif


Changeset:
Modified: branches/SAMBA_4_0/source/include/credentials.h
===================================================================

--- branches/SAMBA_4_0/source/include/credentials.h	2005-06-28 22:39:18 UTC (rev 7987)
+++ branches/SAMBA_4_0/source/include/credentials.h	2005-06-29 02:28:57 UTC (rev 7988)
@@ -58,6 +58,7 @@
 
 	struct creds_CredentialState *netlogon_creds;
 	enum netr_SchannelType secure_channel_type;
+	int kvno;
 
 	/* We are flagged to get machine account details from the
 	 * secrets.ldb when we are asked for a username or password */

Modified: branches/SAMBA_4_0/source/lib/credentials.c
===================================================================
--- branches/SAMBA_4_0/source/lib/credentials.c	2005-06-28 22:39:18 UTC (rev 7987)
+++ branches/SAMBA_4_0/source/lib/credentials.c	2005-06-29 02:28:57 UTC (rev 7988)
@@ -504,6 +504,7 @@
 		"realm",
 		"secureChannelType",
 		"ntPwdHash",
+		"msDS-KeyVersionNumber",
 		NULL
 	};
 	
@@ -594,6 +595,8 @@
 		cli_credentials_set_password(cred, password, CRED_SPECIFIED);
 	}
 
+	cli_credentials_set_kvno(cred, ldb_msg_find_int(msgs[0], "msDS-KeyVersionNumber", 0));
+	
 	talloc_free(mem_ctx);
 	
 	return NT_STATUS_OK;
@@ -651,7 +654,26 @@
 	return cred->secure_channel_type;
 }
 
+/** 
+ * Set Kerberos KVNO
+ */
+
+void cli_credentials_set_kvno(struct cli_credentials *cred,
+			      int kvno)
+{
+	cred->kvno = kvno;
+}
+
 /**
+ * Return Kerberos KVNO
+ */
+
+int cli_credentials_get_kvno(struct cli_credentials *cred)
+{
+	return cred->kvno;
+}
+
+/**
  * Fill in a credentials structure as the anonymous user
  */
 void cli_credentials_set_anonymous(struct cli_credentials *cred) 

Modified: branches/SAMBA_4_0/source/setup/provision.ldif
===================================================================
--- branches/SAMBA_4_0/source/setup/provision.ldif	2005-06-28 22:39:18 UTC (rev 7987)
+++ branches/SAMBA_4_0/source/setup/provision.ldif	2005-06-29 02:28:57 UTC (rev 7988)
@@ -617,6 +617,7 @@
 unicodePwd: ${JOINPASS}
 servicePrincipalName: HOST/${DNSNAME}
 servicePrincipalName: HOST/${NETBIOSNAME}
+msDS-KeyVersionNumber: 1
 
 dn: CN=krbtgt,CN=Users,${BASEDN}
 objectClass: top

Modified: branches/SAMBA_4_0/source/setup/secrets.ldif
===================================================================
--- branches/SAMBA_4_0/source/setup/secrets.ldif	2005-06-28 22:39:18 UTC (rev 7987)
+++ branches/SAMBA_4_0/source/setup/secrets.ldif	2005-06-29 02:28:57 UTC (rev 7988)
@@ -28,4 +28,4 @@
 sAMAccountName: ${NETBIOSNAME}$
 whenCreated: ${LDAPTIME}
 whenChanged: ${LDAPTIME}
-
+msDS-KeyVersionNumber: 1

