Patch for fixing pb when users have a valid ticket and the server change its password

Matthieu Patou mat at samba.org
Fri May 21 23:03:28 MDT 2010


On 21/05/2010 18:24, John H Terpstra wrote:
> On 05/21/2010 09:11 AM, Matthieu Patou wrote:
>    
>> Hello,
>>
>> Find attach a patch proposal for bug 7099.
>>
>> My patch store a copy of the previous password on password change and
>> try this password for validating tickets presented by the user to the
>> server.
>>
>> This should hopefully solve the bug that when the password of a samba 3
>> server is changed: for all tickets that are still valid for the server's
>> principals but emitted before the server has changed its password, the
>> server is not anymore able to validate them (as it didn't has the
>> previous passwords).
>>
>> I also attached a backport for samba3.5.x (I applied it to 3.5.3 and
>> 3.5.2 and compiled it on 3.5.2).
>>
>> Cheers.
>>
>> Matthieu.
>>
>>      
> Matthieu,
>
> Thank you for fixing that bug. Much appreciated.
>
>    
John, just pay attention that I didn't tested it thoroughly with real 
windows workstation. It just don't show the pb when using smbclient and 
forcing the password change with net changetrustpw. So for your clusters 
it's worth to wait a little bit still.

Cheers, Matthieu.

-- 
Matthieu Patou
Samba Team        http://samba.org



More information about the samba-technical mailing list