Patch for fixing pb when users have a valid ticket and the server change its password
Matthieu Patou
mat at samba.org
Fri May 21 23:03:28 MDT 2010
On 21/05/2010 18:24, John H Terpstra wrote:
> On 05/21/2010 09:11 AM, Matthieu Patou wrote:
>
>> Hello,
>>
>> Find attach a patch proposal for bug 7099.
>>
>> My patch store a copy of the previous password on password change and
>> try this password for validating tickets presented by the user to the
>> server.
>>
>> This should hopefully solve the bug that when the password of a samba 3
>> server is changed: for all tickets that are still valid for the server's
>> principals but emitted before the server has changed its password, the
>> server is not anymore able to validate them (as it didn't has the
>> previous passwords).
>>
>> I also attached a backport for samba3.5.x (I applied it to 3.5.3 and
>> 3.5.2 and compiled it on 3.5.2).
>>
>> Cheers.
>>
>> Matthieu.
>>
>>
> Matthieu,
>
> Thank you for fixing that bug. Much appreciated.
>
>
John, just pay attention that I didn't tested it thoroughly with real
windows workstation. It just don't show the pb when using smbclient and
forcing the password change with net changetrustpw. So for your clusters
it's worth to wait a little bit still.
Cheers, Matthieu.
--
Matthieu Patou
Samba Team http://samba.org
More information about the samba-technical
mailing list