Patch for fixing pb when users have a valid ticket and the server change its password
Matthieu Patou
mat at samba.org
Mon May 24 16:02:59 MDT 2010
Hello,
On 22/05/2010 09:03, Matthieu Patou wrote:
> On 21/05/2010 18:24, John H Terpstra wrote:
>> On 05/21/2010 09:11 AM, Matthieu Patou wrote:
>>> Hello,
>>>
>>> Find attach a patch proposal for bug 7099.
>>>
>>> My patch store a copy of the previous password on password change and
>>> try this password for validating tickets presented by the user to the
>>> server.
>>>
>>> This should hopefully solve the bug that when the password of a samba 3
>>> server is changed: for all tickets that are still valid for the
>>> server's
>>> principals but emitted before the server has changed its password, the
>>> server is not anymore able to validate them (as it didn't has the
>>> previous passwords).
>>>
>>> I also attached a backport for samba3.5.x (I applied it to 3.5.3 and
>>> 3.5.2 and compiled it on 3.5.2).
>>>
>>> Cheers.
>>>
>>> Matthieu.
>>>
>> Matthieu,
>>
>> Thank you for fixing that bug. Much appreciated.
>>
> John, just pay attention that I didn't tested it thoroughly with real
> windows workstation. It just don't show the pb when using smbclient
> and forcing the password change with net changetrustpw. So for your
> clusters it's worth to wait a little bit still.
>
Now I tested it and I had to change the patch a little bit.
Here is the update version.
> Cheers, Matthieu.
>
--
Matthieu Patou
Samba Team http://samba.org
More information about the samba-technical
mailing list