[PATCH] s3-winbindd: Store schannel credentials in secrets.tdb

[Christof Schmitt]

Andrew Bartlett <abartlet at samba.org> wrote on 07/31/2012 04:37:40 PM:

> On Tue, 2012-07-31 at 17:21 -0600, Christof Schmitt wrote:
> > This fixes a failure from the base.bench-torture test. The test can
> > fail when multiple netlogon connections to the same domain controller
> > are established. The domain controller only keeps one set of
> > credentials for schannel connections, and the discussion in bz #8599
> > suggested to store the credentials in a tdb.
> > 
> > The patch stores the netlogon credentials per domain controller in
> > secrets.tdb. If there are already credentials before establishing a
> > netlogon session, those credentials are reused. If the reused
> > credentials are no longer valid, they are deleted and the netlogon
> > session is established with new credentials.
> 
> This seems to duplicate the code in libcli/auth/schannel_state_tdb.c
> which is used for the same task on the server side. 
> 
> I know it might mean sorting this out to be dbwrap aware, but I would
> really like to reduce the duplication in this area. 

Ok, i will work on an updated patch to reuse the code in
schannel_state_tdb.c.

Regards,

Christof Schmitt || IBM || SONAS System Development || Tucson, AZ
christof.schmitt at us.ibm.com  ||  +1-520-799-2469  (T/L: 321-2469)