Ignore:
Timestamp:
Aug 2, 2010, 8:16:45 PM (15 years ago)
Author:
Silvan Scherrer
Message:

Samba Server 3.5: trunk update to 3.5.4

Location:
trunk/server
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • trunk/server

  • trunk/server/source3/passdb/secrets.c

    r414 r480  
    325325
    326326/**
     327 * Form a key for fetching the machine previous trust account password
     328 *
     329 * @param domain domain name
     330 *
     331 * @return keystring
     332 **/
     333static const char *machine_prev_password_keystr(const char *domain)
     334{
     335        char *keystr;
     336
     337        keystr = talloc_asprintf_strupper_m(talloc_tos(), "%s/%s",
     338                                            SECRETS_MACHINE_PASSWORD_PREV, domain);
     339        SMB_ASSERT(keystr != NULL);
     340        return keystr;
     341}
     342
     343/**
    327344 * Form a key for fetching the machine trust account password
    328345 *
     
    572589
    573590/************************************************************************
    574  Routine to delete the plaintext machine account password
     591 Routine to delete the old plaintext machine account password if any
     592************************************************************************/
     593
     594static bool secrets_delete_prev_machine_password(const char *domain)
     595{
     596        char *oldpass = (char *)secrets_fetch(machine_prev_password_keystr(domain), NULL);
     597        if (oldpass == NULL) {
     598                return true;
     599        }
     600        SAFE_FREE(oldpass);
     601        return secrets_delete(machine_prev_password_keystr(domain));
     602}
     603
     604/************************************************************************
     605 Routine to delete the plaintext machine account password and old
     606 password if any
    575607************************************************************************/
    576608
    577609bool secrets_delete_machine_password(const char *domain)
    578610{
     611        if (!secrets_delete_prev_machine_password(domain)) {
     612                return false;
     613        }
    579614        return secrets_delete(machine_password_keystr(domain));
    580615}
    581616
    582617/************************************************************************
    583  Routine to delete the plaintext machine account password, sec channel type and
    584  last change time from secrets database
     618 Routine to delete the plaintext machine account password, old password,
     619 sec channel type and last change time from secrets database
    585620************************************************************************/
    586621
    587622bool secrets_delete_machine_password_ex(const char *domain)
    588623{
     624        if (!secrets_delete_prev_machine_password(domain)) {
     625                return false;
     626        }
    589627        if (!secrets_delete(machine_password_keystr(domain))) {
    590628                return false;
     
    606644
    607645/************************************************************************
     646 Routine to store the previous machine password (by storing the current password
     647 as the old)
     648************************************************************************/
     649
     650static bool secrets_store_prev_machine_password(const char *domain)
     651{
     652        char *oldpass;
     653        bool ret;
     654
     655        oldpass = (char *)secrets_fetch(machine_password_keystr(domain), NULL);
     656        if (oldpass == NULL) {
     657                return true;
     658        }
     659        ret = secrets_store(machine_prev_password_keystr(domain), oldpass, strlen(oldpass)+1);
     660        SAFE_FREE(oldpass);
     661        return ret;
     662}
     663
     664/************************************************************************
    608665 Routine to set the plaintext machine account password for a realm
    609 the password is assumed to be a null terminated ascii string
     666 the password is assumed to be a null terminated ascii string.
     667 Before storing
    610668************************************************************************/
    611669
     
    617675        uint32 sec_channel_type;
    618676
     677        if (!secrets_store_prev_machine_password(domain)) {
     678                return false;
     679        }
     680
    619681        ret = secrets_store(machine_password_keystr(domain), pass, strlen(pass)+1);
    620682        if (!ret)
     
    628690
    629691        return ret;
     692}
     693
     694
     695/************************************************************************
     696 Routine to fetch the previous plaintext machine account password for a realm
     697 the password is assumed to be a null terminated ascii string.
     698************************************************************************/
     699
     700char *secrets_fetch_prev_machine_password(const char *domain)
     701{
     702        return (char *)secrets_fetch(machine_prev_password_keystr(domain), NULL);
    630703}
    631704
Note: See TracChangeset for help on using the changeset viewer.