summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2012-07-13 11:01:47 +1000
committerAndrew Bartlett <abartlet@samba.org>2012-07-13 07:52:40 +0200
commit15fedb3c6855751678e93e3f4a7e443b0495b1c3 (patch)
tree3b1fed92396445bce6912fc2b1d0e1be43d2ef70
parentd55cde19d31484079d69182fcaa9dfa889fd7fed (diff)
downloadsamba-15fedb3c6855751678e93e3f4a7e443b0495b1c3.tar.gz
samba-15fedb3c6855751678e93e3f4a7e443b0495b1c3.tar.bz2
samba-15fedb3c6855751678e93e3f4a7e443b0495b1c3.zip
s3-auth Remove unused global_machine_account_needs_changing
This boolean was only set if the old machine account store (with an MD4 hash in it) was returned. We have not set that password type for years. If this call ever worked, it would store a plaintext password, so we could only ever be here if we had set a password using a version of Samba so old as not to store plaintext, and then never honered the flag anyway. Andrew Bartlett Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri Jul 13 07:52:40 CEST 2012 on sn-devel-104
-rw-r--r--source3/auth/auth_domain.c66
-rw-r--r--source3/passdb/machine_account_secrets.c11
-rw-r--r--source3/smbd/process.c5
3 files changed, 0 insertions, 82 deletions
diff --git a/source3/auth/auth_domain.c b/source3/auth/auth_domain.c
index 82160bb4f9..286c75c786 100644
--- a/source3/auth/auth_domain.c
+++ b/source3/auth/auth_domain.c
@@ -31,74 +31,8 @@
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_AUTH
-extern bool global_machine_password_needs_changing;
static struct named_mutex *mutex;
-/*
- * Change machine password (called from main loop
- * idle timeout. Must be done as root.
- */
-
-void attempt_machine_password_change(void)
-{
- unsigned char trust_passwd_hash[16];
- time_t lct;
- void *lock;
-
- if (!global_machine_password_needs_changing) {
- return;
- }
-
- if (lp_security() != SEC_DOMAIN) {
- return;
- }
-
- /*
- * We're in domain level security, and the code that
- * read the machine password flagged that the machine
- * password needs changing.
- */
-
- /*
- * First, open the machine password file with an exclusive lock.
- */
-
- lock = secrets_get_trust_account_lock(NULL, lp_workgroup());
-
- if (lock == NULL) {
- DEBUG(0,("attempt_machine_password_change: unable to lock "
- "the machine account password for machine %s in "
- "domain %s.\n",
- lp_netbios_name(), lp_workgroup() ));
- return;
- }
-
- if(!secrets_fetch_trust_account_password(lp_workgroup(),
- trust_passwd_hash, &lct, NULL)) {
- DEBUG(0,("attempt_machine_password_change: unable to read the "
- "machine account password for %s in domain %s.\n",
- lp_netbios_name(), lp_workgroup()));
- TALLOC_FREE(lock);
- return;
- }
-
- /*
- * Make sure someone else hasn't already done this.
- */
-
- if(time(NULL) < lct + lp_machine_password_timeout()) {
- global_machine_password_needs_changing = false;
- TALLOC_FREE(lock);
- return;
- }
-
- /* always just contact the PDC here */
-
- change_trust_account_password( lp_workgroup(), NULL);
- global_machine_password_needs_changing = false;
- TALLOC_FREE(lock);
-}
-
/**
* Connect to a remote server for (inter)domain security authenticaion.
*
diff --git a/source3/passdb/machine_account_secrets.c b/source3/passdb/machine_account_secrets.c
index 8aaea10d8c..463de714c1 100644
--- a/source3/passdb/machine_account_secrets.c
+++ b/source3/passdb/machine_account_secrets.c
@@ -33,9 +33,6 @@
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_PASSDB
-/* Urrrg. global.... */
-bool global_machine_password_needs_changing;
-
/**
* Form a key for fetching the domain sid
*
@@ -344,14 +341,6 @@ bool secrets_fetch_trust_account_password_legacy(const char *domain,
*channel = get_default_sec_channel();
}
- /* Test if machine password has expired and needs to be changed */
- if (lp_machine_password_timeout()) {
- if (pass->mod_time > 0 && time(NULL) > (pass->mod_time +
- (time_t)lp_machine_password_timeout())) {
- global_machine_password_needs_changing = True;
- }
- }
-
SAFE_FREE(pass);
return True;
}
diff --git a/source3/smbd/process.c b/source3/smbd/process.c
index f8757faae0..80b0c1d79b 100644
--- a/source3/smbd/process.c
+++ b/source3/smbd/process.c
@@ -41,8 +41,6 @@
#include "lib/id_cache.h"
#include "serverid.h"
-extern bool global_machine_password_needs_changing;
-
/* Internal message queue for deferred opens. */
struct pending_message_list {
struct pending_message_list *next, *prev;
@@ -2581,9 +2579,6 @@ static bool housekeeping_fn(const struct timeval *now, void *private_data)
/* check if we need to reload services */
check_reload(sconn, time_mono(NULL));
- /* Change machine password if neccessary. */
- attempt_machine_password_change();
-
/*
* Force a log file check.
*/