summaryrefslogtreecommitdiff
path: root/auth/credentials
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2013-07-31 13:39:17 +0200
committerAndrew Bartlett <abartlet@samba.org>2013-08-05 17:48:05 +1200
commit26a7420c1c4307023b22676cd85d95010ecbf603 (patch)
treed5082c56379522e31b5fd720a7a34d20546b4f6e /auth/credentials
parent9325bd9cb6bb942ea989f4e32799c76ea8af3d3e (diff)
downloadsamba-26a7420c1c4307023b22676cd85d95010ecbf603.tar.gz
samba-26a7420c1c4307023b22676cd85d95010ecbf603.tar.bz2
samba-26a7420c1c4307023b22676cd85d95010ecbf603.zip
auth/credentials: get the old password from secrets.tdb
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'auth/credentials')
-rw-r--r--auth/credentials/credentials_secrets.c11
1 files changed, 11 insertions, 0 deletions
diff --git a/auth/credentials/credentials_secrets.c b/auth/credentials/credentials_secrets.c
index 678d16734c..6c1cded4cb 100644
--- a/auth/credentials/credentials_secrets.c
+++ b/auth/credentials/credentials_secrets.c
@@ -238,6 +238,7 @@ _PUBLIC_ NTSTATUS cli_credentials_set_machine_account(struct cli_credentials *cr
bool secrets_tdb_password_more_recent;
time_t secrets_tdb_lct = 0;
char *secrets_tdb_password = NULL;
+ char *secrets_tdb_old_password = NULL;
char *keystr;
char *keystr_upper = NULL;
char *secrets_tdb;
@@ -285,6 +286,15 @@ _PUBLIC_ NTSTATUS cli_credentials_set_machine_account(struct cli_credentials *cr
if (NT_STATUS_IS_OK(status)) {
secrets_tdb_password = (char *)dbuf.dptr;
}
+ keystr = talloc_asprintf(tmp_ctx, "%s/%s",
+ SECRETS_MACHINE_PASSWORD_PREV,
+ domain);
+ keystr_upper = strupper_talloc(tmp_ctx, keystr);
+ status = dbwrap_fetch(db_ctx, tmp_ctx, string_tdb_data(keystr_upper),
+ &dbuf);
+ if (NT_STATUS_IS_OK(status)) {
+ secrets_tdb_old_password = (char *)dbuf.dptr;
+ }
}
filter = talloc_asprintf(cred, SECRETS_PRIMARY_DOMAIN_FILTER,
@@ -308,6 +318,7 @@ _PUBLIC_ NTSTATUS cli_credentials_set_machine_account(struct cli_credentials *cr
if (secrets_tdb_password_more_recent) {
char *machine_account = talloc_asprintf(tmp_ctx, "%s$", lpcfg_netbios_name(lp_ctx));
cli_credentials_set_password(cred, secrets_tdb_password, CRED_SPECIFIED);
+ cli_credentials_set_old_password(cred, secrets_tdb_old_password, CRED_SPECIFIED);
cli_credentials_set_domain(cred, domain, CRED_SPECIFIED);
cli_credentials_set_username(cred, machine_account, CRED_SPECIFIED);
} else if (!NT_STATUS_IS_OK(status)) {