diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2012-07-13 11:01:47 +1000 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2012-07-13 07:52:40 +0200 |
| commit | 15fedb3c6855751678e93e3f4a7e443b0495b1c3 (patch) | |
| tree | 3b1fed92396445bce6912fc2b1d0e1be43d2ef70 /source3/auth | |
| parent | d55cde19d31484079d69182fcaa9dfa889fd7fed (diff) | |
| download | samba-15fedb3c6855751678e93e3f4a7e443b0495b1c3.tar.gz samba-15fedb3c6855751678e93e3f4a7e443b0495b1c3.tar.bz2 samba-15fedb3c6855751678e93e3f4a7e443b0495b1c3.zip | |
s3-auth Remove unused global_machine_account_needs_changing
This boolean was only set if the old machine account store (with an
MD4 hash in it) was returned. We have not set that password type for
years. If this call ever worked, it would store a plaintext password,
so we could only ever be here if we had set a password using a version
of Samba so old as not to store plaintext, and then never honered the
flag anyway.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jul 13 07:52:40 CEST 2012 on sn-devel-104
Diffstat (limited to 'source3/auth')
| -rw-r--r-- | source3/auth/auth_domain.c | 66 |
1 files changed, 0 insertions, 66 deletions
diff --git a/source3/auth/auth_domain.c b/source3/auth/auth_domain.c index 82160bb4f9..286c75c786 100644 --- a/source3/auth/auth_domain.c +++ b/source3/auth/auth_domain.c @@ -31,74 +31,8 @@ #undef DBGC_CLASS #define DBGC_CLASS DBGC_AUTH -extern bool global_machine_password_needs_changing; static struct named_mutex *mutex; -/* - * Change machine password (called from main loop - * idle timeout. Must be done as root. - */ - -void attempt_machine_password_change(void) -{ - unsigned char trust_passwd_hash[16]; - time_t lct; - void *lock; - - if (!global_machine_password_needs_changing) { - return; - } - - if (lp_security() != SEC_DOMAIN) { - return; - } - - /* - * We're in domain level security, and the code that - * read the machine password flagged that the machine - * password needs changing. - */ - - /* - * First, open the machine password file with an exclusive lock. - */ - - lock = secrets_get_trust_account_lock(NULL, lp_workgroup()); - - if (lock == NULL) { - DEBUG(0,("attempt_machine_password_change: unable to lock " - "the machine account password for machine %s in " - "domain %s.\n", - lp_netbios_name(), lp_workgroup() )); - return; - } - - if(!secrets_fetch_trust_account_password(lp_workgroup(), - trust_passwd_hash, &lct, NULL)) { - DEBUG(0,("attempt_machine_password_change: unable to read the " - "machine account password for %s in domain %s.\n", - lp_netbios_name(), lp_workgroup())); - TALLOC_FREE(lock); - return; - } - - /* - * Make sure someone else hasn't already done this. - */ - - if(time(NULL) < lct + lp_machine_password_timeout()) { - global_machine_password_needs_changing = false; - TALLOC_FREE(lock); - return; - } - - /* always just contact the PDC here */ - - change_trust_account_password( lp_workgroup(), NULL); - global_machine_password_needs_changing = false; - TALLOC_FREE(lock); -} - /** * Connect to a remote server for (inter)domain security authenticaion. * |