From 57ab910b6f3a24bf188415baf58de610203594b1 Mon Sep 17 00:00:00 2001 From: Matthieu Patou Date: Fri, 21 May 2010 11:57:29 +0400 Subject: s3: Allow previous password to be stored and use it to check tickets MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This patch is to fix bug 7099. It stores the current password in the previous password key when the password is changed. It also check the user ticket against previous password. Signed-off-by: Günther Deschner --- source3/include/proto.h | 1 + source3/include/secrets.h | 1 + 2 files changed, 2 insertions(+) (limited to 'source3/include') diff --git a/source3/include/proto.h b/source3/include/proto.h index cb6856734e..6ccefe1a39 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -4645,6 +4645,7 @@ bool secrets_delete_machine_password(const char *domain); bool secrets_delete_machine_password_ex(const char *domain); bool secrets_delete_domain_sid(const char *domain); bool secrets_store_machine_password(const char *pass, const char *domain, enum netr_SchannelType sec_channel); +char *secrets_fetch_prev_machine_password(const char *domain); char *secrets_fetch_machine_password(const char *domain, time_t *pass_last_set_time, enum netr_SchannelType *channel); diff --git a/source3/include/secrets.h b/source3/include/secrets.h index b51fd22bfa..624b1465bb 100644 --- a/source3/include/secrets.h +++ b/source3/include/secrets.h @@ -25,6 +25,7 @@ */ #define SECRETS_MACHINE_ACCT_PASS "SECRETS/$MACHINE.ACC" #define SECRETS_MACHINE_PASSWORD "SECRETS/MACHINE_PASSWORD" +#define SECRETS_MACHINE_PASSWORD_PREV "SECRETS/MACHINE_PASSWORD.PREV" #define SECRETS_MACHINE_LAST_CHANGE_TIME "SECRETS/MACHINE_LAST_CHANGE_TIME" #define SECRETS_MACHINE_SEC_CHANNEL_TYPE "SECRETS/MACHINE_SEC_CHANNEL_TYPE" #define SECRETS_MACHINE_TRUST_ACCOUNT_NAME "SECRETS/SECRETS_MACHINE_TRUST_ACCOUNT_NAME" -- cgit