mirror of
https://github.com/samba-team/samba.git
synced 2024-12-25 23:21:54 +03:00
Refactor the lagacy part of secrets_fetch_trust_account_password() out
into a new function secrets_fetch_trust_account_password_legacy() that does only try to obtain the hashed version of the machine password directly from secrets.tdb. Michael
This commit is contained in:
parent
6ced4a7f88
commit
91da12b751
@ -284,27 +284,19 @@ uint32 get_default_sec_channel(void)
|
||||
|
||||
/************************************************************************
|
||||
Routine to get the trust account password for a domain.
|
||||
This only tries to get the legacy hashed version of the password.
|
||||
The user of this function must have locked the trust password file using
|
||||
the above secrets_lock_trust_account_password().
|
||||
************************************************************************/
|
||||
|
||||
bool secrets_fetch_trust_account_password(const char *domain, uint8 ret_pwd[16],
|
||||
bool secrets_fetch_trust_account_password_legacy(const char *domain,
|
||||
uint8 ret_pwd[16],
|
||||
time_t *pass_last_set_time,
|
||||
uint32 *channel)
|
||||
{
|
||||
struct machine_acct_pass *pass;
|
||||
char *plaintext;
|
||||
size_t size = 0;
|
||||
|
||||
plaintext = secrets_fetch_machine_password(domain, pass_last_set_time,
|
||||
channel);
|
||||
if (plaintext) {
|
||||
DEBUG(4,("Using cleartext machine password\n"));
|
||||
E_md4hash(plaintext, ret_pwd);
|
||||
SAFE_FREE(plaintext);
|
||||
return True;
|
||||
}
|
||||
|
||||
if (!(pass = (struct machine_acct_pass *)secrets_fetch(
|
||||
trust_keystr(domain), &size))) {
|
||||
DEBUG(5, ("secrets_fetch failed!\n"));
|
||||
@ -337,6 +329,32 @@ bool secrets_fetch_trust_account_password(const char *domain, uint8 ret_pwd[16],
|
||||
return True;
|
||||
}
|
||||
|
||||
/************************************************************************
|
||||
Routine to get the trust account password for a domain.
|
||||
The user of this function must have locked the trust password file using
|
||||
the above secrets_lock_trust_account_password().
|
||||
************************************************************************/
|
||||
|
||||
bool secrets_fetch_trust_account_password(const char *domain, uint8 ret_pwd[16],
|
||||
time_t *pass_last_set_time,
|
||||
uint32 *channel)
|
||||
{
|
||||
char *plaintext;
|
||||
|
||||
plaintext = secrets_fetch_machine_password(domain, pass_last_set_time,
|
||||
channel);
|
||||
if (plaintext) {
|
||||
DEBUG(4,("Using cleartext machine password\n"));
|
||||
E_md4hash(plaintext, ret_pwd);
|
||||
SAFE_FREE(plaintext);
|
||||
return True;
|
||||
}
|
||||
|
||||
return secrets_fetch_trust_account_password_legacy(domain, ret_pwd,
|
||||
pass_last_set_time,
|
||||
channel);
|
||||
}
|
||||
|
||||
/**
|
||||
* Pack SID passed by pointer
|
||||
*
|
||||
|
Loading…
Reference in New Issue
Block a user