Author: abartlet Date: 2005-12-30 08:40:16 +0000 (Fri, 30 Dec 2005) New Revision: 12599
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=12599 Log: This new LDB module (and associated changes) allows Samba4 to operate using pre-calculated passwords for all kerberos key types. (Previously we could only use these for the NT# type). The module handles all of the hash/string2key tasks for all parts of Samba, which was previously in the rpc_server/samr/samr_password.c code. We also update the msDS-KeyVersionNumber, and the password history. This new module can be called at provision time, which ensures we start with a database that is consistent in this respect. By ensuring that the krb5key attribute is the only one we need to retrieve, this also simplifies the run-time KDC logic. (Each value of the multi-valued attribute is encoded as a 'Key' in ASN.1, using the definition from Heimdal's HDB. This simplfies the KDC code.). It is hoped that this will speed up the KDC enough that it can again operate under valgrind. Added: branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/password_hash.c Modified: branches/SAMBA_4_0/source/auth/auth_sam.c branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/config.mk branches/SAMBA_4_0/source/dsdb/samdb/samdb.c branches/SAMBA_4_0/source/kdc/hdb-ldb.c branches/SAMBA_4_0/source/lib/ldb/common/ldb_modules.c branches/SAMBA_4_0/source/rpc_server/netlogon/dcerpc_netlogon.c branches/SAMBA_4_0/source/rpc_server/samr/dcesrv_samr.c branches/SAMBA_4_0/source/rpc_server/samr/samr_password.c branches/SAMBA_4_0/source/setup/provision_init.ldif Changeset: Sorry, the patch is too large (1372 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=12599