The branch, master has been updated via 28de101 lib/util/debug.h uses va_list, needs stdarg.h via c64e3a8 net: Print time of last password change in 'net ads info' via 487119d secrets: Add function to fetch only password change timestamp via 3bbf384 doc: mention that `smbd -i` exits after first connection from 10374dd param: update the README with instructions for adding a parameter
https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 28de101bb8a48c8279c633a362853f03b30d8c71 Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Date: Thu Jul 9 18:16:56 2015 +1200 lib/util/debug.h uses va_list, needs stdarg.h Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Jeremy Allison <j...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Sat Aug 1 13:59:13 CEST 2015 on sn-devel-104 commit c64e3a8ff3297153fb2446194b924617fedc1a31 Author: Christof Schmitt <c...@samba.org> Date: Thu Jul 30 15:52:08 2015 -0700 net: Print time of last password change in 'net ads info' This is useful for debugging overwritten machine accounts, e.g. a second machine is joined to a domain with the same name as the first one. Signed-off-by: Christof Schmitt <c...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 487119d741b5e7a5d0805b785248b40f2b4548c8 Author: Christof Schmitt <c...@samba.org> Date: Thu Jul 30 15:47:54 2015 -0700 secrets: Add function to fetch only password change timestamp Signed-off-by: Christof Schmitt <c...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 3bbf3848948c6afd27cd32df9c39f58995e7831b Author: Aurelien Aptel <aap...@suse.com> Date: Fri Jul 31 17:01:10 2015 +0200 doc: mention that `smbd -i` exits after first connection Signed-off-by: Aurelien Aptel <aap...@suse.com> Reviewed-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> ----------------------------------------------------------------------- Summary of changes: docs-xml/manpages/smbd.8.xml | 8 ++++---- lib/util/debug.h | 2 +- source3/include/secrets.h | 1 + source3/passdb/machine_account_secrets.c | 32 +++++++++++++++++++++++--------- source3/utils/net_ads.c | 6 ++++++ 5 files changed, 35 insertions(+), 14 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/manpages/smbd.8.xml b/docs-xml/manpages/smbd.8.xml index 7cf7d51..1480e80 100644 --- a/docs-xml/manpages/smbd.8.xml +++ b/docs-xml/manpages/smbd.8.xml @@ -120,12 +120,12 @@ server to run "interactively", not as a daemon, even if the server is executed on the command line of a shell. Setting this parameter negates the implicit daemon mode when run from the - command line. <command>smbd</command> also logs to standard - output, as if the <command>-S</command> parameter had been - given. + command line. <command>smbd</command> will only accept one + connection and terminate. It will also log to standard output, + as if the <command>-S</command> parameter had been given. </para></listitem> </varlistentry> - + &stdarg.server.debug; &popt.common.samba; &popt.autohelp; diff --git a/lib/util/debug.h b/lib/util/debug.h index c312bbf..e399379 100644 --- a/lib/util/debug.h +++ b/lib/util/debug.h @@ -25,7 +25,7 @@ #include <stdbool.h> #include <stddef.h> - +#include <stdarg.h> #include "attr.h" diff --git a/source3/include/secrets.h b/source3/include/secrets.h index 350bdc6..f397129 100644 --- a/source3/include/secrets.h +++ b/source3/include/secrets.h @@ -113,6 +113,7 @@ bool secrets_delete_machine_password_ex(const char *domain); bool secrets_delete_domain_sid(const char *domain); bool secrets_store_machine_password(const char *pass, const char *domain, enum netr_SchannelType sec_channel); char *secrets_fetch_prev_machine_password(const char *domain); +time_t secrets_fetch_pass_last_set_time(const char *domain); char *secrets_fetch_machine_password(const char *domain, time_t *pass_last_set_time, enum netr_SchannelType *channel); diff --git a/source3/passdb/machine_account_secrets.c b/source3/passdb/machine_account_secrets.c index 717eaa1..3f097ab 100644 --- a/source3/passdb/machine_account_secrets.c +++ b/source3/passdb/machine_account_secrets.c @@ -565,6 +565,28 @@ char *secrets_fetch_prev_machine_password(const char *domain) } /************************************************************************ + Routine to fetch the last change time of the machine account password + for a realm +************************************************************************/ + +time_t secrets_fetch_pass_last_set_time(const char *domain) +{ + uint32_t *last_set_time; + time_t pass_last_set_time; + + last_set_time = secrets_fetch(machine_last_change_time_keystr(domain), + NULL); + if (last_set_time) { + pass_last_set_time = IVAL(last_set_time,0); + SAFE_FREE(last_set_time); + } else { + pass_last_set_time = 0; + } + + return pass_last_set_time; +} + +/************************************************************************ Routine to fetch the plaintext machine account password for a realm the password is assumed to be a null terminated ascii string. ************************************************************************/ @@ -577,15 +599,7 @@ char *secrets_fetch_machine_password(const char *domain, ret = (char *)secrets_fetch(machine_password_keystr(domain), NULL); if (pass_last_set_time) { - size_t size; - uint32_t *last_set_time; - last_set_time = (unsigned int *)secrets_fetch(machine_last_change_time_keystr(domain), &size); - if (last_set_time) { - *pass_last_set_time = IVAL(last_set_time,0); - SAFE_FREE(last_set_time); - } else { - *pass_last_set_time = 0; - } + *pass_last_set_time = secrets_fetch_pass_last_set_time(domain); } if (channel) { diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c index 28553fc..a0f59af 100644 --- a/source3/utils/net_ads.c +++ b/source3/utils/net_ads.c @@ -177,6 +177,7 @@ static int net_ads_info(struct net_context *c, int argc, const char **argv) { ADS_STRUCT *ads; char addr[INET6_ADDRSTRLEN]; + time_t pass_time; if (c->display_usage) { d_printf("%s\n" @@ -206,6 +207,8 @@ static int net_ads_info(struct net_context *c, int argc, const char **argv) d_fprintf( stderr, _("Failed to get server's current time!\n")); } + pass_time = secrets_fetch_pass_last_set_time(ads->server.workgroup); + print_sockaddr(addr, sizeof(addr), &ads->ldap.ss); d_printf(_("LDAP server: %s\n"), addr); @@ -219,6 +222,9 @@ static int net_ads_info(struct net_context *c, int argc, const char **argv) d_printf(_("KDC server: %s\n"), ads->auth.kdc_server ); d_printf(_("Server time offset: %d\n"), ads->auth.time_offset ); + d_printf(_("Last machine account password change: %s\n"), + http_timestring(talloc_tos(), pass_time)); + ads_destroy(&ads); return 0; } -- Samba Shared Repository