swat: Use additional nonce on XSRF protection
If the user had a weak password on the root account of a machine running
SWAT, there still was a chance of being targetted by an XSRF on a
malicious web site targetting the SWAT setup.
Use a random nonce stored in secrets.tdb to close this possible attack
window. Thanks to Jann Horn for reporting this issue.
Signed-off-by: Kai Blin <kai@samba.org>
Fix bug #9577: CVE-2013-0214: Potential XSRF in SWAT.
(cherry picked from commit
91f4275873ebeda8f57684f09df67162ae80515a)