s4-kdc: fixed handling of previous vs current trust password
commit0ef8dca9fb69154f50807d0a56aeb24614d73399
authorAndrew Tridgell <tridge@samba.org>
Thu, 29 Sep 2011 20:47:08 +0000 (30 06:47 +1000)
committerAndrew Tridgell <tridge@samba.org>
Tue, 4 Oct 2011 04:08:57 +0000 (4 15:08 +1100)
tree0693ac577d0bc0f75cc223bed69a4db54f4bdb8e
parent71f3a25ff7ff5866c77f580daa4814ca985167ce
s4-kdc: fixed handling of previous vs current trust password

This sorts out the correct handling for the 'kvno=255'
problem. Windows will use the previous trust password for 1 hour after
a password set, and indicates that the previous password is being used
by sending current_kvno-1. That maps to 255 if the trust password has
not actually been changed, so the initial trust password is being
used.

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
source4/kdc/db-glue.c