s3:secrets: let secrets_delete_machine_password_ex() also remove the des_salt key

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

1 files changed, 10 insertions, 2 deletions

diff --git a/source3/passdb/machine_account_secrets.c b/source3/passdb/machine_account_secrets.c
index 06e42f2c65b..70a8277bd57 100644
--- a/source3/passdb/machine_account_secrets.c
+++ b/source3/passdb/machine_account_secrets.c
@@ -374,11 +374,19 @@ bool secrets_fetch_trust_account_password(const char *domain, uint8_t ret_pwd[16
  Routine to delete all information related to the domain joined machine.
 ************************************************************************/
 
-bool secrets_delete_machine_password_ex(const char *domain)
+bool secrets_delete_machine_password_ex(const char *domain, const char *realm)
 {
 	const char *tmpkey = NULL;
 	bool ok;
 
+	if (realm != NULL) {
+		tmpkey = des_salt_key(domain);
+		ok = secrets_delete(tmpkey);
+		if (!ok) {
+			return false;
+		}
+	}
+
 	tmpkey = domain_guid_keystr(domain);
 	ok = secrets_delete(tmpkey);
 	if (!ok) {
@@ -495,7 +503,7 @@ bool secrets_store_machine_pw_sync(const char *pass, const char *oldpass, const
 	uint8_t sec_channel_bytes[4];
 
 	if (delete_join) {
-		secrets_delete_machine_password_ex(domain);
+		secrets_delete_machine_password_ex(domain, realm);
 		TALLOC_FREE(frame);
 		return true;
 	}