The branch, master has been updated
via 70f707c... s3-rap: fix cli_oem_change_password() and give room for
the convert reply word.
via 99a7ebc... s3-lanman: use samr for api_SamOEMChangePassword().
from 73d654e... s4-smbtorture: create/delete testusers via SAMR in
RAP-SAM.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 70f707c2196aa503909678dd891ab4b249f1241e
Author: Günther Deschner <[email protected]>
Date: Tue May 11 12:16:52 2010 +0200
s3-rap: fix cli_oem_change_password() and give room for the convert reply
word.
Any servers I could find so far return it.
Guenther
commit 99a7ebc5569e6d4d9128d17431b567516084f8a1
Author: Günther Deschner <[email protected]>
Date: Fri May 7 19:20:09 2010 +0200
s3-lanman: use samr for api_SamOEMChangePassword().
Guenther
-----------------------------------------------------------------------
Summary of changes:
source3/libsmb/clirap.c | 2 +-
source3/smbd/lanman.c | 58 +++++++++++++++++++++++++++++++++++++++-------
2 files changed, 50 insertions(+), 10 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/libsmb/clirap.c b/source3/libsmb/clirap.c
index 913c8d3..80e5a41 100644
--- a/source3/libsmb/clirap.c
+++ b/source3/libsmb/clirap.c
@@ -500,7 +500,7 @@ bool cli_oem_change_password(struct cli_state *cli, const
char *user, const char
PIPE_LANMAN, /* name */
0,0, /* fid, flags */
NULL,0,0, /* setup, length,
max */
- param,param_len,2, /* param, length,
max */
+ param,param_len,4, /* param, length,
max */
(char *)data,data_len,0 /* data,
length, max */
) == False) {
DEBUG(0,("cli_oem_change_password: Failed to send password
change for user %s\n",
diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c
index 6c60eab..fce23e8 100644
--- a/source3/smbd/lanman.c
+++ b/source3/smbd/lanman.c
@@ -2936,10 +2936,19 @@ static bool api_SamOEMChangePassword(connection_struct
*conn,uint16 vuid,
char **rdata,char **rparam,
int *rdata_len,int *rparam_len)
{
- struct smbd_server_connection *sconn = smbd_server_conn;
fstring user;
char *p = get_safe_str_ptr(param,tpscnt,param,2);
- *rparam_len = 2;
+
+ TALLOC_CTX *mem_ctx = talloc_tos();
+ NTSTATUS status;
+ struct rpc_pipe_client *cli = NULL;
+ struct lsa_AsciiString server, account;
+ struct samr_CryptPassword password;
+ struct samr_Password hash;
+ int errcode = NERR_badpass;
+ int bufsize;
+
+ *rparam_len = 4;
*rparam = smb_realloc_limit(*rparam,*rparam_len);
if (!*rparam) {
return False;
@@ -2989,17 +2998,48 @@ static bool api_SamOEMChangePassword(connection_struct
*conn,uint16 vuid,
DEBUG(3,("api_SamOEMChangePassword: Change password for <%s>\n",user));
- /*
- * Pass the user through the NT -> unix user mapping
- * function.
- */
+ if (tdscnt != 532) {
+ errcode = W_ERROR_V(WERR_INVALID_PARAM);
+ goto out;
+ }
+
+ bufsize = get_safe_SVAL(param,tpscnt,p,0,-1);
+ if (bufsize != 532) {
+ errcode = W_ERROR_V(WERR_INVALID_PARAM);
+ goto out;
+ }
- (void)map_username(sconn, user);
+ memcpy(password.data, data, 516);
+ memcpy(hash.hash, data+516, 16);
- if (NT_STATUS_IS_OK(pass_oem_change(user, (uchar*) data, (uchar
*)&data[516], NULL, NULL, NULL))) {
- SSVAL(*rparam,0,NERR_Success);
+ status = rpc_pipe_open_internal(mem_ctx, &ndr_table_samr.syntax_id,
+ rpc_samr_dispatch, conn->server_info,
+ &cli);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(0,("api_SamOEMChangePassword: could not connect to samr:
%s\n",
+ nt_errstr(status)));
+ errcode = W_ERROR_V(ntstatus_to_werror(status));
+ goto out;
+ }
+
+ init_lsa_AsciiString(&server, global_myname());
+ init_lsa_AsciiString(&account, user);
+
+ status = rpccli_samr_OemChangePasswordUser2(cli, mem_ctx,
+ &server,
+ &account,
+ &password,
+ &hash);
+ if (!NT_STATUS_IS_OK(status)) {
+ errcode = W_ERROR_V(ntstatus_to_werror(status));
+ goto out;
}
+ errcode = NERR_Success;
+ out:
+ SSVAL(*rparam,0,errcode);
+ SSVAL(*rparam,2,0); /* converter word */
+
return(True);
}
--
Samba Shared Repository
