s3:trusts_utils: use a password length of 120 for machine accounts

This is important when we change the machine password against
an RODC that proxies the request to an RWDC.

An RODC using NetrServerPasswordSet2() to proxy PasswordUpdateForward via
NetrLogonSendToSam() ignores a return of NT_STATUS_INVALID_PARAMETER
and reports NT_STATUS_OK as result of NetrServerPasswordSet2().
This hopefully found the last hole in our very robust machine account
password handling logic inside of trust_pw_change().

The lesson is: try to be as identical to how windows works as possible,
everything else may use is untested code paths on Windows.

A similar problem was fixed by this commit:

    commit 609ca657652862fd9c81fd11f818efb74f72ff55
    Author: Joseph Sutton <josephsutton@catalyst.net.nz>
    Date:   Wed Feb 24 02:03:25 2021 +1300

        provision: Decrease the length of random machine passwords

        The current length of 128-255 UTF-16 characters currently causes
        generation of crypt() passwords to typically fail. This commit
        decreases the length to 120 UTF-16 characters, which is the same as
        that used by Windows.

        BUG: https://bugzilla.samba.org/show_bug.cgi?id=14621

        Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
        Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
        Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14984

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Feb 23 08:49:54 UTC 2022 on sn-devel-184

(cherry picked from commit 5e2386336c49fab46c1192db972af5da1e916b32)

Autobuild-User(v4-14-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-14-test): Mon Mar  7 11:30:22 UTC 2022 on sn-devel-184

diff --git a/source3/libsmb/trusts_util.c b/source3/libsmb/trusts_util.c
index 55e3c74494ab0b167ce8fc8f4d81a72e2ae20b1c..71e1a35eba7f8591c701846c15aa3d83bbe4f857 100644 (file)
--- a/source3/libsmb/trusts_util.c
+++ b/source3/libsmb/trusts_util.c
@@ -55,10 +55,18 @@ char *trust_pw_new_value(TALLOC_CTX *mem_ctx,
                         int security)
 {
        /*
-        * use secure defaults.
+        * use secure defaults, which match
+        * what windows uses for computer passwords.
+        *
+        * We used to have min=128 and max=255 here, but
+        * it's a bad idea because of bugs in the Windows
+        * RODC/RWDC PasswordUpdateForward handling via
+        * NetrLogonSendToSam.
+        *
+        * See https://bugzilla.samba.org/show_bug.cgi?id=14984
         */
-       size_t min = 128;
-       size_t max = 255;
+       size_t min = 120;
+       size_t max = 120;
 
        switch (sec_channel_type) {
        case SEC_CHAN_WKSTA: