]> git.ipfire.org Git - thirdparty/samba.git/commitdiff
projects / thirdparty / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: cb01a46)
s3:libads: use trust_pw_new_value() for krb5 machine passwords
authorStefan Metzmacher <metze@samba.org>
Tue, 23 Aug 2016 08:38:58 +0000 (10:38 +0200)
committerStefan Metzmacher <metze@samba.org>
Sat, 25 Feb 2017 00:35:17 +0000 (01:35 +0100)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(similar to commit 00136940757ea6947f97c9c92b25207d9413727b)

source3/libads/util.c patch | blob | blame | history
source3/wscript_build patch | blob | blame | history

diff --git a/source3/libads/util.c b/source3/libads/util.c
index 2e22bca02e5a58c89d218e3f236e9a508d7ca906..b0754be3f56dca37e5c2d7029bdb2be53a7f8d13 100644 (file)
--- a/source3/libads/util.c
+++ b/source3/libads/util.c
@@ -35,9 +35,12 @@ ADS_STATUS ads_change_trust_account_password(ADS_STRUCT *ads, char *host_princip
                return ADS_ERROR_SYSTEM(ENOENT);
        }
 
-       new_password = generate_random_password(talloc_tos(),
-                               DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH,
-                               DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH);
+       new_password = trust_pw_new_value(talloc_tos(), SEC_CHAN_WKSTA, SEC_ADS);
+       if (new_password == NULL) {
+               ret = ADS_ERROR_SYSTEM(errno);
+               DEBUG(1,("Failed to generate machine password\n"));
+               goto failed;
+       }
 
        ret = kerberos_set_password(ads->auth.kdc_server, host_principal, password, host_principal, new_password, ads->auth.time_offset);
 
diff --git a/source3/wscript_build b/source3/wscript_build
index 75623dd6c384ada97263e99b5f1021ecc240d78b..dabe262be9deb41e939ec19e1e47a3fed0347957 100755 (executable)
--- a/source3/wscript_build
+++ b/source3/wscript_build
@@ -451,7 +451,7 @@ bld.SAMBA3_LIBRARY('ads',
                    libads/ldap_schema.c
                    libads/util.c
                    libads/ndr.c''',
-                   deps='cli-ldap-common krb5samba ldap lber KRBCLIENT param LIBNMB libsmb DCUTIL smbldap',
+                   deps='cli-ldap-common krb5samba ldap lber KRBCLIENT param LIBNMB libsmb DCUTIL smbldap trusts_util',
                    private_library=True)
 
 bld.SAMBA3_SUBSYSTEM('LIBADS_SERVER',
Mirror of https://github.com/samba-team/samba.git