DATA_BLOB *error_blob)
{
char *error_string_utf8;
- ssize_t len;
+ size_t len;
DEBUG(result_code ? 3 : 10, ("kpasswdd: %s\n", error_string));
- len = push_utf8_talloc(mem_ctx, &error_string_utf8, error_string);
- if (len == -1) {
+ if (!push_utf8_talloc(mem_ctx, &error_string_utf8, error_string, &len)) {
return false;
}
DATA_BLOB *reply)
{
struct auth_session_info *session_info;
- ssize_t pw_len;
+ size_t pw_len;
if (!NT_STATUS_IS_OK(gensec_session_info(gensec_security,
&session_info))) {
case KRB5_KPASSWD_VERS_CHANGEPW:
{
DATA_BLOB password;
- pw_len = convert_string_talloc_convenience(mem_ctx, lp_iconv_convenience(kdc->task->lp_ctx),
+ if (!convert_string_talloc_convenience(mem_ctx, lp_iconv_convenience(kdc->task->lp_ctx),
CH_UTF8, CH_UTF16,
(const char *)input->data,
input->length,
- (void **)&password.data, false);
-
- if (pw_len == -1) {
+ (void **)&password.data, &pw_len, false)) {
return false;
}
password.length = pw_len;
reply);
}
- pw_len = convert_string_talloc_convenience(mem_ctx, lp_iconv_convenience(kdc->task->lp_ctx),
+ if (!convert_string_talloc_convenience(mem_ctx, lp_iconv_convenience(kdc->task->lp_ctx),
CH_UTF8, CH_UTF16,
(const char *)chpw.newpasswd.data,
chpw.newpasswd.length,
- (void **)&password.data, false);
- if (pw_len == -1) {
+ (void **)&password.data, &pw_len, false)) {
free_ChangePasswdDataMS(&chpw);
return false;
}
struct cli_credentials *server_credentials;
struct gensec_security *gensec_security;
TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
-
+
+ char *keytab_name;
+
if (!tmp_ctx) {
return false;
}
* we already have, rather than a new context */
cli_credentials_set_krb5_context(server_credentials, kdc->smb_krb5_context);
cli_credentials_set_conf(server_credentials, kdc->task->lp_ctx);
- nt_status = cli_credentials_set_stored_principal(server_credentials, kdc->task->event_ctx, kdc->task->lp_ctx, "kadmin/changepw");
- if (!NT_STATUS_IS_OK(nt_status)) {
+
+ keytab_name = talloc_asprintf(server_credentials, "HDB:samba4&%p", kdc->hdb_samba4_context);
+
+ cli_credentials_set_username(server_credentials, "kadmin/changepw", CRED_SPECIFIED);
+ ret = cli_credentials_set_keytab_name(server_credentials, kdc->task->event_ctx, kdc->task->lp_ctx, keytab_name, CRED_SPECIFIED);
+ if (ret != 0) {
ret = kpasswdd_make_unauth_error_reply(kdc, mem_ctx,
KRB5_KPASSWD_HARDERROR,
talloc_asprintf(mem_ctx,