s3:trusts_util: generate completely random passwords in trust_pw_change()
authorStefan Metzmacher <metze@samba.org>
Fri, 30 Jan 2015 09:21:59 +0000 (09:21 +0000)
committerGünther Deschner <gd@samba.org>
Mon, 30 Mar 2015 11:41:25 +0000 (13:41 +0200)
Instead of having every 2nd byte as '\0' in the utf16 password,
because the utf8 form is based on an ascii subset, we convert
the random buffer from CH_UTF16MUNGED to CH_UTF8.

This way we have a random but valid utf8 string,
which is almost like what Windows is doing.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
source3/libsmb/trusts_util.c

index 108d25b2bb5892f05c447bd953b45e93bc56fd85..c56949ef41aeacc85b0ee2770de3ddfcd9f464fc 100644 (file)
@@ -66,7 +66,9 @@ NTSTATUS trust_pw_change(struct netlogon_creds_cli_context *context,
        int timeout = 0;
        struct timeval tv = { 0, };
        size_t new_len = DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH;
+       uint8_t new_password_buffer[256 * 2] = { 0, };
        char *new_trust_passwd = NULL;
+       size_t len = 0;
        uint32_t new_version = 0;
        uint32_t *new_trust_version = NULL;
        NTSTATUS status;
@@ -179,10 +181,19 @@ NTSTATUS trust_pw_change(struct netlogon_creds_cli_context *context,
                return NT_STATUS_OK;
        }
 
-       /* Create a random machine account password */
-       new_trust_passwd = generate_random_password(frame, new_len, new_len);
-       if (new_trust_passwd == NULL) {
-               DEBUG(0, ("generate_random_password failed\n"));
+       /*
+        * Create a random machine account password
+        * We create a random buffer and convert that to utf8.
+        * This is similar to what windows is doing.
+        */
+       generate_secret_buffer(new_password_buffer, new_len * 2);
+       ok = convert_string_talloc(frame,
+                                  CH_UTF16MUNGED, CH_UTF8,
+                                  new_password_buffer, new_len * 2,
+                                  (void *)&new_trust_passwd, &len);
+       ZERO_STRUCT(new_password_buffer);
+       if (!ok) {
+               DEBUG(0, ("convert_string_talloc failed\n"));
                TALLOC_FREE(frame);
                return NT_STATUS_NO_MEMORY;
        }