git.samba.org / sfrench / samba-autobuild / .git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: c21e998)
s3:libads: use trust_pw_new_value() for krb5 machine passwords
authorStefan Metzmacher <metze@samba.org>
Tue, 23 Aug 2016 08:38:58 +0000 (10:38 +0200)
committerRalph Boehme <slow@samba.org>
Tue, 21 Feb 2017 15:09:22 +0000 (16:09 +0100)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
source3/libads/util.c patch | blob | history
source3/wscript_build patch | blob | history

diff --git a/source3/libads/util.c b/source3/libads/util.c
index 2e22bca02e5a58c89d218e3f236e9a508d7ca906..b0754be3f56dca37e5c2d7029bdb2be53a7f8d13 100644 (file)
--- a/source3/libads/util.c
+++ b/source3/libads/util.c
@@ -35,9 +35,12 @@ ADS_STATUS ads_change_trust_account_password(ADS_STRUCT *ads, char *host_princip
                return ADS_ERROR_SYSTEM(ENOENT);
        }
 
-       new_password = generate_random_password(talloc_tos(),
-                               DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH,
-                               DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH);
+       new_password = trust_pw_new_value(talloc_tos(), SEC_CHAN_WKSTA, SEC_ADS);
+       if (new_password == NULL) {
+               ret = ADS_ERROR_SYSTEM(errno);
+               DEBUG(1,("Failed to generate machine password\n"));
+               goto failed;
+       }
 
        ret = kerberos_set_password(ads->auth.kdc_server, host_principal, password, host_principal, new_password, ads->auth.time_offset);
 
diff --git a/source3/wscript_build b/source3/wscript_build
index 8c9a15bacb4356e2192e71d42bf9b1dabdfcc41c..990362440b8eae88b3858865229568c669c2da92 100644 (file)
--- a/source3/wscript_build
+++ b/source3/wscript_build
@@ -553,6 +553,7 @@ bld.SAMBA3_LIBRARY('ads',
                         libsmb
                         DCUTIL
                         smbldap
+                        trusts_util
                         ''',
                    private_library=True)
 
Unnamed repository; edit this file 'description' to name the repository.