diff options
author | Günther Deschner <gd@samba.org> | 2008-02-16 16:04:01 +0100 |
---|---|---|
committer | Günther Deschner <gd@samba.org> | 2008-02-16 16:04:01 +0100 |
commit | dd65a349350717eb17257ccf281561dd878ead12 (patch) | |
tree | e9af08c7d30a496287dff63a2643618fda27d4f0 | |
parent | b6285fc0526ff15250242489047bb8d49a1948e6 (diff) | |
download | samba-dd65a349350717eb17257ccf281561dd878ead12.tar.gz samba-dd65a349350717eb17257ccf281561dd878ead12.tar.bz2 samba-dd65a349350717eb17257ccf281561dd878ead12.zip |
Use rpccli_netr_ServerPasswordSet in "just_change_the_password()".
Guenther
(This used to be commit 33f91c894488687a42500e751eb9016d99d9129c)
-rw-r--r-- | source3/libsmb/trusts_util.c | 27 |
1 files changed, 26 insertions, 1 deletions
diff --git a/source3/libsmb/trusts_util.c b/source3/libsmb/trusts_util.c index 11f691bee6..1e92bf21de 100644 --- a/source3/libsmb/trusts_util.c +++ b/source3/libsmb/trusts_util.c @@ -58,7 +58,32 @@ static NTSTATUS just_change_the_password(struct rpc_pipe_client *cli, TALLOC_CTX } } - result = rpccli_net_srv_pwset(cli, mem_ctx, global_myname(), new_trust_passwd_hash); + { + struct netr_Authenticator clnt_creds, srv_cred; + struct samr_Password new_password; + + netlogon_creds_client_step(cli->dc, &clnt_creds); + + cred_hash3(new_password.hash, + new_trust_passwd_hash, + cli->dc->sess_key, 1); + + result = rpccli_netr_ServerPasswordSet(cli, mem_ctx, + cli->dc->remote_machine, + cli->dc->mach_acct, + sec_channel_type, + global_myname(), + &clnt_creds, + &srv_cred, + &new_password); + + /* Always check returned credentials. */ + if (!netlogon_creds_client_check(cli->dc, &srv_cred.cred)) { + DEBUG(0,("rpccli_netr_ServerPasswordSet: " + "credentials chain check failed\n")); + return NT_STATUS_ACCESS_DENIED; + } + } if (!NT_STATUS_IS_OK(result)) { DEBUG(0,("just_change_the_password: unable to change password (%s)!\n", |