summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSimo Sorce <idra@samba.org>2009-08-29 19:31:02 -0400
committerGünther Deschner <gd@samba.org>2009-09-02 10:17:14 +0200
commitaec03eda93d3db8723c79f062c80db0267ac2e59 (patch)
treedd1b2118f3118ed721412bed2de8b0458c5d90f9
parent9264f4891484b0316e8e574e256ca0b0a5e9f007 (diff)
downloadsamba-aec03eda93d3db8723c79f062c80db0267ac2e59.tar.gz
samba-aec03eda93d3db8723c79f062c80db0267ac2e59.tar.bz2
samba-aec03eda93d3db8723c79f062c80db0267ac2e59.zip
s3-smbpasswd: Fix Bug #6584: allow DOM\user when changing passwords remotely.
Signed-off-by: Günther Deschner <gd@samba.org>
-rw-r--r--source3/libsmb/passchange.c19
1 files changed, 16 insertions, 3 deletions
diff --git a/source3/libsmb/passchange.c b/source3/libsmb/passchange.c
index bb70386990..c83247a3c5 100644
--- a/source3/libsmb/passchange.c
+++ b/source3/libsmb/passchange.c
@@ -31,10 +31,24 @@ NTSTATUS remote_password_change(const char *remote_machine, const char *user_nam
struct cli_state *cli;
struct rpc_pipe_client *pipe_hnd;
struct sockaddr_storage ss;
+ char *user, *domain, *p;
NTSTATUS result;
bool pass_must_change = False;
+ user = talloc_strdup(talloc_tos(), user_name);
+ SMB_ASSERT(user != NULL);
+ domain = talloc_strdup(talloc_tos(), "");
+ SMB_ASSERT(domain != NULL);
+
+ /* allow usernames of the form domain\\user or domain/user */
+ if ((p = strchr_m(user,'\\')) || (p = strchr_m(user,'/')) ||
+ (p = strchr_m(user,*lp_winbind_separator()))) {
+ *p = 0;
+ domain = user;
+ user = p+1;
+ }
+
*err_str = NULL;
if(!resolve_name( remote_machine, &ss, 0x20, false)) {
@@ -139,7 +153,7 @@ NTSTATUS remote_password_change(const char *remote_machine, const char *user_nam
return result;
}
} else {
- result = cli_init_creds(cli, user_name, "", old_passwd);
+ result = cli_init_creds(cli, user, domain, old_passwd);
if (!NT_STATUS_IS_OK(result)) {
cli_shutdown(cli);
return result;
@@ -163,8 +177,7 @@ NTSTATUS remote_password_change(const char *remote_machine, const char *user_nam
result = cli_rpc_pipe_open_ntlmssp(cli,
&ndr_table_samr.syntax_id,
PIPE_AUTH_LEVEL_PRIVACY,
- "", /* what domain... ? */
- user_name,
+ domain, user,
old_passwd,
&pipe_hnd);
} else {