summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2010-11-11 18:33:14 +1100
committerAndrew Bartlett <abartlet@samba.org>2010-11-11 09:55:06 +0000
commiteebbbeac1489a1a6241b4c15064d8aaeeec810ae (patch)
treec84cc7bee57da412b501988b3bb44f1bdb2619e3
parent01d10c84134341c17e7b41e42bac8368c26d1201 (diff)
downloadsamba-eebbbeac1489a1a6241b4c15064d8aaeeec810ae.tar.gz
samba-eebbbeac1489a1a6241b4c15064d8aaeeec810ae.tar.bz2
samba-eebbbeac1489a1a6241b4c15064d8aaeeec810ae.zip
s4-dsdb Convert new krbtgt_xxx password into UTF16
The new stricter test on clearTextPassword values caught out that we did not provide a utf16 password here. Andrew Bartlett
-rw-r--r--source4/dsdb/samdb/ldb_modules/samldb.c13
1 files changed, 12 insertions, 1 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c
index 1ac86148e6..0cd8bc9bcc 100644
--- a/source4/dsdb/samdb/ldb_modules/samldb.c
+++ b/source4/dsdb/samdb/ldb_modules/samldb.c
@@ -271,6 +271,7 @@ static int samldb_rodc_add(struct samldb_ctx *ac)
uint32_t krbtgt_number, i_start, i;
int ret;
char *newpass;
+ struct ldb_val newpass_utf16;
/* find a unused msDC-SecondaryKrbTgtNumber */
i_start = generate_random() & 0xFFFF;
@@ -320,7 +321,17 @@ found:
return ldb_operr(ldb);
}
- ret = ldb_msg_add_steal_string(ac->msg, "clearTextPassword", newpass);
+ if (!convert_string_talloc(ac,
+ CH_UNIX, CH_UTF16,
+ newpass, strlen(newpass),
+ (void *)&newpass_utf16.data,
+ &newpass_utf16.length, false)) {
+ ldb_asprintf_errstring(ldb,
+ "samldb_rodc_add: "
+ "failed to generate UTF16 password from random password");
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+ ret = ldb_msg_add_steal_value(ac->msg, "clearTextPassword", &newpass_utf16);
if (ret != LDB_SUCCESS) {
return ldb_operr(ldb);
}