Merge branch 'master' of ssh://git.samba.org/data/git/samba

6 files changed, 133 insertions, 104 deletions

diff --git a/source3/client/mount.cifs.c b/source3/client/mount.cifs.c
index 3b56e5f861..b7a76c6102 100644
--- a/source3/client/mount.cifs.c
+++ b/source3/client/mount.cifs.c
@@ -56,6 +56,10 @@
  #endif /* _SAMBA_BUILD_ */
 #endif /* MOUNT_CIFS_VENDOR_SUFFIX */
 
+#ifdef _SAMBA_BUILD_
+#include "include/config.h"
+#endif
+
 #ifndef MS_MOVE 
 #define MS_MOVE 8192 
 #endif 
@@ -94,6 +98,8 @@ char * prefixpath = NULL;
 
 /* like strncpy but does not 0 fill the buffer and always null
  *    terminates. bufsize is the size of the destination buffer */
+
+#ifndef HAVE_STRLCPY
 static size_t strlcpy(char *d, const char *s, size_t bufsize)
 {
 	size_t len = strlen(s);
@@ -104,10 +110,13 @@ static size_t strlcpy(char *d, const char *s, size_t bufsize)
 	d[len] = 0;
 	return ret;
 }
+#endif
 
 /* like strncat but does not 0 fill the buffer and always null
  *    terminates. bufsize is the length of the buffer, which should
  *       be one more than the maximum resulting string length */
+
+#ifndef HAVE_STRLCAT
 static size_t strlcat(char *d, const char *s, size_t bufsize)
 {
 	size_t len1 = strlen(d);
@@ -126,6 +135,7 @@ static size_t strlcat(char *d, const char *s, size_t bufsize)
 	}
 	return ret;
 }
+#endif
 
 /* BB finish BB
 
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 2901911c70..194548c082 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -7049,6 +7049,12 @@ NTSTATUS rpccli_netlogon_sam_network_logon_ex(struct rpc_pipe_client *cli,
 					      DATA_BLOB lm_response,
 					      DATA_BLOB nt_response,
 					      struct netr_SamInfo3 **info3);
+NTSTATUS rpccli_netlogon_set_trust_password(struct rpc_pipe_client *cli,
+					    TALLOC_CTX *mem_ctx,
+					    const unsigned char orig_trust_passwd_hash[16],
+					    const char *new_trust_pwd_cleartext,
+					    const unsigned char new_trust_passwd_hash[16],
+					    uint32_t sec_channel_type);
 
 /* The following definitions come from rpc_client/cli_pipe.c  */
 
@@ -7427,6 +7433,9 @@ void init_netr_PasswordInfo(struct netr_PasswordInfo *r,
 			    const char *workstation,
 			    struct samr_Password lmpassword,
 			    struct samr_Password ntpassword);
+void init_netr_CryptPassword(const char *pwd,
+			     unsigned char session_key[16],
+			     struct netr_CryptPassword *pwd_buf);
 
 /* The following definitions come from rpc_client/init_samr.c  */
 
diff --git a/source3/libsmb/trusts_util.c b/source3/libsmb/trusts_util.c
index 08a49930b4..2f336f14e6 100644
--- a/source3/libsmb/trusts_util.c
+++ b/source3/libsmb/trusts_util.c
@@ -22,104 +22,6 @@
 
 /*********************************************************
  Change the domain password on the PDC.
-
- Just changes the password betwen the two values specified.
-
- Caller must have the cli connected to the netlogon pipe
- already.
-**********************************************************/
-
-static NTSTATUS just_change_the_password(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, 
-					 const unsigned char orig_trust_passwd_hash[16],
-					 const char *new_trust_pwd_cleartext,
-					 const unsigned char new_trust_passwd_hash[16],
-					 uint32 sec_channel_type)
-{
-	NTSTATUS result;
-	uint32_t neg_flags = NETLOGON_NEG_AUTH2_ADS_FLAGS;
-
-	result = rpccli_netlogon_setup_creds(cli,
-					     cli->desthost, /* server name */
-					     lp_workgroup(), /* domain */
-					     global_myname(), /* client name */
-					     global_myname(), /* machine account name */
-					     orig_trust_passwd_hash,
-					     sec_channel_type,
-					     &neg_flags);
-
-	if (!NT_STATUS_IS_OK(result)) {
-		DEBUG(3,("just_change_the_password: unable to setup creds (%s)!\n",
-			 nt_errstr(result)));
-		return result;
-	}
-
-	if (neg_flags & NETLOGON_NEG_PASSWORD_SET2) {
-
-		struct netr_Authenticator clnt_creds, srv_cred;
-		struct netr_CryptPassword new_password;
-		struct samr_CryptPassword password_buf;
-
-		netlogon_creds_client_step(cli->dc, &clnt_creds);
-
-		encode_pw_buffer(password_buf.data, new_trust_pwd_cleartext, STR_UNICODE);
-
-		SamOEMhash(password_buf.data, cli->dc->sess_key, 516);
-		memcpy(new_password.data, password_buf.data, 512);
-		new_password.length = IVAL(password_buf.data, 512);
-
-		result = rpccli_netr_ServerPasswordSet2(cli, mem_ctx,
-						       cli->dc->remote_machine,
-						       cli->dc->mach_acct,
-						       sec_channel_type,
-						       global_myname(),
-						       &clnt_creds,
-						       &srv_cred,
-						       &new_password);
-
-		/* Always check returned credentials. */
-		if (!netlogon_creds_client_check(cli->dc, &srv_cred.cred)) {
-			DEBUG(0,("rpccli_netr_ServerPasswordSet2: "
-				"credentials chain check failed\n"));
-			return NT_STATUS_ACCESS_DENIED;
-		}
-
-	} else {
-
-		struct netr_Authenticator clnt_creds, srv_cred;
-		struct samr_Password new_password;
-
-		netlogon_creds_client_step(cli->dc, &clnt_creds);
-
-		cred_hash3(new_password.hash,
-			   new_trust_passwd_hash,
-			   cli->dc->sess_key, 1);
-
-		result = rpccli_netr_ServerPasswordSet(cli, mem_ctx,
-						       cli->dc->remote_machine,
-						       cli->dc->mach_acct,
-						       sec_channel_type,
-						       global_myname(),
-						       &clnt_creds,
-						       &srv_cred,
-						       &new_password);
-
-		/* Always check returned credentials. */
-		if (!netlogon_creds_client_check(cli->dc, &srv_cred.cred)) {
-			DEBUG(0,("rpccli_netr_ServerPasswordSet: "
-				"credentials chain check failed\n"));
-			return NT_STATUS_ACCESS_DENIED;
-		}
-	}
-
-	if (!NT_STATUS_IS_OK(result)) {
-		DEBUG(0,("just_change_the_password: unable to change password (%s)!\n",
-			 nt_errstr(result)));
-	}
-	return result;
-}
-
-/*********************************************************
- Change the domain password on the PDC.
  Store the password ourselves, but use the supplied password
  Caller must have already setup the connection to the NETLOGON pipe
 **********************************************************/
@@ -144,11 +46,11 @@ NTSTATUS trust_pw_change_and_store_it(struct rpc_pipe_client *cli, TALLOC_CTX *m
 	
 	E_md4hash(new_trust_passwd, new_trust_passwd_hash);
 
-	nt_status = just_change_the_password(cli, mem_ctx,
-					     orig_trust_passwd_hash,
-					     new_trust_passwd,
-					     new_trust_passwd_hash,
-					     sec_channel_type);
+	nt_status = rpccli_netlogon_set_trust_password(cli, mem_ctx,
+						       orig_trust_passwd_hash,
+						       new_trust_passwd,
+						       new_trust_passwd_hash,
+						       sec_channel_type);
 	
 	if (NT_STATUS_IS_OK(nt_status)) {
 		DEBUG(3,("%s : trust_pw_change_and_store_it: Changed password.\n", 
diff --git a/source3/rpc_client/cli_netlogon.c b/source3/rpc_client/cli_netlogon.c
index df87ed13d1..23618efd9f 100644
--- a/source3/rpc_client/cli_netlogon.c
+++ b/source3/rpc_client/cli_netlogon.c
@@ -538,3 +538,94 @@ NTSTATUS rpccli_netlogon_sam_network_logon_ex(struct rpc_pipe_client *cli,
 
 	return result;
 }
+
+/*********************************************************
+ Change the domain password on the PDC.
+
+ Just changes the password betwen the two values specified.
+
+ Caller must have the cli connected to the netlogon pipe
+ already.
+**********************************************************/
+
+NTSTATUS rpccli_netlogon_set_trust_password(struct rpc_pipe_client *cli,
+					    TALLOC_CTX *mem_ctx,
+					    const unsigned char orig_trust_passwd_hash[16],
+					    const char *new_trust_pwd_cleartext,
+					    const unsigned char new_trust_passwd_hash[16],
+					    uint32_t sec_channel_type)
+{
+	NTSTATUS result;
+	uint32_t neg_flags = NETLOGON_NEG_AUTH2_ADS_FLAGS;
+	struct netr_Authenticator clnt_creds, srv_cred;
+
+	result = rpccli_netlogon_setup_creds(cli,
+					     cli->desthost, /* server name */
+					     lp_workgroup(), /* domain */
+					     global_myname(), /* client name */
+					     global_myname(), /* machine account name */
+					     orig_trust_passwd_hash,
+					     sec_channel_type,
+					     &neg_flags);
+
+	if (!NT_STATUS_IS_OK(result)) {
+		DEBUG(3,("rpccli_netlogon_set_trust_password: unable to setup creds (%s)!\n",
+			 nt_errstr(result)));
+		return result;
+	}
+
+	netlogon_creds_client_step(cli->dc, &clnt_creds);
+
+	if (neg_flags & NETLOGON_NEG_PASSWORD_SET2) {
+
+		struct netr_CryptPassword new_password;
+
+		init_netr_CryptPassword(new_trust_pwd_cleartext,
+					cli->dc->sess_key,
+					&new_password);
+
+		result = rpccli_netr_ServerPasswordSet2(cli, mem_ctx,
+							cli->dc->remote_machine,
+							cli->dc->mach_acct,
+							sec_channel_type,
+							global_myname(),
+							&clnt_creds,
+							&srv_cred,
+							&new_password);
+		if (!NT_STATUS_IS_OK(result)) {
+			DEBUG(0,("rpccli_netr_ServerPasswordSet2 failed: %s\n",
+				nt_errstr(result)));
+			return result;
+		}
+	} else {
+
+		struct samr_Password new_password;
+
+		cred_hash3(new_password.hash,
+			   new_trust_passwd_hash,
+			   cli->dc->sess_key, 1);
+
+		result = rpccli_netr_ServerPasswordSet(cli, mem_ctx,
+						       cli->dc->remote_machine,
+						       cli->dc->mach_acct,
+						       sec_channel_type,
+						       global_myname(),
+						       &clnt_creds,
+						       &srv_cred,
+						       &new_password);
+		if (!NT_STATUS_IS_OK(result)) {
+			DEBUG(0,("rpccli_netr_ServerPasswordSet failed: %s\n",
+				nt_errstr(result)));
+			return result;
+		}
+	}
+
+	/* Always check returned credentials. */
+	if (!netlogon_creds_client_check(cli->dc, &srv_cred.cred)) {
+		DEBUG(0,("credentials chain check failed\n"));
+		return NT_STATUS_ACCESS_DENIED;
+	}
+
+	return result;
+}
+
diff --git a/source3/rpc_client/init_netlogon.c b/source3/rpc_client/init_netlogon.c
index 61841953fc..e4c39e739e 100644
--- a/source3/rpc_client/init_netlogon.c
+++ b/source3/rpc_client/init_netlogon.c
@@ -391,3 +391,20 @@ void init_netr_PasswordInfo(struct netr_PasswordInfo *r,
 	r->lmpassword = lmpassword;
 	r->ntpassword = ntpassword;
 }
+
+/*************************************************************************
+ inits a netr_CryptPassword structure
+ *************************************************************************/
+
+void init_netr_CryptPassword(const char *pwd,
+			     unsigned char session_key[16],
+			     struct netr_CryptPassword *pwd_buf)
+{
+	struct samr_CryptPassword password_buf;
+
+	encode_pw_buffer(password_buf.data, pwd, STR_UNICODE);
+
+	SamOEMhash(password_buf.data, session_key, 516);
+	memcpy(pwd_buf->data, password_buf.data, 512);
+	pwd_buf->length = IVAL(password_buf.data, 512);
+}
diff --git a/source3/script/build_idl.sh b/source3/script/build_idl.sh
index 8ff5dcd949..2027fd3937 100755
--- a/source3/script/build_idl.sh
+++ b/source3/script/build_idl.sh
@@ -19,7 +19,7 @@ for f in ${IDL_FILES}; do
 	basename=`basename $f .idl`
 	ndr="librpc/gen_ndr/ndr_$basename.c"
 
-	if [ -f $ndr ] && false; then
+	if [ -f $ndr ]; then
 		if [ "x`find librpc/idl/$f -newer $ndr -print`" = "xlibrpc/idl/$f" ]; then
 			list="$list librpc/idl/$f"
 		fi