s3: use generate_random_password() instead of generate_random_str()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>

5 files changed, 21 insertions, 12 deletions

diff --git a/source3/libads/util.c b/source3/libads/util.c
index 6a6b42afc4..2e22bca02e 100644
--- a/source3/libads/util.c
+++ b/source3/libads/util.c
@@ -35,8 +35,10 @@ ADS_STATUS ads_change_trust_account_password(ADS_STRUCT *ads, char *host_princip
 		return ADS_ERROR_SYSTEM(ENOENT);
 	}
 
-	new_password = generate_random_str(talloc_tos(), DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH);
-    
+	new_password = generate_random_password(talloc_tos(),
+				DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH,
+				DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH);
+
 	ret = kerberos_set_password(ads->auth.kdc_server, host_principal, password, host_principal, new_password, ads->auth.time_offset);
 
 	if (!ADS_ERR_OK(ret)) {
diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c
index d6aa7937ee..3d0a6d30b8 100644
--- a/source3/libnet/libnet_join.c
+++ b/source3/libnet/libnet_join.c
@@ -811,7 +811,9 @@ static NTSTATUS libnet_join_joindomain_rpc_unsecure(TALLOC_CTX *mem_ctx,
 	}
 
 	if (!r->in.machine_password) {
-		r->in.machine_password = generate_random_str(mem_ctx, DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH);
+		r->in.machine_password = generate_random_password(mem_ctx,
+				DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH,
+				DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH);
 		NT_STATUS_HAVE_NO_MEMORY(r->in.machine_password);
 	}
 
@@ -882,7 +884,9 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx,
 	}
 
 	if (!r->in.machine_password) {
-		r->in.machine_password = generate_random_str(mem_ctx, DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH);
+		r->in.machine_password = generate_random_password(mem_ctx,
+				DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH,
+				DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH);
 		NT_STATUS_HAVE_NO_MEMORY(r->in.machine_password);
 	}
 
diff --git a/source3/libsmb/trusts_util.c b/source3/libsmb/trusts_util.c
index be1f1f8971..0d039bc812 100644
--- a/source3/libsmb/trusts_util.c
+++ b/source3/libsmb/trusts_util.c
@@ -52,10 +52,11 @@ NTSTATUS trust_pw_change_and_store_it(struct rpc_pipe_client *cli, TALLOC_CTX *m
 	}
 
 	/* Create a random machine account password */
-	new_trust_passwd = generate_random_str(mem_ctx, DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH);
-
+	new_trust_passwd = generate_random_password(mem_ctx,
+				DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH,
+				DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH);
 	if (new_trust_passwd == NULL) {
-		DEBUG(0, ("talloc_strdup failed\n"));
+		DEBUG(0, ("generate_random_password failed\n"));
 		return NT_STATUS_NO_MEMORY;
 	}
 
diff --git a/source3/utils/net_rpc_join.c b/source3/utils/net_rpc_join.c
index ed81aacac7..7167cf9f3c 100644
--- a/source3/utils/net_rpc_join.c
+++ b/source3/utils/net_rpc_join.c
@@ -401,7 +401,9 @@ int net_rpc_join_newstyle(struct net_context *c, int argc, const char **argv)
 	
 	/* Create a random machine account password */
 
-	clear_trust_password = generate_random_str(talloc_tos(), DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH);
+	clear_trust_password = generate_random_password(talloc_tos(),
+					DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH,
+					DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH);
 	E_md4hash(clear_trust_password, md4_trust_password);
 
 	/* Set password on machine account */
diff --git a/source3/utils/net_rpc_trust.c b/source3/utils/net_rpc_trust.c
index d15d10c0d4..9060700be1 100644
--- a/source3/utils/net_rpc_trust.c
+++ b/source3/utils/net_rpc_trust.c
@@ -518,11 +518,11 @@ static int rpc_trust_common(struct net_context *net_ctx, int argc,
 			}
 
 			DEBUG(0, ("Using random trust password.\n"));
-	/* FIXME: why only 8 characters work? Would it be possible to use a
-	 * random binary password? */
-			trust_pw = generate_random_str(mem_ctx, 8);
+			trust_pw = generate_random_password(mem_ctx,
+					DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH,
+					DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH);
 			if (trust_pw == NULL) {
-				DEBUG(0, ("generate_random_str failed.\n"));
+				DEBUG(0, ("generate_random_password failed.\n"));
 				goto done;
 			}
 		} else {