This adds client-side support for the unicode/SAMR password change scheme.

As well as avoiding DOS charset issues, this scheme returns useful error
codes, that we can map back via the pam interface.

This patch also cleans up the interfaces used for password buffers, to
avoid duplication of code.

Andrew Bartlett
(This used to be commit 2a2b1f0c872d154fbcce71a250e23dfad085ba1e)

1 files changed, 7 insertions, 5 deletions

diff --git a/source3/libsmb/clirap.c b/source3/libsmb/clirap.c
index 79ad38fc8c..36bc403e0b 100644
--- a/source3/libsmb/clirap.c
+++ b/source3/libsmb/clirap.c
@@ -291,7 +291,6 @@ BOOL cli_oem_change_password(struct cli_state *cli, const char *user, const char
   char *rparam = NULL;
   char *rdata = NULL;
   unsigned int rprcnt, rdrcnt;
-  pstring dos_new_password;
 
   if (strlen(user) >= sizeof(fstring)-1) {
     DEBUG(0,("cli_oem_change_password: user name %s is too long.\n", user));
@@ -317,10 +316,13 @@ BOOL cli_oem_change_password(struct cli_state *cli, const char *user, const char
    */
   E_deshash(old_password, old_pw_hash);
 
-  clistr_push(cli, dos_new_password, new_password, sizeof(dos_new_password), STR_TERMINATE|STR_ASCII);
-
-  if (!make_oem_passwd_hash( data, dos_new_password, old_pw_hash, False))
-    return False;
+  encode_pw_buffer(data, new_password, STR_ASCII);
+  
+#ifdef DEBUG_PASSWORD
+  DEBUG(100,("make_oem_passwd_hash\n"));
+  dump_data(100, data, 516);
+#endif
+  SamOEMhash( (unsigned char *)data, (unsigned char *)old_pw_hash, 516);
 
   /* 
    * Now place the old password hash in the data.