diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2003-04-21 14:09:03 +0000 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2003-04-21 14:09:03 +0000 |
| commit | f071020f5e49837154581c97c5af5f84d0e2de89 (patch) | |
| tree | 14c4f4c08cc935145926000a886f8dd718c66e93 /source3/libsmb | |
| parent | 06c99d15e217e265d51778268d5b859dff3c478c (diff) | |
| download | samba-f071020f5e49837154581c97c5af5f84d0e2de89.tar.gz samba-f071020f5e49837154581c97c5af5f84d0e2de89.tar.bz2 samba-f071020f5e49837154581c97c5af5f84d0e2de89.zip | |
Merge from HEAD - save the type of channel used to contact the DC.
This allows us to join as a BDC, without appearing on the network as one
until we have the database replicated, and the admin changes the configuration.
This also change the SID retreval order from secrets.tdb, so we no longer
require a 'net rpc getsid' - the sid fetch during the domain join is sufficient.
Also minor fixes to 'net'.
Andrew Bartlett
(This used to be commit 876e00fd112e4aaf7519eec27f382eb99ec7562a)
Diffstat (limited to 'source3/libsmb')
| -rw-r--r-- | source3/libsmb/trust_passwd.c | 32 |
1 files changed, 20 insertions, 12 deletions
diff --git a/source3/libsmb/trust_passwd.c b/source3/libsmb/trust_passwd.c index cf9fd58b13..0d015128a6 100644 --- a/source3/libsmb/trust_passwd.c +++ b/source3/libsmb/trust_passwd.c @@ -1,7 +1,7 @@ /* * Unix SMB/CIFS implementation. - * Routines to change trust account passwords. - * Copyright (C) Andrew Bartlett 2001. + * Routines to operate on various trust relationships + * Copyright (C) Andrew Bartlett 2001 * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -30,12 +30,13 @@ **********************************************************/ static NTSTATUS just_change_the_password(struct cli_state *cli, TALLOC_CTX *mem_ctx, unsigned char orig_trust_passwd_hash[16], - unsigned char new_trust_passwd_hash[16]) + unsigned char new_trust_passwd_hash[16], + uint32 sec_channel_type) { NTSTATUS result; uint32 neg_flags = 0x000001ff; - result = cli_nt_setup_creds(cli, get_sec_chan(), orig_trust_passwd_hash, &neg_flags, 2); + result = cli_nt_setup_creds(cli, sec_channel_type, orig_trust_passwd_hash, &neg_flags, 2); if (!NT_STATUS_IS_OK(result)) { DEBUG(1,("just_change_the_password: unable to setup creds (%s)!\n", @@ -59,7 +60,9 @@ static NTSTATUS just_change_the_password(struct cli_state *cli, TALLOC_CTX *mem_ **********************************************************/ NTSTATUS trust_pw_change_and_store_it(struct cli_state *cli, TALLOC_CTX *mem_ctx, - unsigned char orig_trust_passwd_hash[16]) + const char *domain, + unsigned char orig_trust_passwd_hash[16], + uint32 sec_channel_type) { unsigned char new_trust_passwd_hash[16]; char *new_trust_passwd; @@ -73,7 +76,7 @@ NTSTATUS trust_pw_change_and_store_it(struct cli_state *cli, TALLOC_CTX *mem_ctx E_md4hash(new_trust_passwd, new_trust_passwd_hash); nt_status = just_change_the_password(cli, mem_ctx, orig_trust_passwd_hash, - new_trust_passwd_hash); + new_trust_passwd_hash, sec_channel_type); if (NT_STATUS_IS_OK(nt_status)) { DEBUG(3,("%s : trust_pw_change_and_store_it: Changed password.\n", @@ -82,7 +85,7 @@ NTSTATUS trust_pw_change_and_store_it(struct cli_state *cli, TALLOC_CTX *mem_ctx * Return the result of trying to write the new password * back into the trust account file. */ - if (!secrets_store_machine_password(new_trust_passwd)) { + if (!secrets_store_machine_password(new_trust_passwd, domain, sec_channel_type)) { nt_status = NT_STATUS_UNSUCCESSFUL; } } @@ -96,21 +99,26 @@ NTSTATUS trust_pw_change_and_store_it(struct cli_state *cli, TALLOC_CTX *mem_ctx already setup the connection to the NETLOGON pipe **********************************************************/ -NTSTATUS trust_pw_find_change_and_store_it(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS trust_pw_find_change_and_store_it(struct cli_state *cli, + TALLOC_CTX *mem_ctx, const char *domain) { unsigned char old_trust_passwd_hash[16]; char *up_domain; - + uint32 sec_channel_type = 0; + up_domain = talloc_strdup(mem_ctx, domain); if (!secrets_fetch_trust_account_password(domain, old_trust_passwd_hash, - NULL)) { + NULL, &sec_channel_type)) { DEBUG(0, ("could not fetch domain secrets for domain %s!\n", domain)); return NT_STATUS_UNSUCCESSFUL; } - return trust_pw_change_and_store_it(cli, mem_ctx, old_trust_passwd_hash); + return trust_pw_change_and_store_it(cli, mem_ctx, domain, + old_trust_passwd_hash, + sec_channel_type); -} +} + |