Use rpccli_samr_ChangePasswordUser2 in rpccli_samr_chgpasswd_user() and friends.

Guenther
(This used to be commit a49220b5c881b618739bc4735c595e32be7073c7)

1 files changed, 64 insertions, 81 deletions

diff --git a/source3/rpc_client/cli_samr.c b/source3/rpc_client/cli_samr.c
index d94649c4eb..6a4d0dd009 100644
--- a/source3/rpc_client/cli_samr.c
+++ b/source3/rpc_client/cli_samr.c
@@ -475,81 +475,68 @@ NTSTATUS rpccli_samr_query_alias_info(struct rpc_pipe_client *cli, TALLOC_CTX *m
 /* User change password */
 
 NTSTATUS rpccli_samr_chgpasswd_user(struct rpc_pipe_client *cli,
-				    TALLOC_CTX *mem_ctx, 
-				    const char *username, 
-				    const char *newpassword, 
-				    const char *oldpassword )
+				    TALLOC_CTX *mem_ctx,
+				    const char *username,
+				    const char *newpassword,
+				    const char *oldpassword)
 {
-	prs_struct qbuf, rbuf;
-	SAMR_Q_CHGPASSWD_USER q;
-	SAMR_R_CHGPASSWD_USER r;
 	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+	struct samr_CryptPassword new_nt_password;
+	struct samr_CryptPassword new_lm_password;
+	struct samr_Password old_nt_hash_enc;
+	struct samr_Password old_lanman_hash_enc;
 
-	uchar new_nt_password[516];
-	uchar new_lm_password[516];
 	uchar old_nt_hash[16];
 	uchar old_lanman_hash[16];
-	uchar old_nt_hash_enc[16];
-	uchar old_lanman_hash_enc[16];
-
 	uchar new_nt_hash[16];
 	uchar new_lanman_hash[16];
-
-	char *srv_name_slash = talloc_asprintf(mem_ctx, "\\\\%s", cli->cli->desthost);
+	struct lsa_String server, account;
+	char *srv_name_slash = NULL;
 
 	DEBUG(10,("rpccli_samr_chgpasswd_user\n"));
 
-	ZERO_STRUCT(q);
-	ZERO_STRUCT(r);
+	init_lsa_String(&server, srv_name_slash);
+	init_lsa_String(&account, username);
+
+	srv_name_slash = talloc_asprintf(mem_ctx, "\\\\%s", cli->cli->desthost);
+	if (!srv_name_slash) {
+		return NT_STATUS_NO_MEMORY;
+	}
 
 	/* Calculate the MD4 hash (NT compatible) of the password */
 	E_md4hash(oldpassword, old_nt_hash);
 	E_md4hash(newpassword, new_nt_hash);
 
-	if (lp_client_lanman_auth() 
-	    && E_deshash(newpassword, new_lanman_hash) 
-	    && E_deshash(oldpassword, old_lanman_hash)) {
+	if (lp_client_lanman_auth() &&
+	    E_deshash(newpassword, new_lanman_hash) &&
+	    E_deshash(oldpassword, old_lanman_hash)) {
 		/* E_deshash returns false for 'long' passwords (> 14
 		   DOS chars).  This allows us to match Win2k, which
 		   does not store a LM hash for these passwords (which
 		   would reduce the effective password length to 14) */
 
-		encode_pw_buffer(new_lm_password, newpassword, STR_UNICODE);
+		encode_pw_buffer(new_lm_password.data, newpassword, STR_UNICODE);
 
-		SamOEMhash( new_lm_password, old_nt_hash, 516);
-		E_old_pw_hash( new_nt_hash, old_lanman_hash, old_lanman_hash_enc);
+		SamOEMhash(new_lm_password.data, old_nt_hash, 516);
+		E_old_pw_hash(new_nt_hash, old_lanman_hash, old_lanman_hash_enc.hash);
 	} else {
 		ZERO_STRUCT(new_lm_password);
 		ZERO_STRUCT(old_lanman_hash_enc);
 	}
 
-	encode_pw_buffer(new_nt_password, newpassword, STR_UNICODE);
-	
-	SamOEMhash( new_nt_password, old_nt_hash, 516);
-	E_old_pw_hash( new_nt_hash, old_nt_hash, old_nt_hash_enc);
-
-	/* Marshall data and send request */
-
-	init_samr_q_chgpasswd_user(&q, srv_name_slash, username, 
-				   new_nt_password, 
-				   old_nt_hash_enc, 
-				   new_lm_password,
-				   old_lanman_hash_enc);
-
-	CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CHGPASSWD_USER,
-		q, r,
-		qbuf, rbuf,
-		samr_io_q_chgpasswd_user,
-		samr_io_r_chgpasswd_user,
-		NT_STATUS_UNSUCCESSFUL); 
-
-	/* Return output parameters */
+	encode_pw_buffer(new_nt_password.data, newpassword, STR_UNICODE);
 
-	if (!NT_STATUS_IS_OK(result = r.status)) {
-		goto done;
-	}
+	SamOEMhash(new_nt_password.data, old_nt_hash, 516);
+	E_old_pw_hash(new_nt_hash, old_nt_hash, old_nt_hash_enc.hash);
 
- done:
+	result = rpccli_samr_ChangePasswordUser2(cli, mem_ctx,
+						 &server,
+						 &account,
+						 &new_nt_password,
+						 &old_nt_hash_enc,
+						 true,
+						 &new_lm_password,
+						 &old_lanman_hash_enc);
 
 	return result;
 }
@@ -557,48 +544,44 @@ NTSTATUS rpccli_samr_chgpasswd_user(struct rpc_pipe_client *cli,
 /* User change password given blobs */
 
 NTSTATUS rpccli_samr_chng_pswd_auth_crap(struct rpc_pipe_client *cli,
-				    TALLOC_CTX *mem_ctx, 
-				    const char *username, 
-				    DATA_BLOB new_nt_password,
-				    DATA_BLOB old_nt_hash_enc,
-				    DATA_BLOB new_lm_password,
-				    DATA_BLOB old_lm_hash_enc)
+					 TALLOC_CTX *mem_ctx,
+					 const char *username,
+					 DATA_BLOB new_nt_password_blob,
+					 DATA_BLOB old_nt_hash_enc_blob,
+					 DATA_BLOB new_lm_password_blob,
+					 DATA_BLOB old_lm_hash_enc_blob)
 {
-	prs_struct qbuf, rbuf;
-	SAMR_Q_CHGPASSWD_USER q;
-	SAMR_R_CHGPASSWD_USER r;
 	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
-	char *srv_name_slash = talloc_asprintf(mem_ctx, "\\\\%s", cli->cli->desthost);
+	struct samr_CryptPassword new_nt_password;
+	struct samr_CryptPassword new_lm_password;
+	struct samr_Password old_nt_hash_enc;
+	struct samr_Password old_lm_hash_enc;
+	struct lsa_String server, account;
+	char *srv_name_slash = NULL;
 
 	DEBUG(10,("rpccli_samr_chng_pswd_auth_crap\n"));
 
-	ZERO_STRUCT(q);
-	ZERO_STRUCT(r);
-
-	/* Marshall data and send request */
-
-	init_samr_q_chgpasswd_user(&q, srv_name_slash, username, 
-				   new_nt_password.data, 
-				   old_nt_hash_enc.data, 
-				   new_lm_password.data,
-				   old_lm_hash_enc.data);
-
-	CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CHGPASSWD_USER,
-		q, r,
-		qbuf, rbuf,
-		samr_io_q_chgpasswd_user,
-		samr_io_r_chgpasswd_user,
-		NT_STATUS_UNSUCCESSFUL); 
-
-	/* Return output parameters */
-
-	if (!NT_STATUS_IS_OK(result = r.status)) {
-		goto done;
+	srv_name_slash = talloc_asprintf(mem_ctx, "\\\\%s", cli->cli->desthost);
+	if (!srv_name_slash) {
+		return NT_STATUS_NO_MEMORY;
 	}
 
- done:
+	init_lsa_String(&server, srv_name_slash);
+	init_lsa_String(&account, username);
 
+	memcpy(&new_nt_password.data, new_nt_password_blob.data, 516);
+	memcpy(&new_lm_password.data, new_lm_password_blob.data, 516);
+	memcpy(&old_nt_hash_enc.hash, old_nt_hash_enc_blob.data, 16);
+	memcpy(&old_lm_hash_enc.hash, old_lm_hash_enc_blob.data, 16);
+
+	result = rpccli_samr_ChangePasswordUser2(cli, mem_ctx,
+						 &server,
+						 &account,
+						 &new_nt_password,
+						 &old_nt_hash_enc,
+						 true,
+						 &new_lm_password,
+						 &old_lm_hash_enc);
 	return result;
 }