diff options
| author | Stefan Metzmacher <metze@samba.org> | 2004-02-01 11:26:25 +0000 |
|---|---|---|
| committer | Stefan Metzmacher <metze@samba.org> | 2004-02-01 11:26:25 +0000 |
| commit | 670ccc7d643b8e04743542b4336f6830ac065463 (patch) | |
| tree | 0b39213b540cc5b6165881bf5c8ef4fd06d5da94 /source4/libads/util.c | |
| parent | 0d90f4b47b463b2e68dd63ab30a2f022ddece14b (diff) | |
| download | samba-670ccc7d643b8e04743542b4336f6830ac065463.tar.gz samba-670ccc7d643b8e04743542b4336f6830ac065463.tar.bz2 samba-670ccc7d643b8e04743542b4336f6830ac065463.zip | |
merge:
ldap and krb5 configure tests
libads/*.c and libcli/raw/clikrb5.c from 3.0
metze
(This used to be commit 64b5bfcd73d7626d6f687a641b11e64821144df7)
Diffstat (limited to 'source4/libads/util.c')
| -rw-r--r-- | source4/libads/util.c | 49 |
1 files changed, 28 insertions, 21 deletions
diff --git a/source4/libads/util.c b/source4/libads/util.c index 335cabc952..f8c9a312bb 100644 --- a/source4/libads/util.c +++ b/source4/libads/util.c @@ -24,35 +24,42 @@ ADS_STATUS ads_change_trust_account_password(ADS_STRUCT *ads, char *host_principal) { - char *tmp_password; - char *password; - char *new_password; - char *service_principal; - ADS_STATUS ret; + char *tmp_password; + char *password; + char *new_password; + char *service_principal = NULL; + ADS_STATUS ret; + uint32 sec_channel_type; - if ((password = secrets_fetch_machine_password()) == NULL) { - DEBUG(1,("Failed to retrieve password for principal %s\n", host_principal)); - return ADS_ERROR_SYSTEM(ENOENT); - } + if ((password = secrets_fetch_machine_password(lp_workgroup(), NULL, &sec_channel_type)) == NULL) { + DEBUG(1,("Failed to retrieve password for principal %s\n", host_principal)); + return ADS_ERROR_SYSTEM(ENOENT); + } - tmp_password = generate_random_str(DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH); - new_password = strdup(tmp_password); - asprintf(&service_principal, "HOST/%s", host_principal); + tmp_password = generate_random_str(DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH); + new_password = strdup(tmp_password); - ret = kerberos_set_password(ads->auth.kdc_server, service_principal, password, service_principal, new_password, ads->auth.time_offset); + asprintf(&service_principal, "HOST/%s", host_principal); - if (!ADS_ERR_OK(ret)) goto failed; + if (!service_principal) { + DEBUG(1,("asprintf() failed principal %s\n", host_principal)); + return ADS_ERROR_SYSTEM(ENOMEM); + } - if (!secrets_store_machine_password(new_password)) { - DEBUG(1,("Failed to save machine password\n")); - return ADS_ERROR_SYSTEM(EACCES); - } + ret = kerberos_set_password(ads->auth.kdc_server, service_principal, password, service_principal, new_password, ads->auth.time_offset); + + if (!ADS_ERR_OK(ret)) goto failed; + + if (!secrets_store_machine_password(new_password, lp_workgroup(), sec_channel_type)) { + DEBUG(1,("Failed to save machine password\n")); + return ADS_ERROR_SYSTEM(EACCES); + } failed: - SAFE_FREE(service_principal); - SAFE_FREE(new_password); + SAFE_FREE(service_principal); + SAFE_FREE(new_password); - return ret; + return ret; } |