From 0dc8f720e195c29d4d0422f9ae49df44543a1b6c Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Thu, 13 Jul 2006 09:29:25 +0000 Subject: r17005: Add a new helper mode to ntlm_auth: ntlm-change-password-1 This mode proxies pre-calculated blobs from a remote (probably VPN) client into the domain. This allows clients to change their password over a PPTP connection (where they would not be able to connect to SAMR directly). The precalculated blobs do not reveal the plaintext password. Original patch by Alexey Kobozev (This used to be commit 967292b7136c5100c0b9a2783c34b1948b16dad4) --- source3/rpc_client/cli_samr.c | 44 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) (limited to 'source3/rpc_client') diff --git a/source3/rpc_client/cli_samr.c b/source3/rpc_client/cli_samr.c index ea8db63642..4c6a868e7f 100644 --- a/source3/rpc_client/cli_samr.c +++ b/source3/rpc_client/cli_samr.c @@ -1288,6 +1288,50 @@ NTSTATUS rpccli_samr_chgpasswd_user(struct rpc_pipe_client *cli, return result; } +/* User change passwd with auth crap */ + +NTSTATUS rpccli_samr_chng_pswd_auth_crap(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, + const char *username, + DATA_BLOB new_nt_password, + DATA_BLOB old_nt_hash_enc, + DATA_BLOB new_lm_password, + DATA_BLOB old_lm_hash_enc) +{ + prs_struct qbuf, rbuf; + SAMR_Q_CHGPASSWD_USER q; + SAMR_R_CHGPASSWD_USER r; + char *srv_name_slash; + + if (!(srv_name_slash = talloc_asprintf(mem_ctx, "\\\\%s", + cli->cli->desthost))) { + return NT_STATUS_NO_MEMORY; + } + + DEBUG(5,("rpccli_samr_chng_pswd_auth_crap on server: %s\n", + srv_name_slash)); + + ZERO_STRUCT(q); + ZERO_STRUCT(r); + + /* Marshall data and send request */ + + init_samr_q_chgpasswd_user(&q, srv_name_slash, username, + new_nt_password.data, + old_nt_hash_enc.data, + new_lm_password.data, + old_lm_hash_enc.data); + + CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CHGPASSWD_USER, + q, r, + qbuf, rbuf, + samr_io_q_chgpasswd_user, + samr_io_r_chgpasswd_user, + NT_STATUS_UNSUCCESSFUL); + + return r.status; +} + /* change password 3 */ NTSTATUS rpccli_samr_chgpasswd3(struct rpc_pipe_client *cli, -- cgit