From 872f9c4f91731f122cfb2efc9e5a2d391408e916 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 5 Oct 2009 22:14:06 +0200 Subject: Revert "s3: Attempt to fix machine password change" This reverts commit 20a8ea91e10af167067cc794a251265aaf489e75. Ooops, this should not have been committed. --- source3/winbindd/winbindd_cm.c | 2 -- source3/winbindd/winbindd_dual.c | 42 +++++++++------------------------------- 2 files changed, 9 insertions(+), 35 deletions(-) (limited to 'source3/winbindd') diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c index 029a0210d1..9a788397a9 100644 --- a/source3/winbindd/winbindd_cm.c +++ b/source3/winbindd/winbindd_cm.c @@ -2470,8 +2470,6 @@ NTSTATUS cm_connect_netlogon(struct winbindd_domain *domain, return !NT_STATUS_IS_OK(result) ? result : NT_STATUS_PIPE_NOT_AVAILABLE; } - conn->netlogon_pipe->auth_neg_flags = neg_flags; - /* * Try NetSamLogonEx for AD domains */ diff --git a/source3/winbindd/winbindd_dual.c b/source3/winbindd/winbindd_dual.c index 546f5f0131..edf784cc21 100644 --- a/source3/winbindd/winbindd_dual.c +++ b/source3/winbindd/winbindd_dual.c @@ -30,7 +30,6 @@ #include "includes.h" #include "winbindd.h" #include "../../nsswitch/libwbclient/wbc_async.h" -#include "../libcli/auth/libcli_auth.h" #undef DBGC_CLASS #define DBGC_CLASS DBGC_WINBIND @@ -1062,12 +1061,9 @@ static void machine_password_change_handler(struct event_context *ctx, struct winbindd_child *child = (struct winbindd_child *)private_data; struct rpc_pipe_client *netlogon_pipe = NULL; + TALLOC_CTX *frame; NTSTATUS result; struct timeval next_change; - uint8_t old_trust_passwd_hash[16]; - uint8_t new_trust_passwd_hash[16]; - char *new_trust_passwd; - uint32_t sec_channel_type = 0; DEBUG(10,("machine_password_change_handler called\n")); @@ -1093,42 +1089,22 @@ static void machine_password_change_handler(struct event_context *ctx, return; } - if (!secrets_fetch_trust_account_password( - child->domain->name, old_trust_passwd_hash, NULL, - &sec_channel_type)) { - DEBUG(0, ("could not fetch domain secrets for domain %s!\n", - child->domain->name)); - return; - } - - new_trust_passwd = generate_random_str( - talloc_tos(), DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH); - if (new_trust_passwd == NULL) { - DEBUG(0, ("talloc_strdup failed\n")); - return; - } + frame = talloc_stackframe(); - E_md4hash(new_trust_passwd, new_trust_passwd_hash); - - result = rpccli_netlogon_set_trust_password( - netlogon_pipe, talloc_tos(), old_trust_passwd_hash, - new_trust_passwd, new_trust_passwd_hash, sec_channel_type, - netlogon_pipe->auth_neg_flags); + result = trust_pw_find_change_and_store_it(netlogon_pipe, + frame, + child->domain->name); + TALLOC_FREE(frame); if (!NT_STATUS_IS_OK(result)) { DEBUG(10,("machine_password_change_handler: " "failed to change machine password: %s\n", nt_errstr(result))); - /* - * Don't try a second time, this will very likely also - * fail. - */ - return; + } else { + DEBUG(10,("machine_password_change_handler: " + "successfully changed machine password\n")); } - DEBUG(3,("machine_password_change_handler: Changed password at %s.\n", - current_timestring(debug_ctx(), False))); - child->machine_password_change_event = event_add_timed(winbind_event_context(), NULL, next_change, machine_password_change_handler, -- cgit