From 0c8fb9361e524639cc35efda2f6a4d48098c76a7 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Thu, 24 Jul 2008 08:22:23 +0200
Subject: password_hash: fix the callers after drsblobs.idl changes

metze
(This used to be commit fac7c79afae05a88ecc2a63c8eb9f2fd53ab7ce6)
---
 source4/dsdb/samdb/ldb_modules/password_hash.c | 74 ++++++++++++++------------
 1 file changed, 41 insertions(+), 33 deletions(-)

(limited to 'source4/dsdb/samdb/ldb_modules/password_hash.c')

diff --git a/source4/dsdb/samdb/ldb_modules/password_hash.c b/source4/dsdb/samdb/ldb_modules/password_hash.c
index 413ec12479..69783aefa8 100644
--- a/source4/dsdb/samdb/ldb_modules/password_hash.c
+++ b/source4/dsdb/samdb/ldb_modules/password_hash.c
@@ -437,10 +437,11 @@ static int setup_primary_kerberos(struct setup_password_fields_io *io,
 	 * ENCTYPE_DES_CBC_MD5
 	 * ENCTYPE_DES_CBC_CRC
 	 */
+	pkb->version		= 3;
 	pkb3->salt.string	= io->g.salt;
 	pkb3->num_keys		= 2;
 	pkb3->keys		= talloc_array(io->ac,
-					       struct package_PrimaryKerberosKey,
+					       struct package_PrimaryKerberosKey3,
 					       pkb3->num_keys);
 	if (!pkb3->keys) {
 		ldb_oom(io->ac->module->ldb);
@@ -521,12 +522,12 @@ static int setup_primary_kerberos(struct setup_password_fields_io *io,
 
 static int setup_primary_kerberos_newer(struct setup_password_fields_io *io,
 					const struct supplementalCredentialsBlob *old_scb,
-					struct package_PrimaryKerberosNewerBlob *pkb)
+					struct package_PrimaryKerberosBlob *pkb)
 {
-	struct package_PrimaryKerberosNewerCtr4 *pkb4 = &pkb->ctr.ctr4;
+	struct package_PrimaryKerberosCtr4 *pkb4 = &pkb->ctr.ctr4;
 	struct supplementalCredentialsPackage *old_scp = NULL;
-	struct package_PrimaryKerberosNewerBlob _old_pkb;
-	struct package_PrimaryKerberosNewerCtr4 *old_pkb4 = NULL;
+	struct package_PrimaryKerberosBlob _old_pkb;
+	struct package_PrimaryKerberosCtr4 *old_pkb4 = NULL;
 	uint32_t i;
 	enum ndr_err_code ndr_err;
 
@@ -538,30 +539,37 @@ static int setup_primary_kerberos_newer(struct setup_password_fields_io *io,
 	 * ENCTYPE_DES_CBC_MD5
 	 * ENCTYPE_DES_CBC_CRC
 	 */
-	pkb4->salt.string	= io->g.salt;
-	pkb4->num_keys		= 4;
-	pkb4->keys		= talloc_array(io->ac,
-					       struct package_PrimaryKerberosNewerKey,
-					       pkb4->num_keys);
+	pkb->version			= 4;
+	pkb4->salt.string		= io->g.salt;
+	pkb4->default_iteration_count	= 4096;
+	pkb4->num_keys			= 4;
+
+	pkb4->keys = talloc_array(io->ac,
+				  struct package_PrimaryKerberosKey4,
+				  pkb4->num_keys);
 	if (!pkb4->keys) {
 		ldb_oom(io->ac->module->ldb);
 		return LDB_ERR_OPERATIONS_ERROR;
 	}
 
-	pkb4->keys[0].keytype	= ENCTYPE_AES256_CTS_HMAC_SHA1_96;
-	pkb4->keys[0].value	= &io->g.aes_256;
-	pkb4->keys[1].keytype	= ENCTYPE_AES128_CTS_HMAC_SHA1_96;
-	pkb4->keys[1].value	= &io->g.aes_128;
-	pkb4->keys[2].keytype	= ENCTYPE_DES_CBC_MD5;
-	pkb4->keys[2].value	= &io->g.des_md5;
-	pkb4->keys[3].keytype	= ENCTYPE_DES_CBC_CRC;
-	pkb4->keys[3].value	= &io->g.des_crc;
+	pkb4->keys[0].iteration_count	= 4096;
+	pkb4->keys[0].keytype		= ENCTYPE_AES256_CTS_HMAC_SHA1_96;
+	pkb4->keys[0].value		= &io->g.aes_256;
+	pkb4->keys[1].iteration_count	= 4096;
+	pkb4->keys[1].keytype		= ENCTYPE_AES128_CTS_HMAC_SHA1_96;
+	pkb4->keys[1].value		= &io->g.aes_128;
+	pkb4->keys[2].iteration_count	= 4096;
+	pkb4->keys[2].keytype		= ENCTYPE_DES_CBC_MD5;
+	pkb4->keys[2].value		= &io->g.des_md5;
+	pkb4->keys[3].iteration_count	= 4096;
+	pkb4->keys[3].keytype		= ENCTYPE_DES_CBC_CRC;
+	pkb4->keys[3].value		= &io->g.des_crc;
 
 	/* initialize the old keys to zero */
-	pkb4->num_old_keys1	= 0;
-	pkb4->old_keys1		= NULL;
-	pkb4->num_old_keys2	= 0;
-	pkb4->old_keys2		= NULL;
+	pkb4->num_old_keys	= 0;
+	pkb4->old_keys		= NULL;
+	pkb4->num_older_keys	= 0;
+	pkb4->older_keys	= NULL;
 
 	/* if there're no old keys, then we're done */
 	if (!old_scb) {
@@ -580,7 +588,7 @@ static int setup_primary_kerberos_newer(struct setup_password_fields_io *io,
 		old_scp = &old_scb->sub.packages[i];
 		break;
 	}
-	/* Primary:Kerberos element of supplementalCredentials */
+	/* Primary:Kerberos-Newer-Keys element of supplementalCredentials */
 	if (old_scp) {
 		DATA_BLOB blob;
 
@@ -595,20 +603,20 @@ static int setup_primary_kerberos_newer(struct setup_password_fields_io *io,
 		ndr_err = ndr_pull_struct_blob(&blob, io->ac,
 					       lp_iconv_convenience(ldb_get_opaque(io->ac->module->ldb, "loadparm")),
 					       &_old_pkb,
-					       (ndr_pull_flags_fn_t)ndr_pull_package_PrimaryKerberosNewerBlob);
+					       (ndr_pull_flags_fn_t)ndr_pull_package_PrimaryKerberosBlob);
 		if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
 			NTSTATUS status = ndr_map_error2ntstatus(ndr_err);
 			ldb_asprintf_errstring(io->ac->module->ldb,
 					       "setup_primary_kerberos_newer: "
-					       "failed to pull old package_PrimaryKerberosNewerBlob: %s",
+					       "failed to pull old package_PrimaryKerberosBlob: %s",
 					       nt_errstr(status));
 			return LDB_ERR_OPERATIONS_ERROR;
 		}
 
 		if (_old_pkb.version != 4) {
 			ldb_asprintf_errstring(io->ac->module->ldb,
-					       "setup_primary_kerberos: "
-					       "package_PrimaryKerberosNewerBlob version[%u] expected[4]",
+					       "setup_primary_kerberos_newer: "
+					       "package_PrimaryKerberosBlob version[%u] expected[4]",
 					       _old_pkb.version);
 			return LDB_ERR_OPERATIONS_ERROR;
 		}
@@ -622,10 +630,10 @@ static int setup_primary_kerberos_newer(struct setup_password_fields_io *io,
 	}
 
 	/* fill in the old keys */
-	pkb4->num_old_keys1	= old_pkb4->num_keys;
-	pkb4->old_keys1		= old_pkb4->keys;
-	pkb4->num_old_keys2	= old_pkb4->num_old_keys1;
-	pkb4->old_keys2		= old_pkb4->old_keys1;
+	pkb4->num_old_keys	= old_pkb4->num_keys;
+	pkb4->old_keys		= old_pkb4->keys;
+	pkb4->num_older_keys	= old_pkb4->num_old_keys;
+	pkb4->older_keys	= old_pkb4->old_keys;
 
 	return LDB_SUCCESS;
 }
@@ -980,7 +988,7 @@ static int setup_supplemental_field(struct setup_password_fields_io *io)
 	/* Primary:Kerberos-Newer-Keys */
 	const char **nkn = NULL;
 	struct supplementalCredentialsPackage *pkn = NULL;
-	struct package_PrimaryKerberosNewerBlob pknb;
+	struct package_PrimaryKerberosBlob pknb;
 	DATA_BLOB pknb_blob;
 	char *pknb_hexstr;
 	/* Primary:Kerberos */
@@ -1105,7 +1113,7 @@ static int setup_supplemental_field(struct setup_password_fields_io *io)
 		ndr_err = ndr_push_struct_blob(&pknb_blob, io->ac,
 					       lp_iconv_convenience(ldb_get_opaque(io->ac->module->ldb, "loadparm")),
 					       &pknb,
-					       (ndr_push_flags_fn_t)ndr_push_package_PrimaryKerberosNewerBlob);
+					       (ndr_push_flags_fn_t)ndr_push_package_PrimaryKerberosBlob);
 		if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
 			NTSTATUS status = ndr_map_error2ntstatus(ndr_err);
 			ldb_asprintf_errstring(io->ac->module->ldb,
-- 
cgit