From 0eb7588cc4d1fa423430e61ccbef19ec2453e164 Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <tridge@samba.org>
Date: Wed, 26 May 2004 07:34:49 +0000
Subject: r903: used samdb_result_passwords() in samr_ChangePasswordUser2() and
 fix the error handling on a bad change.

With this change WinXP can now successfully change the password on a
Samba4 server via SAMR. After the change you can't login because the
handling of much_change_time seems to be broken in the auth code, but
that should be easy to fix.
(This used to be commit 8feeecf30377e4699df26d1c5c02d24a8ab021be)
---
 source4/rpc_server/samr/samr_password.c | 30 ++++++++++++++----------------
 1 file changed, 14 insertions(+), 16 deletions(-)

(limited to 'source4')

diff --git a/source4/rpc_server/samr/samr_password.c b/source4/rpc_server/samr/samr_password.c
index 46c2a41fb2..89deaa2f09 100644
--- a/source4/rpc_server/samr/samr_password.c
+++ b/source4/rpc_server/samr/samr_password.c
@@ -238,12 +238,12 @@ NTSTATUS samr_ChangePasswordUser3(struct dcesrv_call_state *dce_call,
 	const char *user_dn, *domain_dn = NULL;
 	int ret;
 	struct ldb_message **res, mod;
-	const char * const attrs[] = { "objectSid", "ntPwdHash", NULL };
+	const char * const attrs[] = { "objectSid", "ntPwdHash", "unicodePwd", NULL };
 	const char * const dom_attrs[] = { "minPwdLength", "pwdHistoryLength", 
 					   "pwdProperties", "minPwdAge", "maxPwdAge", 
 					   NULL };
 	const char *domain_sid;
-	struct samr_Hash *ntPwdHash;
+	uint8 *nt_pwd;
 	struct samr_DomInfo1 *dominfo;
 	struct samr_ChangeReject *reject;
 	uint32_t reason = 0;
@@ -278,14 +278,13 @@ NTSTATUS samr_ChangePasswordUser3(struct dcesrv_call_state *dce_call,
 
 	user_dn = res[0]->dn;
 
-	ret = samdb_result_hashes(mem_ctx, res[0], "ntPwdHash", &ntPwdHash);
-	if (ret != 1) {
-		status = NT_STATUS_WRONG_PASSWORD;
+	status = samdb_result_passwords(mem_ctx, res[0], NULL, &nt_pwd);
+	if (!NT_STATUS_IS_OK(status)) {
 		goto failed;
 	}
 
 	/* decrypt the password we have been given */
-	SamOEMhash(r->in.nt_password->data, ntPwdHash->hash, 516);
+	SamOEMhash(r->in.nt_password->data, nt_pwd, 516);
 
 	if (!decode_pw_buffer(r->in.nt_password->data, new_pass, sizeof(new_pass),
 			      &new_pass_len, STR_UNICODE)) {
@@ -338,18 +337,25 @@ NTSTATUS samr_ChangePasswordUser3(struct dcesrv_call_state *dce_call,
 	return NT_STATUS_OK;
 
 failed:
+	ret = samdb_search(sam_ctx, 
+			   mem_ctx, NULL, &res, dom_attrs,
+			   "dn=%s", domain_dn);
 	if (sam_ctx) {
 		samdb_close(sam_ctx);
 	}
 
+	if (ret != 1) {
+		return status;
+	}
+
 	/* on failure we need to fill in the reject reasons */
 	dominfo = talloc_p(mem_ctx, struct samr_DomInfo1);
 	if (dominfo == NULL) {
-		return NT_STATUS_NO_MEMORY;
+		return status;
 	}
 	reject = talloc_p(mem_ctx, struct samr_ChangeReject);
 	if (reject == NULL) {
-		return NT_STATUS_NO_MEMORY;
+		return status;
 	}
 
 	ZERO_STRUCTP(dominfo);
@@ -364,14 +370,6 @@ failed:
 		return status;
 	}
 
-	ret = samdb_search(sam_ctx, 
-			   mem_ctx, NULL, &res, dom_attrs,
-			   "dn=%s", domain_dn);
-	if (ret != 1) {
-		status = NT_STATUS_NO_SUCH_USER;
-		goto failed;
-	}
-
 	dominfo->min_pwd_len         = samdb_result_uint (res[0], "minPwdLength", 0);
 	dominfo->password_properties = samdb_result_uint (res[0], "pwdProperties", 0);
 	dominfo->password_history    = samdb_result_uint (res[0], "pwdHistoryLength", 0);
-- 
cgit