From eebbbeac1489a1a6241b4c15064d8aaeeec810ae Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Thu, 11 Nov 2010 18:33:14 +1100 Subject: s4-dsdb Convert new krbtgt_xxx password into UTF16 The new stricter test on clearTextPassword values caught out that we did not provide a utf16 password here. Andrew Bartlett --- source4/dsdb/samdb/ldb_modules/samldb.c | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) (limited to 'source4') diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c index 1ac86148e6..0cd8bc9bcc 100644 --- a/source4/dsdb/samdb/ldb_modules/samldb.c +++ b/source4/dsdb/samdb/ldb_modules/samldb.c @@ -271,6 +271,7 @@ static int samldb_rodc_add(struct samldb_ctx *ac) uint32_t krbtgt_number, i_start, i; int ret; char *newpass; + struct ldb_val newpass_utf16; /* find a unused msDC-SecondaryKrbTgtNumber */ i_start = generate_random() & 0xFFFF; @@ -320,7 +321,17 @@ found: return ldb_operr(ldb); } - ret = ldb_msg_add_steal_string(ac->msg, "clearTextPassword", newpass); + if (!convert_string_talloc(ac, + CH_UNIX, CH_UTF16, + newpass, strlen(newpass), + (void *)&newpass_utf16.data, + &newpass_utf16.length, false)) { + ldb_asprintf_errstring(ldb, + "samldb_rodc_add: " + "failed to generate UTF16 password from random password"); + return LDB_ERR_OPERATIONS_ERROR; + } + ret = ldb_msg_add_steal_value(ac->msg, "clearTextPassword", &newpass_utf16); if (ret != LDB_SUCCESS) { return ldb_operr(ldb); } -- cgit