diff options
author | Andrew Bartlett <abartlet@samba.org> | 2006-07-13 09:29:25 +0000 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2006-07-13 09:29:25 +0000 |
commit | 97d183139de1b9e972313b564beaada66dfa2a86 (patch) | |
tree | 006b82fd88d8262bd91489b8c8b945213a916375 /source/rpc_client | |
parent | 7f24b8fd9654618fbc004b10eac491e1eb79a89d (diff) | |
download | samba-97d183139de1b9e972313b564beaada66dfa2a86.tar.gz samba-97d183139de1b9e972313b564beaada66dfa2a86.tar.xz samba-97d183139de1b9e972313b564beaada66dfa2a86.zip |
r17005: Add a new helper mode to ntlm_auth: ntlm-change-password-1
This mode proxies pre-calculated blobs from a remote (probably VPN)
client into the domain. This allows clients to change their password
over a PPTP connection (where they would not be able to connect to
SAMR directly).
The precalculated blobs do not reveal the plaintext password.
Original patch by Alexey Kobozev <cobedump@gmail.com>
Diffstat (limited to 'source/rpc_client')
-rw-r--r-- | source/rpc_client/cli_samr.c | 44 |
1 files changed, 44 insertions, 0 deletions
diff --git a/source/rpc_client/cli_samr.c b/source/rpc_client/cli_samr.c index ea8db636423..4c6a868e7f0 100644 --- a/source/rpc_client/cli_samr.c +++ b/source/rpc_client/cli_samr.c @@ -1288,6 +1288,50 @@ NTSTATUS rpccli_samr_chgpasswd_user(struct rpc_pipe_client *cli, return result; } +/* User change passwd with auth crap */ + +NTSTATUS rpccli_samr_chng_pswd_auth_crap(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, + const char *username, + DATA_BLOB new_nt_password, + DATA_BLOB old_nt_hash_enc, + DATA_BLOB new_lm_password, + DATA_BLOB old_lm_hash_enc) +{ + prs_struct qbuf, rbuf; + SAMR_Q_CHGPASSWD_USER q; + SAMR_R_CHGPASSWD_USER r; + char *srv_name_slash; + + if (!(srv_name_slash = talloc_asprintf(mem_ctx, "\\\\%s", + cli->cli->desthost))) { + return NT_STATUS_NO_MEMORY; + } + + DEBUG(5,("rpccli_samr_chng_pswd_auth_crap on server: %s\n", + srv_name_slash)); + + ZERO_STRUCT(q); + ZERO_STRUCT(r); + + /* Marshall data and send request */ + + init_samr_q_chgpasswd_user(&q, srv_name_slash, username, + new_nt_password.data, + old_nt_hash_enc.data, + new_lm_password.data, + old_lm_hash_enc.data); + + CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CHGPASSWD_USER, + q, r, + qbuf, rbuf, + samr_io_q_chgpasswd_user, + samr_io_r_chgpasswd_user, + NT_STATUS_UNSUCCESSFUL); + + return r.status; +} + /* change password 3 */ NTSTATUS rpccli_samr_chgpasswd3(struct rpc_pipe_client *cli, |