diff options
author | Andrew Bartlett <abartlet@samba.org> | 2003-02-24 02:55:00 +0000 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2003-02-24 02:55:00 +0000 |
commit | d1221c9b6c369113a531063737890b58d89bf6fe (patch) | |
tree | efc7b8b8d33b675404dc7c5bc018db47a4136212 /source3/libads/util.c | |
parent | e075e1dfa9a88b5edadc9c989200a52f48182cef (diff) | |
download | samba-d1221c9b6c369113a531063737890b58d89bf6fe.tar.gz samba-d1221c9b6c369113a531063737890b58d89bf6fe.tar.xz samba-d1221c9b6c369113a531063737890b58d89bf6fe.zip |
Merge from HEAD client-side authentication changes:
- new kerberos code, allowing the account to change it's own password
without special SD settings required
- NTLMSSP client code, now seperated from cliconnect.c
- NTLMv2 client code
- SMB signing fixes
Andrew Bartlett
(This used to be commit 837680ca517982f2e5944730581a83012d4181ae)
Diffstat (limited to 'source3/libads/util.c')
-rw-r--r-- | source3/libads/util.c | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/source3/libads/util.c b/source3/libads/util.c index 021f2d93e4a..335cabc9526 100644 --- a/source3/libads/util.c +++ b/source3/libads/util.c @@ -29,7 +29,7 @@ ADS_STATUS ads_change_trust_account_password(ADS_STRUCT *ads, char *host_princip char *new_password; char *service_principal; ADS_STATUS ret; - + if ((password = secrets_fetch_machine_password()) == NULL) { DEBUG(1,("Failed to retrieve password for principal %s\n", host_principal)); return ADS_ERROR_SYSTEM(ENOENT); @@ -38,15 +38,17 @@ ADS_STATUS ads_change_trust_account_password(ADS_STRUCT *ads, char *host_princip tmp_password = generate_random_str(DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH); new_password = strdup(tmp_password); asprintf(&service_principal, "HOST/%s", host_principal); - - ret = kerberos_set_password(ads->auth.kdc_server, host_principal, password, - service_principal, new_password, ads->auth.time_offset); + + ret = kerberos_set_password(ads->auth.kdc_server, service_principal, password, service_principal, new_password, ads->auth.time_offset); + + if (!ADS_ERR_OK(ret)) goto failed; if (!secrets_store_machine_password(new_password)) { DEBUG(1,("Failed to save machine password\n")); return ADS_ERROR_SYSTEM(EACCES); } +failed: SAFE_FREE(service_principal); SAFE_FREE(new_password); |