sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-28 01:58:17 +03:00
Code

s3:libsmb: make use of cli_{session_setup,rpc_pipe_open_with}_creds() in passchange.c

Browse Source 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This commit is contained in:
Stefan Metzmacher 2016-10-28 13:48:23 +02:00 committed by Andreas Schneider
parent a484a70f22
commit 38438fde2d
1 changed files with 21 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
source3/libsmb/passchange.c
View File

@ -35,25 +35,11 @@ NTSTATUS remote_password_change(const char *remote_machine, const char *user_nam
char **err_str)
{
struct cli_state *cli = NULL;
struct cli_credentials *creds = NULL;
struct rpc_pipe_client *pipe_hnd = NULL;
char *user, *domain, *p;
NTSTATUS result;
bool pass_must_change = False;
user = talloc_strdup(talloc_tos(), user_name);
SMB_ASSERT(user != NULL);
domain = talloc_strdup(talloc_tos(), "");
SMB_ASSERT(domain != NULL);
/* allow usernames of the form domain\\user or domain/user */
if ((p = strchr_m(user,'\\')) || (p = strchr_m(user,'/')) ||
(p = strchr_m(user,*lp_winbind_separator()))) {
*p = 0;
domain = user;
user = p+1;
}
*err_str = NULL;
result = cli_connect_nb(remote_machine, NULL, 0, 0x20, NULL,
@ -67,6 +53,17 @@ NTSTATUS remote_password_change(const char *remote_machine, const char *user_nam
return result;
}
creds = cli_session_creds_init(cli,
user_name,
NULL, /* domain */
NULL, /* realm */
old_passwd,
cli->use_kerberos,
cli->fallback_after_kerberos,
cli->use_ccache,
cli->pw_nt_hash);
SMB_ASSERT(creds != NULL);
result = smbXcli_negprot(cli->conn, cli->timeout,
lp_client_ipc_min_protocol(),
lp_client_ipc_max_protocol());
@ -83,8 +80,7 @@ NTSTATUS remote_password_change(const char *remote_machine, const char *user_nam
/* Given things like SMB signing, restrict anonymous and the like,
try an authenticated connection first */
result = cli_session_setup(cli, user_name,
old_passwd, "");
result = cli_session_setup_creds(cli, creds);
if (!NT_STATUS_IS_OK(result)) {
@ -138,16 +134,14 @@ NTSTATUS remote_password_change(const char *remote_machine, const char *user_nam
/* Try not to give the password away too easily */
if (!pass_must_change) {
result = cli_rpc_pipe_open_generic_auth(cli,
&ndr_table_samr,
NCACN_NP,
CRED_DONT_USE_KERBEROS,
DCERPC_AUTH_TYPE_NTLMSSP,
DCERPC_AUTH_LEVEL_PRIVACY,
remote_machine,
domain, user,
old_passwd,
&pipe_hnd);
result = cli_rpc_pipe_open_with_creds(cli,
&ndr_table_samr,
NCACN_NP,
DCERPC_AUTH_TYPE_NTLMSSP,
DCERPC_AUTH_LEVEL_PRIVACY,
remote_machine,
creds,
&pipe_hnd);
} else {
/*
* If the user password must be changed the ntlmssp bind will