1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00

libsmb: Convert cli_oem_change_password() to NTSTATUS

Remove a few calls to cli_nt_error()

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This commit is contained in:
Volker Lendecke 2024-08-18 12:55:34 +02:00
parent 40e2fdfc6b
commit b1d5b8ef23
4 changed files with 35 additions and 18 deletions

View File

@ -447,8 +447,10 @@ bool cli_NetServerEnum(struct cli_state *cli, char *workgroup, uint32_t stype,
Send a SamOEMChangePassword command.
****************************************************************************/
bool cli_oem_change_password(struct cli_state *cli, const char *user, const char *new_password,
const char *old_password)
NTSTATUS cli_oem_change_password(struct cli_state *cli,
const char *user,
const char *new_password,
const char *old_password)
{
char param[1024];
uint8_t data[532];
@ -468,7 +470,7 @@ bool cli_oem_change_password(struct cli_state *cli, const char *user, const char
if (strlen(user) >= sizeof(fstring)-1) {
DBG_ERR("user name %s is too long.\n", user);
return False;
return NT_STATUS_NAME_TOO_LONG;
}
SSVAL(p,0,214); /* SamOEMChangePassword command. */
@ -503,14 +505,18 @@ bool cli_oem_change_password(struct cli_state *cli, const char *user, const char
if (rc < 0) {
DBG_ERR("gnutls_cipher_init failed: %s\n",
gnutls_strerror(rc));
return false;
status = gnutls_error_to_ntstatus(
rc, NT_STATUS_CRYPTO_SYSTEM_INVALID);
return status;
}
rc = gnutls_cipher_encrypt(cipher_hnd,
data,
516);
gnutls_cipher_deinit(cipher_hnd);
if (rc < 0) {
return false;
status = gnutls_error_to_ntstatus(
rc, NT_STATUS_CRYPTO_SYSTEM_INVALID);
return status;
}
/*
@ -521,7 +527,9 @@ bool cli_oem_change_password(struct cli_state *cli, const char *user, const char
rc = E_old_pw_hash( new_pw_hash, old_pw_hash, (uchar *)&data[516]);
if (rc != 0) {
DBG_ERR("E_old_pw_hash failed: %s\n", gnutls_strerror(rc));
return false;
status = gnutls_error_to_ntstatus(
rc, NT_STATUS_CRYPTO_SYSTEM_INVALID);
return status;
}
status = cli_trans(talloc_tos(), /* mem_ctx */
@ -551,13 +559,15 @@ bool cli_oem_change_password(struct cli_state *cli, const char *user, const char
0, /* min_rdata */
NULL); /* num_rdata */
if (!NT_STATUS_IS_OK(status)) {
return false;
return status;
}
cli->rap_error = PULL_LE_U16(rparam, 0);
status = werror_to_ntstatus(W_ERROR(cli->rap_error));
TALLOC_FREE(rparam);
return (cli->rap_error == 0);
return status;
}
static void prep_basic_information_buf(

View File

@ -38,8 +38,10 @@ int cli_RNetShareEnum(struct cli_state *cli, void (*fn)(const char *, uint32_t,
bool cli_NetServerEnum(struct cli_state *cli, char *workgroup, uint32_t stype,
void (*fn)(const char *, uint32_t, const char *, void *),
void *state);
bool cli_oem_change_password(struct cli_state *cli, const char *user, const char *new_password,
const char *old_password);
NTSTATUS cli_oem_change_password(struct cli_state *cli,
const char *user,
const char *new_password,
const char *old_password);
NTSTATUS cli_setpathinfo_ext(struct cli_state *cli, const char *fname,
struct timespec create_time,
struct timespec access_time,

View File

@ -183,8 +183,11 @@ NTSTATUS remote_password_change(const char *remote_machine,
if (!NT_STATUS_IS_OK(result)) {
if (lp_client_lanman_auth()) {
/* Use the old RAP method. */
if (!cli_oem_change_password(cli, user_name, new_passwd, old_passwd)) {
result = cli_nt_error(cli);
result = cli_oem_change_password(cli,
user_name,
new_passwd,
old_passwd);
if (!NT_STATUS_IS_OK(result)) {
if (asprintf(err_str, "machine %s rejected the "
"password change: Error was : %s.\n",
remote_machine, nt_errstr(result)) == -1) {
@ -310,15 +313,17 @@ NTSTATUS remote_password_change(const char *remote_machine,
}
/* Use the old RAP method. */
if (cli_oem_change_password(
cli, user_name, new_passwd, old_passwd)) {
result = cli_oem_change_password(cli,
user_name,
new_passwd,
old_passwd);
if (NT_STATUS_IS_OK(result)) {
/* SAMR failed, but the old LanMan protocol worked! */
cli_shutdown(cli);
return NT_STATUS_OK;
}
result = cli_nt_error(cli);
if (asprintf(err_str,
"machine %s rejected the password "
"change: Error was : %s.\n",

View File

@ -1240,7 +1240,7 @@ int net_rap_password_usage(struct net_context *c, int argc, const char **argv)
int net_rap_password(struct net_context *c, int argc, const char **argv)
{
struct cli_state *cli;
int ret;
NTSTATUS status;
if (argc < 3 || c->display_usage)
return net_rap_password_usage(c, argc, argv);
@ -1249,9 +1249,9 @@ int net_rap_password(struct net_context *c, int argc, const char **argv)
return -1;
/* BB Add check for password lengths? */
ret = cli_oem_change_password(cli, argv[0], argv[2], argv[1]);
status = cli_oem_change_password(cli, argv[0], argv[2], argv[1]);
cli_shutdown(cli);
return ret ? 0 : -1;
return NT_STATUS_IS_OK(status) ? 0 : -1;
}
int net_rap_admin_usage(struct net_context *c, int argc, const char **argv)