rpc_client: use init_samr_CryptPassword(Ex) in client tools.

Guenther (cherry picked from commit 97f7f9f21f17e8414de15953cf4eaa9959dc6f75) (cherry picked from commit 458e85603673e04577fc493528c870c3d5ec6b54)
author: Günther Deschner <gd@samba.org> 2008-07-30 19:52:56 +0200
committer: Karolin Seeger <kseeger@samba.org> 2008-12-10 12:12:23 +0100
commit: 585fae3738863639711644f56fa9a0145161a570 (patch)
tree: c5bbe6ffe4f906104379b1dccc5263075bdc04c3
parent: 0c26dd0cf567a952443878bbac5b6499c8d1e769 (diff)
download: samba-585fae3738863639711644f56fa9a0145161a570.tar.gz
3 files changed, 29 insertions, 43 deletions
diff --git a/source/libnet/libnet_join.c b/source/libnet/libnet_join.c
index 7451cb27c6f..86978e4c9fb 100644
--- a/source/libnet/libnet_join.c
+++ b/source/libnet/libnet_join.c
@@ -734,15 +734,14 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx,
 	struct lsa_String lsa_acct_name;
 	uint32_t user_rid;
 	uint32_t acct_flags = ACB_WSTRUST;
-	uchar pwbuf[532];
-	struct MD5Context md5ctx;
-	uchar md5buffer[16];
-	DATA_BLOB digested_session_key;
 	uchar md4_trust_password[16];
 	struct samr_Ids user_rids;
 	struct samr_Ids name_types;
 	union samr_UserInfo user_info;
 
+	struct samr_CryptPassword crypt_pwd;
+	struct samr_CryptPasswordEx crypt_pwd_ex;
+
 	ZERO_STRUCT(sam_pol);
 	ZERO_STRUCT(domain_pol);
 	ZERO_STRUCT(user_pol);
@@ -873,19 +872,10 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx,
 	/* Create a random machine account password and generate the hash */
 
 	E_md4hash(r->in.machine_password, md4_trust_password);
-	encode_pw_buffer(pwbuf, r->in.machine_password, STR_UNICODE);
-
-	generate_random_buffer((uint8_t*)md5buffer, sizeof(md5buffer));
-	digested_session_key = data_blob_talloc(mem_ctx, 0, 16);
-
-	MD5Init(&md5ctx);
-	MD5Update(&md5ctx, md5buffer, sizeof(md5buffer));
-	MD5Update(&md5ctx, cli->user_session_key.data,
-		  cli->user_session_key.length);
-	MD5Final(digested_session_key.data, &md5ctx);
 
-	SamOEMhashBlob(pwbuf, sizeof(pwbuf), &digested_session_key);
-	memcpy(&pwbuf[516], md5buffer, sizeof(md5buffer));
+	init_samr_CryptPasswordEx(r->in.machine_password,
+				  &cli->user_session_key,
+				  &crypt_pwd_ex);
 
 	/* Fill in the additional account flags now */
 
@@ -906,7 +896,8 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx,
 					       SAMR_FIELD_ACCT_FLAGS;
 
 	user_info.info25.info.acct_flags = acct_flags;
-	memcpy(&user_info.info25.password.data, pwbuf, sizeof(pwbuf));
+	memcpy(&user_info.info25.password.data, crypt_pwd_ex.data,
+	       sizeof(crypt_pwd_ex.data));
 
 	status = rpccli_samr_SetUserInfo(pipe_hnd, mem_ctx,
 					 &user_pol,
@@ -915,15 +906,13 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx,
 
 	if (NT_STATUS_EQUAL(status, NT_STATUS(DCERPC_FAULT_INVALID_TAG))) {
 
-		uchar pwbuf2[516];
-
-		encode_pw_buffer(pwbuf2, r->in.machine_password, STR_UNICODE);
-
 		/* retry with level 24 */
-		init_samr_user_info24(&user_info.info24, pwbuf2, 24);
 
-		SamOEMhashBlob(user_info.info24.password.data, 516,
-			       &cli->user_session_key);
+		init_samr_CryptPassword(r->in.machine_password,
+					&cli->user_session_key,
+					&crypt_pwd);
+
+		init_samr_user_info24(&user_info.info24, crypt_pwd.data, 24);
 
 		status = rpccli_samr_SetUserInfo2(pipe_hnd, mem_ctx,
 						  &user_pol,
diff --git a/source/utils/net_rpc.c b/source/utils/net_rpc.c
index ceb429f2feb..7f28eeca2ee 100644
--- a/source/utils/net_rpc.c
+++ b/source/utils/net_rpc.c
@@ -804,11 +804,11 @@ static NTSTATUS rpc_user_password_internals(const DOM_SID *domain_sid,
 {
 	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
 	POLICY_HND connect_pol, domain_pol, user_pol;
-	uchar pwbuf[516];
 	const char *user;
 	const char *new_password;
 	char *prompt = NULL;
 	union samr_UserInfo info;
+	struct samr_CryptPassword crypt_pwd;
 
 	if (argc < 1) {
 		d_printf("User must be specified\n");
@@ -878,12 +878,11 @@ static NTSTATUS rpc_user_password_internals(const DOM_SID *domain_sid,
 
 	/* Set password on account */
 
-	encode_pw_buffer(pwbuf, new_password, STR_UNICODE);
+	init_samr_CryptPassword(new_password,
+				&cli->user_session_key,
+				&crypt_pwd);
 
-	init_samr_user_info24(&info.info24, pwbuf, 24);
-
-	SamOEMhashBlob(info.info24.password.data, 516,
-		       &cli->user_session_key);
+	init_samr_user_info24(&info.info24, crypt_pwd.data, 24);
 
 	result = rpccli_samr_SetUserInfo2(pipe_hnd, mem_ctx,
 					  &user_pol,
@@ -5418,9 +5417,7 @@ static NTSTATUS rpc_trustdom_add_internals(const DOM_SID *domain_sid,
 		struct samr_LogonHours hours;
 		struct lsa_BinaryString parameters;
 		const int units_per_week = 168;
-		uchar pwbuf[516];
-
-		encode_pw_buffer(pwbuf, argv[1], STR_UNICODE);
+		struct samr_CryptPassword crypt_pwd;
 
 		ZERO_STRUCT(notime);
 		ZERO_STRUCT(hours);
@@ -5434,6 +5431,10 @@ static NTSTATUS rpc_trustdom_add_internals(const DOM_SID *domain_sid,
 		hours.units_per_week = units_per_week;
 		memset(hours.bits, 0xFF, units_per_week);
 
+		init_samr_CryptPassword(argv[1],
+					&cli->user_session_key,
+					&crypt_pwd);
+
 		init_samr_user_info23(&info.info23,
 				      notime, notime, notime,
 				      notime, notime, notime,
@@ -5443,10 +5444,7 @@ static NTSTATUS rpc_trustdom_add_internals(const DOM_SID *domain_sid,
 				      SAMR_FIELD_ACCT_FLAGS | SAMR_FIELD_PASSWORD,
 				      hours,
 				      0, 0, 0, 0, 0, 0, 0,
-				      pwbuf, 24);
-
-		SamOEMhashBlob(info.info23.password.data, 516,
-			       &cli->user_session_key);
+				      crypt_pwd.data, 24);
 
 		result = rpccli_samr_SetUserInfo2(pipe_hnd, mem_ctx,
 						  &user_pol,
diff --git a/source/utils/net_rpc_join.c b/source/utils/net_rpc_join.c
index ea3bb10c226..e178df6dcd8 100644
--- a/source/utils/net_rpc_join.c
+++ b/source/utils/net_rpc_join.c
@@ -146,7 +146,7 @@ int net_rpc_join_newstyle(int argc, const char **argv)
 	/* Password stuff */
 
 	char *clear_trust_password = NULL;
-	uchar pwbuf[516];
+	struct samr_CryptPassword crypt_pwd;
 	uchar md4_trust_password[16];
 	union samr_UserInfo set_info;
 
@@ -333,14 +333,13 @@ int net_rpc_join_newstyle(int argc, const char **argv)
 		E_md4hash(clear_trust_password, md4_trust_password);
 	}
 
-	encode_pw_buffer(pwbuf, clear_trust_password, STR_UNICODE);
-
 	/* Set password on machine account */
 
-	init_samr_user_info24(&set_info.info24, pwbuf, 24);
+	init_samr_CryptPassword(clear_trust_password,
+				&cli->user_session_key,
+				&crypt_pwd);
 
-	SamOEMhashBlob(set_info.info24.password.data, 516,
-		       &cli->user_session_key);
+	init_samr_user_info24(&set_info.info24, crypt_pwd.data, 24);
 
 	CHECK_RPC_ERR(rpccli_samr_SetUserInfo2(pipe_hnd, mem_ctx,
 					       &user_pol,
author	Günther Deschner <gd@samba.org>	2008-07-30 19:52:56 +0200
committer	Karolin Seeger <kseeger@samba.org>	2008-12-10 12:12:23 +0100
commit	585fae3738863639711644f56fa9a0145161a570 (patch)
tree	c5bbe6ffe4f906104379b1dccc5263075bdc04c3
parent	0c26dd0cf567a952443878bbac5b6499c8d1e769 (diff)
download	samba-585fae3738863639711644f56fa9a0145161a570.tar.gz