The Samba-Bugzilla – Attachment 12973 Details for
Bug 12262
net ads testjoin and smb access fails after winbindd changed the trust password
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Minimal revert for v4-3-stable/v4-3-test
tmp43.diff.txt (text/plain), 2.03 KB, created by
Stefan Metzmacher
on 2017-02-22 21:15:19 UTC
(
hide
)
Description:
Minimal revert for v4-3-stable/v4-3-test
Filename:
MIME Type:
Creator:
Stefan Metzmacher
Created:
2017-02-22 21:15:19 UTC
Size:
2.03 KB
patch
obsolete
>From 59b01dd95913d35e849d30810a2e868698067381 Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Wed, 22 Feb 2017 22:11:50 +0100 >Subject: [PATCH] Revert "s3:trusts_util: generate completely random passwords > in trust_pw_change()" > >This reverts commit 54e68e94ee878878df394e596ca5ea118b105bba. > >There're problems unicode codepoints > 0xffff (with "unix charset = utf8") >and > 7f (with "unix charset = iso8859-1" or others). > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262 > >Signed-off-by: Stefan Metzmacher <metze@samba.org> >--- > source3/libsmb/trusts_util.c | 19 ++++--------------- > 1 file changed, 4 insertions(+), 15 deletions(-) > >diff --git a/source3/libsmb/trusts_util.c b/source3/libsmb/trusts_util.c >index c56949e..108d25b 100644 >--- a/source3/libsmb/trusts_util.c >+++ b/source3/libsmb/trusts_util.c >@@ -66,9 +66,7 @@ NTSTATUS trust_pw_change(struct netlogon_creds_cli_context *context, > int timeout = 0; > struct timeval tv = { 0, }; > size_t new_len = DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH; >- uint8_t new_password_buffer[256 * 2] = { 0, }; > char *new_trust_passwd = NULL; >- size_t len = 0; > uint32_t new_version = 0; > uint32_t *new_trust_version = NULL; > NTSTATUS status; >@@ -181,19 +179,10 @@ NTSTATUS trust_pw_change(struct netlogon_creds_cli_context *context, > return NT_STATUS_OK; > } > >- /* >- * Create a random machine account password >- * We create a random buffer and convert that to utf8. >- * This is similar to what windows is doing. >- */ >- generate_secret_buffer(new_password_buffer, new_len * 2); >- ok = convert_string_talloc(frame, >- CH_UTF16MUNGED, CH_UTF8, >- new_password_buffer, new_len * 2, >- (void *)&new_trust_passwd, &len); >- ZERO_STRUCT(new_password_buffer); >- if (!ok) { >- DEBUG(0, ("convert_string_talloc failed\n")); >+ /* Create a random machine account password */ >+ new_trust_passwd = generate_random_password(frame, new_len, new_len); >+ if (new_trust_passwd == NULL) { >+ DEBUG(0, ("generate_random_password failed\n")); > TALLOC_FREE(frame); > return NT_STATUS_NO_MEMORY; > } >-- >1.9.1 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=12973">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Flags:
slow
:
review+
Actions:
View
Attachments on
bug 12262
:
12843
|
12951
|
12970
|
12971
|
12972
| 12973