[SCM] Samba Shared Repository - branch v4-5-test updated

Stefan Metzmacher metze at samba.org
Sat Feb 25 14:30:02 UTC 2017


The branch, v4-5-test has been updated
       via  81613c1 vfs_streams_xattr: use fsp, not base_fsp
       via  cf37b8a libcli/auth: use the correct creds value against servers without LogonSamLogonEx
       via  d64d185 librpc/rpc: fix regression in NT_STATUS_RPC_ENUM_VALUE_OUT_OF_RANGE error mapping
       via  7ad4e82 krb5_wrap: use our own code to calculate the ENCTYPE_ARCFOUR_HMAC key
       via  d394bf0 s4:scripting: use generate_random_machine_password() for machine passwords
       via  5934cda samba-tool:provision: use generate_random_machine_password() for machine passwords
       via  f5e4a09 samba-tool:domain: use generate_random_machine_password() for machine passwords
       via  7d35bd7 samba-tool:domain: use generate_random_machine_password() for trusted domains
       via  2599936 pyglue: add generate_random_machine_password() wrapper
       via  f9effa5 python/samba: use an explicit .encode('utf-8') where we expect utf8 passwords
       via  8f437c6 python/samba: provision_dns_add_samba.ldif expects utf-16-le passwords
       via  bdcda22 s4:dsdb: autogenerate a random utf16 buffer for krbtgt password resets.
       via  df8d03f s4:libnet: make use of generate_random_machine_password()
       via  f3f6dd6 s4:libcli/raw: remove unused DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH
       via  e12b368 s3:include: remove unused DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH
       via  57c8e45 s3:net_rpc_trust: make use of trust_pw_new_value()
       via  7d8f679 s3:libnet_join: make use of trust_pw_new_value()
       via  c1f53ad s3:libads: use trust_pw_new_value() for krb5 machine passwords
       via  a9c7e6b s3:libsmb: use trust_pw_new_value() in trust_pw_change()
       via  0a76aed s3:libsmb: add trust_pw_new_value() helper function
       via  d17a9eb s3:libsmb: let trust_pw_change() verify the new password at the end.
       via  70b7aca s3:libsmb: let trust_pw_change() debug more verbose information
       via  b329412 lib/util: add generate_random_machine_password() function
       via  aa4de8a libcli/auth: add netlogon_creds_cli_debug_string()
       via  ce18ad3 libcli/auth: check E_md4hash() result in netlogon_creds_cli_ServerPasswordSet_send()
      from  4b3bda7 ctdb-scripts: Initialise CTDB_NFS_CALLOUT in statd-callout

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-5-test


- Log -----------------------------------------------------------------
commit 81613c1b7c7a3b4ee2c9a34f3c2c474a92854ec1
Author: Ralph Boehme <slow at samba.org>
Date:   Fri Feb 17 08:10:53 2017 +0100

    vfs_streams_xattr: use fsp, not base_fsp
    
    The base_fsp's fd is always -1 as it's closed after being openend in
    create_file_unixpath().
    
    Additionally in streams_xattr_open force using of SMB_VFS_FSETXATTR() by
    sticking the just created fd into the fsp (and removing it afterwards).
    
    Bug: https://bugzilla.samba.org/show_bug.cgi?id=12591
    
    Signed-off-by: Ralph Boehme <slow at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>
    
    Autobuild-User(master): Jeremy Allison <jra at samba.org>
    Autobuild-Date(master): Wed Feb 22 08:25:46 CET 2017 on sn-devel-144
    
    (cherry picked from commit 021189e32ba507832b5e821e5cda8a2889225955)
    
    Autobuild-User(v4-5-test): Stefan Metzmacher <metze at samba.org>
    Autobuild-Date(v4-5-test): Sat Feb 25 15:29:38 CET 2017 on sn-devel-144

commit cf37b8a565e1cbd6307555ef2f48184939434cdc
Author: Stefan Metzmacher <metze at samba.org>
Date:   Wed Feb 15 08:58:20 2017 +0100

    libcli/auth: use the correct creds value against servers without LogonSamLogonEx
    
    If we use the credential chain we need to use the value from
    netlogon_creds_client_authenticator() to make sure we have the current
    value to encrypt in logon info.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=12586
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>
    Reviewed-by: Ralph Boehme <slow at samba.org>
    (cherry picked from commit 0ed2a65593b5abc9ba7f40992ed0ed8f448f5836)

commit d64d185b721e6ff161e6633f49f8cae159f250da
Author: Stefan Metzmacher <metze at samba.org>
Date:   Wed Feb 15 08:07:06 2017 +0100

    librpc/rpc: fix regression in NT_STATUS_RPC_ENUM_VALUE_OUT_OF_RANGE error mapping
    
    Commit 1eef70872930fa4f9d3dedd23476b34cae638428 changed the mapping for
    DCERPC_NCA_S_FAULT_INVALID_TAG from NT_STATUS_RPC_ENUM_VALUE_OUT_OF_RANGE
    to NT_STATUS_RPC_PROCNUM_OUT_OF_RANGE.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=12585
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>
    Reviewed-by: Ralph Boehme <slow at samba.org>
    (cherry picked from commit c97e39b34fcf260ded42ef1a9efe7ed55e65a1cf)

commit 7ad4e8242cd7ee3725d4df4c65dcfbb732c54898
Author: Stefan Metzmacher <metze at samba.org>
Date:   Tue Feb 21 12:15:07 2017 +0100

    krb5_wrap: use our own code to calculate the ENCTYPE_ARCFOUR_HMAC key
    
    Our own convert_string_talloc() function handles a wider range
    of unicode code points than the MIT krb5 or heimdal code.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>
    Reviewed-by: Ralph Boehme <slow at samba.org>
    
    Autobuild-User(master): Ralph Böhme <slow at samba.org>
    Autobuild-Date(master): Tue Feb 21 20:08:16 CET 2017 on sn-devel-144
    (similar to commit 10e1b92c288ae27f775debb16c3e122b6063fa21)

commit d394bf068b07c2fb1c1173733cc8129f34f95a73
Author: Stefan Metzmacher <metze at samba.org>
Date:   Mon Feb 13 19:37:09 2017 +0100

    s4:scripting: use generate_random_machine_password() for machine passwords
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>
    Reviewed-by: Ralph Boehme <slow at samba.org>
    (cherry picked from commit 383432d2cd3046c2c3768c1ae452211c7e583604)

commit 5934cda0fa77bbf4c10aa977ad730c7b719f3eda
Author: Stefan Metzmacher <metze at samba.org>
Date:   Tue Aug 23 12:40:24 2016 +0200

    samba-tool:provision: use generate_random_machine_password() for machine passwords
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>
    Reviewed-by: Ralph Boehme <slow at samba.org>
    (cherry picked from commit ea57a204a1f6b4999e5347c1edb5753bed933fba)

commit f5e4a09edab57babf1d821fe60fad4c0b8ae7a00
Author: Stefan Metzmacher <metze at samba.org>
Date:   Tue Aug 23 12:37:37 2016 +0200

    samba-tool:domain: use generate_random_machine_password() for machine passwords
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>
    Reviewed-by: Ralph Boehme <slow at samba.org>
    (cherry picked from commit f04e09e1968c40483b8dc2f92b9c15bce0b0b55a)

commit 7d35bd71dd09f03a48f4932f404f5642d60f1947
Author: Stefan Metzmacher <metze at samba.org>
Date:   Tue Aug 23 12:27:19 2016 +0200

    samba-tool:domain: use generate_random_machine_password() for trusted domains
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>
    Reviewed-by: Ralph Boehme <slow at samba.org>
    (cherry picked from commit b2fac99ac63739398aa716c26d8e187a25bb8400)

commit 259993659895237c424cb8055bb33f433ca3bb0e
Author: Stefan Metzmacher <metze at samba.org>
Date:   Tue Aug 23 09:35:50 2016 +0200

    pyglue: add generate_random_machine_password() wrapper
    
    We use PyUnicode_FromString() (which is available from 2.6)
    because we really have non-ascii strings.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>
    Reviewed-by: Ralph Boehme <slow at samba.org>
    (cherry picked from commit d7840e77961cdc4ccc4f5549494d458b6b2c2cf4)

commit f9effa5ef146d963d664aa69d69cf70a20956e47
Author: Stefan Metzmacher <metze at samba.org>
Date:   Mon Feb 13 22:34:06 2017 +0100

    python/samba: use an explicit .encode('utf-8') where we expect utf8 passwords
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>
    Reviewed-by: Ralph Boehme <slow at samba.org>
    (cherry picked from commit b86c29b1e6fb2fb4cf203aa38c7764084d855730)

commit 8f437c62cea512a09f7bde643d87b33652b5752b
Author: Stefan Metzmacher <metze at samba.org>
Date:   Fri Feb 17 00:10:12 2017 +0100

    python/samba: provision_dns_add_samba.ldif expects utf-16-le passwords
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>
    Reviewed-by: Ralph Boehme <slow at samba.org>
    (cherry picked from commit 99b8d6beccf4d3d24f9d87a4d8e5eadfe0e0dd33)

commit bdcda225324046590f5799b921dce4a0b6c25481
Author: Stefan Metzmacher <metze at samba.org>
Date:   Mon Feb 13 19:01:21 2017 +0100

    s4:dsdb: autogenerate a random utf16 buffer for krbtgt password resets.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>
    Reviewed-by: Ralph Boehme <slow at samba.org>
    (cherry picked from commit 0ed258bfe48995db6b345cc14e1747c4af9d076d)

commit df8d03f46a5621dae5341afdb193b696ce00ccb1
Author: Stefan Metzmacher <metze at samba.org>
Date:   Mon Feb 13 19:35:54 2017 +0100

    s4:libnet: make use of generate_random_machine_password()
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>
    (cherry picked from commit 26515dca99ba3fa393207df905137021a2177de1)

commit f3f6dd69b6d587f17626e1d21419964ecdb26557
Author: Stefan Metzmacher <metze at samba.org>
Date:   Tue Aug 23 12:41:48 2016 +0200

    s4:libcli/raw: remove unused DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>
    Reviewed-by: Ralph Boehme <slow at samba.org>
    (cherry picked from commit e9c184088cbbb47e48d9e96fc753a56c544301dc)

commit e12b3686f7f1db586fcdf00773e6d49763353499
Author: Stefan Metzmacher <metze at samba.org>
Date:   Tue Aug 23 12:41:48 2016 +0200

    s3:include: remove unused DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>
    Reviewed-by: Ralph Boehme <slow at samba.org>
    (cherry picked from commit 21cbf8e4db6928a8a3fb712b3750bb50c1201948)

commit 57c8e45d624a64b6c53e888acf00ea9f8ffa5fbd
Author: Stefan Metzmacher <metze at samba.org>
Date:   Tue Aug 23 10:42:30 2016 +0200

    s3:net_rpc_trust: make use of trust_pw_new_value()
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>
    Reviewed-by: Ralph Boehme <slow at samba.org>
    (cherry picked from commit 13fd543929c72fa5af1ae6e21ca8dda9a57a0f55)

commit 7d8f6796dcc736fb2b1145bfb15cedb6b406e955
Author: Stefan Metzmacher <metze at samba.org>
Date:   Tue Aug 23 12:09:57 2016 +0200

    s3:libnet_join: make use of trust_pw_new_value()
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>
    Reviewed-by: Ralph Boehme <slow at samba.org>
    (cherry picked from commit 77edef9555acd6e0c843582637bc367fa0d2a203)

commit c1f53add12d6adad8eac16a26a44780da249f3f6
Author: Stefan Metzmacher <metze at samba.org>
Date:   Tue Aug 23 10:38:58 2016 +0200

    s3:libads: use trust_pw_new_value() for krb5 machine passwords
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>
    Reviewed-by: Ralph Boehme <slow at samba.org>
    (similar to commit 00136940757ea6947f97c9c92b25207d9413727b)

commit a9c7e6b834ab8709b452ce9032c435ef788ab2a1
Author: Stefan Metzmacher <metze at samba.org>
Date:   Tue Aug 23 12:12:35 2016 +0200

    s3:libsmb: use trust_pw_new_value() in trust_pw_change()
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>
    Reviewed-by: Ralph Boehme <slow at samba.org>
    (cherry picked from commit c21e9981d04fa016ef708941ea82051d0438b7a7)

commit 0a76aeda0837f19a4b6f70d06500d83335178246
Author: Stefan Metzmacher <metze at samba.org>
Date:   Tue Aug 23 12:12:35 2016 +0200

    s3:libsmb: add trust_pw_new_value() helper function
    
    This generates a new trust password based on the secure channel type
    and lp_security().
    
    NT4 really has a limit of 28 UTF16 bytes.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>
    Reviewed-by: Ralph Boehme <slow at samba.org>
    (cherry picked from commit 9e26ad86fbd7e6f39f98fb9d037ac86f3146cb11)

commit d17a9eb4eb93de528b26f3cf30808f75bc2d632e
Author: Stefan Metzmacher <metze at samba.org>
Date:   Thu Feb 9 22:53:52 2017 +0100

    s3:libsmb: let trust_pw_change() verify the new password at the end.
    
    We should notice problems as early as possible, it makes no
    sense to keep things working for a while and later find out
    the we lost our trust relationship with our domain.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>
    Reviewed-by: Ralph Boehme <slow at samba.org>
    (cherry picked from commit a2877541681e07f09aee7d7c21adbe50346755e3)

commit 70b7acadf989a6c84f3081cee9f132f433e4ca13
Author: Stefan Metzmacher <metze at samba.org>
Date:   Wed Jan 18 19:57:30 2017 +0100

    s3:libsmb: let trust_pw_change() debug more verbose information
    
    Password changes caused much trouble in the past, so we better debug
    them at log level 0 and may see them also in the syslog.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>
    Reviewed-by: Ralph Boehme <slow at samba.org>
    (cherry picked from commit 4185689dbf0085fcb3840ad8b520df21a33e5d2a)

commit b32941259df0202caaa70a5617b6e53cb2629932
Author: Stefan Metzmacher <metze at samba.org>
Date:   Tue Aug 23 09:30:05 2016 +0200

    lib/util: add generate_random_machine_password() function
    
    It generates more random password for the use as machine password,
    restricted to codepoints <= 0xFFFF in order to be compatible
    with MIT krb5 and Heimdal.
    
    Note: the fallback to ascii if 'unix charset' is not 'utf8'.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>
    Reviewed-by: Ralph Boehme <slow at samba.org>
    (cherry picked from commit ad12cfae42cc592166d6a1c1ee323f1aae82f235)

commit aa4de8aff86249a7103f922eb2282eeaed402a55
Author: Stefan Metzmacher <metze at samba.org>
Date:   Thu Feb 9 21:47:52 2017 +0100

    libcli/auth: add netlogon_creds_cli_debug_string()
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>
    Reviewed-by: Ralph Boehme <slow at samba.org>
    (cherry picked from commit abe427775ee8ed1d278d5094ca127f85289ca5a3)

commit ce18ad37641ee585721e282e53fd596992369d96
Author: Stefan Metzmacher <metze at samba.org>
Date:   Wed Jan 18 19:02:21 2017 +0000

    libcli/auth: check E_md4hash() result in netlogon_creds_cli_ServerPasswordSet_send()
    
    We need to make sure we can convert the given string to an nthash.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262
    
    Signed-off-by: Stefan Metzmacher <metze at samba.org>
    Reviewed-by: Ralph Boehme <slow at samba.org>
    (cherry picked from commit 8a209e5a0ca810d8cf0e5ebc1902fae8c5cb241e)

-----------------------------------------------------------------------

Summary of changes:
 lib/krb5_wrap/krb5_samba.c                     |  37 ++++++
 lib/util/genrand_util.c                        | 168 ++++++++++++++++++++++++-
 lib/util/samba_util.h                          |  32 ++++-
 libcli/auth/netlogon_creds_cli.c               |  33 ++++-
 libcli/auth/netlogon_creds_cli.h               |   4 +
 librpc/rpc/dcerpc_error.c                      |   8 +-
 python/pyglue.c                                |  26 +++-
 python/samba/__init__.py                       |   1 +
 python/samba/join.py                           |  11 +-
 python/samba/netcmd/domain.py                  |  29 +----
 python/samba/netcmd/user.py                    |   2 +-
 python/samba/provision/__init__.py             |   6 +-
 python/samba/provision/sambadns.py             |   2 +-
 python/samba/samdb.py                          |   2 +-
 python/samba/upgradehelpers.py                 |   4 +-
 source3/include/proto.h                        |   3 +
 source3/include/smb.h                          |   6 -
 source3/libads/util.c                          |   9 +-
 source3/libnet/libnet_join.c                   |  16 ++-
 source3/libsmb/trusts_util.c                   | 143 ++++++++++++++++-----
 source3/modules/vfs_streams_xattr.c            |  41 +++---
 source3/utils/net_rpc_trust.c                  |   6 +-
 source3/wscript_build                          |   2 +-
 source4/dsdb/samdb/ldb_modules/password_hash.c |  84 +++++++++++++
 source4/dsdb/samdb/ldb_modules/samldb.c        |  25 ++--
 source4/libcli/raw/smb.h                       |   7 --
 source4/libnet/libnet_vampire.c                |   2 +-
 source4/scripting/bin/renamedc                 |   2 +-
 28 files changed, 567 insertions(+), 144 deletions(-)


Changeset truncated at 500 lines:

diff --git a/lib/krb5_wrap/krb5_samba.c b/lib/krb5_wrap/krb5_samba.c
index 2943b33..76e8795 100644
--- a/lib/krb5_wrap/krb5_samba.c
+++ b/lib/krb5_wrap/krb5_samba.c
@@ -24,6 +24,7 @@
 #include "system/filesys.h"
 #include "krb5_samba.h"
 #include "lib/util/asn1.h"
+#include "lib/crypto/crypto.h"
 
 #ifdef HAVE_COM_ERR_H
 #include <com_err.h>
@@ -202,6 +203,42 @@ int smb_krb5_create_key_from_string(krb5_context context,
 		return -1;
 	}
 
+	if ((int)enctype == (int)ENCTYPE_ARCFOUR_HMAC) {
+		TALLOC_CTX *frame = talloc_stackframe();
+		uint8_t *utf16 = NULL;
+		size_t utf16_size = 0;
+		uint8_t nt_hash[16];
+		bool ok;
+
+		ok = convert_string_talloc(frame, CH_UNIX, CH_UTF16LE,
+					   password->data, password->length,
+					   (void **)&utf16, &utf16_size);
+		if (!ok) {
+			if (errno == 0) {
+				errno = EINVAL;
+			}
+			ret = errno;
+			TALLOC_FREE(frame);
+			return ret;
+		}
+
+		mdfour(nt_hash, utf16, utf16_size);
+		memset(utf16, 0, utf16_size);
+		ret = smb_krb5_keyblock_init_contents(context,
+						      ENCTYPE_ARCFOUR_HMAC,
+						      nt_hash,
+						      sizeof(nt_hash),
+						      key);
+		ZERO_STRUCT(nt_hash);
+		if (ret != 0) {
+			TALLOC_FREE(frame);
+			return ret;
+		}
+
+		TALLOC_FREE(frame);
+		return 0;
+	}
+
 #if defined(HAVE_KRB5_PRINCIPAL2SALT) && defined(HAVE_KRB5_C_STRING_TO_KEY)
 {/* MIT */
 	krb5_data _salt;
diff --git a/lib/util/genrand_util.c b/lib/util/genrand_util.c
index fbd9998..76b7cd9 100644
--- a/lib/util/genrand_util.c
+++ b/lib/util/genrand_util.c
@@ -210,7 +210,7 @@ again:
 }
 
 /**
- * Generate a random text password.
+ * Generate a random text password (based on printable ascii characters).
  */
 
 _PUBLIC_ char *generate_random_password(TALLOC_CTX *mem_ctx, size_t min, size_t max)
@@ -258,6 +258,172 @@ again:
 }
 
 /**
+ * Generate a random machine password (based on random utf16 characters,
+ * converted to utf8). min must be at least 14, max must be at most 255.
+ *
+ * If 'unix charset' is not utf8, the password consist of random ascii
+ * values!
+ */
+
+_PUBLIC_ char *generate_random_machine_password(TALLOC_CTX *mem_ctx, size_t min, size_t max)
+{
+	TALLOC_CTX *frame = NULL;
+	struct generate_random_machine_password_state {
+		uint8_t password_buffer[256 * 2];
+		uint8_t tmp;
+	} *state;
+	char *new_pw = NULL;
+	size_t len = max;
+	char *utf8_pw = NULL;
+	size_t utf8_len = 0;
+	char *unix_pw = NULL;
+	size_t unix_len = 0;
+	size_t diff;
+	size_t i;
+	bool ok;
+	int cmp;
+
+	if (max > 255) {
+		errno = EINVAL;
+		return NULL;
+	}
+
+	if (min < 14) {
+		errno = EINVAL;
+		return NULL;
+	}
+
+	if (min > max) {
+		errno = EINVAL;
+		return NULL;
+	}
+
+	frame = talloc_stackframe_pool(2048);
+	state = talloc_zero(frame, struct generate_random_machine_password_state);
+
+	diff = max - min;
+
+	if (diff > 0) {
+		size_t tmp;
+
+		generate_random_buffer((uint8_t *)&tmp, sizeof(tmp));
+
+		tmp %= diff;
+
+		len = min + tmp;
+	}
+
+	/*
+	 * Create a random machine account password
+	 * We create a random buffer and convert that to utf8.
+	 * This is similar to what windows is doing.
+	 *
+	 * In future we may store the raw random buffer,
+	 * but for now we need to pass the password as
+	 * char pointer through some layers.
+	 *
+	 * As most kerberos keys are derived from the
+	 * utf8 password we need to fallback to
+	 * ASCII passwords if "unix charset" is not utf8.
+	 */
+	generate_secret_buffer(state->password_buffer, len * 2);
+	for (i = 0; i < len; i++) {
+		size_t idx = i*2;
+		uint16_t c;
+
+		/*
+		 * both MIT krb5 and HEIMDAL only
+		 * handle codepoints up to 0xffff.
+		 *
+		 * It means we need to avoid
+		 * 0xD800 - 0xDBFF (high surrogate)
+		 * and
+		 * 0xDC00 - 0xDFFF (low surrogate)
+		 * in the random utf16 data.
+		 *
+		 * 55296 0xD800 0154000 0b1101100000000000
+		 * 57343 0xDFFF 0157777 0b1101111111111111
+		 * 8192  0x2000  020000   0b10000000000000
+		 *
+		 * The above values show that we can check
+		 * for 0xD800 and just add 0x2000 to avoid
+		 * the surrogate ranges.
+		 *
+		 * The rest will be handled by CH_UTF16MUNGED
+		 * see utf16_munged_pull().
+		 */
+		c = SVAL(state->password_buffer, idx);
+		if (c & 0xD800) {
+			c |= 0x2000;
+		}
+		SSVAL(state->password_buffer, idx, c);
+	}
+	ok = convert_string_talloc(frame,
+				   CH_UTF16MUNGED, CH_UTF8,
+				   state->password_buffer, len * 2,
+				   (void *)&utf8_pw, &utf8_len);
+	if (!ok) {
+		DEBUG(0, ("%s: convert_string_talloc() failed\n",
+			  __func__));
+		TALLOC_FREE(frame);
+		return NULL;
+	}
+
+	ok = convert_string_talloc(frame,
+				   CH_UTF16MUNGED, CH_UNIX,
+				   state->password_buffer, len * 2,
+				   (void *)&unix_pw, &unix_len);
+	if (!ok) {
+		goto ascii_fallback;
+	}
+
+	if (utf8_len != unix_len) {
+		goto ascii_fallback;
+	}
+
+	cmp = memcmp((const uint8_t *)utf8_pw,
+		     (const uint8_t *)unix_pw,
+		     utf8_len);
+	if (cmp != 0) {
+		goto ascii_fallback;
+	}
+
+	new_pw = talloc_strdup(mem_ctx, utf8_pw);
+	if (new_pw == NULL) {
+		TALLOC_FREE(frame);
+		return NULL;
+	}
+	talloc_set_name_const(new_pw, __func__);
+	TALLOC_FREE(frame);
+	return new_pw;
+
+ascii_fallback:
+	for (i = 0; i < len; i++) {
+		/*
+		 * truncate to ascii
+		 */
+		state->tmp = state->password_buffer[i] & 0x7f;
+		if (state->tmp == 0) {
+			state->tmp = state->password_buffer[i] >> 1;
+		}
+		if (state->tmp == 0) {
+			state->tmp = 0x01;
+		}
+		state->password_buffer[i] = state->tmp;
+	}
+	state->password_buffer[i] = '\0';
+
+	new_pw = talloc_strdup(mem_ctx, (const char *)state->password_buffer);
+	if (new_pw == NULL) {
+		TALLOC_FREE(frame);
+		return NULL;
+	}
+	talloc_set_name_const(new_pw, __func__);
+	TALLOC_FREE(frame);
+	return new_pw;
+}
+
+/**
  * Generate an array of unique text strings all of the same length.
  * The returned string will be allocated.
  * Returns NULL if the number of unique combinations cannot be created.
diff --git a/lib/util/samba_util.h b/lib/util/samba_util.h
index c339161..9ef9ef9 100644
--- a/lib/util/samba_util.h
+++ b/lib/util/samba_util.h
@@ -103,11 +103,41 @@ _PUBLIC_ uint32_t generate_random(void);
 _PUBLIC_ bool check_password_quality(const char *s);
 
 /**
- * Generate a random text password.
+ * Generate a random text password (based on printable ascii characters).
+ * This function is designed to provide a password that
+ * meats the complexity requirements of UF_NORMAL_ACCOUNT objects
+ * and they should be human readable and writeable on any keyboard layout.
+ *
+ * Characters used are:
+ * ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+_-#.,@$%&!?:;<=>()[]~
  */
 _PUBLIC_ char *generate_random_password(TALLOC_CTX *mem_ctx, size_t min, size_t max);
 
 /**
+ * Generate a random machine password
+ *
+ * min and max are the number of utf16 characters used
+ * to generate on utf8 compatible password.
+ *
+ * Note: if 'unix charset' is not 'utf8' (the default)
+ * then each utf16 character is only filled with
+ * values from 0x01 to 0x7f (ascii values without 0x00).
+ * This is important as the password neets to be
+ * a valid value as utf8 string and at the same time
+ * a valid value in the 'unix charset'.
+ *
+ * If 'unix charset' is 'utf8' (the default) then
+ * each utf16 character is a random value from 0x0000
+ * 0xFFFF (exluding the surrogate ranges from 0xD800-0xDFFF)
+ * while the translation from CH_UTF16MUNGED
+ * to CH_UTF8 replaces invalid values (see utf16_munged_pull()).
+ *
+ * Note: these passwords may not pass the complexity requirements
+ * for UF_NORMAL_ACCOUNT objects (except krbtgt accounts).
+ */
+_PUBLIC_ char *generate_random_machine_password(TALLOC_CTX *mem_ctx, size_t min, size_t max);
+
+/**
  Use the random number generator to generate a random string.
 **/
 _PUBLIC_ char *generate_random_str_list(TALLOC_CTX *mem_ctx, size_t len, const char *list);
diff --git a/libcli/auth/netlogon_creds_cli.c b/libcli/auth/netlogon_creds_cli.c
index 38b1351..d55142e 100644
--- a/libcli/auth/netlogon_creds_cli.c
+++ b/libcli/auth/netlogon_creds_cli.c
@@ -484,6 +484,14 @@ NTSTATUS netlogon_creds_cli_context_tmp(const char *client_computer,
 	return NT_STATUS_OK;
 }
 
+char *netlogon_creds_cli_debug_string(
+		const struct netlogon_creds_cli_context *context,
+		TALLOC_CTX *mem_ctx)
+{
+	return talloc_asprintf(mem_ctx, "netlogon_creds_cli:%s",
+			       context->db.key_name);
+}
+
 enum dcerpc_AuthLevel netlogon_creds_cli_auth_level(
 		struct netlogon_creds_cli_context *context)
 {
@@ -1747,7 +1755,11 @@ struct tevent_req *netlogon_creds_cli_ServerPasswordSet_send(TALLOC_CTX *mem_ctx
 	/*
 	 * netr_ServerPasswordSet
 	 */
-	E_md4hash(new_password, state->samr_password.hash);
+	ok = E_md4hash(new_password, state->samr_password.hash);
+	if (!ok) {
+		tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER_MIX);
+		return tevent_req_post(req, ev);
+	}
 
 	/*
 	 * netr_ServerPasswordSet2
@@ -2075,11 +2087,24 @@ struct netlogon_creds_cli_LogonSamLogon_state {
 
 	/*
 	 * the read only credentials before we started the operation
+	 * used for netr_LogonSamLogonEx() if required (validation_level = 3).
 	 */
 	struct netlogon_creds_CredentialState *ro_creds;
 
+	/*
+	 * The (locked) credentials used for the credential chain
+	 * used for netr_LogonSamLogonWithFlags() or
+	 * netr_LogonSamLogonWith().
+	 */
 	struct netlogon_creds_CredentialState *lk_creds;
 
+	/*
+	 * While we have locked the global credentials (lk_creds above)
+	 * we operate an a temporary copy, because a server
+	 * may not support netr_LogonSamLogonWithFlags() and
+	 * didn't process our netr_Authenticator, so we need to
+	 * restart from lk_creds.
+	 */
 	struct netlogon_creds_CredentialState tmp_creds;
 	struct netr_Authenticator req_auth;
 	struct netr_Authenticator rep_auth;
@@ -2311,7 +2336,7 @@ static void netlogon_creds_cli_LogonSamLogon_start(struct tevent_req *req)
 		return;
 	}
 
-	netlogon_creds_encrypt_samlogon_logon(state->ro_creds,
+	netlogon_creds_encrypt_samlogon_logon(&state->tmp_creds,
 					      state->logon_level,
 					      state->logon);
 
@@ -2414,8 +2439,10 @@ static void netlogon_creds_cli_LogonSamLogon_done(struct tevent_req *subreq)
 			/*
 			 * We got a race, lets retry with on authenticator
 			 * protection.
+			 *
+			 * netlogon_creds_cli_LogonSamLogon_start()
+			 * will TALLOC_FREE(state->ro_creds);
 			 */
-			TALLOC_FREE(state->ro_creds);
 			state->try_logon_ex = false;
 			netlogon_creds_cli_LogonSamLogon_start(req);
 			return;
diff --git a/libcli/auth/netlogon_creds_cli.h b/libcli/auth/netlogon_creds_cli.h
index 006367a..949e03b 100644
--- a/libcli/auth/netlogon_creds_cli.h
+++ b/libcli/auth/netlogon_creds_cli.h
@@ -52,6 +52,10 @@ NTSTATUS netlogon_creds_cli_context_tmp(const char *client_computer,
 				TALLOC_CTX *mem_ctx,
 				struct netlogon_creds_cli_context **_context);
 
+char *netlogon_creds_cli_debug_string(
+		const struct netlogon_creds_cli_context *context,
+		TALLOC_CTX *mem_ctx);
+
 enum dcerpc_AuthLevel netlogon_creds_cli_auth_level(
 		struct netlogon_creds_cli_context *context);
 
diff --git a/librpc/rpc/dcerpc_error.c b/librpc/rpc/dcerpc_error.c
index f386025..8af0e71 100644
--- a/librpc/rpc/dcerpc_error.c
+++ b/librpc/rpc/dcerpc_error.c
@@ -50,12 +50,10 @@ static const struct dcerpc_fault_table dcerpc_faults[] =
 	_FAULT_STR(DCERPC_NCA_S_FAULT_INT_DIV_BY_ZERO, NT_STATUS_RPC_FP_DIV_ZERO),
 	_FAULT_STR(DCERPC_NCA_S_FAULT_INT_OVERFLOW, NT_STATUS_RPC_FP_OVERFLOW),
 	/*
-	 * What's the difference between NT_STATUS_RPC_INVALID_TAG
-	 * and NT_STATUS_RPC_PROCNUM_OUT_OF_RANGE ???
-	 *
-	 * Our callers expect NT_STATUS_RPC_PROCNUM_OUT_OF_RANGE.
+	 * Our callers expect NT_STATUS_RPC_ENUM_VALUE_OUT_OF_RANGE
+	 * instead of NT_STATUS_RPC_INVALID_TAG.
 	 */
-	_FAULT_STR(DCERPC_NCA_S_FAULT_INVALID_TAG, NT_STATUS_RPC_PROCNUM_OUT_OF_RANGE),
+	_FAULT_STR(DCERPC_NCA_S_FAULT_INVALID_TAG, NT_STATUS_RPC_ENUM_VALUE_OUT_OF_RANGE),
 	_FAULT_STR(DCERPC_NCA_S_FAULT_INVALID_TAG, NT_STATUS_RPC_INVALID_TAG),
 	_FAULT_STR(DCERPC_NCA_S_FAULT_INVALID_BOUND, NT_STATUS_RPC_INVALID_BOUND),
 	_FAULT_STR(DCERPC_NCA_S_FAULT_RPC_VERSION_MISMATCH, NT_STATUS_RPC_PROTOCOL_ERROR),
diff --git a/python/pyglue.c b/python/pyglue.c
index dbe7eb4..0e80ba6 100644
--- a/python/pyglue.c
+++ b/python/pyglue.c
@@ -60,6 +60,23 @@ static PyObject *py_generate_random_password(PyObject *self, PyObject *args)
 	return ret;
 }
 
+static PyObject *py_generate_random_machine_password(PyObject *self, PyObject *args)
+{
+	int min, max;
+	PyObject *ret;
+	char *retstr;
+	if (!PyArg_ParseTuple(args, "ii", &min, &max))
+		return NULL;
+
+	retstr = generate_random_machine_password(NULL, min, max);
+	if (retstr == NULL) {
+		return NULL;
+	}
+	ret = PyUnicode_FromString(retstr);
+	talloc_free(retstr);
+	return ret;
+}
+
 static PyObject *py_unix2nttime(PyObject *self, PyObject *args)
 {
 	time_t t;
@@ -261,7 +278,14 @@ static PyMethodDef py_misc_methods[] = {
 		"Generate random string with specified length." },
 	{ "generate_random_password", (PyCFunction)py_generate_random_password,
 		METH_VARARGS, "generate_random_password(min, max) -> string\n"
-		"Generate random password with a length >= min and <= max." },
+		"Generate random password (based on printable ascii characters) "
+		"with a length >= min and <= max." },
+	{ "generate_random_machine_password", (PyCFunction)py_generate_random_machine_password,
+		METH_VARARGS, "generate_random_machine_password(min, max) -> string\n"
+		"Generate random password "
+		"(based on random utf16 characters converted to utf8 or "
+		"random ascii characters if 'unix charset' is not 'utf8')"
+		"with a length >= min (at least 14) and <= max (at most 255)." },
 	{ "unix2nttime", (PyCFunction)py_unix2nttime, METH_VARARGS,
 		"unix2nttime(timestamp) -> nttime" },
 	{ "nttime2unix", (PyCFunction)py_nttime2unix, METH_VARARGS,
diff --git a/python/samba/__init__.py b/python/samba/__init__.py
index 5f91531..19d5e38 100644
--- a/python/samba/__init__.py
+++ b/python/samba/__init__.py
@@ -396,6 +396,7 @@ nttime2string = _glue.nttime2string
 nttime2unix = _glue.nttime2unix
 unix2nttime = _glue.unix2nttime
 generate_random_password = _glue.generate_random_password
+generate_random_machine_password = _glue.generate_random_machine_password
 strcasecmp_m = _glue.strcasecmp_m
 strstr_m = _glue.strstr_m
 is_ntvfs_fileserver_built = _glue.is_ntvfs_fileserver_built
diff --git a/python/samba/join.py b/python/samba/join.py
index a50a409..98c9fa7 100644
--- a/python/samba/join.py
+++ b/python/samba/join.py
@@ -104,7 +104,7 @@ class dc_join(object):
         if machinepass is not None:
             ctx.acct_pass = machinepass
         else:
-            ctx.acct_pass = samba.generate_random_password(32, 40)
+            ctx.acct_pass = samba.generate_random_machine_password(128, 255)
 
         ctx.dnsdomain = ctx.samdb.domain_dns_name()
         if clone_only:
@@ -667,7 +667,7 @@ class dc_join(object):
                     pass
                 ctx.net.set_password(account_name=ctx.samname,
                                      domain_name=ctx.domain_name,
-                                     newpassword=ctx.acct_pass)
+                                     newpassword=ctx.acct_pass.encode('utf-8'))
 
             res = ctx.samdb.search(base=ctx.acct_dn, scope=ldb.SCOPE_BASE,
                                    attrs=["msDS-KeyVersionNumber"])
@@ -691,7 +691,7 @@ class dc_join(object):
                                                                 {"DNSDOMAIN": ctx.dnsdomain,
                                                                  "DOMAINDN": ctx.base_dn,
                                                                  "HOSTNAME" : ctx.myname,
-                                                                 "DNSPASS_B64": b64encode(ctx.dnspass),
+                                                                 "DNSPASS_B64": b64encode(ctx.dnspass.encode('utf-16-le')),
                                                                  "DNSNAME" : ctx.dnshostname}))
             for changetype, msg in recs:
                 assert changetype == ldb.CHANGETYPE_NONE
@@ -863,7 +863,7 @@ class dc_join(object):
                 repl_creds.guess(ctx.lp)
                 repl_creds.set_kerberos_state(DONT_USE_KERBEROS)
                 repl_creds.set_username(ctx.samname)
-                repl_creds.set_password(ctx.acct_pass)
+                repl_creds.set_password(ctx.acct_pass.encode('utf-8'))
             else:
                 repl_creds = ctx.creds
 
@@ -1314,7 +1314,8 @@ def join_subdomain(logger=None, server=None, creds=None, lp=None, site=None,
     ctx.domsid = security.random_sid()
     ctx.acct_dn = None


-- 
Samba Shared Repository



More information about the samba-cvs mailing list