[PATCH] Fix 'net ads changetrustpw'
Andreas Schneider
asn at samba.org
Wed Aug 9 16:45:10 UTC 2017
Hi,
as always, untested code is broken code. So I broke 'net ads changetrustpw' in
Samba 4.6.
The attached patch fixes the issue and adds a tests which verifies that it is
working.
Please review and push if OK.
Thanks,
Andreas
--
Andreas Schneider GPG-ID: CC014E3D
Samba Team asn at samba.org
www.samba.org
-------------- next part --------------
>From 42774537628f1aa988d8b8fbfab7244bcef9a044 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn at samba.org>
Date: Wed, 9 Aug 2017 18:14:23 +0200
Subject: [PATCH 1/2] s3:libads: Fix changing passwords with Kerberos
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12956
Signed-off-by: Andreas Schneider <asn at samba.org>
---
source3/libads/krb5_setpw.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/source3/libads/krb5_setpw.c b/source3/libads/krb5_setpw.c
index 630c2e46631..bc96ac603b1 100644
--- a/source3/libads/krb5_setpw.c
+++ b/source3/libads/krb5_setpw.c
@@ -251,7 +251,7 @@ static ADS_STATUS ads_krb5_chg_password(const char *kdc_host,
ret = krb5_set_password(context,
&creds,
discard_const_p(char, newpw),
- princ,
+ NULL,
&result_code,
&result_code_string,
&result_string);
--
2.14.0
>From 9775240d5b63536a4df58a3bce97c21656a2b90e Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn at samba.org>
Date: Wed, 9 Aug 2017 12:14:34 +0200
Subject: [PATCH 2/2] blackbox: Add test for 'net ads changetrustpw'
BUG: BUG: https://bugzilla.samba.org/show_bug.cgi?id=12956
Signed-off-by: Andreas Schneider <asn at samba.org>
---
testprogs/blackbox/test_net_ads.sh | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/testprogs/blackbox/test_net_ads.sh b/testprogs/blackbox/test_net_ads.sh
index 99b886f53eb..bbd99b676bd 100755
--- a/testprogs/blackbox/test_net_ads.sh
+++ b/testprogs/blackbox/test_net_ads.sh
@@ -33,6 +33,8 @@ testit "join" $VALGRIND $net_tool ads join -U$DC_USERNAME%$DC_PASSWORD || failed
testit "testjoin" $VALGRIND $net_tool ads testjoin -kP || failed=`expr $failed + 1`
+testit "changetrustpw" $VALGRIND $net_tool ads changetrustpw || failed=`expr $failed + 1`
+
testit "leave" $VALGRIND $net_tool ads leave -U$DC_USERNAME%$DC_PASSWORD || failed=`expr $failed + 1`
# Test with kerberos method = secrets and keytab
@@ -41,6 +43,8 @@ testit "join (decicated keytab)" $VALGRIND $net_tool ads join -U$DC_USERNAME%$DC
testit "testjoin (dedicated keytab)" $VALGRIND $net_tool ads testjoin -kP || failed=`expr $failed + 1`
+testit "changetrustpw (dedicated keytab)" $VALGRIND $net_tool ads changetrustpw || failed=`expr $failed + 1`
+
testit "leave (dedicated keytab)" $VALGRIND $net_tool ads leave -U$DC_USERNAME%$DC_PASSWORD || failed=`expr $failed + 1`
rm -f $dedicated_keytab_file
--
2.14.0
More information about the samba-technical
mailing list