[PATCH] Fix 'net ads changetrustpw'

Andreas Schneider asn at samba.org
Wed Aug 9 16:45:10 UTC 2017 

Hi,

as always, untested code is broken code. So I broke 'net ads changetrustpw' in 
Samba 4.6.

The attached patch fixes the issue and adds a tests which verifies that it is 
working.


Please review and push if OK.


Thanks,


	Andreas

-- 
Andreas Schneider                   GPG-ID: CC014E3D
Samba Team                             asn at samba.org
www.samba.org
-------------- next part --------------
>From 42774537628f1aa988d8b8fbfab7244bcef9a044 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn at samba.org>
Date: Wed, 9 Aug 2017 18:14:23 +0200
Subject: [PATCH 1/2] s3:libads: Fix changing passwords with Kerberos

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12956

Signed-off-by: Andreas Schneider <asn at samba.org>
---
 source3/libads/krb5_setpw.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/source3/libads/krb5_setpw.c b/source3/libads/krb5_setpw.c
index 630c2e46631..bc96ac603b1 100644
--- a/source3/libads/krb5_setpw.c
+++ b/source3/libads/krb5_setpw.c
@@ -251,7 +251,7 @@ static ADS_STATUS ads_krb5_chg_password(const char *kdc_host,
 	ret = krb5_set_password(context,
 				&creds,
 				discard_const_p(char, newpw),
-				princ,
+				NULL,
 				&result_code,
 				&result_code_string,
 				&result_string);
-- 
2.14.0


>From 9775240d5b63536a4df58a3bce97c21656a2b90e Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn at samba.org>
Date: Wed, 9 Aug 2017 12:14:34 +0200
Subject: [PATCH 2/2] blackbox: Add test for 'net ads changetrustpw'

BUG: BUG: https://bugzilla.samba.org/show_bug.cgi?id=12956

Signed-off-by: Andreas Schneider <asn at samba.org>
---
 testprogs/blackbox/test_net_ads.sh | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/testprogs/blackbox/test_net_ads.sh b/testprogs/blackbox/test_net_ads.sh
index 99b886f53eb..bbd99b676bd 100755
--- a/testprogs/blackbox/test_net_ads.sh
+++ b/testprogs/blackbox/test_net_ads.sh
@@ -33,6 +33,8 @@ testit "join" $VALGRIND $net_tool ads join -U$DC_USERNAME%$DC_PASSWORD || failed
 
 testit "testjoin" $VALGRIND $net_tool ads testjoin -kP || failed=`expr $failed + 1`
 
+testit "changetrustpw" $VALGRIND $net_tool ads changetrustpw || failed=`expr $failed + 1`
+
 testit "leave" $VALGRIND $net_tool ads leave -U$DC_USERNAME%$DC_PASSWORD || failed=`expr $failed + 1`
 
 # Test with kerberos method = secrets and keytab
@@ -41,6 +43,8 @@ testit "join (decicated keytab)" $VALGRIND $net_tool ads join -U$DC_USERNAME%$DC
 
 testit "testjoin (dedicated keytab)" $VALGRIND $net_tool ads testjoin -kP || failed=`expr $failed + 1`
 
+testit "changetrustpw (dedicated keytab)" $VALGRIND $net_tool ads changetrustpw || failed=`expr $failed + 1`
+
 testit "leave (dedicated keytab)" $VALGRIND $net_tool ads leave -U$DC_USERNAME%$DC_PASSWORD || failed=`expr $failed + 1`
 rm -f $dedicated_keytab_file
 
-- 
2.14.0

More information about the samba-technical mailing list