diff options
author | Andrew Tridgell <tridge@samba.org> | 2004-06-14 11:33:28 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 12:56:40 -0500 |
commit | 19f3bfc0ac317cfd3320187d957972ab3fbd3cad (patch) | |
tree | 8aef882682cf56d401c3df4aa30c8842eb570f0b | |
parent | a384d2f1a1d54ba25e2a78006e260c99bd7362f4 (diff) | |
download | samba-19f3bfc0ac317cfd3320187d957972ab3fbd3cad.tar.gz samba-19f3bfc0ac317cfd3320187d957972ab3fbd3cad.tar.bz2 samba-19f3bfc0ac317cfd3320187d957972ab3fbd3cad.zip |
r1140: added IDL and test code for validation level 6 in sam logon
(This used to be commit c8541098436d2cd83538375889560405ecb50034)
-rw-r--r-- | source4/librpc/idl/netlogon.idl | 56 | ||||
-rw-r--r-- | source4/torture/rpc/netlogon.c | 19 |
2 files changed, 54 insertions, 21 deletions
diff --git a/source4/librpc/idl/netlogon.idl b/source4/librpc/idl/netlogon.idl index 9e695aafc6..844bc7ec83 100644 --- a/source4/librpc/idl/netlogon.idl +++ b/source4/librpc/idl/netlogon.idl @@ -171,13 +171,7 @@ interface netlogon dom_sid2 *domain_sid; netr_LMSessionKey LMSessKey; uint32 AccountControl; - uint32 unknown1; - uint32 unknown2; - uint32 unknown3; - uint32 unknown4; - uint32 unknown5; - uint32 unknown6; - uint32 unknown7; + uint32 unknown[7]; } netr_SamInfo2; typedef struct { @@ -211,17 +205,46 @@ interface netlogon dom_sid2 *domain_sid; netr_LMSessionKey LMSessKey; uint32 AccountControl; - uint32 unknown1; - uint32 unknown2; - uint32 unknown3; - uint32 unknown4; - uint32 unknown5; - uint32 unknown6; - uint32 unknown7; + uint32 unknown[7]; uint32 sidcount; [size_is(sidcount)] netr_SidAttr *sids; } netr_SamInfo3; + + typedef struct { + NTTIME last_logon; + NTTIME last_logoff; + NTTIME acct_expiry; + NTTIME last_password_change; + NTTIME allow_password_change; + NTTIME force_password_change; + netr_String account_name; + netr_String full_name; + netr_String logon_script; + netr_String profile_path; + netr_String home_directory; + netr_String home_drive; + uint16 logon_count; + uint16 bad_password_count; + uint32 rid; + uint32 primary_gid; + uint32 group_count; + [size_is(group_count)] netr_GroupMembership *groupids; + uint32 acct_flags; + netr_UserSessionKey key; + netr_String logon_server; + netr_String domain; + dom_sid2 *domain_sid; + netr_LMSessionKey LMSessKey; + uint32 AccountControl; + uint32 unknown1[9]; + netr_String forest; + netr_String principle; + uint32 unknown4[18]; + uint32 sidcount; + [size_is(sidcount)] netr_SidAttr *sids; + } netr_SamInfo6; + typedef struct { uint32 pac_size; [size_is(pac_size)] uint8 *pac; @@ -239,10 +262,11 @@ interface netlogon } netr_PacInfo; typedef union { - [case(2)] netr_SamInfo2 *sam2; + [case(2)] netr_SamInfo2 *sam2; [case(3)] netr_SamInfo3 *sam3; [case(4)] netr_PacInfo *pac; - [case(5)] netr_PacInfo *pac2; + [case(5)] netr_PacInfo *pac; + [case(6)] netr_SamInfo6 *sam6; } netr_Validation; NTSTATUS netr_LogonSamLogon( diff --git a/source4/torture/rpc/netlogon.c b/source4/torture/rpc/netlogon.c index 2505868af6..55d60871b6 100644 --- a/source4/torture/rpc/netlogon.c +++ b/source4/torture/rpc/netlogon.c @@ -421,14 +421,22 @@ static NTSTATUS check_samlogon(struct samlogon_state *samlogon_state, if (lm_key) { memcpy(lm_key, r->out.validation.sam3->LMSessKey.key, 8); + } + } else if (r->in.validation_level == 6) { + /* they aren't encrypted! */ + if (user_session_key) { + memcpy(user_session_key, r->out.validation.sam6->key.key, 16); + } + if (lm_key) { + memcpy(lm_key, r->out.validation.sam6->LMSessKey.key, 8); } - } } return status; } + /* * Test the normal 'LM and NTLM' combination */ @@ -888,7 +896,7 @@ static BOOL test_SamLogon(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx) { int i, j; BOOL ret = True; - + int validation_levels[] = {2,3,6}; struct samlogon_state samlogon_state; samlogon_state.mem_ctx = mem_ctx; @@ -918,11 +926,12 @@ static BOOL test_SamLogon(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx) samlogon_state.r.in.credential = &samlogon_state.auth; samlogon_state.r.in.return_authenticator = &samlogon_state.auth2; - for (i=2;i<=3;i++) { - samlogon_state.r.in.validation_level = i; + for (i=0;i<ARRAY_SIZE(validation_levels);i++) { + samlogon_state.r.in.validation_level = validation_levels[i]; for (j=0; test_table[j].fn; j++) { char *error_string = NULL; - printf("Testing SamLogon with '%s' at validation level %d\n", test_table[j].name, i); + printf("Testing SamLogon with '%s' at validation level %d\n", + test_table[j].name, validation_levels[i]); if (!test_table[j].fn(&samlogon_state, &error_string)) { if (test_table[j].expect_fail) { |