summaryrefslogtreecommitdiff
path: root/source4/librpc/idl
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2008-08-29 15:06:30 +1000
committerAndrew Bartlett <abartlet@samba.org>2008-08-29 15:06:30 +1000
commit81dcc99e9acb9a7e4c2358e5e44998e4718dc658 (patch)
treeb8a78b33cce3dd118304d2deeb387ca51c948ab1 /source4/librpc/idl
parentbfec8985cfef462dd58503138f7c25caefc24332 (diff)
downloadsamba-81dcc99e9acb9a7e4c2358e5e44998e4718dc658.tar.gz
samba-81dcc99e9acb9a7e4c2358e5e44998e4718dc658.tar.bz2
samba-81dcc99e9acb9a7e4c2358e5e44998e4718dc658.zip
It turns out that the Netlogon PAC verification is encrypted.
This test now passes against Win2k3, and a implementation in the Samba4 server should follow shortly. Andrew Bartlett (This used to be commit c6b8ba893dd3ed90bca32c0ae89fd33be729c238)
Diffstat (limited to 'source4/librpc/idl')
-rw-r--r--source4/librpc/idl/krb5pac.idl4
-rw-r--r--source4/librpc/idl/netlogon.idl7
2 files changed, 9 insertions, 2 deletions
diff --git a/source4/librpc/idl/krb5pac.idl b/source4/librpc/idl/krb5pac.idl
index 699f0b896b..dcee280150 100644
--- a/source4/librpc/idl/krb5pac.idl
+++ b/source4/librpc/idl/krb5pac.idl
@@ -100,8 +100,10 @@ interface krb5pac
PAC_BUFFER_RAW buffers[num_buffers];
} PAC_DATA_RAW;
+ const int NETLOGON_GENERIC_KRB5_PAC_VALIDATE = 3;
+
typedef [public] struct {
- uint32 MessageType;
+ [value(NETLOGON_GENERIC_KRB5_PAC_VALIDATE)] uint32 MessageType;
uint32 ChecksumLength;
uint32 SignatureType;
uint32 SignatureLength;
diff --git a/source4/librpc/idl/netlogon.idl b/source4/librpc/idl/netlogon.idl
index 006411dfbf..2298106851 100644
--- a/source4/librpc/idl/netlogon.idl
+++ b/source4/librpc/idl/netlogon.idl
@@ -240,6 +240,11 @@ interface netlogon
lsa_String unknown4;
} netr_PacInfo;
+ typedef [flag(NDR_PAHEX)] struct {
+ uint32 length;
+ [size_is(length)] uint8 *data;
+ } netr_GenericInfo2;
+
typedef enum {
NetlogonValidationUasInfo = 1,
NetlogonValidationSamInfo = 2,
@@ -252,7 +257,7 @@ interface netlogon
[case(NetlogonValidationSamInfo)] netr_SamInfo2 *sam2;
[case(NetlogonValidationSamInfo2)] netr_SamInfo3 *sam3;
[case(4)] netr_PacInfo *pac;
- [case(NetlogonValidationGenericInfo2)] netr_PacInfo *pac;
+ [case(NetlogonValidationGenericInfo2)] netr_GenericInfo2 *generic;
[case(NetlogonValidationSamInfo4)] netr_SamInfo6 *sam6;
} netr_Validation;