summaryrefslogtreecommitdiff
path: root/source4/librpc/idl
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2008-09-03 15:30:17 +1000
committerAndrew Bartlett <abartlet@samba.org>2008-09-03 15:30:17 +1000
commita35263e1ab81cac7855158012157769e3e9000f7 (patch)
treee0130c48ed4b58f0544d875d094272e5a58d2e3a /source4/librpc/idl
parentbaf0b360812dc8532f9420e224bf3ee3a51fb04a (diff)
downloadsamba-a35263e1ab81cac7855158012157769e3e9000f7.tar.gz
samba-a35263e1ab81cac7855158012157769e3e9000f7.tar.bz2
samba-a35263e1ab81cac7855158012157769e3e9000f7.zip
Implement NETLOGON PAC verfication on the server-side
This is implemented by means of a message to the KDC, to avoid having to link most of the KDC into netlogon. Andrew Bartlett (This used to be commit 82fcd7941f5c54da2d994c8bd99dd8d86299a296)
Diffstat (limited to 'source4/librpc/idl')
-rw-r--r--source4/librpc/idl/irpc.idl17
-rw-r--r--source4/librpc/idl/krb5pac.idl2
2 files changed, 18 insertions, 1 deletions
diff --git a/source4/librpc/idl/irpc.idl b/source4/librpc/idl/irpc.idl
index 2c659aa785..e3ea7e55e1 100644
--- a/source4/librpc/idl/irpc.idl
+++ b/source4/librpc/idl/irpc.idl
@@ -52,6 +52,9 @@ import "misc.idl", "security.idl", "nbt.idl";
[out,switch_is(level)] nbtd_info info
);
+ /* Send a GetDCName from the privilaged port (owned by nbtd),
+ * and await a reply */
+
void nbtd_getdcname(
[in] astring domainname,
[in] astring ip_address,
@@ -78,6 +81,20 @@ import "misc.idl", "security.idl", "nbt.idl";
[in] nbtd_proxy_wins_addr addrs[num_addrs]
);
+ /*
+ Generic Kerberos package call (on the NETLOGON pipe, as a SamLogon)
+
+ The normal use for this call is to check the PAC signature in the KDC
+
+ The KDC has the routines to check this, so it is easier to
+ proxy the request over by IRPC than set up the environment
+ */
+
+ void kdc_check_generic_kerberos(
+ [in] DATA_BLOB generic_request,
+ [out] DATA_BLOB generic_reply
+ );
+
/******************************************************
management calls for the smb server
******************************************************/
diff --git a/source4/librpc/idl/krb5pac.idl b/source4/librpc/idl/krb5pac.idl
index dcee280150..bddba04165 100644
--- a/source4/librpc/idl/krb5pac.idl
+++ b/source4/librpc/idl/krb5pac.idl
@@ -105,7 +105,7 @@ interface krb5pac
typedef [public] struct {
[value(NETLOGON_GENERIC_KRB5_PAC_VALIDATE)] uint32 MessageType;
uint32 ChecksumLength;
- uint32 SignatureType;
+ int32 SignatureType;
uint32 SignatureLength;
[flag(NDR_REMAINING)] DATA_BLOB ChecksumAndSignature;
} PAC_Validate;