summaryrefslogtreecommitdiff
path: root/source4
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2008-09-29 21:36:21 -0700
committerAndrew Bartlett <abartlet@samba.org>2008-09-29 22:34:35 -0700
commit64195b72be6c251412500984c2a5c103e376d3c6 (patch)
tree0aafec10fcec4e7e942ca9fa04d9252159d3d403 /source4
parent15b686198120cca0aaa305edc0a5e3242b4fa869 (diff)
downloadsamba-64195b72be6c251412500984c2a5c103e376d3c6.tar.gz
samba-64195b72be6c251412500984c2a5c103e376d3c6.tar.bz2
samba-64195b72be6c251412500984c2a5c103e376d3c6.zip
Fix parsing of the trust passwords in LSA CreateTrustedDomainEx*
Diffstat (limited to 'source4')
-rw-r--r--source4/libcli/config.mk8
-rw-r--r--source4/librpc/config.mk4
-rw-r--r--source4/librpc/idl/drsblobs.idl25
-rw-r--r--source4/librpc/ndr/ndr_drsblobs.c (renamed from source4/libcli/drsblobs.c)34
-rw-r--r--source4/rpc_server/lsa/dcesrv_lsa.c8
-rw-r--r--source4/torture/rpc/lsa.c6
6 files changed, 60 insertions, 25 deletions
diff --git a/source4/libcli/config.mk b/source4/libcli/config.mk
index 2f81d7cff0..d68a2a2ce3 100644
--- a/source4/libcli/config.mk
+++ b/source4/libcli/config.mk
@@ -67,14 +67,6 @@ PUBLIC_DEPENDENCIES = LIBSAMBA-UTIL LIBCLI_NDR_NETLOGON
LIBCLI_NETLOGON_OBJ_FILES = $(addprefix $(libclinbtsrcdir)/, \
netlogon.o)
-[SUBSYSTEM::LIBCLI_DRSBLOBS]
-PUBLIC_DEPENDENCIES = LIBNDR
-
-LIBCLI_DRSBLOBS_OBJ_FILES = $(addprefix $(libclisrcdir)/, \
- drsblobs.o)
-
-$(eval $(call proto_header_template,$(libclisrcdir)/drsblobs_proto.h,$(LIBCLI_DRSBLOBS_OBJ_FILES:.o=.c)))
-
[PYTHON::python_netbios]
LIBRARY_REALNAME = samba/netbios.$(SHLIBEXT)
PUBLIC_DEPENDENCIES = LIBCLI_NBT DYNCONFIG LIBSAMBA-HOSTCONFIG
diff --git a/source4/librpc/config.mk b/source4/librpc/config.mk
index cf41f9884a..41dd17e428 100644
--- a/source4/librpc/config.mk
+++ b/source4/librpc/config.mk
@@ -144,9 +144,9 @@ PUBLIC_DEPENDENCIES = LIBNDR NDR_COMPRESSION NDR_SECURITY NDR_SAMR ASN1_UTIL
NDR_DRSUAPI_OBJ_FILES = $(gen_ndrsrcdir)/ndr_drsuapi.o $(ndrsrcdir)/ndr_drsuapi.o
[SUBSYSTEM::NDR_DRSBLOBS]
-PUBLIC_DEPENDENCIES = LIBNDR NDR_MISC NDR_DRSUAPI LIBCLI_DRSBLOBS
+PUBLIC_DEPENDENCIES = LIBNDR NDR_MISC NDR_DRSUAPI
-NDR_DRSBLOBS_OBJ_FILES = $(gen_ndrsrcdir)/ndr_drsblobs.o
+NDR_DRSBLOBS_OBJ_FILES = $(gen_ndrsrcdir)/ndr_drsblobs.o $(ndrsrcdir)/ndr_drsblobs.o
[SUBSYSTEM::NDR_SASL_HELPERS]
PUBLIC_DEPENDENCIES = LIBNDR
diff --git a/source4/librpc/idl/drsblobs.idl b/source4/librpc/idl/drsblobs.idl
index 6b1f649ff5..31fe8a359e 100644
--- a/source4/librpc/idl/drsblobs.idl
+++ b/source4/librpc/idl/drsblobs.idl
@@ -415,18 +415,27 @@ interface drsblobs {
[relative] AuthenticationInformationArray *previous;
} trustAuthInOutBlob;
- typedef [public] struct {
- uint8 confounder[512];
- trustAuthInOutBlob outgoing;
- trustAuthInOutBlob incoming;
- [value(ndr_size_trustAuthInOutBlob(&outgoing, ndr->flags))] uint32 outgoing_size;
- [value(ndr_size_trustAuthInOutBlob(&incoming, ndr->flags))] uint32 incoming_size;
- } trustAuthInAndOutBlob;
-
+ typedef [public,gensize] struct {
+ uint32 count;
+ [relative] AuthenticationInformation *current[count];
+ } trustCurrentPasswords;
+
void decode_trustAuthInOut(
[in] trustAuthInOutBlob blob
);
+ typedef [public,nopull] struct {
+ uint8 confounder[512];
+ [subcontext(0),subcontext_size(outgoing_size)] trustCurrentPasswords outgoing;
+ [subcontext(0),subcontext_size(incoming_size)] trustCurrentPasswords incoming;
+ [value(ndr_size_trustCurrentPasswords(&outgoing, ndr->flags))] uint32 outgoing_size;
+ [value(ndr_size_trustCurrentPasswords(&incoming, ndr->flags))] uint32 incoming_size;
+ } trustDomainPasswords;
+
+ void decode_trustDomainPasswords(
+ [in] trustDomainPasswords blob
+ );
+
typedef [public] struct {
uint32 marker;
DATA_BLOB data;
diff --git a/source4/libcli/drsblobs.c b/source4/librpc/ndr/ndr_drsblobs.c
index 126f2ccc40..47a6bb60c9 100644
--- a/source4/libcli/drsblobs.c
+++ b/source4/librpc/ndr/ndr_drsblobs.c
@@ -176,4 +176,38 @@ _PUBLIC_ void ndr_print_trustAuthInOutBlob(struct ndr_print *ndr, const char *na
ndr->depth--;
}
+_PUBLIC_ enum ndr_err_code ndr_pull_trustDomainPasswords(struct ndr_pull *ndr, int ndr_flags, struct trustDomainPasswords *r)
+{
+ if (ndr_flags & NDR_SCALARS) {
+ uint32_t offset;
+ NDR_PULL_ALIGN(ndr, 4);
+ NDR_PULL_NEED_BYTES(ndr, 8);
+
+ offset = ndr->offset;
+ ndr->offset = ndr->data_size - 8;
+
+ NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->outgoing_size));
+ NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->incoming_size));
+
+ ndr->offset = offset;
+ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->confounder, 512));
+ {
+ struct ndr_pull *_ndr_outgoing;
+ NDR_CHECK(ndr_pull_subcontext_start(ndr, &_ndr_outgoing, 0, r->outgoing_size));
+ NDR_CHECK(ndr_pull_trustCurrentPasswords(_ndr_outgoing, NDR_SCALARS|NDR_BUFFERS, &r->outgoing));
+ NDR_CHECK(ndr_pull_subcontext_end(ndr, _ndr_outgoing, 0, r->outgoing_size));
+ }
+ {
+ struct ndr_pull *_ndr_incoming;
+ NDR_CHECK(ndr_pull_subcontext_start(ndr, &_ndr_incoming, 0, r->incoming_size));
+ NDR_CHECK(ndr_pull_trustCurrentPasswords(_ndr_incoming, NDR_SCALARS|NDR_BUFFERS, &r->incoming));
+ NDR_CHECK(ndr_pull_subcontext_end(ndr, _ndr_incoming, 0, r->incoming_size));
+ }
+ NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->outgoing_size));
+ NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->incoming_size));
+ }
+ if (ndr_flags & NDR_BUFFERS) {
+ }
+ return NDR_ERR_SUCCESS;
+}
diff --git a/source4/rpc_server/lsa/dcesrv_lsa.c b/source4/rpc_server/lsa/dcesrv_lsa.c
index 3b70f3e934..4c3c708d4a 100644
--- a/source4/rpc_server/lsa/dcesrv_lsa.c
+++ b/source4/rpc_server/lsa/dcesrv_lsa.c
@@ -626,7 +626,7 @@ static NTSTATUS dcesrv_lsa_CreateTrustedDomain_base(struct dcesrv_call_state *dc
const char *name;
DATA_BLOB session_key = data_blob(NULL, 0);
DATA_BLOB trustAuthIncoming, trustAuthOutgoing, auth_blob;
- struct trustAuthInAndOutBlob auth_struct;
+ struct trustDomainPasswords auth_struct;
int ret;
NTSTATUS nt_status;
enum ndr_err_code ndr_err;
@@ -679,7 +679,7 @@ static NTSTATUS dcesrv_lsa_CreateTrustedDomain_base(struct dcesrv_call_state *dc
ndr_err = ndr_pull_struct_blob(&auth_blob, mem_ctx,
lp_iconv_convenience(dce_call->conn->dce_ctx->lp_ctx),
&auth_struct,
- (ndr_pull_flags_fn_t)ndr_pull_trustAuthInAndOutBlob);
+ (ndr_pull_flags_fn_t)ndr_pull_trustDomainPasswords);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
return NT_STATUS_INVALID_PARAMETER;
}
@@ -689,7 +689,7 @@ static NTSTATUS dcesrv_lsa_CreateTrustedDomain_base(struct dcesrv_call_state *dc
ndr_err = ndr_push_struct_blob(&trustAuthIncoming, mem_ctx,
lp_iconv_convenience(dce_call->conn->dce_ctx->lp_ctx),
&auth_struct.incoming,
- (ndr_push_flags_fn_t)ndr_push_trustAuthInOutBlob);
+ (ndr_push_flags_fn_t)ndr_push_trustDomainPasswords);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
return NT_STATUS_INVALID_PARAMETER;
}
@@ -701,7 +701,7 @@ static NTSTATUS dcesrv_lsa_CreateTrustedDomain_base(struct dcesrv_call_state *dc
ndr_err = ndr_push_struct_blob(&trustAuthOutgoing, mem_ctx,
lp_iconv_convenience(dce_call->conn->dce_ctx->lp_ctx),
&auth_struct.outgoing,
- (ndr_push_flags_fn_t)ndr_push_trustAuthInOutBlob);
+ (ndr_push_flags_fn_t)ndr_push_trustDomainPasswords);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
return NT_STATUS_INVALID_PARAMETER;
}
diff --git a/source4/torture/rpc/lsa.c b/source4/torture/rpc/lsa.c
index 69bf33352b..af5ee4f6e1 100644
--- a/source4/torture/rpc/lsa.c
+++ b/source4/torture/rpc/lsa.c
@@ -2077,7 +2077,7 @@ static bool test_CreateTrustedDomainEx2(struct dcerpc_pipe *p,
struct lsa_CreateTrustedDomainEx2 r;
struct lsa_TrustDomainInfoInfoEx trustinfo;
struct lsa_TrustDomainInfoAuthInfoInternal authinfo;
- struct trustAuthInAndOutBlob auth_struct;
+ struct trustDomainPasswords auth_struct;
DATA_BLOB auth_blob;
struct dom_sid *domsid[12];
struct policy_handle trustdom_handle[12];
@@ -2125,9 +2125,9 @@ static bool test_CreateTrustedDomainEx2(struct dcerpc_pipe *p,
auth_struct.incoming.count = 0;
ndr_err = ndr_push_struct_blob(&auth_blob, mem_ctx, lp_iconv_convenience(tctx->lp_ctx), &auth_struct,
- (ndr_push_flags_fn_t)ndr_push_trustAuthInAndOutBlob);
+ (ndr_push_flags_fn_t)ndr_push_trustDomainPasswords);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
- printf("ndr_push_struct_blob of trustAuthInAndOutBlob structure failed");
+ printf("ndr_push_struct_blob of trustDomainPasswords structure failed");
ret = false;
}