summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--librpc/idl/krb5pac.idl (renamed from source4/librpc/idl/krb5pac.idl)10
-rw-r--r--source3/Makefile.in2
-rw-r--r--source3/librpc/gen_ndr/krb5pac.h23
-rw-r--r--source3/librpc/gen_ndr/ndr_krb5pac.c131
-rw-r--r--source3/librpc/gen_ndr/ndr_krb5pac.h8
5 files changed, 147 insertions, 27 deletions
diff --git a/source4/librpc/idl/krb5pac.idl b/librpc/idl/krb5pac.idl
index bddba04165..a498b795f8 100644
--- a/source4/librpc/idl/krb5pac.idl
+++ b/librpc/idl/krb5pac.idl
@@ -29,7 +29,7 @@ interface krb5pac
netr_SamInfo3 info3;
dom_sid2 *res_group_dom_sid;
samr_RidWithAttributeArray res_groups;
- } PAC_LOGON_INFO;
+ } PAC_LOGON_INFO;
typedef struct {
[value(2*strlen_m(upn_name))] uint16 upn_size;
@@ -46,7 +46,7 @@ interface krb5pac
typedef [public] struct {
PAC_LOGON_INFO *info;
- } PAC_LOGON_INFO_CTR;
+ } PAC_LOGON_INFO_CTR;
typedef [public,v1_enum] enum {
PAC_TYPE_LOGON_INFO = 1,
@@ -126,5 +126,9 @@ interface krb5pac
[in] PAC_Validate pac_validate
);
-
+ /* used for samba3 netsamlogon cache */
+ typedef [public] struct {
+ time_t timestamp;
+ netr_SamInfo3 info3;
+ } netsamlogoncache_entry;
}
diff --git a/source3/Makefile.in b/source3/Makefile.in
index bb81dd2f70..6fe26d3d1b 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -1213,7 +1213,7 @@ samba3-idl::
../librpc/idl/eventlog.idl ../librpc/idl/wkssvc.idl librpc/idl/netlogon.idl \
../librpc/idl/notify.idl ../librpc/idl/epmapper.idl librpc/idl/messaging.idl \
../librpc/idl/xattr.idl ../librpc/idl/misc.idl librpc/idl/samr.idl \
- ../librpc/idl/security.idl ../librpc/idl/dssetup.idl librpc/idl/krb5pac.idl \
+ ../librpc/idl/security.idl ../librpc/idl/dssetup.idl ../librpc/idl/krb5pac.idl \
../librpc/idl/ntsvcs.idl librpc/idl/libnetapi.idl ../librpc/idl/drsuapi.idl \
../librpc/idl/drsblobs.idl ../librpc/idl/nbt.idl
diff --git a/source3/librpc/gen_ndr/krb5pac.h b/source3/librpc/gen_ndr/krb5pac.h
index b3b29e5b2f..7ec3e95d70 100644
--- a/source3/librpc/gen_ndr/krb5pac.h
+++ b/source3/librpc/gen_ndr/krb5pac.h
@@ -8,6 +8,7 @@
#ifndef _HEADER_krb5pac
#define _HEADER_krb5pac
+#define NETLOGON_GENERIC_KRB5_PAC_VALIDATE ( 3 )
struct PAC_LOGON_NAME {
NTTIME logon_time;
uint16_t size;/* [value(2*strlen_m(account_name))] */
@@ -39,10 +40,6 @@ struct PAC_UNKNOWN_12 {
};
struct PAC_LOGON_INFO_CTR {
- uint32_t unknown1;/* [value(0x00081001)] */
- uint32_t unknown2;/* [value(0xCCCCCCCC)] */
- uint32_t _ndr_size;/* [value(NDR_ROUND(ndr_size_PAC_LOGON_INFO(info,ndr->flags)+4,8))] */
- uint32_t unknown3;/* [value(0x00000000)] */
struct PAC_LOGON_INFO *info;/* [unique] */
}/* [public] */;
@@ -72,7 +69,7 @@ struct DATA_BLOB_REM {
};
union PAC_INFO {
- struct PAC_LOGON_INFO_CTR logon_info;/* [case(PAC_TYPE_LOGON_INFO)] */
+ struct PAC_LOGON_INFO_CTR logon_info;/* [subcontext(0xFFFFFC01),case(PAC_TYPE_LOGON_INFO)] */
struct PAC_SIGNATURE_DATA srv_cksum;/* [case(PAC_TYPE_SRV_CHECKSUM)] */
struct PAC_SIGNATURE_DATA kdc_cksum;/* [case(PAC_TYPE_KDC_CHECKSUM)] */
struct PAC_LOGON_NAME logon_name;/* [case(PAC_TYPE_LOGON_NAME)] */
@@ -105,6 +102,14 @@ struct PAC_DATA_RAW {
struct PAC_BUFFER_RAW *buffers;
}/* [public] */;
+struct PAC_Validate {
+ uint32_t MessageType;/* [value(NETLOGON_GENERIC_KRB5_PAC_VALIDATE)] */
+ uint32_t ChecksumLength;
+ int32_t SignatureType;
+ uint32_t SignatureLength;
+ DATA_BLOB ChecksumAndSignature;/* [flag(LIBNDR_FLAG_REMAINING)] */
+}/* [public] */;
+
struct netsamlogoncache_entry {
time_t timestamp;
struct netr_SamInfo3 info3;
@@ -134,4 +139,12 @@ struct decode_login_info {
};
+
+struct decode_pac_validate {
+ struct {
+ struct PAC_Validate pac_validate;
+ } in;
+
+};
+
#endif /* _HEADER_krb5pac */
diff --git a/source3/librpc/gen_ndr/ndr_krb5pac.c b/source3/librpc/gen_ndr/ndr_krb5pac.c
index 6e06f90a68..f9e93e5210 100644
--- a/source3/librpc/gen_ndr/ndr_krb5pac.c
+++ b/source3/librpc/gen_ndr/ndr_krb5pac.c
@@ -170,10 +170,6 @@ _PUBLIC_ enum ndr_err_code ndr_push_PAC_LOGON_INFO_CTR(struct ndr_push *ndr, int
{
if (ndr_flags & NDR_SCALARS) {
NDR_CHECK(ndr_push_align(ndr, 4));
- NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, 0x00081001));
- NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, 0xCCCCCCCC));
- NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, NDR_ROUND(ndr_size_PAC_LOGON_INFO(r->info, ndr->flags) + 4, 8)));
- NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, 0x00000000));
NDR_CHECK(ndr_push_unique_ptr(ndr, r->info));
}
if (ndr_flags & NDR_BUFFERS) {
@@ -190,10 +186,6 @@ _PUBLIC_ enum ndr_err_code ndr_pull_PAC_LOGON_INFO_CTR(struct ndr_pull *ndr, int
TALLOC_CTX *_mem_save_info_0;
if (ndr_flags & NDR_SCALARS) {
NDR_CHECK(ndr_pull_align(ndr, 4));
- NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->unknown1));
- NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->unknown2));
- NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->_ndr_size));
- NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->unknown3));
NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info));
if (_ptr_info) {
NDR_PULL_ALLOC(ndr, r->info);
@@ -216,10 +208,6 @@ _PUBLIC_ void ndr_print_PAC_LOGON_INFO_CTR(struct ndr_print *ndr, const char *na
{
ndr_print_struct(ndr, name, "PAC_LOGON_INFO_CTR");
ndr->depth++;
- ndr_print_uint32(ndr, "unknown1", (ndr->flags & LIBNDR_PRINT_SET_VALUES)?0x00081001:r->unknown1);
- ndr_print_uint32(ndr, "unknown2", (ndr->flags & LIBNDR_PRINT_SET_VALUES)?0xCCCCCCCC:r->unknown2);
- ndr_print_uint32(ndr, "_ndr_size", (ndr->flags & LIBNDR_PRINT_SET_VALUES)?NDR_ROUND(ndr_size_PAC_LOGON_INFO(r->info, ndr->flags) + 4, 8):r->_ndr_size);
- ndr_print_uint32(ndr, "unknown3", (ndr->flags & LIBNDR_PRINT_SET_VALUES)?0x00000000:r->unknown3);
ndr_print_ptr(ndr, "info", r->info);
ndr->depth++;
if (r->info) {
@@ -304,7 +292,12 @@ _PUBLIC_ enum ndr_err_code ndr_push_PAC_INFO(struct ndr_push *ndr, int ndr_flags
int level = ndr_push_get_switch_value(ndr, r);
switch (level) {
case PAC_TYPE_LOGON_INFO: {
- NDR_CHECK(ndr_push_PAC_LOGON_INFO_CTR(ndr, NDR_SCALARS, &r->logon_info));
+ {
+ struct ndr_push *_ndr_logon_info;
+ NDR_CHECK(ndr_push_subcontext_start(ndr, &_ndr_logon_info, 0xFFFFFC01, -1));
+ NDR_CHECK(ndr_push_PAC_LOGON_INFO_CTR(_ndr_logon_info, NDR_SCALARS|NDR_BUFFERS, &r->logon_info));
+ NDR_CHECK(ndr_push_subcontext_end(ndr, _ndr_logon_info, 0xFFFFFC01, -1));
+ }
break; }
case PAC_TYPE_SRV_CHECKSUM: {
@@ -334,7 +327,6 @@ _PUBLIC_ enum ndr_err_code ndr_push_PAC_INFO(struct ndr_push *ndr, int ndr_flags
int level = ndr_push_get_switch_value(ndr, r);
switch (level) {
case PAC_TYPE_LOGON_INFO:
- NDR_CHECK(ndr_push_PAC_LOGON_INFO_CTR(ndr, NDR_BUFFERS, &r->logon_info));
break;
case PAC_TYPE_SRV_CHECKSUM:
@@ -361,7 +353,12 @@ _PUBLIC_ enum ndr_err_code ndr_pull_PAC_INFO(struct ndr_pull *ndr, int ndr_flags
if (ndr_flags & NDR_SCALARS) {
switch (level) {
case PAC_TYPE_LOGON_INFO: {
- NDR_CHECK(ndr_pull_PAC_LOGON_INFO_CTR(ndr, NDR_SCALARS, &r->logon_info));
+ {
+ struct ndr_pull *_ndr_logon_info;
+ NDR_CHECK(ndr_pull_subcontext_start(ndr, &_ndr_logon_info, 0xFFFFFC01, -1));
+ NDR_CHECK(ndr_pull_PAC_LOGON_INFO_CTR(_ndr_logon_info, NDR_SCALARS|NDR_BUFFERS, &r->logon_info));
+ NDR_CHECK(ndr_pull_subcontext_end(ndr, _ndr_logon_info, 0xFFFFFC01, -1));
+ }
break; }
case PAC_TYPE_SRV_CHECKSUM: {
@@ -390,7 +387,6 @@ _PUBLIC_ enum ndr_err_code ndr_pull_PAC_INFO(struct ndr_pull *ndr, int ndr_flags
if (ndr_flags & NDR_BUFFERS) {
switch (level) {
case PAC_TYPE_LOGON_INFO:
- NDR_CHECK(ndr_pull_PAC_LOGON_INFO_CTR(ndr, NDR_BUFFERS, &r->logon_info));
break;
case PAC_TYPE_SRV_CHECKSUM:
@@ -672,6 +668,58 @@ _PUBLIC_ void ndr_print_PAC_DATA_RAW(struct ndr_print *ndr, const char *name, co
ndr->depth--;
}
+_PUBLIC_ enum ndr_err_code ndr_push_PAC_Validate(struct ndr_push *ndr, int ndr_flags, const struct PAC_Validate *r)
+{
+ if (ndr_flags & NDR_SCALARS) {
+ NDR_CHECK(ndr_push_align(ndr, 4));
+ NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, NETLOGON_GENERIC_KRB5_PAC_VALIDATE));
+ NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->ChecksumLength));
+ NDR_CHECK(ndr_push_int32(ndr, NDR_SCALARS, r->SignatureType));
+ NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->SignatureLength));
+ {
+ uint32_t _flags_save_DATA_BLOB = ndr->flags;
+ ndr_set_flags(&ndr->flags, LIBNDR_FLAG_REMAINING);
+ NDR_CHECK(ndr_push_DATA_BLOB(ndr, NDR_SCALARS, r->ChecksumAndSignature));
+ ndr->flags = _flags_save_DATA_BLOB;
+ }
+ }
+ if (ndr_flags & NDR_BUFFERS) {
+ }
+ return NDR_ERR_SUCCESS;
+}
+
+_PUBLIC_ enum ndr_err_code ndr_pull_PAC_Validate(struct ndr_pull *ndr, int ndr_flags, struct PAC_Validate *r)
+{
+ if (ndr_flags & NDR_SCALARS) {
+ NDR_CHECK(ndr_pull_align(ndr, 4));
+ NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->MessageType));
+ NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->ChecksumLength));
+ NDR_CHECK(ndr_pull_int32(ndr, NDR_SCALARS, &r->SignatureType));
+ NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->SignatureLength));
+ {
+ uint32_t _flags_save_DATA_BLOB = ndr->flags;
+ ndr_set_flags(&ndr->flags, LIBNDR_FLAG_REMAINING);
+ NDR_CHECK(ndr_pull_DATA_BLOB(ndr, NDR_SCALARS, &r->ChecksumAndSignature));
+ ndr->flags = _flags_save_DATA_BLOB;
+ }
+ }
+ if (ndr_flags & NDR_BUFFERS) {
+ }
+ return NDR_ERR_SUCCESS;
+}
+
+_PUBLIC_ void ndr_print_PAC_Validate(struct ndr_print *ndr, const char *name, const struct PAC_Validate *r)
+{
+ ndr_print_struct(ndr, name, "PAC_Validate");
+ ndr->depth++;
+ ndr_print_uint32(ndr, "MessageType", (ndr->flags & LIBNDR_PRINT_SET_VALUES)?NETLOGON_GENERIC_KRB5_PAC_VALIDATE:r->MessageType);
+ ndr_print_uint32(ndr, "ChecksumLength", r->ChecksumLength);
+ ndr_print_int32(ndr, "SignatureType", r->SignatureType);
+ ndr_print_uint32(ndr, "SignatureLength", r->SignatureLength);
+ ndr_print_DATA_BLOB(ndr, "ChecksumAndSignature", r->ChecksumAndSignature);
+ ndr->depth--;
+}
+
_PUBLIC_ enum ndr_err_code ndr_push_netsamlogoncache_entry(struct ndr_push *ndr, int ndr_flags, const struct netsamlogoncache_entry *r)
{
if (ndr_flags & NDR_SCALARS) {
@@ -830,6 +878,47 @@ _PUBLIC_ void ndr_print_decode_login_info(struct ndr_print *ndr, const char *nam
ndr->depth--;
}
+static enum ndr_err_code ndr_push_decode_pac_validate(struct ndr_push *ndr, int flags, const struct decode_pac_validate *r)
+{
+ if (flags & NDR_IN) {
+ NDR_CHECK(ndr_push_PAC_Validate(ndr, NDR_SCALARS, &r->in.pac_validate));
+ }
+ if (flags & NDR_OUT) {
+ }
+ return NDR_ERR_SUCCESS;
+}
+
+static enum ndr_err_code ndr_pull_decode_pac_validate(struct ndr_pull *ndr, int flags, struct decode_pac_validate *r)
+{
+ if (flags & NDR_IN) {
+ NDR_CHECK(ndr_pull_PAC_Validate(ndr, NDR_SCALARS, &r->in.pac_validate));
+ }
+ if (flags & NDR_OUT) {
+ }
+ return NDR_ERR_SUCCESS;
+}
+
+_PUBLIC_ void ndr_print_decode_pac_validate(struct ndr_print *ndr, const char *name, int flags, const struct decode_pac_validate *r)
+{
+ ndr_print_struct(ndr, name, "decode_pac_validate");
+ ndr->depth++;
+ if (flags & NDR_SET_VALUES) {
+ ndr->flags |= LIBNDR_PRINT_SET_VALUES;
+ }
+ if (flags & NDR_IN) {
+ ndr_print_struct(ndr, "in", "decode_pac_validate");
+ ndr->depth++;
+ ndr_print_PAC_Validate(ndr, "pac_validate", &r->in.pac_validate);
+ ndr->depth--;
+ }
+ if (flags & NDR_OUT) {
+ ndr_print_struct(ndr, "out", "decode_pac_validate");
+ ndr->depth++;
+ ndr->depth--;
+ }
+ ndr->depth--;
+}
+
static const struct ndr_interface_call krb5pac_calls[] = {
{
"decode_pac",
@@ -855,6 +944,14 @@ static const struct ndr_interface_call krb5pac_calls[] = {
(ndr_print_function_t) ndr_print_decode_login_info,
false,
},
+ {
+ "decode_pac_validate",
+ sizeof(struct decode_pac_validate),
+ (ndr_push_flags_fn_t) ndr_push_decode_pac_validate,
+ (ndr_pull_flags_fn_t) ndr_pull_decode_pac_validate,
+ (ndr_print_function_t) ndr_print_decode_pac_validate,
+ false,
+ },
{ NULL, 0, NULL, NULL, NULL, false }
};
@@ -884,7 +981,7 @@ const struct ndr_interface_table ndr_table_krb5pac = {
NDR_KRB5PAC_VERSION
},
.helpstring = NDR_KRB5PAC_HELPSTRING,
- .num_calls = 3,
+ .num_calls = 4,
.calls = krb5pac_calls,
.endpoints = &krb5pac_endpoints,
.authservices = &krb5pac_authservices
diff --git a/source3/librpc/gen_ndr/ndr_krb5pac.h b/source3/librpc/gen_ndr/ndr_krb5pac.h
index 7f03106879..bf09e3fad5 100644
--- a/source3/librpc/gen_ndr/ndr_krb5pac.h
+++ b/source3/librpc/gen_ndr/ndr_krb5pac.h
@@ -17,7 +17,9 @@ extern const struct ndr_interface_table ndr_table_krb5pac;
#define NDR_DECODE_LOGIN_INFO (0x02)
-#define NDR_KRB5PAC_CALL_COUNT (3)
+#define NDR_DECODE_PAC_VALIDATE (0x03)
+
+#define NDR_KRB5PAC_CALL_COUNT (4)
void ndr_print_PAC_LOGON_NAME(struct ndr_print *ndr, const char *name, const struct PAC_LOGON_NAME *r);
enum ndr_err_code ndr_push_PAC_SIGNATURE_DATA(struct ndr_push *ndr, int ndr_flags, const struct PAC_SIGNATURE_DATA *r);
enum ndr_err_code ndr_pull_PAC_SIGNATURE_DATA(struct ndr_pull *ndr, int ndr_flags, struct PAC_SIGNATURE_DATA *r);
@@ -46,10 +48,14 @@ void ndr_print_PAC_BUFFER_RAW(struct ndr_print *ndr, const char *name, const str
enum ndr_err_code ndr_push_PAC_DATA_RAW(struct ndr_push *ndr, int ndr_flags, const struct PAC_DATA_RAW *r);
enum ndr_err_code ndr_pull_PAC_DATA_RAW(struct ndr_pull *ndr, int ndr_flags, struct PAC_DATA_RAW *r);
void ndr_print_PAC_DATA_RAW(struct ndr_print *ndr, const char *name, const struct PAC_DATA_RAW *r);
+enum ndr_err_code ndr_push_PAC_Validate(struct ndr_push *ndr, int ndr_flags, const struct PAC_Validate *r);
+enum ndr_err_code ndr_pull_PAC_Validate(struct ndr_pull *ndr, int ndr_flags, struct PAC_Validate *r);
+void ndr_print_PAC_Validate(struct ndr_print *ndr, const char *name, const struct PAC_Validate *r);
enum ndr_err_code ndr_push_netsamlogoncache_entry(struct ndr_push *ndr, int ndr_flags, const struct netsamlogoncache_entry *r);
enum ndr_err_code ndr_pull_netsamlogoncache_entry(struct ndr_pull *ndr, int ndr_flags, struct netsamlogoncache_entry *r);
void ndr_print_netsamlogoncache_entry(struct ndr_print *ndr, const char *name, const struct netsamlogoncache_entry *r);
void ndr_print_decode_pac(struct ndr_print *ndr, const char *name, int flags, const struct decode_pac *r);
void ndr_print_decode_pac_raw(struct ndr_print *ndr, const char *name, int flags, const struct decode_pac_raw *r);
void ndr_print_decode_login_info(struct ndr_print *ndr, const char *name, int flags, const struct decode_login_info *r);
+void ndr_print_decode_pac_validate(struct ndr_print *ndr, const char *name, int flags, const struct decode_pac_validate *r);
#endif /* _HEADER_NDR_krb5pac */