diff options
Diffstat (limited to 'source4/librpc/idl/drsblobs.idl')
| -rw-r--r-- | source4/librpc/idl/drsblobs.idl | 97 |
1 files changed, 65 insertions, 32 deletions
diff --git a/source4/librpc/idl/drsblobs.idl b/source4/librpc/idl/drsblobs.idl index adfc010237..b0cddfcdf9 100644 --- a/source4/librpc/idl/drsblobs.idl +++ b/source4/librpc/idl/drsblobs.idl @@ -1,6 +1,6 @@ #include "idl_types.h" -import "drsuapi.idl", "misc.idl"; +import "drsuapi.idl", "misc.idl", "samr.idl"; [ uuid("12345778-1234-abcd-0001-00000001"), @@ -359,9 +359,55 @@ interface drsblobs { typedef struct { NTTIME time1; uint32 unknown1; + DATA_BLOB value; + [flag(NDR_ALIGN4)] DATA_BLOB _pad; + } trustAuthInOutSecret1; + + typedef struct { + [relative] trustAuthInOutSecret1 *value1; + [relative] trustAuthInOutSecret1 *value2; + } trustAuthInOutCtr1; + + typedef [v1_enum] enum { + TRUST_AUTH_TYPE_NONE = 0, + TRUST_AUTH_TYPE_NT4OWF = 1, + TRUST_AUTH_TYPE_CLEAR = 2, + TRUST_AUTH_TYPE_VERSION = 3 + } trustAuthType; + + typedef struct { + [value(0)] uint32 size; + } AuthInfoNone; + + typedef struct { + [value(16)] uint32 size; + samr_Password password; + } AuthInfoNT4Owf; + + typedef struct { + uint32 size; + uint8 password[size]; + } AuthInfoClear; + + typedef struct { + [value(4)] uint32 size; + uint32 version; + } AuthInfoVersion; + + typedef [nodiscriminant] union { + [case(TRUST_AUTH_TYPE_NONE)] AuthInfoNone none; + [case(TRUST_AUTH_TYPE_NT4OWF)] AuthInfoNT4Owf nt4owf; + [case(TRUST_AUTH_TYPE_CLEAR)] AuthInfoClear clear; + [case(TRUST_AUTH_TYPE_VERSION)] AuthInfoVersion version; + } AuthInfo; + + typedef struct { + NTTIME LastUpdateTime; + trustAuthType AuthType; + /* * the secret value is encoded as UTF16 if it's a string - * but krb5 trusts have random bytes here, so converting to UTF16 + * but depending the AuthType, it might also be krb5 trusts have random bytes here, so converting to UTF16 * mayfail... * * TODO: We should try handle the case of a random buffer in all places @@ -372,49 +418,36 @@ interface drsblobs { * uint32 value_len; * [charset(UTF16)] uint8 value[value_len]; */ - DATA_BLOB value; + [switch_is(AuthType)] AuthInfo AuthInfo; [flag(NDR_ALIGN4)] DATA_BLOB _pad; - } trustAuthInOutSecret1; + } AuthenticationInformation; typedef struct { - [relative] trustAuthInOutSecret1 *value1; - [relative] trustAuthInOutSecret1 *value2; - } trustAuthInOutCtr1; + AuthenticationInformation info[1]; + } AuthenticationInformation1; typedef struct { - NTTIME time1; - uint32 unknown1; - DATA_BLOB value; - NTTIME time2; - uint32 unknown2; - uint32 unknown3; - uint32 unknown4; - [flag(NDR_ALIGN4)] DATA_BLOB _pad; - } trustAuthInOutSecret2V1; + AuthenticationInformation info[2]; + } AuthenticationInformation2; typedef struct { - NTTIME time1; - uint32 unknown1; - DATA_BLOB value; - NTTIME time2; - uint32 unknown2; - uint32 unknown3; - [flag(NDR_ALIGN4)] DATA_BLOB _pad; - } trustAuthInOutSecret2V2; + [relative] AuthenticationInformation1 *current; + [relative] AuthenticationInformation1 *previous; + } AuthenticationInformationCtr1; typedef struct { - [relative] trustAuthInOutSecret2V1 *value1; - [relative] trustAuthInOutSecret2V2 *value2; - } trustAuthInOutCtr2; + [relative] AuthenticationInformation2 *current; + [relative] AuthenticationInformation2 *previous; + } AuthenticationInformationCtr2; typedef [nodiscriminant] union { - [case(1)] trustAuthInOutCtr1 ctr1; - [case(2)] trustAuthInOutCtr2 ctr2; - } trustAuthInOutCtr; + [case(1)] AuthenticationInformationCtr1 info1; + [case(2)] AuthenticationInformationCtr2 info2; + } AuthenticationInformationCtr; typedef [public] struct { - uint32 version; - [switch_is(version)] trustAuthInOutCtr ctr; + uint32 count; + [switch_is(count)] AuthenticationInformationCtr auth; } trustAuthInOutBlob; void decode_trustAuthInOut( |