diff options
Diffstat (limited to 'source4')
-rw-r--r-- | source4/libcli/util/nterr.c | 1 | ||||
-rw-r--r-- | source4/libcli/util/ntstatus.h | 1 | ||||
-rw-r--r-- | source4/librpc/idl/netlogon.idl | 47 | ||||
-rw-r--r-- | source4/rpc_server/netlogon/dcerpc_netlogon.c | 18 |
4 files changed, 48 insertions, 19 deletions
diff --git a/source4/libcli/util/nterr.c b/source4/libcli/util/nterr.c index 7629a14106..ef4055adaa 100644 --- a/source4/libcli/util/nterr.c +++ b/source4/libcli/util/nterr.c @@ -546,6 +546,7 @@ static const nt_err_code_struct nt_errs[] = { "NT_STATUS_RPC_PROTSEQ_NOT_SUPPORTED", NT_STATUS_RPC_PROTSEQ_NOT_SUPPORTED }, { "NT_STATUS_RPC_UNSUPPORTED_NAME_SYNTAX", NT_STATUS_RPC_UNSUPPORTED_NAME_SYNTAX }, { "NT_STATUS_OBJECTID_NOT_FOUND", NT_STATUS_OBJECTID_NOT_FOUND }, + { "NT_STATUS_DOWNGRADE_DETECTED", NT_STATUS_DOWNGRADE_DETECTED }, { "STATUS_MORE_ENTRIES", STATUS_MORE_ENTRIES }, { "STATUS_SOME_UNMAPPED", STATUS_SOME_UNMAPPED }, { "STATUS_NOTIFY_CLEANUP", STATUS_NOTIFY_CLEANUP }, diff --git a/source4/libcli/util/ntstatus.h b/source4/libcli/util/ntstatus.h index 026b5162db..527a95bd09 100644 --- a/source4/libcli/util/ntstatus.h +++ b/source4/libcli/util/ntstatus.h @@ -593,6 +593,7 @@ typedef uint32_t NTSTATUS; #define NT_STATUS_NOT_A_REPARSE_POINT NT_STATUS(0xC0000000 | 0x0275) #define NT_STATUS_OBJECTID_NOT_FOUND NT_STATUS(0xC0000000 | 0x02F0) #define NT_STATUS_NO_SUCH_JOB NT_STATUS(0xC0000000 | 0xEDE) /* scheduler */ +#define NT_STATUS_DOWNGRADE_DETECTED NT_STATUS(0xC0000000 | 0x0388) #define NT_STATUS_RPC_PROTSEQ_NOT_SUPPORTED NT_STATUS(0xC0000000 | 0x20004) #define NT_STATUS_RPC_UNSUPPORTED_NAME_SYNTAX NT_STATUS(0xC0000000 | 0x20026) diff --git a/source4/librpc/idl/netlogon.idl b/source4/librpc/idl/netlogon.idl index d8f7d2f7e6..62f1b8843a 100644 --- a/source4/librpc/idl/netlogon.idl +++ b/source4/librpc/idl/netlogon.idl @@ -123,12 +123,31 @@ interface netlogon netr_ChallengeResponse lm; } netr_NetworkInfo; - typedef [public,switch_type(uint16)] union { - [case(1)] netr_PasswordInfo *password; - [case(2)] netr_NetworkInfo *network; - [case(3)] netr_PasswordInfo *password; - [case(5)] netr_PasswordInfo *password; - [case(6)] netr_NetworkInfo *network; + typedef [flag(NDR_PAHEX)] struct { + netr_IdentityInfo identity_info; + lsa_String package_name; + uint32 length; + [size_is(length),length_is(length)] uint8 *data; + } netr_GenericInfo; + + typedef enum { + NetlogonInteractiveInformation = 1, + NetlogonNetworkInformation = 2, + NetlogonServiceInformation = 3, + NetlogonGenericInformation = 4, + NetlogonInteractiveTransitiveInformation = 5, + NetlogonNetworkTransitiveInformation = 6, + NetlogonServiceTransitiveInformation = 7 + } netr_LogonInfoClass; + + typedef [public,switch_type(netr_LogonInfoClass)] union { + [case(NetlogonInteractiveInformation)] netr_PasswordInfo *password; + [case(NetlogonNetworkInformation)] netr_NetworkInfo *network; + [case(NetlogonServiceInformation)] netr_PasswordInfo *password; + [case(NetlogonGenericInformation)] netr_GenericInfo *generic; + [case(NetlogonInteractiveTransitiveInformation)] netr_PasswordInfo *password; + [case(NetlogonNetworkTransitiveInformation)] netr_NetworkInfo *network; + [case(NetlogonServiceTransitiveInformation)] netr_PasswordInfo *password; } netr_LogonLevel; typedef [public,flag(NDR_PAHEX)] struct { @@ -239,15 +258,15 @@ interface netlogon } netr_Authenticator; NTSTATUS netr_LogonSamLogon( - [in,unique] [string,charset(UTF16)] uint16 *server_name, - [in,unique] [string,charset(UTF16)] uint16 *computer_name, - [in,unique] netr_Authenticator *credential, - [in,out,unique] netr_Authenticator *return_authenticator, - [in] uint16 logon_level, - [in] [switch_is(logon_level)] netr_LogonLevel logon, - [in] uint16 validation_level, + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *computer_name, + [in,unique] netr_Authenticator *credential, + [in,out,unique] netr_Authenticator *return_authenticator, + [in] netr_LogonInfoClass logon_level, + [in] [switch_is(logon_level)] netr_LogonLevel logon, + [in] uint16 validation_level, [out] [switch_is(validation_level)] netr_Validation validation, - [out] uint8 authoritative + [out] uint8 authoritative ); diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c index d9ae92c0fa..763e6a327e 100644 --- a/source4/rpc_server/netlogon/dcerpc_netlogon.c +++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c @@ -421,9 +421,10 @@ static NTSTATUS dcesrv_netr_LogonSamLogon_base(struct dcesrv_call_state *dce_cal user_info->remote_host = NULL; switch (r->in.logon_level) { - case 1: - case 3: - case 5: + case NetlogonInteractiveInformation: + case NetlogonServiceInformation: + case NetlogonInteractiveTransitiveInformation: + case NetlogonServiceTransitiveInformation: if (creds->negotiate_flags & NETLOGON_NEG_ARCFOUR) { creds_arcfour_crypt(creds, r->in.logon.password->lmpassword.hash, @@ -460,8 +461,8 @@ static NTSTATUS dcesrv_netr_LogonSamLogon_base(struct dcesrv_call_state *dce_cal *user_info->password.hash.nt = r->in.logon.password->ntpassword; break; - case 2: - case 6: + case NetlogonNetworkInformation: + case NetlogonNetworkTransitiveInformation: /* TODO: we need to deny anonymous access here */ nt_status = auth_context_create(mem_ctx, @@ -483,6 +484,13 @@ static NTSTATUS dcesrv_netr_LogonSamLogon_base(struct dcesrv_call_state *dce_cal user_info->password.response.nt = data_blob_talloc(mem_ctx, r->in.logon.network->nt.data, r->in.logon.network->nt.length); break; + + + case NetlogonGenericInformation: + { + /* Until we get enough information for an implemetnation */ + return NT_STATUS_INVALID_PARAMETER; + } default: return NT_STATUS_INVALID_PARAMETER; } |