summaryrefslogtreecommitdiff
path: root/source4
diff options
context:
space:
mode:
Diffstat (limited to 'source4')
-rw-r--r--source4/libcli/util/nterr.c1
-rw-r--r--source4/libcli/util/ntstatus.h1
-rw-r--r--source4/librpc/idl/netlogon.idl47
-rw-r--r--source4/rpc_server/netlogon/dcerpc_netlogon.c18
4 files changed, 48 insertions, 19 deletions
diff --git a/source4/libcli/util/nterr.c b/source4/libcli/util/nterr.c
index 7629a14106..ef4055adaa 100644
--- a/source4/libcli/util/nterr.c
+++ b/source4/libcli/util/nterr.c
@@ -546,6 +546,7 @@ static const nt_err_code_struct nt_errs[] =
{ "NT_STATUS_RPC_PROTSEQ_NOT_SUPPORTED", NT_STATUS_RPC_PROTSEQ_NOT_SUPPORTED },
{ "NT_STATUS_RPC_UNSUPPORTED_NAME_SYNTAX", NT_STATUS_RPC_UNSUPPORTED_NAME_SYNTAX },
{ "NT_STATUS_OBJECTID_NOT_FOUND", NT_STATUS_OBJECTID_NOT_FOUND },
+ { "NT_STATUS_DOWNGRADE_DETECTED", NT_STATUS_DOWNGRADE_DETECTED },
{ "STATUS_MORE_ENTRIES", STATUS_MORE_ENTRIES },
{ "STATUS_SOME_UNMAPPED", STATUS_SOME_UNMAPPED },
{ "STATUS_NOTIFY_CLEANUP", STATUS_NOTIFY_CLEANUP },
diff --git a/source4/libcli/util/ntstatus.h b/source4/libcli/util/ntstatus.h
index 026b5162db..527a95bd09 100644
--- a/source4/libcli/util/ntstatus.h
+++ b/source4/libcli/util/ntstatus.h
@@ -593,6 +593,7 @@ typedef uint32_t NTSTATUS;
#define NT_STATUS_NOT_A_REPARSE_POINT NT_STATUS(0xC0000000 | 0x0275)
#define NT_STATUS_OBJECTID_NOT_FOUND NT_STATUS(0xC0000000 | 0x02F0)
#define NT_STATUS_NO_SUCH_JOB NT_STATUS(0xC0000000 | 0xEDE) /* scheduler */
+#define NT_STATUS_DOWNGRADE_DETECTED NT_STATUS(0xC0000000 | 0x0388)
#define NT_STATUS_RPC_PROTSEQ_NOT_SUPPORTED NT_STATUS(0xC0000000 | 0x20004)
#define NT_STATUS_RPC_UNSUPPORTED_NAME_SYNTAX NT_STATUS(0xC0000000 | 0x20026)
diff --git a/source4/librpc/idl/netlogon.idl b/source4/librpc/idl/netlogon.idl
index d8f7d2f7e6..62f1b8843a 100644
--- a/source4/librpc/idl/netlogon.idl
+++ b/source4/librpc/idl/netlogon.idl
@@ -123,12 +123,31 @@ interface netlogon
netr_ChallengeResponse lm;
} netr_NetworkInfo;
- typedef [public,switch_type(uint16)] union {
- [case(1)] netr_PasswordInfo *password;
- [case(2)] netr_NetworkInfo *network;
- [case(3)] netr_PasswordInfo *password;
- [case(5)] netr_PasswordInfo *password;
- [case(6)] netr_NetworkInfo *network;
+ typedef [flag(NDR_PAHEX)] struct {
+ netr_IdentityInfo identity_info;
+ lsa_String package_name;
+ uint32 length;
+ [size_is(length),length_is(length)] uint8 *data;
+ } netr_GenericInfo;
+
+ typedef enum {
+ NetlogonInteractiveInformation = 1,
+ NetlogonNetworkInformation = 2,
+ NetlogonServiceInformation = 3,
+ NetlogonGenericInformation = 4,
+ NetlogonInteractiveTransitiveInformation = 5,
+ NetlogonNetworkTransitiveInformation = 6,
+ NetlogonServiceTransitiveInformation = 7
+ } netr_LogonInfoClass;
+
+ typedef [public,switch_type(netr_LogonInfoClass)] union {
+ [case(NetlogonInteractiveInformation)] netr_PasswordInfo *password;
+ [case(NetlogonNetworkInformation)] netr_NetworkInfo *network;
+ [case(NetlogonServiceInformation)] netr_PasswordInfo *password;
+ [case(NetlogonGenericInformation)] netr_GenericInfo *generic;
+ [case(NetlogonInteractiveTransitiveInformation)] netr_PasswordInfo *password;
+ [case(NetlogonNetworkTransitiveInformation)] netr_NetworkInfo *network;
+ [case(NetlogonServiceTransitiveInformation)] netr_PasswordInfo *password;
} netr_LogonLevel;
typedef [public,flag(NDR_PAHEX)] struct {
@@ -239,15 +258,15 @@ interface netlogon
} netr_Authenticator;
NTSTATUS netr_LogonSamLogon(
- [in,unique] [string,charset(UTF16)] uint16 *server_name,
- [in,unique] [string,charset(UTF16)] uint16 *computer_name,
- [in,unique] netr_Authenticator *credential,
- [in,out,unique] netr_Authenticator *return_authenticator,
- [in] uint16 logon_level,
- [in] [switch_is(logon_level)] netr_LogonLevel logon,
- [in] uint16 validation_level,
+ [in,unique] [string,charset(UTF16)] uint16 *server_name,
+ [in,unique] [string,charset(UTF16)] uint16 *computer_name,
+ [in,unique] netr_Authenticator *credential,
+ [in,out,unique] netr_Authenticator *return_authenticator,
+ [in] netr_LogonInfoClass logon_level,
+ [in] [switch_is(logon_level)] netr_LogonLevel logon,
+ [in] uint16 validation_level,
[out] [switch_is(validation_level)] netr_Validation validation,
- [out] uint8 authoritative
+ [out] uint8 authoritative
);
diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c
index d9ae92c0fa..763e6a327e 100644
--- a/source4/rpc_server/netlogon/dcerpc_netlogon.c
+++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c
@@ -421,9 +421,10 @@ static NTSTATUS dcesrv_netr_LogonSamLogon_base(struct dcesrv_call_state *dce_cal
user_info->remote_host = NULL;
switch (r->in.logon_level) {
- case 1:
- case 3:
- case 5:
+ case NetlogonInteractiveInformation:
+ case NetlogonServiceInformation:
+ case NetlogonInteractiveTransitiveInformation:
+ case NetlogonServiceTransitiveInformation:
if (creds->negotiate_flags & NETLOGON_NEG_ARCFOUR) {
creds_arcfour_crypt(creds,
r->in.logon.password->lmpassword.hash,
@@ -460,8 +461,8 @@ static NTSTATUS dcesrv_netr_LogonSamLogon_base(struct dcesrv_call_state *dce_cal
*user_info->password.hash.nt = r->in.logon.password->ntpassword;
break;
- case 2:
- case 6:
+ case NetlogonNetworkInformation:
+ case NetlogonNetworkTransitiveInformation:
/* TODO: we need to deny anonymous access here */
nt_status = auth_context_create(mem_ctx,
@@ -483,6 +484,13 @@ static NTSTATUS dcesrv_netr_LogonSamLogon_base(struct dcesrv_call_state *dce_cal
user_info->password.response.nt = data_blob_talloc(mem_ctx, r->in.logon.network->nt.data, r->in.logon.network->nt.length);
break;
+
+
+ case NetlogonGenericInformation:
+ {
+ /* Until we get enough information for an implemetnation */
+ return NT_STATUS_INVALID_PARAMETER;
+ }
default:
return NT_STATUS_INVALID_PARAMETER;
}