From 0eb1840994ec6ddcf11a4ad948cb537e510ca0c7 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Thu, 14 Aug 2008 15:27:48 +1000 Subject: cope with arbitrary unknown pac buffer types, so when MS adds a new one we don't break our server (This used to be commit 5e08b285319e35afd3a9a6e6f5f59145350f2d80) --- source4/librpc/idl/krb5pac.idl | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'source4/librpc/idl/krb5pac.idl') diff --git a/source4/librpc/idl/krb5pac.idl b/source4/librpc/idl/krb5pac.idl index 3505fc895c..b450908915 100644 --- a/source4/librpc/idl/krb5pac.idl +++ b/source4/librpc/idl/krb5pac.idl @@ -70,7 +70,11 @@ interface krb5pac [case(PAC_TYPE_SRV_CHECKSUM)] PAC_SIGNATURE_DATA srv_cksum; [case(PAC_TYPE_KDC_CHECKSUM)] PAC_SIGNATURE_DATA kdc_cksum; [case(PAC_TYPE_LOGON_NAME)] PAC_LOGON_NAME logon_name; - [case(PAC_TYPE_UNKNOWN_12)] [subcontext(0)] DATA_BLOB_REM unknown; + /* when new PAC info types are added they are supposed to be done + in such a way that they are backwards compatible with existing + servers. This makes it safe to just use a [default] for + unknown types, which lets us ignore the data */ + [default] [subcontext(0)] DATA_BLOB_REM unknown; /* [case(PAC_TYPE_UNKNOWN_12)] PAC_UNKNOWN_12 unknown; */ } PAC_INFO; -- cgit From 8acc7f7da7718c7750387c1043391618be46e15b Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Tue, 19 Aug 2008 08:51:45 +0200 Subject: krb5pac.idl: make use of subcontext(0xFFFFFC01) to handle the type Serialization header Now we should be able to handle bigendian PAC_LOGON_INFO buffers. metze (This used to be commit adbff0b0f92aa0742a8293071776b388879cbd8e) --- source4/librpc/idl/krb5pac.idl | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) (limited to 'source4/librpc/idl/krb5pac.idl') diff --git a/source4/librpc/idl/krb5pac.idl b/source4/librpc/idl/krb5pac.idl index b450908915..ca0efaed3e 100644 --- a/source4/librpc/idl/krb5pac.idl +++ b/source4/librpc/idl/krb5pac.idl @@ -45,10 +45,6 @@ interface krb5pac } PAC_UNKNOWN_12; typedef [public] struct { - [value(0x00081001)] uint32 unknown1; - [value(0xCCCCCCCC)] uint32 unknown2; - [value(NDR_ROUND(ndr_size_PAC_LOGON_INFO(info, ndr->flags)+4,8))] uint32 _ndr_size; - [value(0x00000000)] uint32 unknown3; PAC_LOGON_INFO *info; } PAC_LOGON_INFO_CTR; @@ -66,7 +62,7 @@ interface krb5pac } DATA_BLOB_REM; typedef [public,nodiscriminant,gensize] union { - [case(PAC_TYPE_LOGON_INFO)] PAC_LOGON_INFO_CTR logon_info; + [case(PAC_TYPE_LOGON_INFO)][subcontext(0xFFFFFC01)] PAC_LOGON_INFO_CTR logon_info; [case(PAC_TYPE_SRV_CHECKSUM)] PAC_SIGNATURE_DATA srv_cksum; [case(PAC_TYPE_KDC_CHECKSUM)] PAC_SIGNATURE_DATA kdc_cksum; [case(PAC_TYPE_LOGON_NAME)] PAC_LOGON_NAME logon_name; -- cgit