now push/pull a sample PAC, and still have the same byte buffer.
(Metze set up the string code, and probably already has a similar
patch).
Unfortunetly win2k3 still doesn't like what we provide, but every step helps.
Also use data_blob_const() when we are just wrapping data for API
reasons.
Andrew Bartlett
(This used to be commit
e7c8076fc1459ff2ccefdaf0b091d04ee6137957)
if (krbtgt_keyblock) {
DATA_BLOB service_checksum_blob
- = data_blob(srv_sig_ptr->signature, sizeof(srv_sig_ptr->signature));
+ = data_blob_const(srv_sig_ptr->signature, sizeof(srv_sig_ptr->signature));
status = check_pac_checksum(mem_ctx,
service_checksum_blob, &kdc_sig,
context, service_keyblock);
service_checksum_blob
- = data_blob(SRV_CHECKSUM->signature, sizeof(SRV_CHECKSUM->signature));
+ = data_blob_const(SRV_CHECKSUM->signature, sizeof(SRV_CHECKSUM->signature));
/* Then sign Server checksum */
ret = make_pac_checksum(mem_ctx, service_checksum_blob, KDC_CHECKSUM, context, krbtgt_keyblock);
{
declare bitmap samr_AcctFlags;
+ typedef struct {
+ [value(2*strlen_m(string))] uint16 length;
+ [value(2*(strlen_m(string)+1))] uint16 size;
+ [flag(STR_NOTERM|STR_SIZE4|STR_LEN4|STR_LARGE_SIZE)] string *string;
+ } netr_StringLarge;
+
/*****************/
/* Function 0x00 */
samr_RidWithAttributeArray groups;
uint32 user_flags;
netr_UserSessionKey key;
- lsa_String logon_server;
- lsa_String domain;
+ netr_StringLarge logon_server;
+ netr_StringLarge domain;
dom_sid2 *domain_sid;
netr_LMSessionKey LMSessKey;
samr_AcctFlags acct_flags;
* to create the pointer values
*/
if (tmp_blob.length != validate_blob.length) {
- DEBUG(0, ("PAC push failed orignial buffer length[%u] != created buffer length[%u]\n",
+ DEBUG(0, ("PAC push failed: orignial buffer length[%u] != created buffer length[%u]\n",
tmp_blob.length, validate_blob.length));
talloc_free(mem_ctx);
return False;
}
+ if (memcmp(tmp_blob.data, validate_blob.data, tmp_blob.length) != 0) {
+ DEBUG(0, ("PAC push failed: length[%u] matches, but data does not\n",
+ tmp_blob.length));
+ talloc_free(mem_ctx);
+ return False;
+ }
+
talloc_free(mem_ctx);
return True;
}