#include "torture/torture.h"
#include "torture/ldap/proto.h"
#include "libcli/auth/libcli_auth.h"
-#include "lib/crypto/crypto.h"
+#include "../lib/crypto/crypto.h"
+#include "../libcli/drsuapi/drsuapi.h"
#include "auth/credentials/credentials.h"
#include "libcli/auth/libcli_auth.h"
#include "auth/gensec/gensec.h"
#include "param/param.h"
+#include "dsdb/samdb/samdb.h"
struct DsSyncBindInfo {
struct dcerpc_pipe *pipe;
{
NTSTATUS status;
struct drsuapi_DsCrackNames r;
+ union drsuapi_DsNameRequest req;
+ union drsuapi_DsNameCtr ctr;
+ int32_t level_out = 0;
struct drsuapi_DsNameString names[1];
bool ret = true;
struct cldap_socket *cldap;
struct cldap_netlogon search;
- cldap = cldap_socket_init(ctx, tctx->ev, lp_iconv_convenience(tctx->lp_ctx));
+ status = cldap_socket_init(ctx, NULL, NULL, NULL, &cldap);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("failed to setup cldap socket - %s\n",
+ nt_errstr(status));
+ return false;
+ }
r.in.bind_handle = &ctx->admin.drsuapi.bind_handle;
r.in.level = 1;
- r.in.req.req1.codepage = 1252; /* western european */
- r.in.req.req1.language = 0x00000407; /* german */
- r.in.req.req1.count = 1;
- r.in.req.req1.names = names;
- r.in.req.req1.format_flags = DRSUAPI_DS_NAME_FLAG_NO_FLAGS;
- r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT;
- r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
+ r.in.req = &req;
+ r.in.req->req1.codepage = 1252; /* western european */
+ r.in.req->req1.language = 0x00000407; /* german */
+ r.in.req->req1.count = 1;
+ r.in.req->req1.names = names;
+ r.in.req->req1.format_flags = DRSUAPI_DS_NAME_FLAG_NO_FLAGS;
+ r.in.req->req1.format_offered = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT;
+ r.in.req->req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
names[0].str = talloc_asprintf(ctx, "%s\\", lp_workgroup(tctx->lp_ctx));
+ r.out.level_out = &level_out;
+ r.out.ctr = &ctr;
+
status = dcerpc_drsuapi_DsCrackNames(ctx->admin.drsuapi.pipe, ctx, &r);
if (!NT_STATUS_IS_OK(status)) {
const char *errstr = nt_errstr(status);
return false;
}
- ctx->domain_dn = r.out.ctr.ctr1->array[0].result_name;
+ ctx->domain_dn = r.out.ctr->ctr1->array[0].result_name;
ZERO_STRUCT(search);
search.in.dest_address = ctx->drsuapi_binding->host;
search.in.acct_control = -1;
search.in.version = NETLOGON_NT_VERSION_5 | NETLOGON_NT_VERSION_5EX;
search.in.map_response = true;
- status = cldap_netlogon(cldap, ctx, &search);
+ status = cldap_netlogon(cldap, lp_iconv_convenience(tctx->lp_ctx), ctx, &search);
if (!NT_STATUS_IS_OK(status)) {
const char *errstr = nt_errstr(status);
ctx->site_name = talloc_asprintf(ctx, "%s", "Default-First-Site-Name");
printf("cldap_netlogon() returned %s. Defaulting to Site-Name: %s\n", errstr, ctx->site_name);
} else {
- ctx->site_name = talloc_steal(ctx, search.out.netlogon.nt5_ex.client_site);
+ ctx->site_name = talloc_steal(ctx, search.out.netlogon.data.nt5_ex.client_site);
printf("cldap_netlogon() returned Client Site-Name: %s.\n",ctx->site_name);
- printf("cldap_netlogon() returned Server Site-Name: %s.\n",search.out.netlogon.nt5_ex.server_site);
- }
-
- return ret;
-}
-
-static DATA_BLOB decrypt_blob(TALLOC_CTX *mem_ctx,
- const DATA_BLOB *gensec_skey,
- bool rcrypt,
- struct drsuapi_DsReplicaObjectIdentifier *id,
- uint32_t rid,
- const DATA_BLOB *buffer)
-{
- DATA_BLOB confounder;
- DATA_BLOB enc_buffer;
-
- struct MD5Context md5;
- uint8_t _enc_key[16];
- DATA_BLOB enc_key;
-
- DATA_BLOB dec_buffer;
-
- uint32_t crc32_given;
- uint32_t crc32_calc;
- DATA_BLOB checked_buffer;
-
- DATA_BLOB plain_buffer;
-
- /*
- * the combination "c[3] s[1] e[1] d[0]..."
- * was successful!!!!!!!!!!!!!!!!!!!!!!!!!!
- */
-
- /*
- * the first 16 bytes at the beginning are the confounder
- * followed by the 4 byte crc32 checksum
- */
- if (buffer->length < 20) {
- return data_blob_const(NULL, 0);
- }
- confounder = data_blob_const(buffer->data, 16);
- enc_buffer = data_blob_const(buffer->data + 16, buffer->length - 16);
-
- /*
- * build the encryption key md5 over the session key followed
- * by the confounder
- *
- * here the gensec session key is used and
- * not the dcerpc ncacn_ip_tcp "SystemLibraryDTC" key!
- */
- enc_key = data_blob_const(_enc_key, sizeof(_enc_key));
- MD5Init(&md5);
- MD5Update(&md5, gensec_skey->data, gensec_skey->length);
- MD5Update(&md5, confounder.data, confounder.length);
- MD5Final(enc_key.data, &md5);
-
- /*
- * copy the encrypted buffer part and
- * decrypt it using the created encryption key using arcfour
- */
- dec_buffer = data_blob_talloc(mem_ctx, enc_buffer.data, enc_buffer.length);
- if (!dec_buffer.data) {
- return data_blob_const(NULL, 0);
- }
- arcfour_crypt_blob(dec_buffer.data, dec_buffer.length, &enc_key);
-
- /*
- * the first 4 byte are the crc32 checksum
- * of the remaining bytes
- */
- crc32_given = IVAL(dec_buffer.data, 0);
- crc32_calc = crc32_calc_buffer(dec_buffer.data + 4 , dec_buffer.length - 4);
- if (crc32_given != crc32_calc) {
- DEBUG(0,("CRC32: given[0x%08X] calc[0x%08X]\n",
- crc32_given, crc32_calc));
- return data_blob_const(NULL, 0);
- }
- checked_buffer = data_blob_talloc(mem_ctx, dec_buffer.data + 4, dec_buffer.length - 4);
- if (!checked_buffer.data) {
- return data_blob_const(NULL, 0);
+ printf("cldap_netlogon() returned Server Site-Name: %s.\n",search.out.netlogon.data.nt5_ex.server_site);
}
- /*
- * some attributes seem to be in a usable form after this decryption
- * (supplementalCredentials, priorValue, currentValue, trustAuthOutgoing,
- * trustAuthIncoming, initialAuthOutgoing, initialAuthIncoming)
- * At least supplementalCredentials contains plaintext
- * like "Primary:Kerberos" (in unicode form)
- *
- * some attributes seem to have some additional encryption
- * dBCSPwd, unicodePwd, ntPwdHistory, lmPwdHistory
- *
- * it's the sam_rid_crypt() function, as the value is constant,
- * so it doesn't depend on sessionkeys.
- */
- if (rcrypt) {
- uint32_t i, num_hashes;
-
- if ((checked_buffer.length % 16) != 0) {
- return data_blob_const(NULL, 0);
- }
-
- plain_buffer = data_blob_talloc(mem_ctx, checked_buffer.data, checked_buffer.length);
- if (!plain_buffer.data) {
- return data_blob_const(NULL, 0);
- }
-
- num_hashes = plain_buffer.length / 16;
- for (i = 0; i < num_hashes; i++) {
- uint32_t offset = i * 16;
- sam_rid_crypt(rid, checked_buffer.data + offset, plain_buffer.data + offset, 0);
- }
- } else {
- plain_buffer = checked_buffer;
+ if (!ctx->domain_dn) {
+ struct ldb_context *ldb = ldb_init(ctx, tctx->ev);
+ struct ldb_dn *dn = samdb_dns_domain_to_dn(ldb, ctx, search.out.netlogon.data.nt5_ex.dns_domain);
+ ctx->domain_dn = ldb_dn_alloc_linearized(ctx, dn);
+ talloc_free(dn);
+ talloc_free(ldb);
}
- return plain_buffer;
+ return ret;
}
static void test_analyse_objects(struct torture_context *tctx,
}
for (i=0; i < cur->object.attribute_ctr.num_attributes; i++) {
+ WERROR werr;
const char *name = NULL;
bool rcrypt = false;
DATA_BLOB *enc_data = NULL;
DATA_BLOB plain_data;
struct drsuapi_DsReplicaAttribute *attr;
+ ndr_pull_flags_fn_t pull_fn = NULL;
+ ndr_print_fn_t print_fn = NULL;
+ void *ptr = NULL;
attr = &cur->object.attribute_ctr.attributes[i];
switch (attr->attid) {
break;
case DRSUAPI_ATTRIBUTE_supplementalCredentials:
name = "supplementalCredentials";
+ pull_fn = (ndr_pull_flags_fn_t)ndr_pull_supplementalCredentialsBlob;
+ print_fn = (ndr_print_fn_t)ndr_print_supplementalCredentialsBlob;
+ ptr = talloc(ctx, struct supplementalCredentialsBlob);
break;
case DRSUAPI_ATTRIBUTE_priorValue:
name = "priorValue";
break;
case DRSUAPI_ATTRIBUTE_trustAuthOutgoing:
name = "trustAuthOutgoing";
+ pull_fn = (ndr_pull_flags_fn_t)ndr_pull_trustAuthInOutBlob;
+ print_fn = (ndr_print_fn_t)ndr_print_trustAuthInOutBlob;
+ ptr = talloc(ctx, struct trustAuthInOutBlob);
break;
case DRSUAPI_ATTRIBUTE_trustAuthIncoming:
name = "trustAuthIncoming";
+ pull_fn = (ndr_pull_flags_fn_t)ndr_pull_trustAuthInOutBlob;
+ print_fn = (ndr_print_fn_t)ndr_print_trustAuthInOutBlob;
+ ptr = talloc(ctx, struct trustAuthInOutBlob);
break;
case DRSUAPI_ATTRIBUTE_initialAuthOutgoing:
name = "initialAuthOutgoing";
enc_data = attr->value_ctr.values[0].blob;
ZERO_STRUCT(plain_data);
- plain_data = decrypt_blob(ctx, gensec_skey, rcrypt,
- cur->object.identifier, rid,
- enc_data);
+ werr = drsuapi_decrypt_attribute_value(ctx, gensec_skey, rcrypt,
+ rid,
+ enc_data, &plain_data);
+ if (!W_ERROR_IS_OK(werr)) {
+ DEBUG(0, ("Failed to decrypt %s\n", name));
+ continue;
+ }
if (!dn_printed) {
object_id++;
DEBUG(0,("DN[%u] %s\n", object_id, dn));
name, (long)enc_data->length, (long)plain_data.length));
if (plain_data.length) {
enum ndr_err_code ndr_err;
- struct supplementalCredentialsBlob scb;
dump_data(0, plain_data.data, plain_data.length);
if (save_values_dir) {
char *fname;
talloc_free(fname);
}
- ndr_err = ndr_pull_struct_blob_all(&plain_data, tctx,
- lp_iconv_convenience(tctx->lp_ctx), &scb,
- (ndr_pull_flags_fn_t)ndr_pull_supplementalCredentialsBlob);
- if (NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
- NDR_PRINT_DEBUG(supplementalCredentialsBlob, &scb);
+ if (pull_fn) {
+ /* Can't use '_all' because of PIDL bugs with relative pointers */
+ ndr_err = ndr_pull_struct_blob(&plain_data, ptr,
+ lp_iconv_convenience(tctx->lp_ctx), ptr,
+ pull_fn);
+ if (NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+ ndr_print_debug(print_fn, name, ptr);
+ } else {
+ DEBUG(0, ("Failed to decode %s\n", name));
+ }
}
} else {
dump_data(0, enc_data->data, enc_data->length);
}
+ talloc_free(ptr);
}
}
}
uint64_t highest_usn = 0;
const char *partition = NULL;
struct drsuapi_DsGetNCChanges r;
+ union drsuapi_DsGetNCChangesRequest req;
struct drsuapi_DsReplicaObjectIdentifier nc;
struct drsuapi_DsGetNCChangesCtr1 *ctr1 = NULL;
struct drsuapi_DsGetNCChangesCtr6 *ctr6 = NULL;
array[i].level);
r.in.bind_handle = &ctx->new_dc.drsuapi.bind_handle;
- r.in.level = &array[i].level;
+ r.in.level = array[i].level;
- switch (*r.in.level) {
+ switch (r.in.level) {
case 5:
nc.guid = null_guid;
nc.sid = null_sid;
nc.dn = partition;
- r.in.req.req5.destination_dsa_guid = ctx->new_dc.invocation_id;
- r.in.req.req5.source_dsa_invocation_id = null_guid;
- r.in.req.req5.naming_context = &nc;
- r.in.req.req5.highwatermark.tmp_highest_usn = highest_usn;
- r.in.req.req5.highwatermark.reserved_usn = 0;
- r.in.req.req5.highwatermark.highest_usn = highest_usn;
- r.in.req.req5.uptodateness_vector = NULL;
- r.in.req.req5.replica_flags = 0;
+ r.in.req = &req;
+ r.in.req->req5.destination_dsa_guid = ctx->new_dc.invocation_id;
+ r.in.req->req5.source_dsa_invocation_id = null_guid;
+ r.in.req->req5.naming_context = &nc;
+ r.in.req->req5.highwatermark.tmp_highest_usn = highest_usn;
+ r.in.req->req5.highwatermark.reserved_usn = 0;
+ r.in.req->req5.highwatermark.highest_usn = highest_usn;
+ r.in.req->req5.uptodateness_vector = NULL;
+ r.in.req->req5.replica_flags = 0;
if (lp_parm_bool(tctx->lp_ctx, NULL, "dssync", "compression", false)) {
- r.in.req.req5.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_COMPRESS_CHANGES;
+ r.in.req->req5.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_COMPRESS_CHANGES;
}
if (lp_parm_bool(tctx->lp_ctx, NULL, "dssync", "neighbour_writeable", true)) {
- r.in.req.req5.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_WRITEABLE;
+ r.in.req->req5.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_WRITEABLE;
}
- r.in.req.req5.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_SYNC_ON_STARTUP
+ r.in.req->req5.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_SYNC_ON_STARTUP
| DRSUAPI_DS_REPLICA_NEIGHBOUR_DO_SCHEDULED_SYNCS
| DRSUAPI_DS_REPLICA_NEIGHBOUR_RETURN_OBJECT_PARENTS
| DRSUAPI_DS_REPLICA_NEIGHBOUR_NEVER_SYNCED
;
- r.in.req.req5.max_object_count = 133;
- r.in.req.req5.max_ndr_size = 1336770;
- r.in.req.req5.extended_op = DRSUAPI_EXOP_NONE;
- r.in.req.req5.fsmo_info = 0;
+ r.in.req->req5.max_object_count = 133;
+ r.in.req->req5.max_ndr_size = 1336770;
+ r.in.req->req5.extended_op = DRSUAPI_EXOP_NONE;
+ r.in.req->req5.fsmo_info = 0;
break;
case 8:
nc.sid = null_sid;
nc.dn = partition;
/* nc.dn can be set to any other ad partition */
-
- r.in.req.req8.destination_dsa_guid = ctx->new_dc.invocation_id;
- r.in.req.req8.source_dsa_invocation_id = null_guid;
- r.in.req.req8.naming_context = &nc;
- r.in.req.req8.highwatermark.tmp_highest_usn = highest_usn;
- r.in.req.req8.highwatermark.reserved_usn = 0;
- r.in.req.req8.highwatermark.highest_usn = highest_usn;
- r.in.req.req8.uptodateness_vector = NULL;
- r.in.req.req8.replica_flags = 0;
+
+ r.in.req = &req;
+ r.in.req->req8.destination_dsa_guid = ctx->new_dc.invocation_id;
+ r.in.req->req8.source_dsa_invocation_id = null_guid;
+ r.in.req->req8.naming_context = &nc;
+ r.in.req->req8.highwatermark.tmp_highest_usn = highest_usn;
+ r.in.req->req8.highwatermark.reserved_usn = 0;
+ r.in.req->req8.highwatermark.highest_usn = highest_usn;
+ r.in.req->req8.uptodateness_vector = NULL;
+ r.in.req->req8.replica_flags = 0;
if (lp_parm_bool(tctx->lp_ctx, NULL, "dssync", "compression", false)) {
- r.in.req.req8.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_COMPRESS_CHANGES;
+ r.in.req->req8.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_COMPRESS_CHANGES;
}
if (lp_parm_bool(tctx->lp_ctx, NULL, "dssync", "neighbour_writeable", true)) {
- r.in.req.req8.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_WRITEABLE;
+ r.in.req->req8.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_WRITEABLE;
}
- r.in.req.req8.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_SYNC_ON_STARTUP
+ r.in.req->req8.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_SYNC_ON_STARTUP
| DRSUAPI_DS_REPLICA_NEIGHBOUR_DO_SCHEDULED_SYNCS
| DRSUAPI_DS_REPLICA_NEIGHBOUR_RETURN_OBJECT_PARENTS
| DRSUAPI_DS_REPLICA_NEIGHBOUR_NEVER_SYNCED
;
- r.in.req.req8.max_object_count = 402;
- r.in.req.req8.max_ndr_size = 402116;
+ r.in.req->req8.max_object_count = 402;
+ r.in.req->req8.max_ndr_size = 402116;
- r.in.req.req8.extended_op = DRSUAPI_EXOP_NONE;
- r.in.req.req8.fsmo_info = 0;
- r.in.req.req8.partial_attribute_set = NULL;
- r.in.req.req8.partial_attribute_set_ex = NULL;
- r.in.req.req8.mapping_ctr.num_mappings = 0;
- r.in.req.req8.mapping_ctr.mappings = NULL;
+ r.in.req->req8.extended_op = DRSUAPI_EXOP_NONE;
+ r.in.req->req8.fsmo_info = 0;
+ r.in.req->req8.partial_attribute_set = NULL;
+ r.in.req->req8.partial_attribute_set_ex = NULL;
+ r.in.req->req8.mapping_ctr.num_mappings = 0;
+ r.in.req->req8.mapping_ctr.mappings = NULL;
break;
}
printf("Dumping AD partition: %s\n", nc.dn);
for (y=0; ;y++) {
int32_t _level = 0;
+ union drsuapi_DsGetNCChangesCtr ctr;
+
ZERO_STRUCT(r.out);
- r.out.level = &_level;
- if (*r.in.level == 5) {
+ r.out.level_out = &_level;
+ r.out.ctr = &ctr;
+
+ if (r.in.level == 5) {
DEBUG(0,("start[%d] tmp_higest_usn: %llu , highest_usn: %llu\n",y,
- (long long)r.in.req.req5.highwatermark.tmp_highest_usn,
- (long long)r.in.req.req5.highwatermark.highest_usn));
+ (long long)r.in.req->req5.highwatermark.tmp_highest_usn,
+ (long long)r.in.req->req5.highwatermark.highest_usn));
}
- if (*r.in.level == 8) {
+ if (r.in.level == 8) {
DEBUG(0,("start[%d] tmp_higest_usn: %llu , highest_usn: %llu\n",y,
- (long long)r.in.req.req8.highwatermark.tmp_highest_usn,
- (long long)r.in.req.req8.highwatermark.highest_usn));
+ (long long)r.in.req->req8.highwatermark.tmp_highest_usn,
+ (long long)r.in.req->req8.highwatermark.highest_usn));
}
status = dcerpc_drsuapi_DsGetNCChanges(ctx->new_dc.drsuapi.pipe, ctx, &r);
ret = false;
}
- if (ret == true && *r.out.level == 1) {
+ if (ret == true && *r.out.level_out == 1) {
out_level = 1;
- ctr1 = &r.out.ctr.ctr1;
- } else if (ret == true && *r.out.level == 2) {
+ ctr1 = &r.out.ctr->ctr1;
+ } else if (ret == true && *r.out.level_out == 2 &&
+ r.out.ctr->ctr2.mszip1.ts) {
out_level = 1;
- ctr1 = r.out.ctr.ctr2.ctr.mszip1.ctr1;
+ ctr1 = &r.out.ctr->ctr2.mszip1.ts->ctr1;
}
if (out_level == 1) {
test_analyse_objects(tctx, ctx, &gensec_skey, ctr1->first_object);
if (ctr1->more_data) {
- r.in.req.req5.highwatermark = ctr1->new_highwatermark;
+ r.in.req->req5.highwatermark = ctr1->new_highwatermark;
continue;
}
}
- if (ret == true && *r.out.level == 6) {
+ if (ret == true && *r.out.level_out == 6) {
out_level = 6;
- ctr6 = &r.out.ctr.ctr6;
- } else if (ret == true && *r.out.level == 7
- && r.out.ctr.ctr7.level == 6
- && r.out.ctr.ctr7.type == DRSUAPI_COMPRESSION_TYPE_MSZIP) {
+ ctr6 = &r.out.ctr->ctr6;
+ } else if (ret == true && *r.out.level_out == 7
+ && r.out.ctr->ctr7.level == 6
+ && r.out.ctr->ctr7.type == DRSUAPI_COMPRESSION_TYPE_MSZIP
+ && r.out.ctr->ctr7.ctr.mszip6.ts) {
out_level = 6;
- ctr6 = r.out.ctr.ctr7.ctr.mszip6.ctr6;
- } else if (ret == true && *r.out.level == 7
- && r.out.ctr.ctr7.level == 6
- && r.out.ctr.ctr7.type == DRSUAPI_COMPRESSION_TYPE_XPRESS) {
+ ctr6 = &r.out.ctr->ctr7.ctr.mszip6.ts->ctr6;
+ } else if (ret == true && *r.out.level_out == 7
+ && r.out.ctr->ctr7.level == 6
+ && r.out.ctr->ctr7.type == DRSUAPI_COMPRESSION_TYPE_XPRESS
+ && r.out.ctr->ctr7.ctr.xpress6.ts) {
out_level = 6;
- ctr6 = r.out.ctr.ctr7.ctr.xpress6.ctr6;
+ ctr6 = &r.out.ctr->ctr7.ctr.xpress6.ts->ctr6;
}
if (out_level == 6) {
test_analyse_objects(tctx, ctx, &gensec_skey, ctr6->first_object);
if (ctr6->more_data) {
- r.in.req.req8.highwatermark = ctr6->new_highwatermark;
+ r.in.req->req8.highwatermark = ctr6->new_highwatermark;
continue;
}
}
NTSTATUS status;
bool ret = true;
struct drsuapi_DsGetNT4ChangeLog r;
+ union drsuapi_DsGetNT4ChangeLogRequest req;
+ union drsuapi_DsGetNT4ChangeLogInfo info;
+ uint32_t level_out = 0;
struct GUID null_guid;
struct dom_sid null_sid;
DATA_BLOB cookie;
ZERO_STRUCT(r);
r.in.bind_handle = &ctx->new_dc.drsuapi.bind_handle;
r.in.level = 1;
+ r.out.info = &info;
+ r.out.level_out = &level_out;
- r.in.req.req1.unknown1 = lp_parm_int(tctx->lp_ctx, NULL, "dssync", "nt4-1", 3);
- r.in.req.req1.unknown2 = lp_parm_int(tctx->lp_ctx, NULL, "dssync", "nt4-2", 0x00004000);
+ req.req1.unknown1 = lp_parm_int(tctx->lp_ctx, NULL, "dssync", "nt4-1", 3);
+ req.req1.unknown2 = lp_parm_int(tctx->lp_ctx, NULL, "dssync", "nt4-2", 0x00004000);
while (1) {
- r.in.req.req1.length = cookie.length;
- r.in.req.req1.data = cookie.data;
+ req.req1.length = cookie.length;
+ req.req1.data = cookie.data;
+
+ r.in.req = &req;
status = dcerpc_drsuapi_DsGetNT4ChangeLog(ctx->new_dc.drsuapi.pipe, ctx, &r);
- if (!NT_STATUS_IS_OK(status)) {
+ if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_IMPLEMENTED)) {
+ printf("DsGetNT4ChangeLog not supported by target server\n");
+ break;
+ } else if (!NT_STATUS_IS_OK(status)) {
const char *errstr = nt_errstr(status);
if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
errstr = dcerpc_errstr(ctx, ctx->new_dc.drsuapi.pipe->last_fault_code);
} else if (!W_ERROR_IS_OK(r.out.result)) {
printf("DsGetNT4ChangeLog failed - %s\n", win_errstr(r.out.result));
ret = false;
- } else if (r.out.level != 1) {
- printf("DsGetNT4ChangeLog unknown level - %u\n", r.out.level);
+ } else if (*r.out.level_out != 1) {
+ printf("DsGetNT4ChangeLog unknown level - %u\n", *r.out.level_out);
ret = false;
- } else if (NT_STATUS_IS_OK(r.out.info.info1.status)) {
- } else if (NT_STATUS_EQUAL(r.out.info.info1.status, STATUS_MORE_ENTRIES)) {
- cookie.length = r.out.info.info1.length1;
- cookie.data = r.out.info.info1.data1;
+ } else if (NT_STATUS_IS_OK(r.out.info->info1.status)) {
+ } else if (NT_STATUS_EQUAL(r.out.info->info1.status, STATUS_MORE_ENTRIES)) {
+ cookie.length = r.out.info->info1.length1;
+ cookie.data = r.out.info->info1.data1;
continue;
} else {
- printf("DsGetNT4ChangeLog failed - %s\n", nt_errstr(r.out.info.info1.status));
+ printf("DsGetNT4ChangeLog failed - %s\n", nt_errstr(r.out.info->info1.status));
ret = false;
}