From fc8fadf1e93cffcf36bd56ba02894804018b9972 Mon Sep 17 00:00:00 2001 From: =?utf8?q?G=C3=BCnther=20Deschner?= Date: Mon, 20 Oct 2008 11:11:19 +0200 Subject: [PATCH] idl: finally share krb5_pac.idl. Guenther --- {source4/librpc => librpc}/idl/krb5pac.idl | 10 +- source3/Makefile.in | 2 +- source3/librpc/gen_ndr/krb5pac.h | 23 +++- source3/librpc/gen_ndr/ndr_krb5pac.c | 131 ++++++++++++++++++--- source3/librpc/gen_ndr/ndr_krb5pac.h | 8 +- 5 files changed, 147 insertions(+), 27 deletions(-) rename {source4/librpc => librpc}/idl/krb5pac.idl (95%) diff --git a/source4/librpc/idl/krb5pac.idl b/librpc/idl/krb5pac.idl similarity index 95% rename from source4/librpc/idl/krb5pac.idl rename to librpc/idl/krb5pac.idl index bddba041651..a498b795f8e 100644 --- a/source4/librpc/idl/krb5pac.idl +++ b/librpc/idl/krb5pac.idl @@ -29,7 +29,7 @@ interface krb5pac netr_SamInfo3 info3; dom_sid2 *res_group_dom_sid; samr_RidWithAttributeArray res_groups; - } PAC_LOGON_INFO; + } PAC_LOGON_INFO; typedef struct { [value(2*strlen_m(upn_name))] uint16 upn_size; @@ -46,7 +46,7 @@ interface krb5pac typedef [public] struct { PAC_LOGON_INFO *info; - } PAC_LOGON_INFO_CTR; + } PAC_LOGON_INFO_CTR; typedef [public,v1_enum] enum { PAC_TYPE_LOGON_INFO = 1, @@ -126,5 +126,9 @@ interface krb5pac [in] PAC_Validate pac_validate ); - + /* used for samba3 netsamlogon cache */ + typedef [public] struct { + time_t timestamp; + netr_SamInfo3 info3; + } netsamlogoncache_entry; } diff --git a/source3/Makefile.in b/source3/Makefile.in index bb81dd2f705..6fe26d3d1b4 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -1213,7 +1213,7 @@ samba3-idl:: ../librpc/idl/eventlog.idl ../librpc/idl/wkssvc.idl librpc/idl/netlogon.idl \ ../librpc/idl/notify.idl ../librpc/idl/epmapper.idl librpc/idl/messaging.idl \ ../librpc/idl/xattr.idl ../librpc/idl/misc.idl librpc/idl/samr.idl \ - ../librpc/idl/security.idl ../librpc/idl/dssetup.idl librpc/idl/krb5pac.idl \ + ../librpc/idl/security.idl ../librpc/idl/dssetup.idl ../librpc/idl/krb5pac.idl \ ../librpc/idl/ntsvcs.idl librpc/idl/libnetapi.idl ../librpc/idl/drsuapi.idl \ ../librpc/idl/drsblobs.idl ../librpc/idl/nbt.idl diff --git a/source3/librpc/gen_ndr/krb5pac.h b/source3/librpc/gen_ndr/krb5pac.h index b3b29e5b2fd..7ec3e95d70d 100644 --- a/source3/librpc/gen_ndr/krb5pac.h +++ b/source3/librpc/gen_ndr/krb5pac.h @@ -8,6 +8,7 @@ #ifndef _HEADER_krb5pac #define _HEADER_krb5pac +#define NETLOGON_GENERIC_KRB5_PAC_VALIDATE ( 3 ) struct PAC_LOGON_NAME { NTTIME logon_time; uint16_t size;/* [value(2*strlen_m(account_name))] */ @@ -39,10 +40,6 @@ struct PAC_UNKNOWN_12 { }; struct PAC_LOGON_INFO_CTR { - uint32_t unknown1;/* [value(0x00081001)] */ - uint32_t unknown2;/* [value(0xCCCCCCCC)] */ - uint32_t _ndr_size;/* [value(NDR_ROUND(ndr_size_PAC_LOGON_INFO(info,ndr->flags)+4,8))] */ - uint32_t unknown3;/* [value(0x00000000)] */ struct PAC_LOGON_INFO *info;/* [unique] */ }/* [public] */; @@ -72,7 +69,7 @@ struct DATA_BLOB_REM { }; union PAC_INFO { - struct PAC_LOGON_INFO_CTR logon_info;/* [case(PAC_TYPE_LOGON_INFO)] */ + struct PAC_LOGON_INFO_CTR logon_info;/* [subcontext(0xFFFFFC01),case(PAC_TYPE_LOGON_INFO)] */ struct PAC_SIGNATURE_DATA srv_cksum;/* [case(PAC_TYPE_SRV_CHECKSUM)] */ struct PAC_SIGNATURE_DATA kdc_cksum;/* [case(PAC_TYPE_KDC_CHECKSUM)] */ struct PAC_LOGON_NAME logon_name;/* [case(PAC_TYPE_LOGON_NAME)] */ @@ -105,6 +102,14 @@ struct PAC_DATA_RAW { struct PAC_BUFFER_RAW *buffers; }/* [public] */; +struct PAC_Validate { + uint32_t MessageType;/* [value(NETLOGON_GENERIC_KRB5_PAC_VALIDATE)] */ + uint32_t ChecksumLength; + int32_t SignatureType; + uint32_t SignatureLength; + DATA_BLOB ChecksumAndSignature;/* [flag(LIBNDR_FLAG_REMAINING)] */ +}/* [public] */; + struct netsamlogoncache_entry { time_t timestamp; struct netr_SamInfo3 info3; @@ -134,4 +139,12 @@ struct decode_login_info { }; + +struct decode_pac_validate { + struct { + struct PAC_Validate pac_validate; + } in; + +}; + #endif /* _HEADER_krb5pac */ diff --git a/source3/librpc/gen_ndr/ndr_krb5pac.c b/source3/librpc/gen_ndr/ndr_krb5pac.c index 6e06f90a688..f9e93e52102 100644 --- a/source3/librpc/gen_ndr/ndr_krb5pac.c +++ b/source3/librpc/gen_ndr/ndr_krb5pac.c @@ -170,10 +170,6 @@ _PUBLIC_ enum ndr_err_code ndr_push_PAC_LOGON_INFO_CTR(struct ndr_push *ndr, int { if (ndr_flags & NDR_SCALARS) { NDR_CHECK(ndr_push_align(ndr, 4)); - NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, 0x00081001)); - NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, 0xCCCCCCCC)); - NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, NDR_ROUND(ndr_size_PAC_LOGON_INFO(r->info, ndr->flags) + 4, 8))); - NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, 0x00000000)); NDR_CHECK(ndr_push_unique_ptr(ndr, r->info)); } if (ndr_flags & NDR_BUFFERS) { @@ -190,10 +186,6 @@ _PUBLIC_ enum ndr_err_code ndr_pull_PAC_LOGON_INFO_CTR(struct ndr_pull *ndr, int TALLOC_CTX *_mem_save_info_0; if (ndr_flags & NDR_SCALARS) { NDR_CHECK(ndr_pull_align(ndr, 4)); - NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->unknown1)); - NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->unknown2)); - NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->_ndr_size)); - NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->unknown3)); NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info)); if (_ptr_info) { NDR_PULL_ALLOC(ndr, r->info); @@ -216,10 +208,6 @@ _PUBLIC_ void ndr_print_PAC_LOGON_INFO_CTR(struct ndr_print *ndr, const char *na { ndr_print_struct(ndr, name, "PAC_LOGON_INFO_CTR"); ndr->depth++; - ndr_print_uint32(ndr, "unknown1", (ndr->flags & LIBNDR_PRINT_SET_VALUES)?0x00081001:r->unknown1); - ndr_print_uint32(ndr, "unknown2", (ndr->flags & LIBNDR_PRINT_SET_VALUES)?0xCCCCCCCC:r->unknown2); - ndr_print_uint32(ndr, "_ndr_size", (ndr->flags & LIBNDR_PRINT_SET_VALUES)?NDR_ROUND(ndr_size_PAC_LOGON_INFO(r->info, ndr->flags) + 4, 8):r->_ndr_size); - ndr_print_uint32(ndr, "unknown3", (ndr->flags & LIBNDR_PRINT_SET_VALUES)?0x00000000:r->unknown3); ndr_print_ptr(ndr, "info", r->info); ndr->depth++; if (r->info) { @@ -304,7 +292,12 @@ _PUBLIC_ enum ndr_err_code ndr_push_PAC_INFO(struct ndr_push *ndr, int ndr_flags int level = ndr_push_get_switch_value(ndr, r); switch (level) { case PAC_TYPE_LOGON_INFO: { - NDR_CHECK(ndr_push_PAC_LOGON_INFO_CTR(ndr, NDR_SCALARS, &r->logon_info)); + { + struct ndr_push *_ndr_logon_info; + NDR_CHECK(ndr_push_subcontext_start(ndr, &_ndr_logon_info, 0xFFFFFC01, -1)); + NDR_CHECK(ndr_push_PAC_LOGON_INFO_CTR(_ndr_logon_info, NDR_SCALARS|NDR_BUFFERS, &r->logon_info)); + NDR_CHECK(ndr_push_subcontext_end(ndr, _ndr_logon_info, 0xFFFFFC01, -1)); + } break; } case PAC_TYPE_SRV_CHECKSUM: { @@ -334,7 +327,6 @@ _PUBLIC_ enum ndr_err_code ndr_push_PAC_INFO(struct ndr_push *ndr, int ndr_flags int level = ndr_push_get_switch_value(ndr, r); switch (level) { case PAC_TYPE_LOGON_INFO: - NDR_CHECK(ndr_push_PAC_LOGON_INFO_CTR(ndr, NDR_BUFFERS, &r->logon_info)); break; case PAC_TYPE_SRV_CHECKSUM: @@ -361,7 +353,12 @@ _PUBLIC_ enum ndr_err_code ndr_pull_PAC_INFO(struct ndr_pull *ndr, int ndr_flags if (ndr_flags & NDR_SCALARS) { switch (level) { case PAC_TYPE_LOGON_INFO: { - NDR_CHECK(ndr_pull_PAC_LOGON_INFO_CTR(ndr, NDR_SCALARS, &r->logon_info)); + { + struct ndr_pull *_ndr_logon_info; + NDR_CHECK(ndr_pull_subcontext_start(ndr, &_ndr_logon_info, 0xFFFFFC01, -1)); + NDR_CHECK(ndr_pull_PAC_LOGON_INFO_CTR(_ndr_logon_info, NDR_SCALARS|NDR_BUFFERS, &r->logon_info)); + NDR_CHECK(ndr_pull_subcontext_end(ndr, _ndr_logon_info, 0xFFFFFC01, -1)); + } break; } case PAC_TYPE_SRV_CHECKSUM: { @@ -390,7 +387,6 @@ _PUBLIC_ enum ndr_err_code ndr_pull_PAC_INFO(struct ndr_pull *ndr, int ndr_flags if (ndr_flags & NDR_BUFFERS) { switch (level) { case PAC_TYPE_LOGON_INFO: - NDR_CHECK(ndr_pull_PAC_LOGON_INFO_CTR(ndr, NDR_BUFFERS, &r->logon_info)); break; case PAC_TYPE_SRV_CHECKSUM: @@ -672,6 +668,58 @@ _PUBLIC_ void ndr_print_PAC_DATA_RAW(struct ndr_print *ndr, const char *name, co ndr->depth--; } +_PUBLIC_ enum ndr_err_code ndr_push_PAC_Validate(struct ndr_push *ndr, int ndr_flags, const struct PAC_Validate *r) +{ + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_push_align(ndr, 4)); + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, NETLOGON_GENERIC_KRB5_PAC_VALIDATE)); + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->ChecksumLength)); + NDR_CHECK(ndr_push_int32(ndr, NDR_SCALARS, r->SignatureType)); + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->SignatureLength)); + { + uint32_t _flags_save_DATA_BLOB = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_FLAG_REMAINING); + NDR_CHECK(ndr_push_DATA_BLOB(ndr, NDR_SCALARS, r->ChecksumAndSignature)); + ndr->flags = _flags_save_DATA_BLOB; + } + } + if (ndr_flags & NDR_BUFFERS) { + } + return NDR_ERR_SUCCESS; +} + +_PUBLIC_ enum ndr_err_code ndr_pull_PAC_Validate(struct ndr_pull *ndr, int ndr_flags, struct PAC_Validate *r) +{ + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->MessageType)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->ChecksumLength)); + NDR_CHECK(ndr_pull_int32(ndr, NDR_SCALARS, &r->SignatureType)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->SignatureLength)); + { + uint32_t _flags_save_DATA_BLOB = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_FLAG_REMAINING); + NDR_CHECK(ndr_pull_DATA_BLOB(ndr, NDR_SCALARS, &r->ChecksumAndSignature)); + ndr->flags = _flags_save_DATA_BLOB; + } + } + if (ndr_flags & NDR_BUFFERS) { + } + return NDR_ERR_SUCCESS; +} + +_PUBLIC_ void ndr_print_PAC_Validate(struct ndr_print *ndr, const char *name, const struct PAC_Validate *r) +{ + ndr_print_struct(ndr, name, "PAC_Validate"); + ndr->depth++; + ndr_print_uint32(ndr, "MessageType", (ndr->flags & LIBNDR_PRINT_SET_VALUES)?NETLOGON_GENERIC_KRB5_PAC_VALIDATE:r->MessageType); + ndr_print_uint32(ndr, "ChecksumLength", r->ChecksumLength); + ndr_print_int32(ndr, "SignatureType", r->SignatureType); + ndr_print_uint32(ndr, "SignatureLength", r->SignatureLength); + ndr_print_DATA_BLOB(ndr, "ChecksumAndSignature", r->ChecksumAndSignature); + ndr->depth--; +} + _PUBLIC_ enum ndr_err_code ndr_push_netsamlogoncache_entry(struct ndr_push *ndr, int ndr_flags, const struct netsamlogoncache_entry *r) { if (ndr_flags & NDR_SCALARS) { @@ -830,6 +878,47 @@ _PUBLIC_ void ndr_print_decode_login_info(struct ndr_print *ndr, const char *nam ndr->depth--; } +static enum ndr_err_code ndr_push_decode_pac_validate(struct ndr_push *ndr, int flags, const struct decode_pac_validate *r) +{ + if (flags & NDR_IN) { + NDR_CHECK(ndr_push_PAC_Validate(ndr, NDR_SCALARS, &r->in.pac_validate)); + } + if (flags & NDR_OUT) { + } + return NDR_ERR_SUCCESS; +} + +static enum ndr_err_code ndr_pull_decode_pac_validate(struct ndr_pull *ndr, int flags, struct decode_pac_validate *r) +{ + if (flags & NDR_IN) { + NDR_CHECK(ndr_pull_PAC_Validate(ndr, NDR_SCALARS, &r->in.pac_validate)); + } + if (flags & NDR_OUT) { + } + return NDR_ERR_SUCCESS; +} + +_PUBLIC_ void ndr_print_decode_pac_validate(struct ndr_print *ndr, const char *name, int flags, const struct decode_pac_validate *r) +{ + ndr_print_struct(ndr, name, "decode_pac_validate"); + ndr->depth++; + if (flags & NDR_SET_VALUES) { + ndr->flags |= LIBNDR_PRINT_SET_VALUES; + } + if (flags & NDR_IN) { + ndr_print_struct(ndr, "in", "decode_pac_validate"); + ndr->depth++; + ndr_print_PAC_Validate(ndr, "pac_validate", &r->in.pac_validate); + ndr->depth--; + } + if (flags & NDR_OUT) { + ndr_print_struct(ndr, "out", "decode_pac_validate"); + ndr->depth++; + ndr->depth--; + } + ndr->depth--; +} + static const struct ndr_interface_call krb5pac_calls[] = { { "decode_pac", @@ -855,6 +944,14 @@ static const struct ndr_interface_call krb5pac_calls[] = { (ndr_print_function_t) ndr_print_decode_login_info, false, }, + { + "decode_pac_validate", + sizeof(struct decode_pac_validate), + (ndr_push_flags_fn_t) ndr_push_decode_pac_validate, + (ndr_pull_flags_fn_t) ndr_pull_decode_pac_validate, + (ndr_print_function_t) ndr_print_decode_pac_validate, + false, + }, { NULL, 0, NULL, NULL, NULL, false } }; @@ -884,7 +981,7 @@ const struct ndr_interface_table ndr_table_krb5pac = { NDR_KRB5PAC_VERSION }, .helpstring = NDR_KRB5PAC_HELPSTRING, - .num_calls = 3, + .num_calls = 4, .calls = krb5pac_calls, .endpoints = &krb5pac_endpoints, .authservices = &krb5pac_authservices diff --git a/source3/librpc/gen_ndr/ndr_krb5pac.h b/source3/librpc/gen_ndr/ndr_krb5pac.h index 7f031068790..bf09e3fad56 100644 --- a/source3/librpc/gen_ndr/ndr_krb5pac.h +++ b/source3/librpc/gen_ndr/ndr_krb5pac.h @@ -17,7 +17,9 @@ extern const struct ndr_interface_table ndr_table_krb5pac; #define NDR_DECODE_LOGIN_INFO (0x02) -#define NDR_KRB5PAC_CALL_COUNT (3) +#define NDR_DECODE_PAC_VALIDATE (0x03) + +#define NDR_KRB5PAC_CALL_COUNT (4) void ndr_print_PAC_LOGON_NAME(struct ndr_print *ndr, const char *name, const struct PAC_LOGON_NAME *r); enum ndr_err_code ndr_push_PAC_SIGNATURE_DATA(struct ndr_push *ndr, int ndr_flags, const struct PAC_SIGNATURE_DATA *r); enum ndr_err_code ndr_pull_PAC_SIGNATURE_DATA(struct ndr_pull *ndr, int ndr_flags, struct PAC_SIGNATURE_DATA *r); @@ -46,10 +48,14 @@ void ndr_print_PAC_BUFFER_RAW(struct ndr_print *ndr, const char *name, const str enum ndr_err_code ndr_push_PAC_DATA_RAW(struct ndr_push *ndr, int ndr_flags, const struct PAC_DATA_RAW *r); enum ndr_err_code ndr_pull_PAC_DATA_RAW(struct ndr_pull *ndr, int ndr_flags, struct PAC_DATA_RAW *r); void ndr_print_PAC_DATA_RAW(struct ndr_print *ndr, const char *name, const struct PAC_DATA_RAW *r); +enum ndr_err_code ndr_push_PAC_Validate(struct ndr_push *ndr, int ndr_flags, const struct PAC_Validate *r); +enum ndr_err_code ndr_pull_PAC_Validate(struct ndr_pull *ndr, int ndr_flags, struct PAC_Validate *r); +void ndr_print_PAC_Validate(struct ndr_print *ndr, const char *name, const struct PAC_Validate *r); enum ndr_err_code ndr_push_netsamlogoncache_entry(struct ndr_push *ndr, int ndr_flags, const struct netsamlogoncache_entry *r); enum ndr_err_code ndr_pull_netsamlogoncache_entry(struct ndr_pull *ndr, int ndr_flags, struct netsamlogoncache_entry *r); void ndr_print_netsamlogoncache_entry(struct ndr_print *ndr, const char *name, const struct netsamlogoncache_entry *r); void ndr_print_decode_pac(struct ndr_print *ndr, const char *name, int flags, const struct decode_pac *r); void ndr_print_decode_pac_raw(struct ndr_print *ndr, const char *name, int flags, const struct decode_pac_raw *r); void ndr_print_decode_login_info(struct ndr_print *ndr, const char *name, int flags, const struct decode_login_info *r); +void ndr_print_decode_pac_validate(struct ndr_print *ndr, const char *name, int flags, const struct decode_pac_validate *r); #endif /* _HEADER_NDR_krb5pac */ -- 2.34.1