PAC_BUFFER_RAW buffers[num_buffers];
} PAC_DATA_RAW;
+ const int NETLOGON_GENERIC_KRB5_PAC_VALIDATE = 3;
+
typedef [public] struct {
- uint32 MessageType;
+ [value(NETLOGON_GENERIC_KRB5_PAC_VALIDATE)] uint32 MessageType;
uint32 ChecksumLength;
uint32 SignatureType;
uint32 SignatureLength;
lsa_String unknown4;
} netr_PacInfo;
+ typedef [flag(NDR_PAHEX)] struct {
+ uint32 length;
+ [size_is(length)] uint8 *data;
+ } netr_GenericInfo2;
+
typedef enum {
NetlogonValidationUasInfo = 1,
NetlogonValidationSamInfo = 2,
[case(NetlogonValidationSamInfo)] netr_SamInfo2 *sam2;
[case(NetlogonValidationSamInfo2)] netr_SamInfo3 *sam3;
[case(4)] netr_PacInfo *pac;
- [case(NetlogonValidationGenericInfo2)] netr_PacInfo *pac;
+ [case(NetlogonValidationGenericInfo2)] netr_GenericInfo2 *generic;
[case(NetlogonValidationSamInfo4)] netr_SamInfo6 *sam6;
} netr_Validation;
(ndr_push_flags_fn_t)ndr_push_PAC_Validate);
torture_assert(tctx, NDR_ERR_CODE_IS_SUCCESS(ndr_err), "ndr_push_struct_blob of PACValidate structure failed");
-
+ torture_assert(tctx, (creds->negotiate_flags & NETLOGON_NEG_ARCFOUR), "not willing to even try a PACValidate without RC4 encryption");
+ creds_arcfour_crypt(creds, pac_wrapped.data, pac_wrapped.length);
+
/* Validate it over the netlogon pipe */
generic.identity_info.parameter_control = 0;