Add new Windows 2008 Kerberos PAC Type 12 (apparently again undocumented).
authorGünther Deschner <gd@samba.org>
Tue, 4 Mar 2008 11:26:05 +0000 (12:26 +0100)
committerKarolin Seeger <kseeger@samba.org>
Tue, 4 Mar 2008 14:49:08 +0000 (15:49 +0100)
We need at least to parse this in order to correctly support kerberized session
setup from w2k8 as well as local pam_winbind logons using kerberos.

Guenther
(cherry picked from commit 4ba62d49d740c43cf17ceef1534cf1c8a7e4a130)
(This used to be commit a3b623bfbbfb1abe0c1f0adcf83afbf808df60a4)

source3/librpc/idl/krb5pac.idl

index 601e3e1a276b8fc1e9696fac9b44b155c2eedca5..11f08e11aa5c5935041c60abd8cf028bb824698d 100644 (file)
@@ -31,6 +31,19 @@ interface krb5pac
                samr_RidWithAttributeArray res_groups;
        } PAC_LOGON_INFO;
 
+       typedef struct {
+               [value(2*strlen_m(upn_name))] uint16 upn_size;
+               uint16 unknown1; /* 0x10 */
+               [value(2*strlen_m(domain_name))] uint16 domain_size;
+               uint16 unknown2; /* 0x50 */
+               uint16 unknown3; /* 0x01 */
+               uint16 unknown4;
+               uint32 unknown5;
+               [charset(UTF16)] uint8 upn_name[upn_size+2];
+               [charset(UTF16)] uint8 domain_name[domain_size+2];
+               uint32 unknown6;
+       } PAC_UNKNOWN_12;
+
        typedef [public] struct {
                [value(0x00081001)] uint32 unknown1;
                [value(0xCCCCCCCC)] uint32 unknown2;
@@ -44,7 +57,8 @@ interface krb5pac
                PAC_TYPE_SRV_CHECKSUM = 6,
                PAC_TYPE_KDC_CHECKSUM = 7,
                PAC_TYPE_LOGON_NAME = 10,
-               PAC_TYPE_CONSTRAINED_DELEGATION = 11
+               PAC_TYPE_CONSTRAINED_DELEGATION = 11,
+               PAC_TYPE_UNKNOWN_12 = 12
        } PAC_TYPE;
 
        typedef [public,nodiscriminant,gensize] union {
@@ -52,6 +66,7 @@ interface krb5pac
                [case(PAC_TYPE_SRV_CHECKSUM)]   PAC_SIGNATURE_DATA srv_cksum;
                [case(PAC_TYPE_KDC_CHECKSUM)]   PAC_SIGNATURE_DATA kdc_cksum;
                [case(PAC_TYPE_LOGON_NAME)]     PAC_LOGON_NAME logon_name;
+               [case(PAC_TYPE_UNKNOWN_12)]     PAC_UNKNOWN_12 unknown;
        } PAC_INFO;
 
        typedef [public,nopush,nopull,noprint] struct {