From 5db983d1538453f0ba35d67a099396a18c7ab736 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Tue, 22 Jul 2008 12:28:07 +0200
Subject: [PATCH] drsblobs.idl: add idl for Primary:Kerberos-Newer-Keys blob in
 supplementalCredentials

metze
(cherry picked from commit 97b7901afbccc9647ad2958d4cf12300de2655d1)
---
 source/librpc/idl/drsblobs.idl | 37 ++++++++++++++++++++++++++++++++++
 1 file changed, 37 insertions(+)

diff --git a/source/librpc/idl/drsblobs.idl b/source/librpc/idl/drsblobs.idl
index b6d444ff0d3..2d82976f4d6 100644
--- a/source/librpc/idl/drsblobs.idl
+++ b/source/librpc/idl/drsblobs.idl
@@ -215,6 +215,9 @@ interface drsblobs {
 		 *   as non termiated UTF16 strings with
 		 *   a UTF16 NULL byte as separator
 		 *
+		 * 'Primary:Kerberos-Newer-Keys':
+		 *    ...
+		 *
 		 * 'Primary:Kerberos':
 		 *    ...
 		 *
@@ -303,6 +306,40 @@ interface drsblobs {
 		[in] package_PrimaryKerberosBlob blob
 		);
 
+	typedef struct {
+		[value(0)] uint32 unknown1;
+		[value(0)] uint32 unknown2;
+		[value(0x00001000)] uint32 unknown3; /* could the the iterator for the AES key creation */
+		uint32 keytype;
+		[value((value?value->length:0))] uint32 value_len;
+		[relative,subcontext(0),subcontext_size(value_len),flag(NDR_REMAINING)] DATA_BLOB *value;
+	} package_PrimaryKerberosNewerKey;
+
+	typedef struct {
+		uint16 num_keys;
+		[value(0)] uint16 unknown1;
+		uint16 num_old_keys1;
+		uint16 num_old_keys2;
+		package_PrimaryKerberosString salt;
+		[value(0x00001000)] uint32 unknown2; /* could the the iterator for the AES key creation */
+		package_PrimaryKerberosNewerKey keys[num_keys];
+		package_PrimaryKerberosNewerKey old_keys1[num_old_keys1];
+		package_PrimaryKerberosNewerKey old_keys2[num_old_keys2];
+	} package_PrimaryKerberosNewerCtr4;
+
+	typedef [nodiscriminant] union {
+		[case(4)] package_PrimaryKerberosNewerCtr4 ctr4;
+	} package_PrimaryKerberosNewerCtr;
+
+	typedef [public] struct {
+		[value(4)] uint32 version;
+		[switch_is(version)] package_PrimaryKerberosNewerCtr ctr;
+	} package_PrimaryKerberosNewerBlob;
+
+	void decode_PrimaryKerberosNewer(
+		[in] package_PrimaryKerberosNewerBlob blob
+		);
+
 	typedef [public] struct {
 		[flag(STR_NOTERM|NDR_REMAINING)] string cleartext;
 	} package_PrimaryCLEARTEXTBlob;
-- 
2.34.1