id_info_1 has a pointer at the front of it. so does return credentials,
and so does the client credentials. these are all from the sam logon.
auth_level is 16 bytes not 32 and is actually called a switch_level.
smbparse.c :
smb_io_unihdr() - uni_max_len and uni_str_len are 16 bytes not 32.
this may have a knock-on effect on smb_in_unihdr2() but we'll see...
(This used to be commit
ce36bfb3e4ad4b72a9f9759a3c49d2a73175d249)
typedef struct clnt_info2
{
DOM_CLNT_SRV login;
typedef struct clnt_info2
{
DOM_CLNT_SRV login;
DOM_CRED cred;
} DOM_CLNT_INFO2;
DOM_CRED cred;
} DOM_CLNT_INFO2;
/* DOM_ID_INFO_1 */
typedef struct id_info_1
{
/* DOM_ID_INFO_1 */
typedef struct id_info_1
{
+ uint32 ptr_id_info1; /* pointer to id_info_1 */
UNIHDR hdr_domain_name; /* domain name unicode header */
UNIHDR hdr_domain_name; /* domain name unicode header */
- uint32 param; /* param control */
+ uint32 param_ctrl; /* param control */
DOM_LOGON_ID logon_id; /* logon ID */
UNIHDR hdr_user_name; /* user name unicode header */
UNIHDR hdr_workgroup_name; /* workgroup name unicode header */
DOM_LOGON_ID logon_id; /* logon ID */
UNIHDR hdr_user_name; /* user name unicode header */
UNIHDR hdr_workgroup_name; /* workgroup name unicode header */
typedef struct sam_info
{
DOM_CLNT_INFO2 client;
typedef struct sam_info
{
DOM_CLNT_INFO2 client;
+ uint32 ptr_rtn_cred; /* pointer to return credentials */
DOM_CRED rtn_cred; /* return credentials */
uint16 logon_level;
DOM_CRED rtn_cred; /* return credentials */
uint16 logon_level;
- uint32 auth_level; /* undocumented */
DEBUG(5,("%s%04x smb_io_unihdr\n", tab_depth(depth), PTR_DIFF(q, base)));
depth++;
DEBUG(5,("%s%04x smb_io_unihdr\n", tab_depth(depth), PTR_DIFF(q, base)));
depth++;
- /* should be value 4, so enforce it. */
- hdr->undoc = 4;
-
q = align_offset(q, base, align);
q = align_offset(q, base, align);
- DBG_RW_IVAL("uni_max_len", depth, base, io, q, hdr->uni_max_len); q += 4;
- DBG_RW_IVAL("uni_str_len", depth, base, io, q, hdr->uni_str_len); q += 4;
+ DBG_RW_SVAL("uni_max_len", depth, base, io, q, hdr->uni_max_len); q += 4;
+ DBG_RW_SVAL("uni_str_len", depth, base, io, q, hdr->uni_str_len); q += 4;
DBG_RW_IVAL("undoc ", depth, base, io, q, hdr->undoc ); q += 4;
return q;
DBG_RW_IVAL("undoc ", depth, base, io, q, hdr->undoc ); q += 4;
return q;
q = align_offset(q, base, align);
q = smb_io_clnt_srv(io, &(clnt->login), q, base, align, depth);
q = align_offset(q, base, align);
q = smb_io_clnt_srv(io, &(clnt->login), q, base, align, depth);
+
+ q = align_offset(q, base, align);
+
+ DBG_RW_IVAL("ptr_cred", depth, base, io, q, clnt->ptr_cred); q += 4;
q = smb_io_cred (io, &(clnt->cred ), q, base, align, depth);
return q;
q = smb_io_cred (io, &(clnt->cred ), q, base, align, depth);
return q;
q = align_offset(q, base, align);
q = align_offset(q, base, align);
- q = smb_io_unihdr(io, &(id->hdr_domain_name ), q, base, align, depth);
+ DBG_RW_IVAL("ptr_id_info1", depth, base, io, q, id->ptr_id_info1); q += 4;
- DBG_RW_IVAL("param", depth, base, io, q, id->param); q += 4;
- q = smb_io_logon_id(io, &(id->logon_id), q, base, align, depth);
+ if (id->ptr_id_info1 != 0)
+ {
+ q = smb_io_unihdr(io, &(id->hdr_domain_name ), q, base, align, depth);
+
+ DBG_RW_IVAL("param_ctrl", depth, base, io, q, id->param_ctrl); q += 4;
+ q = smb_io_logon_id(io, &(id->logon_id), q, base, align, depth);
- q = smb_io_unihdr(io, &(id->hdr_user_name ), q, base, align, depth);
- q = smb_io_unihdr(io, &(id->hdr_workgroup_name), q, base, align, depth);
+ q = smb_io_unihdr(io, &(id->hdr_user_name ), q, base, align, depth);
+ q = smb_io_unihdr(io, &(id->hdr_workgroup_name), q, base, align, depth);
- q = smb_io_arc4_owf(io, &(id->arc4_lm_owf), q, base, align, depth);
- q = smb_io_arc4_owf(io, &(id->arc4_nt_owf), q, base, align, depth);
+ q = smb_io_arc4_owf(io, &(id->arc4_lm_owf), q, base, align, depth);
+ q = smb_io_arc4_owf(io, &(id->arc4_nt_owf), q, base, align, depth);
- q = smb_io_unistr2(io, &(id->uni_domain_name ), q, base, align, depth);
- q = smb_io_unistr2(io, &(id->uni_user_name ), q, base, align, depth);
- q = smb_io_unistr2(io, &(id->uni_workgroup_name), q, base, align, depth);
+ q = smb_io_unistr2(io, &(id->uni_domain_name ), q, base, align, depth);
+ q = smb_io_unistr2(io, &(id->uni_user_name ), q, base, align, depth);
+ q = smb_io_unistr2(io, &(id->uni_workgroup_name), q, base, align, depth);
+ }
q = align_offset(q, base, align);
q = smb_io_clnt_info2(io, &(sam->client ), q, base, align, depth);
q = align_offset(q, base, align);
q = smb_io_clnt_info2(io, &(sam->client ), q, base, align, depth);
+
+ DBG_RW_IVAL("ptr_rtn_cred", depth, base, io, q, sam->ptr_rtn_cred); q += 4;
q = smb_io_cred (io, &(sam->rtn_cred), q, base, align, depth);
q = smb_io_cred (io, &(sam->rtn_cred), q, base, align, depth);
- DBG_RW_IVAL("logon_level", depth, base, io, q, sam->logon_level); q += 4;
- DBG_RW_SVAL("auth_level ", depth, base, io, q, sam->auth_level ); q += 4;
+ DBG_RW_SVAL("logon_level ", depth, base, io, q, sam->logon_level); q += 2;
+ DBG_RW_SVAL("switch_value", depth, base, io, q, sam->switch_value); q += 2;
- switch (sam->auth_level)
+ switch (sam->switch_value)
+ DEBUG(4,("smb_io_sam_info: unknown switch_value!\n"));