[cifs-protocol] RE: CreateTrustedDomainEX blob incorrect
Andrew Bartlett
abartlet at samba.org
Tue Nov 4 23:43:38 GMT 2008
On Tue, 2008-11-04 at 11:33 -0800, Richard Guthrie wrote:
> Andrew,
>
> The section of the documentation that I sent you included the
> following updated text. It was decided to put this information in
> section 2.2.58 because this structure is used by multiple interfaces.
>
> The incoming and outgoing authentication information buffer
> size included at the end of the LSAPR_TRUSTED_DOMAIN_AUTH_BLOB can be
> used to extract the incoming and outgoing authentication
> information buffers from the LSAPR_TRUSTED_DOMAIN_AUTH_BLOB. Each of
> these buffers contains the byte offset to both the current and the
> previous authentication information. This information can be used to
> extract current and (if any) previous authentication information.
>
> It would appear that the trustAuthInOutBlob in the IDL you provided
> does not correctly represent LSAPR_TRUSTED_DOMAIN_AUTH_BLOB
I think I need to do some renaming in our IDL. Not that I like the
Microsoft names, but the current situation is confusing. We use this to
decode the LSA form of the blob:
typedef [public,gensize] struct {
uint32 count;
[relative] AuthenticationInformation *current[count];
} trustCurrentPasswords;
typedef [public,nopull] struct {
uint8 confounder[512];
[subcontext(0),subcontext_size(outgoing_size)] trustCurrentPasswords
outgoing;
[subcontext(0),subcontext_size(incoming_size)] trustCurrentPasswords
incoming;
[value(ndr_size_trustCurrentPasswords(&outgoing, ndr->flags))] uint32
outgoing_size;
[value(ndr_size_trustCurrentPasswords(&incoming, ndr->flags))] uint32
incoming_size;
} trustDomainPasswords;
> as it is missing a count of incoming auth infos. I have included some additional information in Layout of buffers in LSAPR_TRUSTED_DOMAIN_AUTH_BLOB pdf/docx documents that are attached.
I can't read the docx files.
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/cifs-protocol/attachments/20081105/6e136211/attachment.bin
More information about the cifs-protocol
mailing list