[cifs-protocol] RE: CreateTrustedDomainEX blob incorrect

Richard Guthrie rguthrie at microsoft.com
Tue Nov 4 19:33:25 GMT 2008 

Andrew,

The section of the documentation that I sent you included the following updated text.  It was decided to put this information in section 2.2.58 because this structure is used by multiple interfaces.

        The incoming and outgoing authentication information buffer size included at the end of the LSAPR_TRUSTED_DOMAIN_AUTH_BLOB can be used to extract       the incoming and outgoing authentication information buffers from the LSAPR_TRUSTED_DOMAIN_AUTH_BLOB. Each of these buffers contains the byte   offset to both the current and the previous authentication information. This information can be used to extract current and (if any) previous   authentication information.

It would appear that the trustAuthInOutBlob in the IDL you provided does not correctly represent LSAPR_TRUSTED_DOMAIN_AUTH_BLOB as it is missing a count of incoming auth infos.  I have included some additional information in Layout of buffers in LSAPR_TRUSTED_DOMAIN_AUTH_BLOB pdf/docx documents that are attached.

        /* This is nopull,nopush because we pass count down to the
         * manual parser of AuthenticationInformationArray */
        typedef [public,nopull,nopush,noprint,gensize] struct {
                uint32 count; <-- There is only one count parameter here
                [relative] AuthenticationInformationArray *current;
                [relative] AuthenticationInformationArray *previous;
        } trustAuthInOutBlob;

Please let us know if there are further questions.

Richard Guthrie
Open Protocols Support Team
Support Escalation Engineer, US-CSS DSC PROTOCOL TEAM
Tel: +1 (469) 775-7794
E-mail: rguthrie at microsoft.com




-----Original Message-----
From: Andrew Bartlett [mailto:abartlet at samba.org]
Sent: Monday, November 03, 2008 5:42 PM
To: Richard Guthrie
Cc: pfif at tridgell.net; cifs-protocol at samba.org
Subject: RE: [cifs-protocol] RE: CreateTrustedDomainEX blob incorrect

On Mon, 2008-11-03 at 07:18 -0800, Richard Guthrie wrote:
> Andrew,
>
> I have attached an updated MS-LSAD document that contains a revised
> text for section 2.2.58.  The highlighted text is what we have added
> to make this structure more clear on how to parse it.  In order to
> successfully parse this structure you need to use the values in
>
> 1.      Outgoing authentication information size
> 2.      Incoming authentication information size
>
> These values tell you the size of incoming and outgoing authentication information.  Outgoing buffer is always before incoming.  Once you have the buffer for outgoing and incoming authentication information the offsets for current and previous LSAPR_AUTH_INFORMATION will make sense.
>
> Please review the documentation and let us know if you have further questions.

I still don't see any changes - and I'm still really confused.  Perhaps you can highlight in this blob where the previous authentication is?  It is quite possible my parser just skips it, but for now I'm very confused.

I already do the 'backwards' parsing to get the sizes, to then pull apart two self-referential blobs.

Thanks,

Andrew Bartlett

--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: LSAPR_TRUSTED_DOMAIN_AUTH_BLOB.DOCX
Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document
Size: 12707 bytes
Desc: LSAPR_TRUSTED_DOMAIN_AUTH_BLOB.DOCX
Url : http://lists.samba.org/archive/cifs-protocol/attachments/20081104/4e38c295/LSAPR_TRUSTED_DOMAIN_AUTH_BLOB-0001.bin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Layout of buffers in LSAPR_TRUSTED_DOMAIN_AUTH_BLOB.DOCX
Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document
Size: 12881 bytes
Desc: Layout of buffers in LSAPR_TRUSTED_DOMAIN_AUTH_BLOB.DOCX
Url : http://lists.samba.org/archive/cifs-protocol/attachments/20081104/4e38c295/LayoutofbuffersinLSAPR_TRUSTED_DOMAIN_AUTH_BLOB-0001.bin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Layout of buffers in LSAPR_TRUSTED_DOMAIN_AUTH_BLOB.PDF
Type: application/pdf
Size: 36577 bytes
Desc: Layout of buffers in LSAPR_TRUSTED_DOMAIN_AUTH_BLOB.PDF
Url : http://lists.samba.org/archive/cifs-protocol/attachments/20081104/4e38c295/LayoutofbuffersinLSAPR_TRUSTED_DOMAIN_AUTH_BLOB-0001.pdf

More information about the cifs-protocol mailing list