[cifs-protocol] RE: CreateTrustedDomainEX blob incorrect

Richard Guthrie rguthrie at microsoft.com
Mon Jan 19 16:39:50 GMT 2009


I have completed my investigation into the LSAPR_TRUSTED_DOMAIN_AUTH_BLOB structure and would like to provide you with the updated section of the documentation.  I wanted to also make you aware of an addition to the documentation text regarding byte alignment for the current/previous auth info structures.  Please let us know if you have further questions or comments.

Richard Guthrie
Support Escalation Engineer
Open Protocols Support Team
Tel: +1 (469) 775-7794
E-mail: rguthrie at microsoft.com

-----Original Message-----
From: Andrew Bartlett [mailto:abartlet at samba.org]
Sent: Tuesday, November 04, 2008 5:44 PM
To: Richard Guthrie
Cc: pfif at tridgell.net; cifs-protocol at samba.org
Subject: RE: [cifs-protocol] RE: CreateTrustedDomainEX blob incorrect

On Tue, 2008-11-04 at 11:33 -0800, Richard Guthrie wrote:
> Andrew,
> The section of the documentation that I sent you included the
> following updated text.  It was decided to put this information in
> section 2.2.58 because this structure is used by multiple interfaces.
>         The incoming and outgoing authentication information buffer
> size included at the end of the LSAPR_TRUSTED_DOMAIN_AUTH_BLOB can be
> used to extract       the incoming and outgoing authentication
> information buffers from the LSAPR_TRUSTED_DOMAIN_AUTH_BLOB. Each of
> these buffers contains the byte   offset to both the current and the
> previous authentication information. This information can be used to
> extract current and (if any) previous   authentication information.
> It would appear that the trustAuthInOutBlob in the IDL you provided
> does not correctly represent LSAPR_TRUSTED_DOMAIN_AUTH_BLOB

I think I need to do some renaming in our IDL.  Not that I like the Microsoft names, but the current situation is confusing.  We use this to decode the LSA form of the blob:

        typedef [public,gensize] struct {
                uint32 count;
                [relative] AuthenticationInformation *current[count];
        } trustCurrentPasswords;

        typedef [public,nopull] struct {
                uint8 confounder[512];
                [subcontext(0),subcontext_size(outgoing_size)] trustCurrentPasswords outgoing;
                [subcontext(0),subcontext_size(incoming_size)] trustCurrentPasswords incoming;
                [value(ndr_size_trustCurrentPasswords(&outgoing, ndr->flags))] uint32 outgoing_size;
                [value(ndr_size_trustCurrentPasswords(&incoming, ndr->flags))] uint32 incoming_size;
        } trustDomainPasswords;

>  as it is missing a count of incoming auth infos.  I have included some additional information in Layout of buffers in LSAPR_TRUSTED_DOMAIN_AUTH_BLOB pdf/docx documents that are attached.

I can't read the docx files.

Andrew Bartlett

Andrew Bartlett
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: SRX081119601362.zip
Type: application/x-zip-compressed
Size: 111972 bytes
Desc: SRX081119601362.zip
Url : http://lists.samba.org/archive/cifs-protocol/attachments/20090119/ecdf3022/SRX081119601362-0001.bin

More information about the cifs-protocol mailing list