svn commit: samba r8156 - in branches/SAMBA_4_0/source: auth/kerberos librpc/idl torture/auth

metze at samba.org metze at samba.org
Tue Jul 5 06:13:13 GMT 2005


Author: metze
Date: 2005-07-05 06:13:12 +0000 (Tue, 05 Jul 2005)
New Revision: 8156

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=8156

Log:
I found out that the unknown[2] field of the unknown[4] array is a length too,
it's always 16 bytes smaller than the size in the PAC_BUFFER

we now dump the blob's on LOCAL-PAC with -d 10

metze
Modified:
   branches/SAMBA_4_0/source/auth/kerberos/kerberos_pac.c
   branches/SAMBA_4_0/source/librpc/idl/krb5pac.idl
   branches/SAMBA_4_0/source/torture/auth/pac.c


Changeset:
Modified: branches/SAMBA_4_0/source/auth/kerberos/kerberos_pac.c
===================================================================
--- branches/SAMBA_4_0/source/auth/kerberos/kerberos_pac.c	2005-07-04 19:16:34 UTC (rev 8155)
+++ branches/SAMBA_4_0/source/auth/kerberos/kerberos_pac.c	2005-07-05 06:13:12 UTC (rev 8156)
@@ -92,6 +92,8 @@
 	DATA_BLOB modified_pac_blob = data_blob_talloc(mem_ctx, blob.data, blob.length);
 	int i;
 
+	/* file_save("tmp_pac_data.dat",blob.data,blob.length); */
+
 	status = ndr_pull_struct_blob(&blob, mem_ctx, &pac_data,
 					(ndr_pull_flags_fn_t)ndr_pull_PAC_DATA);
 	if (!NT_STATUS_IS_OK(status)) {
@@ -111,7 +113,7 @@
 				if (!pac_data.buffers[i].info) {
 					break;
 				}
-				logon_info = pac_data.buffers[i].info->logon_info.i;
+				logon_info = pac_data.buffers[i].info->logon_info.info;
 				break;
 			case PAC_TYPE_SRV_CHECKSUM:
 				if (!pac_data.buffers[i].info) {
@@ -315,11 +317,7 @@
 		return EINVAL;
 	}
 
-	u_LOGON_INFO->logon_info.unknown[0]	= 0x00081001;
-	u_LOGON_INFO->logon_info.unknown[1]	= 0xCCCCCCCC;
-	u_LOGON_INFO->logon_info.unknown[2]	= 0x000001C8;
-	u_LOGON_INFO->logon_info.unknown[3]	= 0x00000000;
-	u_LOGON_INFO->logon_info.i		= LOGON_INFO;
+	u_LOGON_INFO->logon_info.info		= LOGON_INFO;
 	LOGON_INFO->info3.base = *sam;
 
 	LOGON_NAME->account_name	= server_info->account_name;

Modified: branches/SAMBA_4_0/source/librpc/idl/krb5pac.idl
===================================================================
--- branches/SAMBA_4_0/source/librpc/idl/krb5pac.idl	2005-07-04 19:16:34 UTC (rev 8155)
+++ branches/SAMBA_4_0/source/librpc/idl/krb5pac.idl	2005-07-05 06:13:12 UTC (rev 8156)
@@ -23,15 +23,18 @@
 		uint8 signature[16];
 	} PAC_SIGNATURE_DATA;
 
-	typedef struct {
+	typedef [gensize] struct {
 		netr_SamInfo3 info3;
 		dom_sid2 *res_group_dom_sid;
 		samr_RidWithAttributeArray res_groups;
     	} PAC_LOGON_INFO;
 
 	typedef struct {
-		uint32 unknown[4];
-		PAC_LOGON_INFO *i;
+		[value(0x00081001)] uint32 unknown1;
+		[value(0xCCCCCCCC)] uint32 unknown2;
+		[value(NDR_ROUND(ndr_size_PAC_LOGON_INFO(info, ndr->flags)+4,8))] uint32 _ndr_size;
+		[value(0x00000000)] uint32 unknown3;
+		PAC_LOGON_INFO *info;
     	} PAC_LOGON_INFO_CTR;
 
 	typedef [public,v1_enum] enum {

Modified: branches/SAMBA_4_0/source/torture/auth/pac.c
===================================================================
--- branches/SAMBA_4_0/source/torture/auth/pac.c	2005-07-04 19:16:34 UTC (rev 8155)
+++ branches/SAMBA_4_0/source/torture/auth/pac.c	2005-07-05 06:13:12 UTC (rev 8156)
@@ -119,7 +119,7 @@
 		return False;
 	}
 
-	/* dump_data(0,tmp_blob.data,tmp_blob.length); */
+	dump_data(10,tmp_blob.data,tmp_blob.length);
 
 	/* Now check that we can read it back */
 	nt_status = kerberos_decode_pac(mem_ctx, &pac_info,
@@ -230,7 +230,7 @@
 
 	/*tmp_blob.data = file_load(lp_parm_string(-1,"torture","pac_file"), &tmp_blob.length);*/
 
-	/*dump_data(0,tmp_blob.data,tmp_blob.length);*/
+	dump_data(10,tmp_blob.data,tmp_blob.length);
 
 	/* Decode and verify the signaure on the PAC */
 	nt_status = kerberos_decode_pac(mem_ctx, &pac_info,
@@ -263,7 +263,7 @@
 		return False;
 	}
 
-	/* dump_data(0,validate_blob.data,validate_blob.length); */
+	dump_data(10,validate_blob.data,validate_blob.length);
 
 	/* all we can check is the length of the buffers,
 	 * to check that the alignment and padding is ok,



More information about the samba-cvs mailing list