svn commit: samba r21342 - in branches/SAMBA_4_0/source/librpc/idl:
.
metze at samba.org
metze at samba.org
Wed Feb 14 15:21:42 GMT 2007
Author: metze
Date: 2007-02-14 15:21:41 +0000 (Wed, 14 Feb 2007)
New Revision: 21342
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=21342
Log:
add parsing code for the trustAuthIncoming/trustAuthOutgoing attributes
not everything has a meaning yet, but it's a start and we know how to get
to the password in cleartext
metze
Modified:
branches/SAMBA_4_0/source/librpc/idl/drsblobs.idl
Changeset:
Modified: branches/SAMBA_4_0/source/librpc/idl/drsblobs.idl
===================================================================
--- branches/SAMBA_4_0/source/librpc/idl/drsblobs.idl 2007-02-14 15:18:37 UTC (rev 21341)
+++ branches/SAMBA_4_0/source/librpc/idl/drsblobs.idl 2007-02-14 15:21:41 UTC (rev 21342)
@@ -254,7 +254,73 @@
[in] supplementalCredentialsBlob blob
);
+
+ typedef struct {
+ NTTIME time1;
+ uint32 unknown1;
+ /*
+ * the secret value is encoded as UTF16 if it's a string
+ * but krb5 trusts have random bytes here, so converting to UTF16
+ * mayfail...
+ *
+ * TODO: We should try handle the case of a random buffer in all places
+ * we deal with cleartext passwords from windows
+ *
+ * so we don't use this:
+ *
+ * uint32 value_len;
+ * [charset(UTF16)] uint8 value[value_len];
+ */
+ DATA_BLOB value;
+ [flag(NDR_ALIGN4)] DATA_BLOB _pad;
+ } trustAuthInOutSecret1;
+
+ typedef struct {
+ [relative] trustAuthInOutSecret1 *value1;
+ [relative] trustAuthInOutSecret1 *value2;
+ } trustAuthInOutCtr1;
+
+ typedef struct {
+ NTTIME time1;
+ uint32 unknown1;
+ DATA_BLOB value;
+ NTTIME time2;
+ uint32 unknown2;
+ uint32 unknown3;
+ uint32 unknown4;
+ [flag(NDR_ALIGN4)] DATA_BLOB _pad;
+ } trustAuthInOutSecret2V1;
+
+ typedef struct {
+ NTTIME time1;
+ uint32 unknown1;
+ DATA_BLOB value;
+ NTTIME time2;
+ uint32 unknown2;
+ uint32 unknown3;
+ [flag(NDR_ALIGN4)] DATA_BLOB _pad;
+ } trustAuthInOutSecret2V2;
+
+ typedef struct {
+ [relative] trustAuthInOutSecret2V1 *value1;
+ [relative] trustAuthInOutSecret2V2 *value2;
+ } trustAuthInOutCtr2;
+
+ typedef [nodiscriminant] union {
+ [case(1)] trustAuthInOutCtr1 ctr1;
+ [case(2)] trustAuthInOutCtr2 ctr2;
+ } trustAuthInOutCtr;
+
typedef [public] struct {
+ uint32 version;
+ [switch_is(version)] trustAuthInOutCtr ctr;
+ } trustAuthInOutBlob;
+
+ void decode_trustAuthInOut(
+ [in] trustAuthInOutBlob blob
+ );
+
+ typedef [public] struct {
uint32 marker;
DATA_BLOB data;
} DsCompressedChunk;
More information about the samba-cvs
mailing list