[SCM] Samba Shared Repository - branch v4-0-test updated -
release-4-0-0alpha3-1657-g8e07029
Andrew Bartlett
abartlet at samba.org
Wed May 21 04:31:01 GMT 2008
The branch, v4-0-test has been updated
via 8e070293cfd522b7464be5bc4d8045572d6d996c (commit)
via 1e897b6148407e9921edd2c3db734930d79ccb42 (commit)
via f4154846401b31d99c40b2ea53992262095366b0 (commit)
via e28790ba4884277f310be1b8bd3fba4fd47dbbdb (commit)
via 441b286c00f9a7743cdefeb243545bdbd2c94c5e (commit)
via 7594f79db6a0e8a46e2863829e5e050b03dfaec1 (commit)
via ef5d1c8d320d45b78a1e709964eaada4f5acda59 (commit)
via bf1b99aff2a8feaee5f57c7530bc81d447e5d765 (commit)
from e05ec3047c4fe0cc2e09a812830fc835dc35abea (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test
- Log -----------------------------------------------------------------
commit 8e070293cfd522b7464be5bc4d8045572d6d996c
Author: Andrew Bartlett <abartlet at samba.org>
Date: Wed May 21 14:29:20 2008 +1000
Fix creation of sockaddr in netlogon datagram generator.
The previous code sent uninitialised data, and was the wrong length.
Andrew Bartlett
commit 1e897b6148407e9921edd2c3db734930d79ccb42
Author: Andrew Bartlett <abartlet at samba.org>
Date: Wed May 21 14:28:50 2008 +1000
Include flags.h into samdb.h
These flags are too useful just to hide away...
Andrew Bartlett
commit f4154846401b31d99c40b2ea53992262095366b0
Author: Andrew Bartlett <abartlet at samba.org>
Date: Wed May 21 14:28:17 2008 +1000
Extend the NBT-DGRAM torture test again.
Andrew Bartlett
commit e28790ba4884277f310be1b8bd3fba4fd47dbbdb
Author: Andrew Bartlett <abartlet at samba.org>
Date: Wed May 21 14:26:38 2008 +1000
Manually handle the NETLOGON_SAM_LOGON_REQUEST too.
With the sid structure being both optional and aligned, it was too
hard to do this in just IDL.
This requried moving some things around, as otherwise we would have a
dependency loop.
Andrew Bartlett
commit 441b286c00f9a7743cdefeb243545bdbd2c94c5e
Author: Andrew Bartlett <abartlet at samba.org>
Date: Wed May 21 12:37:36 2008 +1000
Extend the 'netlogon' CLDAP and NBT implementation.
This now handles checking if the user exists, including validating the
ACB mask on the user.
This would be a nasty security hole, if Kerberos did not already
expose this information anonymously...
Andrew Bartlett
commit 7594f79db6a0e8a46e2863829e5e050b03dfaec1
Merge: ef5d1c8d320d45b78a1e709964eaada4f5acda59 e05ec3047c4fe0cc2e09a812830fc835dc35abea
Author: Andrew Bartlett <abartlet at samba.org>
Date: Wed May 21 12:13:45 2008 +1000
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into 4-0-local
commit ef5d1c8d320d45b78a1e709964eaada4f5acda59
Author: Andrew Bartlett <abartlet at samba.org>
Date: Wed May 21 10:23:02 2008 +1000
Re-add alignment removed by metze in 0e2f6d481b3e35ed392b2b3340b244c77593819c
This manual alignment is required, because the structure is marked as
unaligned.
Andrew Bartlett
commit bf1b99aff2a8feaee5f57c7530bc81d447e5d765
Author: Andrew Bartlett <abartlet at samba.org>
Date: Wed May 21 10:18:21 2008 +1000
Further tests show NTLOGON and NETLOGON to be identical.
I can't tell the difference between the NTLOGON and NETLOGON behaviour
on these pipes, and this 'exception' turned out to be alignment
dependent, not pipe dependent.
Andrew Bartlett
-----------------------------------------------------------------------
Summary of changes:
source/cldap_server/netlogon.c | 60 +++++++--
source/dsdb/samdb/samdb.h | 1 +
source/libcli/config.mk | 12 ++-
source/libcli/ndr_netlogon.c | 209 +++++++++++++++++++++++++++
source/libcli/netlogon.c | 112 +++------------
source/libcli/netlogon.h | 1 +
source/librpc/config.mk | 2 +-
source/librpc/idl/nbt.idl | 16 ++-
source/nbt_server/dgram/netlogon.c | 7 +-
source/torture/ldap/cldap.c | 22 +++-
source/torture/nbt/dgram.c | 277 +++++++++++++++++++++++++++++++++---
11 files changed, 584 insertions(+), 135 deletions(-)
create mode 100644 source/libcli/ndr_netlogon.c
Changeset truncated at 500 lines:
diff --git a/source/cldap_server/netlogon.c b/source/cldap_server/netlogon.c
index b2a034d..f263f33 100644
--- a/source/cldap_server/netlogon.c
+++ b/source/cldap_server/netlogon.c
@@ -46,6 +46,7 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx,
struct dom_sid *domain_sid,
const char *domain_guid,
const char *user,
+ uint32_t acct_control,
const char *src_address,
uint32_t version,
struct loadparm_context *lp_ctx,
@@ -53,7 +54,8 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx,
{
const char *ref_attrs[] = {"nETBIOSName", "dnsRoot", "ncName", NULL};
const char *dom_attrs[] = {"objectGUID", NULL};
- struct ldb_result *ref_res = NULL, *dom_res = NULL;
+ const char *none_attrs[] = {NULL};
+ struct ldb_result *ref_res = NULL, *dom_res = NULL, *user_res = NULL;
int ret;
const char **services = lp_server_services(lp_ctx);
uint32_t server_type;
@@ -68,6 +70,7 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx,
const char *pdc_ip;
struct ldb_dn *partitions_basedn;
struct interface *ifaces;
+ bool user_known;
partitions_basedn = samdb_partitions_dn(sam_ctx, mem_ctx);
@@ -201,6 +204,7 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx,
}
}
+
if ((ref_res == NULL || ref_res->count == 0)) {
DEBUG(2,("Unable to find domain reference with name %s or GUID {%s}\n", domain, domain_guid));
return NT_STATUS_NO_SUCH_DOMAIN;
@@ -211,6 +215,44 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx,
return NT_STATUS_NO_SUCH_DOMAIN;
}
+ /* work around different inputs for not-specified users */
+ if (!user) {
+ user = "";
+ }
+
+ /* Enquire about any valid username with just a CLDAP packet -
+ * if kerberos didn't also do this, the security folks would
+ * scream... */
+ if (user[0]) { \
+ /* Only allow some bits to be enquired: [MS-ATDS] 7.3.3.2 */
+ if (acct_control == (uint32_t)-1) {
+ acct_control = 0;
+ }
+ acct_control = acct_control & (ACB_TEMPDUP | ACB_NORMAL | ACB_DOMTRUST | ACB_WSTRUST | ACB_SVRTRUST);
+
+ /* We must exclude disabled accounts, but otherwise do the bitwise match the client asked for */
+ ret = ldb_search_exp_fmt(sam_ctx, mem_ctx, &user_res,
+ dom_res->msgs[0]->dn, LDB_SCOPE_SUBTREE,
+ none_attrs,
+ "(&(objectClass=user)(samAccountName=%s)"
+ "(!(userAccountControl:" LDB_OID_COMPARATOR_AND ":=%u))"
+ "(userAccountControl:" LDB_OID_COMPARATOR_OR ":=%u))",
+ user, UF_ACCOUNTDISABLE, samdb_acb2uf(acct_control));
+ if (ret != LDB_SUCCESS) {
+ DEBUG(2,("Unable to find referece to user '%s' with ACB 0x%8x under %s: %s\n",
+ user, acct_control, ldb_dn_get_linearized(dom_res->msgs[0]->dn),
+ ldb_errstring(sam_ctx)));
+ return NT_STATUS_NO_SUCH_USER;
+ } else if (user_res->count == 1) {
+ user_known = true;
+ } else {
+ user_known = false;
+ }
+
+ } else {
+ user_known = true;
+ }
+
server_type =
NBT_SERVER_DS | NBT_SERVER_TIMESERV |
NBT_SERVER_CLOSEST | NBT_SERVER_WRITABLE |
@@ -250,13 +292,13 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx,
ZERO_STRUCTP(netlogon);
- if (version & NETLOGON_NT_VERSION_5EX) {
+ /* check if either of these bits is present */
+ if (version & (NETLOGON_NT_VERSION_5EX|NETLOGON_NT_VERSION_5EX_WITH_IP)) {
uint32_t extra_flags = 0;
netlogon->ntver = NETLOGON_NT_VERSION_5EX;
/* could check if the user exists */
- if (!user) {
- user = "";
+ if (user_known) {
netlogon->nt5_ex.command = LOGON_SAM_LOGON_RESPONSE_EX;
} else {
netlogon->nt5_ex.command = LOGON_SAM_LOGON_USER_UNKNOWN_EX;
@@ -277,7 +319,7 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx,
extra_flags = NETLOGON_NT_VERSION_5EX_WITH_IP;
netlogon->nt5_ex.sockaddr.sa_family = 2;
netlogon->nt5_ex.sockaddr.pdc_ip = pdc_ip;
- netlogon->nt5_ex.sockaddr.remaining = data_blob(NULL, 4);
+ netlogon->nt5_ex.sockaddr.remaining = data_blob_talloc_zero(mem_ctx, 8);
}
netlogon->nt5_ex.nt_version = NETLOGON_NT_VERSION_1|NETLOGON_NT_VERSION_5EX|extra_flags;
netlogon->nt5_ex.lmnt_token = 0xFFFF;
@@ -287,8 +329,7 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx,
netlogon->ntver = NETLOGON_NT_VERSION_5;
/* could check if the user exists */
- if (!user) {
- user = "";
+ if (user_known) {
netlogon->nt5.command = LOGON_SAM_LOGON_RESPONSE;
} else {
netlogon->nt5.command = LOGON_SAM_LOGON_USER_UNKNOWN;
@@ -309,8 +350,7 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx,
} else /* (version & NETLOGON_NT_VERSION_1) and all other cases */ {
netlogon->ntver = NETLOGON_NT_VERSION_1;
/* could check if the user exists */
- if (!user) {
- user = "";
+ if (user_known) {
netlogon->nt4.command = LOGON_SAM_LOGON_RESPONSE;
} else {
netlogon->nt4.command = LOGON_SAM_LOGON_USER_UNKNOWN;
@@ -406,7 +446,7 @@ void cldapd_netlogon_request(struct cldap_socket *cldap,
domain, host, user, version, domain_guid));
status = fill_netlogon_samlogon_response(cldapd->samctx, tmp_ctx, domain, NULL, NULL, domain_guid,
- user, src->addr,
+ user, acct_control, src->addr,
version, cldapd->task->lp_ctx, &netlogon);
if (!NT_STATUS_IS_OK(status)) {
goto failed;
diff --git a/source/dsdb/samdb/samdb.h b/source/dsdb/samdb/samdb.h
index 9e02ef7..8370857 100644
--- a/source/dsdb/samdb/samdb.h
+++ b/source/dsdb/samdb/samdb.h
@@ -37,6 +37,7 @@ struct event_context;
#include "dsdb/schema/schema.h"
#include "dsdb/samdb/samdb_proto.h"
#include "dsdb/common/proto.h"
+#include "dsdb/common/flags.h"
#define DSDB_CONTROL_CURRENT_PARTITION_OID "1.3.6.1.4.1.7165.4.3.2"
struct dsdb_control_current_partition {
diff --git a/source/libcli/config.mk b/source/libcli/config.mk
index f502091..16e2343 100644
--- a/source/libcli/config.mk
+++ b/source/libcli/config.mk
@@ -57,9 +57,17 @@ LIBCLI_NBT_OBJ_FILES = $(addprefix $(libclisrcdir)/nbt/, \
$(eval $(call proto_header_template,$(libclisrcdir)/nbt/nbt_proto.h,$(LIBCLI_NBT_OBJ_FILES:.o=.c)))
+[SUBSYSTEM::LIBCLI_NDR_NETLOGON]
+PUBLIC_DEPENDENCIES = LIBNDR \
+ NDR_SECURITY
+
+LIBCLI_NDR_NETLOGON_OBJ_FILES = $(addprefix libcli/, \
+ ndr_netlogon.o)
+
+$(eval $(call proto_header_template,$(libclisrcdir)/ndr_netlogon_proto.h,$(LIBCLI_NDR_NETLOGON_OBJ_FILES:.o=.c)))
+
[SUBSYSTEM::LIBCLI_NETLOGON]
-PUBLIC_DEPENDENCIES = LIBNDR NDR_NBT \
- NDR_SECURITY LIBSAMBA-UTIL
+PUBLIC_DEPENDENCIES = LIBSAMBA-UTIL LIBCLI_NDR_NETLOGON
LIBCLI_NETLOGON_OBJ_FILES = $(addprefix libcli/, \
netlogon.o)
diff --git a/source/libcli/ndr_netlogon.c b/source/libcli/ndr_netlogon.c
new file mode 100644
index 0000000..504b3b0
--- /dev/null
+++ b/source/libcli/ndr_netlogon.c
@@ -0,0 +1,209 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ CLDAP server structures
+
+ Copyright (C) Andrew Bartlett <abartlet at samba.org> 2008
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+/* parser auto-generated by pidl, then hand-modified by abartlet */
+
+#include "includes.h"
+#include "libcli/netlogon.h"
+/* Manually modified to handle the dom_sid being optional based on if it is present or all zero */
+enum ndr_err_code ndr_push_NETLOGON_SAM_LOGON_REQUEST(struct ndr_push *ndr, int ndr_flags, const struct NETLOGON_SAM_LOGON_REQUEST *r)
+{
+ if (ndr_flags & NDR_SCALARS) {
+ NDR_CHECK(ndr_push_align(ndr, 4));
+ NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->request_count));
+ {
+ uint32_t _flags_save_string = ndr->flags;
+ ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM);
+ NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->computer_name));
+ ndr->flags = _flags_save_string;
+ }
+ {
+ uint32_t _flags_save_string = ndr->flags;
+ ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM);
+ NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->user_name));
+ ndr->flags = _flags_save_string;
+ }
+ {
+ uint32_t _flags_save_string = ndr->flags;
+ ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_ASCII|LIBNDR_FLAG_STR_NULLTERM);
+ NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->mailslot_name));
+ ndr->flags = _flags_save_string;
+ }
+ NDR_CHECK(ndr_push_samr_AcctFlags(ndr, NDR_SCALARS, r->acct_control));
+ NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, ndr_size_dom_sid0(&r->sid, ndr->flags)));
+ if (ndr_size_dom_sid0(&r->sid, ndr->flags)) {
+ struct ndr_push *_ndr_sid;
+ uint32_t _flags_save_DATA_BLOB = ndr->flags;
+ ndr_set_flags(&ndr->flags, LIBNDR_FLAG_ALIGN4);
+ NDR_CHECK(ndr_push_DATA_BLOB(ndr, NDR_SCALARS, r->_pad));
+ ndr->flags = _flags_save_DATA_BLOB;
+ NDR_CHECK(ndr_push_subcontext_start(ndr, &_ndr_sid, 0, ndr_size_dom_sid0(&r->sid, ndr->flags)));
+ NDR_CHECK(ndr_push_dom_sid0(_ndr_sid, NDR_SCALARS|NDR_BUFFERS, &r->sid));
+ NDR_CHECK(ndr_push_subcontext_end(ndr, _ndr_sid, 0, ndr_size_dom_sid0(&r->sid, ndr->flags)));
+ }
+ NDR_CHECK(ndr_push_netlogon_nt_version_flags(ndr, NDR_SCALARS, r->nt_version));
+ NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->lmnt_token));
+ NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->lm20_token));
+ }
+ if (ndr_flags & NDR_BUFFERS) {
+ }
+ return NDR_ERR_SUCCESS;
+}
+
+/* Manually modified to handle the dom_sid being optional based on if it is present (size is non-zero) or not */
+enum ndr_err_code ndr_pull_NETLOGON_SAM_LOGON_REQUEST(struct ndr_pull *ndr, int ndr_flags, struct NETLOGON_SAM_LOGON_REQUEST *r)
+{
+ if (ndr_flags & NDR_SCALARS) {
+ NDR_CHECK(ndr_pull_align(ndr, 4));
+ NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->request_count));
+ {
+ uint32_t _flags_save_string = ndr->flags;
+ ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM);
+ NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->computer_name));
+ ndr->flags = _flags_save_string;
+ }
+ {
+ uint32_t _flags_save_string = ndr->flags;
+ ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM);
+ NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->user_name));
+ ndr->flags = _flags_save_string;
+ }
+ {
+ uint32_t _flags_save_string = ndr->flags;
+ ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_ASCII|LIBNDR_FLAG_STR_NULLTERM);
+ NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->mailslot_name));
+ ndr->flags = _flags_save_string;
+ }
+ NDR_CHECK(ndr_pull_samr_AcctFlags(ndr, NDR_SCALARS, &r->acct_control));
+ NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->sid_size));
+ if (r->sid_size) {
+ uint32_t _flags_save_DATA_BLOB = ndr->flags;
+ struct ndr_pull *_ndr_sid;
+ ndr_set_flags(&ndr->flags, LIBNDR_FLAG_ALIGN4);
+ NDR_CHECK(ndr_pull_DATA_BLOB(ndr, NDR_SCALARS, &r->_pad));
+ ndr->flags = _flags_save_DATA_BLOB;
+ NDR_CHECK(ndr_pull_subcontext_start(ndr, &_ndr_sid, 0, r->sid_size));
+ NDR_CHECK(ndr_pull_dom_sid0(_ndr_sid, NDR_SCALARS|NDR_BUFFERS, &r->sid));
+ NDR_CHECK(ndr_pull_subcontext_end(ndr, _ndr_sid, 0, r->sid_size));
+ } else {
+ ZERO_STRUCT(r->sid);
+ }
+ NDR_CHECK(ndr_pull_netlogon_nt_version_flags(ndr, NDR_SCALARS, &r->nt_version));
+ NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->lmnt_token));
+ NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->lm20_token));
+ }
+ if (ndr_flags & NDR_BUFFERS) {
+ }
+ return NDR_ERR_SUCCESS;
+}
+
+/* Manually modified to only push some parts of the structure if certain flags are set */
+enum ndr_err_code ndr_push_NETLOGON_SAM_LOGON_RESPONSE_EX_with_flags(struct ndr_push *ndr, int ndr_flags, const struct NETLOGON_SAM_LOGON_RESPONSE_EX *r)
+{
+ {
+ uint32_t _flags_save_STRUCT = ndr->flags;
+ ndr_set_flags(&ndr->flags, LIBNDR_FLAG_NOALIGN);
+ if (ndr_flags & NDR_SCALARS) {
+ NDR_CHECK(ndr_push_align(ndr, 4));
+ NDR_CHECK(ndr_push_netlogon_command(ndr, NDR_SCALARS, r->command));
+ NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->sbz));
+ NDR_CHECK(ndr_push_nbt_server_type(ndr, NDR_SCALARS, r->server_type));
+ NDR_CHECK(ndr_push_GUID(ndr, NDR_SCALARS, &r->domain_uuid));
+ NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->forest));
+ NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->dns_domain));
+ NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->pdc_dns_name));
+ NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->domain));
+ NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->pdc_name));
+ NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->user_name));
+ NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->server_site));
+ NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->client_site));
+ if (r->nt_version & NETLOGON_NT_VERSION_5EX_WITH_IP) {
+ NDR_CHECK(ndr_push_uint8(ndr, NDR_SCALARS, ndr_size_nbt_sockaddr(&r->sockaddr, ndr->flags)));
+ {
+ struct ndr_push *_ndr_sockaddr;
+ NDR_CHECK(ndr_push_subcontext_start(ndr, &_ndr_sockaddr, 0, ndr_size_nbt_sockaddr(&r->sockaddr, ndr->flags)));
+ NDR_CHECK(ndr_push_nbt_sockaddr(_ndr_sockaddr, NDR_SCALARS|NDR_BUFFERS, &r->sockaddr));
+ NDR_CHECK(ndr_push_subcontext_end(ndr, _ndr_sockaddr, 0, ndr_size_nbt_sockaddr(&r->sockaddr, ndr->flags)));
+ }
+ }
+ if (r->nt_version & NETLOGON_NT_VERSION_WITH_CLOSEST_SITE) {
+ NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->next_closest_site));
+ }
+ NDR_CHECK(ndr_push_netlogon_nt_version_flags(ndr, NDR_SCALARS, r->nt_version));
+ NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->lmnt_token));
+ NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->lm20_token));
+ }
+ if (ndr_flags & NDR_BUFFERS) {
+ NDR_CHECK(ndr_push_GUID(ndr, NDR_BUFFERS, &r->domain_uuid));
+ }
+ ndr->flags = _flags_save_STRUCT;
+ }
+ return NDR_ERR_SUCCESS;
+}
+
+/* Manually modified to only pull some parts of the structure if certain flags provided */
+enum ndr_err_code ndr_pull_NETLOGON_SAM_LOGON_RESPONSE_EX_with_flags(struct ndr_pull *ndr, int ndr_flags, struct NETLOGON_SAM_LOGON_RESPONSE_EX *r,
+ uint32_t nt_version_flags)
+{
+ {
+ uint32_t _flags_save_STRUCT = ndr->flags;
+ ZERO_STRUCTP(r);
+ ndr_set_flags(&ndr->flags, LIBNDR_FLAG_NOALIGN);
+ if (ndr_flags & NDR_SCALARS) {
+ NDR_CHECK(ndr_pull_align(ndr, 4));
+ NDR_CHECK(ndr_pull_netlogon_command(ndr, NDR_SCALARS, &r->command));
+ NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->sbz));
+ NDR_CHECK(ndr_pull_nbt_server_type(ndr, NDR_SCALARS, &r->server_type));
+ NDR_CHECK(ndr_pull_GUID(ndr, NDR_SCALARS, &r->domain_uuid));
+ NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->forest));
+ NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->dns_domain));
+ NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->pdc_dns_name));
+ NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->domain));
+ NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->pdc_name));
+ NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->user_name));
+ NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->server_site));
+ NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->client_site));
+ if (nt_version_flags & NETLOGON_NT_VERSION_5EX_WITH_IP) {
+ NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &r->sockaddr_size));
+ {
+ struct ndr_pull *_ndr_sockaddr;
+ NDR_CHECK(ndr_pull_subcontext_start(ndr, &_ndr_sockaddr, 0, r->sockaddr_size));
+ NDR_CHECK(ndr_pull_nbt_sockaddr(_ndr_sockaddr, NDR_SCALARS|NDR_BUFFERS, &r->sockaddr));
+ NDR_CHECK(ndr_pull_subcontext_end(ndr, _ndr_sockaddr, 0, r->sockaddr_size));
+ }
+ }
+ if (nt_version_flags & NETLOGON_NT_VERSION_WITH_CLOSEST_SITE) {
+ NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->next_closest_site));
+ }
+ NDR_CHECK(ndr_pull_netlogon_nt_version_flags(ndr, NDR_SCALARS, &r->nt_version));
+ if (r->nt_version != nt_version_flags) {
+ return NDR_ERR_VALIDATE;
+ }
+ NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->lmnt_token));
+ NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->lm20_token));
+ }
+ if (ndr_flags & NDR_BUFFERS) {
+ NDR_CHECK(ndr_pull_GUID(ndr, NDR_BUFFERS, &r->domain_uuid));
+ }
+ ndr->flags = _flags_save_STRUCT;
+ }
+ return NDR_ERR_SUCCESS;
+}
diff --git a/source/libcli/netlogon.c b/source/libcli/netlogon.c
index 3ef7cf6..052d7cb 100644
--- a/source/libcli/netlogon.c
+++ b/source/libcli/netlogon.c
@@ -1,99 +1,27 @@
-/* parser auto-generated by pidl, then hand-modified by abartlet */
+/*
+ Unix SMB/CIFS implementation.
+
+ CLDAP server structures
+
+ Copyright (C) Andrew Bartlett <abartlet at samba.org> 2008
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
#include "includes.h"
#include "libcli/netlogon.h"
-_PUBLIC_ enum ndr_err_code ndr_push_NETLOGON_SAM_LOGON_RESPONSE_EX_with_flags(struct ndr_push *ndr, int ndr_flags, const struct NETLOGON_SAM_LOGON_RESPONSE_EX *r)
-{
- {
- uint32_t _flags_save_STRUCT = ndr->flags;
- ndr_set_flags(&ndr->flags, LIBNDR_FLAG_NOALIGN);
- if (ndr_flags & NDR_SCALARS) {
- NDR_CHECK(ndr_push_align(ndr, 4));
- NDR_CHECK(ndr_push_netlogon_command(ndr, NDR_SCALARS, r->command));
- NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->sbz));
- NDR_CHECK(ndr_push_nbt_server_type(ndr, NDR_SCALARS, r->server_type));
- NDR_CHECK(ndr_push_GUID(ndr, NDR_SCALARS, &r->domain_uuid));
- NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->forest));
- NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->dns_domain));
- NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->pdc_dns_name));
- NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->domain));
- NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->pdc_name));
- NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->user_name));
- NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->server_site));
- NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->client_site));
- if (r->nt_version & NETLOGON_NT_VERSION_5EX_WITH_IP) {
- NDR_CHECK(ndr_push_uint8(ndr, NDR_SCALARS, ndr_size_nbt_sockaddr(&r->sockaddr, ndr->flags)));
- {
- struct ndr_push *_ndr_sockaddr;
- NDR_CHECK(ndr_push_subcontext_start(ndr, &_ndr_sockaddr, 0, ndr_size_nbt_sockaddr(&r->sockaddr, ndr->flags)));
- NDR_CHECK(ndr_push_nbt_sockaddr(_ndr_sockaddr, NDR_SCALARS|NDR_BUFFERS, &r->sockaddr));
- NDR_CHECK(ndr_push_subcontext_end(ndr, _ndr_sockaddr, 0, ndr_size_nbt_sockaddr(&r->sockaddr, ndr->flags)));
- }
- }
- if (r->nt_version & NETLOGON_NT_VERSION_WITH_CLOSEST_SITE) {
- NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->next_closest_site));
- }
- NDR_CHECK(ndr_push_netlogon_nt_version_flags(ndr, NDR_SCALARS, r->nt_version));
- NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->lmnt_token));
- NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->lm20_token));
- }
- if (ndr_flags & NDR_BUFFERS) {
- NDR_CHECK(ndr_push_GUID(ndr, NDR_BUFFERS, &r->domain_uuid));
- }
- ndr->flags = _flags_save_STRUCT;
- }
- return NDR_ERR_SUCCESS;
-}
-
-static enum ndr_err_code ndr_pull_NETLOGON_SAM_LOGON_RESPONSE_EX_with_flags(struct ndr_pull *ndr, int ndr_flags, struct NETLOGON_SAM_LOGON_RESPONSE_EX *r,
- uint32_t nt_version_flags)
-{
- {
- uint32_t _flags_save_STRUCT = ndr->flags;
- ZERO_STRUCTP(r);
- ndr_set_flags(&ndr->flags, LIBNDR_FLAG_NOALIGN);
- if (ndr_flags & NDR_SCALARS) {
- NDR_CHECK(ndr_pull_align(ndr, 4));
- NDR_CHECK(ndr_pull_netlogon_command(ndr, NDR_SCALARS, &r->command));
- NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->sbz));
- NDR_CHECK(ndr_pull_nbt_server_type(ndr, NDR_SCALARS, &r->server_type));
- NDR_CHECK(ndr_pull_GUID(ndr, NDR_SCALARS, &r->domain_uuid));
- NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->forest));
- NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->dns_domain));
- NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->pdc_dns_name));
- NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->domain));
- NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->pdc_name));
- NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->user_name));
- NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->server_site));
- NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->client_site));
- if (nt_version_flags & NETLOGON_NT_VERSION_5EX_WITH_IP) {
- NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &r->sockaddr_size));
- {
- struct ndr_pull *_ndr_sockaddr;
- NDR_CHECK(ndr_pull_subcontext_start(ndr, &_ndr_sockaddr, 0, r->sockaddr_size));
- NDR_CHECK(ndr_pull_nbt_sockaddr(_ndr_sockaddr, NDR_SCALARS|NDR_BUFFERS, &r->sockaddr));
- NDR_CHECK(ndr_pull_subcontext_end(ndr, _ndr_sockaddr, 0, r->sockaddr_size));
- }
- }
- if (nt_version_flags & NETLOGON_NT_VERSION_WITH_CLOSEST_SITE) {
- NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->next_closest_site));
- }
- NDR_CHECK(ndr_pull_netlogon_nt_version_flags(ndr, NDR_SCALARS, &r->nt_version));
- if (r->nt_version != nt_version_flags) {
- return NDR_ERR_VALIDATE;
- }
- NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->lmnt_token));
--
Samba Shared Repository
More information about the samba-cvs
mailing list