svn commit: samba r21342 - in branches/SAMBA_4_0/source/librpc/idl: .

Wed, 14 Feb 2007 07:21:48 -0800 

Author: metze
Date: 2007-02-14 15:21:41 +0000 (Wed, 14 Feb 2007)
New Revision: 21342

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=21342

Log:
add parsing code for the trustAuthIncoming/trustAuthOutgoing attributes

not everything has a meaning yet, but it's a start and we know how to get
to the password in cleartext

metze
Modified:
   branches/SAMBA_4_0/source/librpc/idl/drsblobs.idl


Changeset:
Modified: branches/SAMBA_4_0/source/librpc/idl/drsblobs.idl
===================================================================
--- branches/SAMBA_4_0/source/librpc/idl/drsblobs.idl   2007-02-14 15:18:37 UTC 
(rev 21341)
+++ branches/SAMBA_4_0/source/librpc/idl/drsblobs.idl   2007-02-14 15:21:41 UTC 
(rev 21342)
@@ -254,7 +254,73 @@
                [in] supplementalCredentialsBlob blob
                );
 
+
+       typedef struct {
+               NTTIME time1;
+               uint32 unknown1;
+               /* 
+                * the secret value is encoded as UTF16 if it's a string
+                * but krb5 trusts have random bytes here, so converting to 
UTF16
+                * mayfail...
+                *
+                * TODO: We should try handle the case of a random buffer in 
all places
+                *       we deal with cleartext passwords from windows
+                *
+                * so we don't use this:
+                *
+                * uint32 value_len;
+                * [charset(UTF16)] uint8 value[value_len];
+                */
+               DATA_BLOB value;
+               [flag(NDR_ALIGN4)] DATA_BLOB _pad;
+       } trustAuthInOutSecret1;
+
+       typedef struct {
+               [relative] trustAuthInOutSecret1 *value1;
+               [relative] trustAuthInOutSecret1 *value2;
+       } trustAuthInOutCtr1;
+
+       typedef struct {
+               NTTIME time1;
+               uint32 unknown1;
+               DATA_BLOB value;
+               NTTIME time2;
+               uint32 unknown2;
+               uint32 unknown3;
+               uint32 unknown4;
+               [flag(NDR_ALIGN4)] DATA_BLOB _pad;
+       } trustAuthInOutSecret2V1;
+
+       typedef struct {
+               NTTIME time1;
+               uint32 unknown1;
+               DATA_BLOB value;
+               NTTIME time2;
+               uint32 unknown2;
+               uint32 unknown3;
+               [flag(NDR_ALIGN4)] DATA_BLOB _pad;
+       } trustAuthInOutSecret2V2;
+
+       typedef struct {
+               [relative] trustAuthInOutSecret2V1 *value1;
+               [relative] trustAuthInOutSecret2V2 *value2;
+       } trustAuthInOutCtr2;
+
+       typedef [nodiscriminant] union {
+               [case(1)] trustAuthInOutCtr1 ctr1;
+               [case(2)] trustAuthInOutCtr2 ctr2;
+       } trustAuthInOutCtr;
+
        typedef [public] struct {
+               uint32 version;
+               [switch_is(version)] trustAuthInOutCtr ctr;
+       } trustAuthInOutBlob;
+
+       void decode_trustAuthInOut(
+               [in] trustAuthInOutBlob blob
+               );
+
+       typedef [public] struct {
                uint32 marker;
                DATA_BLOB data;
        } DsCompressedChunk;

Reply via email to