schannel: add NL_AUTH_MESSAGE and both NL_AUTH_SIGNATURE structs.

These actually belong netlogon but we for now want to keep netlogon as a security
providor separate.

Guenther

librpc/gen_ndr/ndr_schannel.c

@@ -388,3 +388,451 @@ _PUBLIC_ void ndr_print_netlogon_creds_CredentialState(struct ndr_print *ndr, co
 	}
 }
 
+static enum ndr_err_code ndr_push_NL_AUTH_MESSAGE_TYPE(struct ndr_push *ndr, int ndr_flags, enum NL_AUTH_MESSAGE_TYPE r)
+{
+	NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r));
+	return NDR_ERR_SUCCESS;
+}
+
+static enum ndr_err_code ndr_pull_NL_AUTH_MESSAGE_TYPE(struct ndr_pull *ndr, int ndr_flags, enum NL_AUTH_MESSAGE_TYPE *r)
+{
+	uint32_t v;
+	NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &v));
+	*r = v;
+	return NDR_ERR_SUCCESS;
+}
+
+_PUBLIC_ void ndr_print_NL_AUTH_MESSAGE_TYPE(struct ndr_print *ndr, const char *name, enum NL_AUTH_MESSAGE_TYPE r)
+{
+	const char *val = NULL;
+
+	switch (r) {
+		case NL_NEGOTIATE_REQUEST: val = "NL_NEGOTIATE_REQUEST"; break;
+		case NL_NEGOTIATE_RESPONSE: val = "NL_NEGOTIATE_RESPONSE"; break;
+	}
+	ndr_print_enum(ndr, name, "ENUM", val, r);
+}
+
+static enum ndr_err_code ndr_push_NL_AUTH_MESSAGE_FLAGS(struct ndr_push *ndr, int ndr_flags, uint32_t r)
+{
+	NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r));
+	return NDR_ERR_SUCCESS;
+}
+
+static enum ndr_err_code ndr_pull_NL_AUTH_MESSAGE_FLAGS(struct ndr_pull *ndr, int ndr_flags, uint32_t *r)
+{
+	uint32_t v;
+	NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &v));
+	*r = v;
+	return NDR_ERR_SUCCESS;
+}
+
+_PUBLIC_ void ndr_print_NL_AUTH_MESSAGE_FLAGS(struct ndr_print *ndr, const char *name, uint32_t r)
+{
+	ndr_print_uint32(ndr, name, r);
+	ndr->depth++;
+	ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NL_FLAG_OEM_NETBIOS_DOMAIN_NAME", NL_FLAG_OEM_NETBIOS_DOMAIN_NAME, r);
+	ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NL_FLAG_OEM_NETBIOS_COMPUTER_NAME", NL_FLAG_OEM_NETBIOS_COMPUTER_NAME, r);
+	ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NL_FLAG_UTF8_DNS_DOMAIN_NAME", NL_FLAG_UTF8_DNS_DOMAIN_NAME, r);
+	ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NL_FLAG_UTF8_DNS_HOST_NAME", NL_FLAG_UTF8_DNS_HOST_NAME, r);
+	ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "NL_FLAG_UTF8_NETBIOS_COMPUTER_NAME", NL_FLAG_UTF8_NETBIOS_COMPUTER_NAME, r);
+	ndr->depth--;
+}
+
+_PUBLIC_ enum ndr_err_code ndr_push_NL_AUTH_MESSAGE_BUFFER(struct ndr_push *ndr, int ndr_flags, const union NL_AUTH_MESSAGE_BUFFER *r)
+{
+	if (ndr_flags & NDR_SCALARS) {
+		int level = ndr_push_get_switch_value(ndr, r);
+		switch (level) {
+			case NL_FLAG_OEM_NETBIOS_DOMAIN_NAME: {
+				{
+					uint32_t _flags_save_string = ndr->flags;
+					ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_ASCII|LIBNDR_FLAG_STR_NULLTERM);
+					NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->a));
+					ndr->flags = _flags_save_string;
+				}
+			break; }
+
+			case NL_FLAG_OEM_NETBIOS_COMPUTER_NAME: {
+				{
+					uint32_t _flags_save_string = ndr->flags;
+					ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_ASCII|LIBNDR_FLAG_STR_NULLTERM);
+					NDR_CHECK(ndr_push_string(ndr, NDR_SCALARS, r->a));
+					ndr->flags = _flags_save_string;
+				}
+			break; }
+
+			case NL_FLAG_UTF8_DNS_DOMAIN_NAME: {
+				NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->u));
+			break; }
+
+			case NL_FLAG_UTF8_DNS_HOST_NAME: {
+				NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->u));
+			break; }
+
+			case NL_FLAG_UTF8_NETBIOS_COMPUTER_NAME: {
+				NDR_CHECK(ndr_push_nbt_string(ndr, NDR_SCALARS, r->u));
+			break; }
+
+			default: {
+			break; }
+
+		}
+	}
+	if (ndr_flags & NDR_BUFFERS) {
+		int level = ndr_push_get_switch_value(ndr, r);
+		switch (level) {
+			case NL_FLAG_OEM_NETBIOS_DOMAIN_NAME:
+			break;
+
+			case NL_FLAG_OEM_NETBIOS_COMPUTER_NAME:
+			break;
+
+			case NL_FLAG_UTF8_DNS_DOMAIN_NAME:
+			break;
+
+			case NL_FLAG_UTF8_DNS_HOST_NAME:
+			break;
+
+			case NL_FLAG_UTF8_NETBIOS_COMPUTER_NAME:
+			break;
+
+			default:
+			break;
+
+		}
+	}
+	return NDR_ERR_SUCCESS;
+}
+
+_PUBLIC_ enum ndr_err_code ndr_pull_NL_AUTH_MESSAGE_BUFFER(struct ndr_pull *ndr, int ndr_flags, union NL_AUTH_MESSAGE_BUFFER *r)
+{
+	int level;
+	level = ndr_pull_get_switch_value(ndr, r);
+	if (ndr_flags & NDR_SCALARS) {
+		switch (level) {
+			case NL_FLAG_OEM_NETBIOS_DOMAIN_NAME: {
+				{
+					uint32_t _flags_save_string = ndr->flags;
+					ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_ASCII|LIBNDR_FLAG_STR_NULLTERM);
+					NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->a));
+					ndr->flags = _flags_save_string;
+				}
+			break; }
+
+			case NL_FLAG_OEM_NETBIOS_COMPUTER_NAME: {
+				{
+					uint32_t _flags_save_string = ndr->flags;
+					ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_ASCII|LIBNDR_FLAG_STR_NULLTERM);
+					NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->a));
+					ndr->flags = _flags_save_string;
+				}
+			break; }
+
+			case NL_FLAG_UTF8_DNS_DOMAIN_NAME: {
+				NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->u));
+			break; }
+
+			case NL_FLAG_UTF8_DNS_HOST_NAME: {
+				NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->u));
+			break; }
+
+			case NL_FLAG_UTF8_NETBIOS_COMPUTER_NAME: {
+				NDR_CHECK(ndr_pull_nbt_string(ndr, NDR_SCALARS, &r->u));
+			break; }
+
+			default: {
+			break; }
+
+		}
+	}
+	if (ndr_flags & NDR_BUFFERS) {
+		switch (level) {
+			case NL_FLAG_OEM_NETBIOS_DOMAIN_NAME:
+			break;
+
+			case NL_FLAG_OEM_NETBIOS_COMPUTER_NAME:
+			break;
+
+			case NL_FLAG_UTF8_DNS_DOMAIN_NAME:
+			break;
+
+			case NL_FLAG_UTF8_DNS_HOST_NAME:
+			break;
+
+			case NL_FLAG_UTF8_NETBIOS_COMPUTER_NAME:
+			break;
+
+			default:
+			break;
+
+		}
+	}
+	return NDR_ERR_SUCCESS;
+}
+
+_PUBLIC_ enum ndr_err_code ndr_push_NL_AUTH_MESSAGE(struct ndr_push *ndr, int ndr_flags, const struct NL_AUTH_MESSAGE *r)
+{
+	{
+		uint32_t _flags_save_STRUCT = ndr->flags;
+		ndr_set_flags(&ndr->flags, LIBNDR_PRINT_ARRAY_HEX);
+		if (ndr_flags & NDR_SCALARS) {
+			NDR_CHECK(ndr_push_align(ndr, 4));
+			NDR_CHECK(ndr_push_NL_AUTH_MESSAGE_TYPE(ndr, NDR_SCALARS, r->MessageType));
+			NDR_CHECK(ndr_push_NL_AUTH_MESSAGE_FLAGS(ndr, NDR_SCALARS, r->Flags));
+			NDR_CHECK(ndr_push_set_switch_value(ndr, &r->oem_netbios_domain, r->Flags & NL_FLAG_OEM_NETBIOS_DOMAIN_NAME));
+			NDR_CHECK(ndr_push_NL_AUTH_MESSAGE_BUFFER(ndr, NDR_SCALARS, &r->oem_netbios_domain));
+			NDR_CHECK(ndr_push_set_switch_value(ndr, &r->oem_netbios_computer, r->Flags & NL_FLAG_OEM_NETBIOS_COMPUTER_NAME));
+			NDR_CHECK(ndr_push_NL_AUTH_MESSAGE_BUFFER(ndr, NDR_SCALARS, &r->oem_netbios_computer));
+			NDR_CHECK(ndr_push_set_switch_value(ndr, &r->utf8_dns_domain, r->Flags & NL_FLAG_UTF8_DNS_DOMAIN_NAME));
+			NDR_CHECK(ndr_push_NL_AUTH_MESSAGE_BUFFER(ndr, NDR_SCALARS, &r->utf8_dns_domain));
+			NDR_CHECK(ndr_push_set_switch_value(ndr, &r->utf8_dns_host, r->Flags & NL_FLAG_UTF8_DNS_HOST_NAME));
+			NDR_CHECK(ndr_push_NL_AUTH_MESSAGE_BUFFER(ndr, NDR_SCALARS, &r->utf8_dns_host));
+			NDR_CHECK(ndr_push_set_switch_value(ndr, &r->utf8_netbios_computer, r->Flags & NL_FLAG_UTF8_NETBIOS_COMPUTER_NAME));
+			NDR_CHECK(ndr_push_NL_AUTH_MESSAGE_BUFFER(ndr, NDR_SCALARS, &r->utf8_netbios_computer));
+		}
+		if (ndr_flags & NDR_BUFFERS) {
+			NDR_CHECK(ndr_push_NL_AUTH_MESSAGE_BUFFER(ndr, NDR_BUFFERS, &r->oem_netbios_domain));
+			NDR_CHECK(ndr_push_NL_AUTH_MESSAGE_BUFFER(ndr, NDR_BUFFERS, &r->oem_netbios_computer));
+			NDR_CHECK(ndr_push_NL_AUTH_MESSAGE_BUFFER(ndr, NDR_BUFFERS, &r->utf8_dns_domain));
+			NDR_CHECK(ndr_push_NL_AUTH_MESSAGE_BUFFER(ndr, NDR_BUFFERS, &r->utf8_dns_host));
+			NDR_CHECK(ndr_push_NL_AUTH_MESSAGE_BUFFER(ndr, NDR_BUFFERS, &r->utf8_netbios_computer));
+		}
+		ndr->flags = _flags_save_STRUCT;
+	}
+	return NDR_ERR_SUCCESS;
+}
+
+_PUBLIC_ enum ndr_err_code ndr_pull_NL_AUTH_MESSAGE(struct ndr_pull *ndr, int ndr_flags, struct NL_AUTH_MESSAGE *r)
+{
+	{
+		uint32_t _flags_save_STRUCT = ndr->flags;
+		ndr_set_flags(&ndr->flags, LIBNDR_PRINT_ARRAY_HEX);
+		if (ndr_flags & NDR_SCALARS) {
+			NDR_CHECK(ndr_pull_align(ndr, 4));
+			NDR_CHECK(ndr_pull_NL_AUTH_MESSAGE_TYPE(ndr, NDR_SCALARS, &r->MessageType));
+			NDR_CHECK(ndr_pull_NL_AUTH_MESSAGE_FLAGS(ndr, NDR_SCALARS, &r->Flags));
+			NDR_CHECK(ndr_pull_set_switch_value(ndr, &r->oem_netbios_domain, r->Flags & NL_FLAG_OEM_NETBIOS_DOMAIN_NAME));
+			NDR_CHECK(ndr_pull_NL_AUTH_MESSAGE_BUFFER(ndr, NDR_SCALARS, &r->oem_netbios_domain));
+			NDR_CHECK(ndr_pull_set_switch_value(ndr, &r->oem_netbios_computer, r->Flags & NL_FLAG_OEM_NETBIOS_COMPUTER_NAME));
+			NDR_CHECK(ndr_pull_NL_AUTH_MESSAGE_BUFFER(ndr, NDR_SCALARS, &r->oem_netbios_computer));
+			NDR_CHECK(ndr_pull_set_switch_value(ndr, &r->utf8_dns_domain, r->Flags & NL_FLAG_UTF8_DNS_DOMAIN_NAME));
+			NDR_CHECK(ndr_pull_NL_AUTH_MESSAGE_BUFFER(ndr, NDR_SCALARS, &r->utf8_dns_domain));
+			NDR_CHECK(ndr_pull_set_switch_value(ndr, &r->utf8_dns_host, r->Flags & NL_FLAG_UTF8_DNS_HOST_NAME));
+			NDR_CHECK(ndr_pull_NL_AUTH_MESSAGE_BUFFER(ndr, NDR_SCALARS, &r->utf8_dns_host));
+			NDR_CHECK(ndr_pull_set_switch_value(ndr, &r->utf8_netbios_computer, r->Flags & NL_FLAG_UTF8_NETBIOS_COMPUTER_NAME));
+			NDR_CHECK(ndr_pull_NL_AUTH_MESSAGE_BUFFER(ndr, NDR_SCALARS, &r->utf8_netbios_computer));
+		}
+		if (ndr_flags & NDR_BUFFERS) {
+			NDR_CHECK(ndr_pull_NL_AUTH_MESSAGE_BUFFER(ndr, NDR_BUFFERS, &r->oem_netbios_domain));
+			NDR_CHECK(ndr_pull_NL_AUTH_MESSAGE_BUFFER(ndr, NDR_BUFFERS, &r->oem_netbios_computer));
+			NDR_CHECK(ndr_pull_NL_AUTH_MESSAGE_BUFFER(ndr, NDR_BUFFERS, &r->utf8_dns_domain));
+			NDR_CHECK(ndr_pull_NL_AUTH_MESSAGE_BUFFER(ndr, NDR_BUFFERS, &r->utf8_dns_host));
+			NDR_CHECK(ndr_pull_NL_AUTH_MESSAGE_BUFFER(ndr, NDR_BUFFERS, &r->utf8_netbios_computer));
+		}
+		ndr->flags = _flags_save_STRUCT;
+	}
+	return NDR_ERR_SUCCESS;
+}
+
+_PUBLIC_ void ndr_print_NL_AUTH_MESSAGE(struct ndr_print *ndr, const char *name, const struct NL_AUTH_MESSAGE *r)
+{
+	ndr_print_struct(ndr, name, "NL_AUTH_MESSAGE");
+	{
+		uint32_t _flags_save_STRUCT = ndr->flags;
+		ndr_set_flags(&ndr->flags, LIBNDR_PRINT_ARRAY_HEX);
+		ndr->depth++;
+		ndr_print_NL_AUTH_MESSAGE_TYPE(ndr, "MessageType", r->MessageType);
+		ndr_print_NL_AUTH_MESSAGE_FLAGS(ndr, "Flags", r->Flags);
+		ndr_print_set_switch_value(ndr, &r->oem_netbios_domain, r->Flags & NL_FLAG_OEM_NETBIOS_DOMAIN_NAME);
+		ndr_print_NL_AUTH_MESSAGE_BUFFER(ndr, "oem_netbios_domain", &r->oem_netbios_domain);
+		ndr_print_set_switch_value(ndr, &r->oem_netbios_computer, r->Flags & NL_FLAG_OEM_NETBIOS_COMPUTER_NAME);
+		ndr_print_NL_AUTH_MESSAGE_BUFFER(ndr, "oem_netbios_computer", &r->oem_netbios_computer);
+		ndr_print_set_switch_value(ndr, &r->utf8_dns_domain, r->Flags & NL_FLAG_UTF8_DNS_DOMAIN_NAME);
+		ndr_print_NL_AUTH_MESSAGE_BUFFER(ndr, "utf8_dns_domain", &r->utf8_dns_domain);
+		ndr_print_set_switch_value(ndr, &r->utf8_dns_host, r->Flags & NL_FLAG_UTF8_DNS_HOST_NAME);
+		ndr_print_NL_AUTH_MESSAGE_BUFFER(ndr, "utf8_dns_host", &r->utf8_dns_host);
+		ndr_print_set_switch_value(ndr, &r->utf8_netbios_computer, r->Flags & NL_FLAG_UTF8_NETBIOS_COMPUTER_NAME);
+		ndr_print_NL_AUTH_MESSAGE_BUFFER(ndr, "utf8_netbios_computer", &r->utf8_netbios_computer);
+		ndr->depth--;
+		ndr->flags = _flags_save_STRUCT;
+	}
+}
+
+static enum ndr_err_code ndr_push_NL_SIGNATURE_ALGORITHM(struct ndr_push *ndr, int ndr_flags, enum NL_SIGNATURE_ALGORITHM r)
+{
+	NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r));
+	return NDR_ERR_SUCCESS;
+}
+
+static enum ndr_err_code ndr_pull_NL_SIGNATURE_ALGORITHM(struct ndr_pull *ndr, int ndr_flags, enum NL_SIGNATURE_ALGORITHM *r)
+{
+	uint16_t v;
+	NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &v));
+	*r = v;
+	return NDR_ERR_SUCCESS;
+}
+
+_PUBLIC_ void ndr_print_NL_SIGNATURE_ALGORITHM(struct ndr_print *ndr, const char *name, enum NL_SIGNATURE_ALGORITHM r)
+{
+	const char *val = NULL;
+
+	switch (r) {
+		case NL_SIGN_HMAC_SHA256: val = "NL_SIGN_HMAC_SHA256"; break;
+		case NL_SIGN_HMAC_MD5: val = "NL_SIGN_HMAC_MD5"; break;
+	}
+	ndr_print_enum(ndr, name, "ENUM", val, r);
+}
+
+static enum ndr_err_code ndr_push_NL_SEAL_ALGORITHM(struct ndr_push *ndr, int ndr_flags, enum NL_SEAL_ALGORITHM r)
+{
+	NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r));
+	return NDR_ERR_SUCCESS;
+}
+
+static enum ndr_err_code ndr_pull_NL_SEAL_ALGORITHM(struct ndr_pull *ndr, int ndr_flags, enum NL_SEAL_ALGORITHM *r)
+{
+	uint16_t v;
+	NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &v));
+	*r = v;
+	return NDR_ERR_SUCCESS;
+}
+
+_PUBLIC_ void ndr_print_NL_SEAL_ALGORITHM(struct ndr_print *ndr, const char *name, enum NL_SEAL_ALGORITHM r)
+{
+	const char *val = NULL;
+
+	switch (r) {
+		case NL_SEAL_AES128: val = "NL_SEAL_AES128"; break;
+		case NL_SEAL_RC4: val = "NL_SEAL_RC4"; break;
+		case NL_SEAL_NONE: val = "NL_SEAL_NONE"; break;
+	}
+	ndr_print_enum(ndr, name, "ENUM", val, r);
+}
+
+_PUBLIC_ enum ndr_err_code ndr_push_NL_AUTH_SIGNATURE(struct ndr_push *ndr, int ndr_flags, const struct NL_AUTH_SIGNATURE *r)
+{
+	{
+		uint32_t _flags_save_STRUCT = ndr->flags;
+		ndr_set_flags(&ndr->flags, LIBNDR_PRINT_ARRAY_HEX);
+		if (ndr_flags & NDR_SCALARS) {
+			NDR_CHECK(ndr_push_align(ndr, 2));
+			NDR_CHECK(ndr_push_NL_SIGNATURE_ALGORITHM(ndr, NDR_SCALARS, NL_SIGN_HMAC_MD5));
+			NDR_CHECK(ndr_push_NL_SEAL_ALGORITHM(ndr, NDR_SCALARS, r->SealAlgorithm));
+			NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->Pad));
+			NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->Flags));
+			NDR_CHECK(ndr_push_array_uint8(ndr, NDR_SCALARS, r->SequenceNumber, 8));
+			NDR_CHECK(ndr_push_array_uint8(ndr, NDR_SCALARS, r->Checksum, 8));
+			NDR_CHECK(ndr_push_array_uint8(ndr, NDR_SCALARS, r->Confounder, 8));
+		}
+		if (ndr_flags & NDR_BUFFERS) {
+		}
+		ndr->flags = _flags_save_STRUCT;
+	}
+	return NDR_ERR_SUCCESS;
+}
+
+_PUBLIC_ enum ndr_err_code ndr_pull_NL_AUTH_SIGNATURE(struct ndr_pull *ndr, int ndr_flags, struct NL_AUTH_SIGNATURE *r)
+{
+	{
+		uint32_t _flags_save_STRUCT = ndr->flags;
+		ndr_set_flags(&ndr->flags, LIBNDR_PRINT_ARRAY_HEX);
+		if (ndr_flags & NDR_SCALARS) {
+			NDR_CHECK(ndr_pull_align(ndr, 2));
+			NDR_CHECK(ndr_pull_NL_SIGNATURE_ALGORITHM(ndr, NDR_SCALARS, &r->SignatureAlgorithm));
+			NDR_CHECK(ndr_pull_NL_SEAL_ALGORITHM(ndr, NDR_SCALARS, &r->SealAlgorithm));
+			NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->Pad));
+			NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->Flags));
+			NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->SequenceNumber, 8));
+			NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->Checksum, 8));
+			NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->Confounder, 8));
+		}
+		if (ndr_flags & NDR_BUFFERS) {
+		}
+		ndr->flags = _flags_save_STRUCT;
+	}
+	return NDR_ERR_SUCCESS;
+}
+
+_PUBLIC_ void ndr_print_NL_AUTH_SIGNATURE(struct ndr_print *ndr, const char *name, const struct NL_AUTH_SIGNATURE *r)
+{
+	ndr_print_struct(ndr, name, "NL_AUTH_SIGNATURE");
+	{
+		uint32_t _flags_save_STRUCT = ndr->flags;
+		ndr_set_flags(&ndr->flags, LIBNDR_PRINT_ARRAY_HEX);
+		ndr->depth++;
+		ndr_print_NL_SIGNATURE_ALGORITHM(ndr, "SignatureAlgorithm", (ndr->flags & LIBNDR_PRINT_SET_VALUES)?NL_SIGN_HMAC_MD5:r->SignatureAlgorithm);
+		ndr_print_NL_SEAL_ALGORITHM(ndr, "SealAlgorithm", r->SealAlgorithm);
+		ndr_print_uint16(ndr, "Pad", r->Pad);
+		ndr_print_uint16(ndr, "Flags", r->Flags);
+		ndr_print_array_uint8(ndr, "SequenceNumber", r->SequenceNumber, 8);
+		ndr_print_array_uint8(ndr, "Checksum", r->Checksum, 8);
+		ndr_print_array_uint8(ndr, "Confounder", r->Confounder, 8);
+		ndr->depth--;
+		ndr->flags = _flags_save_STRUCT;
+	}
+}
+
+_PUBLIC_ enum ndr_err_code ndr_push_NL_AUTH_SHA2_SIGNATURE(struct ndr_push *ndr, int ndr_flags, const struct NL_AUTH_SHA2_SIGNATURE *r)
+{
+	{
+		uint32_t _flags_save_STRUCT = ndr->flags;
+		ndr_set_flags(&ndr->flags, LIBNDR_PRINT_ARRAY_HEX);
+		if (ndr_flags & NDR_SCALARS) {
+			NDR_CHECK(ndr_push_align(ndr, 2));
+			NDR_CHECK(ndr_push_NL_SIGNATURE_ALGORITHM(ndr, NDR_SCALARS, NL_SIGN_HMAC_SHA256));
+			NDR_CHECK(ndr_push_NL_SEAL_ALGORITHM(ndr, NDR_SCALARS, r->SealAlgorithm));
+			NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->Pad));
+			NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->Flags));
+			NDR_CHECK(ndr_push_array_uint8(ndr, NDR_SCALARS, r->SequenceNumber, 8));
+			NDR_CHECK(ndr_push_array_uint8(ndr, NDR_SCALARS, r->Checksum, 32));
+			NDR_CHECK(ndr_push_array_uint8(ndr, NDR_SCALARS, r->Confounder, 8));
+		}
+		if (ndr_flags & NDR_BUFFERS) {
+		}
+		ndr->flags = _flags_save_STRUCT;
+	}
+	return NDR_ERR_SUCCESS;
+}
+
+_PUBLIC_ enum ndr_err_code ndr_pull_NL_AUTH_SHA2_SIGNATURE(struct ndr_pull *ndr, int ndr_flags, struct NL_AUTH_SHA2_SIGNATURE *r)
+{
+	{
+		uint32_t _flags_save_STRUCT = ndr->flags;
+		ndr_set_flags(&ndr->flags, LIBNDR_PRINT_ARRAY_HEX);
+		if (ndr_flags & NDR_SCALARS) {
+			NDR_CHECK(ndr_pull_align(ndr, 2));
+			NDR_CHECK(ndr_pull_NL_SIGNATURE_ALGORITHM(ndr, NDR_SCALARS, &r->SignatureAlgorithm));
+			NDR_CHECK(ndr_pull_NL_SEAL_ALGORITHM(ndr, NDR_SCALARS, &r->SealAlgorithm));
+			NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->Pad));
+			NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->Flags));
+			NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->SequenceNumber, 8));
+			NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->Checksum, 32));
+			NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->Confounder, 8));
+		}
+		if (ndr_flags & NDR_BUFFERS) {
+		}
+		ndr->flags = _flags_save_STRUCT;
+	}
+	return NDR_ERR_SUCCESS;
+}
+
+_PUBLIC_ void ndr_print_NL_AUTH_SHA2_SIGNATURE(struct ndr_print *ndr, const char *name, const struct NL_AUTH_SHA2_SIGNATURE *r)
+{
+	ndr_print_struct(ndr, name, "NL_AUTH_SHA2_SIGNATURE");
+	{
+		uint32_t _flags_save_STRUCT = ndr->flags;
+		ndr_set_flags(&ndr->flags, LIBNDR_PRINT_ARRAY_HEX);
+		ndr->depth++;
+		ndr_print_NL_SIGNATURE_ALGORITHM(ndr, "SignatureAlgorithm", (ndr->flags & LIBNDR_PRINT_SET_VALUES)?NL_SIGN_HMAC_SHA256:r->SignatureAlgorithm);
+		ndr_print_NL_SEAL_ALGORITHM(ndr, "SealAlgorithm", r->SealAlgorithm);
+		ndr_print_uint16(ndr, "Pad", r->Pad);
+		ndr_print_uint16(ndr, "Flags", r->Flags);
+		ndr_print_array_uint8(ndr, "SequenceNumber", r->SequenceNumber, 8);
+		ndr_print_array_uint8(ndr, "Checksum", r->Checksum, 32);
+		ndr_print_array_uint8(ndr, "Confounder", r->Confounder, 8);
+		ndr->depth--;
+		ndr->flags = _flags_save_STRUCT;
+	}
+}
+

librpc/gen_ndr/ndr_schannel.h

@@ -6,6 +6,7 @@
 #ifndef _HEADER_NDR_schannel
 #define _HEADER_NDR_schannel
 
+#include "../librpc/ndr/ndr_schannel.h"
 #define NDR_SCHANNEL_CALL_COUNT (0)
 void ndr_print_schannel_bind_3(struct ndr_print *ndr, const char *name, const struct schannel_bind_3 *r);
 void ndr_print_schannel_bind_23(struct ndr_print *ndr, const char *name, const struct schannel_bind_23 *r);
@@ -19,4 +20,20 @@ void ndr_print_schannel_bind_ack(struct ndr_print *ndr, const char *name, const
 enum ndr_err_code ndr_push_netlogon_creds_CredentialState(struct ndr_push *ndr, int ndr_flags, const struct netlogon_creds_CredentialState *r);
 enum ndr_err_code ndr_pull_netlogon_creds_CredentialState(struct ndr_pull *ndr, int ndr_flags, struct netlogon_creds_CredentialState *r);
 void ndr_print_netlogon_creds_CredentialState(struct ndr_print *ndr, const char *name, const struct netlogon_creds_CredentialState *r);
+void ndr_print_NL_AUTH_MESSAGE_TYPE(struct ndr_print *ndr, const char *name, enum NL_AUTH_MESSAGE_TYPE r);
+void ndr_print_NL_AUTH_MESSAGE_FLAGS(struct ndr_print *ndr, const char *name, uint32_t r);
+enum ndr_err_code ndr_push_NL_AUTH_MESSAGE_BUFFER(struct ndr_push *ndr, int ndr_flags, const union NL_AUTH_MESSAGE_BUFFER *r);
+enum ndr_err_code ndr_pull_NL_AUTH_MESSAGE_BUFFER(struct ndr_pull *ndr, int ndr_flags, union NL_AUTH_MESSAGE_BUFFER *r);
+void ndr_print_NL_AUTH_MESSAGE_BUFFER(struct ndr_print *ndr, const char *name, const union NL_AUTH_MESSAGE_BUFFER *r);
+enum ndr_err_code ndr_push_NL_AUTH_MESSAGE(struct ndr_push *ndr, int ndr_flags, const struct NL_AUTH_MESSAGE *r);
+enum ndr_err_code ndr_pull_NL_AUTH_MESSAGE(struct ndr_pull *ndr, int ndr_flags, struct NL_AUTH_MESSAGE *r);
+void ndr_print_NL_AUTH_MESSAGE(struct ndr_print *ndr, const char *name, const struct NL_AUTH_MESSAGE *r);
+void ndr_print_NL_SIGNATURE_ALGORITHM(struct ndr_print *ndr, const char *name, enum NL_SIGNATURE_ALGORITHM r);
+void ndr_print_NL_SEAL_ALGORITHM(struct ndr_print *ndr, const char *name, enum NL_SEAL_ALGORITHM r);
+enum ndr_err_code ndr_push_NL_AUTH_SIGNATURE(struct ndr_push *ndr, int ndr_flags, const struct NL_AUTH_SIGNATURE *r);
+enum ndr_err_code ndr_pull_NL_AUTH_SIGNATURE(struct ndr_pull *ndr, int ndr_flags, struct NL_AUTH_SIGNATURE *r);
+void ndr_print_NL_AUTH_SIGNATURE(struct ndr_print *ndr, const char *name, const struct NL_AUTH_SIGNATURE *r);
+enum ndr_err_code ndr_push_NL_AUTH_SHA2_SIGNATURE(struct ndr_push *ndr, int ndr_flags, const struct NL_AUTH_SHA2_SIGNATURE *r);
+enum ndr_err_code ndr_pull_NL_AUTH_SHA2_SIGNATURE(struct ndr_pull *ndr, int ndr_flags, struct NL_AUTH_SHA2_SIGNATURE *r);
+void ndr_print_NL_AUTH_SHA2_SIGNATURE(struct ndr_print *ndr, const char *name, const struct NL_AUTH_SHA2_SIGNATURE *r);
 #endif /* _HEADER_NDR_schannel */

librpc/gen_ndr/schannel.h

@@ -51,4 +51,87 @@ struct netlogon_creds_CredentialState {
 	struct dom_sid *sid;/* [unique] */
 }/* [public,flag(LIBNDR_PRINT_ARRAY_HEX)] */;
 
+enum NL_AUTH_MESSAGE_TYPE
+#ifndef USE_UINT_ENUMS
+ {
+	NL_NEGOTIATE_REQUEST=0x00000000,
+	NL_NEGOTIATE_RESPONSE=0x00000001
+}
+#else
+ { __donnot_use_enum_NL_AUTH_MESSAGE_TYPE=0x7FFFFFFF}
+#define NL_NEGOTIATE_REQUEST ( 0x00000000 )
+#define NL_NEGOTIATE_RESPONSE ( 0x00000001 )
+#endif
+;
+
+/* bitmap NL_AUTH_MESSAGE_FLAGS */
+#define NL_FLAG_OEM_NETBIOS_DOMAIN_NAME ( 0x00000001 )
+#define NL_FLAG_OEM_NETBIOS_COMPUTER_NAME ( 0x00000002 )
+#define NL_FLAG_UTF8_DNS_DOMAIN_NAME ( 0x00000004 )
+#define NL_FLAG_UTF8_DNS_HOST_NAME ( 0x00000008 )
+#define NL_FLAG_UTF8_NETBIOS_COMPUTER_NAME ( 0x00000010 )
+
+union NL_AUTH_MESSAGE_BUFFER {
+	const char * a;/* [flag(LIBNDR_FLAG_STR_ASCII|LIBNDR_FLAG_STR_NULLTERM),case(NL_FLAG_OEM_NETBIOS_DOMAIN_NAME)] */
+	const char * u;/* [case(NL_FLAG_UTF8_DNS_DOMAIN_NAME)] */
+}/* [noprint,nodiscriminant,public] */;
+
+struct NL_AUTH_MESSAGE {
+	enum NL_AUTH_MESSAGE_TYPE MessageType;
+	uint32_t Flags;
+	union NL_AUTH_MESSAGE_BUFFER oem_netbios_domain;/* [switch_is(Flags&NL_FLAG_OEM_NETBIOS_DOMAIN_NAME)] */
+	union NL_AUTH_MESSAGE_BUFFER oem_netbios_computer;/* [switch_is(Flags&NL_FLAG_OEM_NETBIOS_COMPUTER_NAME)] */
+	union NL_AUTH_MESSAGE_BUFFER utf8_dns_domain;/* [switch_is(Flags&NL_FLAG_UTF8_DNS_DOMAIN_NAME)] */
+	union NL_AUTH_MESSAGE_BUFFER utf8_dns_host;/* [switch_is(Flags&NL_FLAG_UTF8_DNS_HOST_NAME)] */
+	union NL_AUTH_MESSAGE_BUFFER utf8_netbios_computer;/* [switch_is(Flags&NL_FLAG_UTF8_NETBIOS_COMPUTER_NAME)] */
+}/* [public,flag(LIBNDR_PRINT_ARRAY_HEX)] */;
+
+enum NL_SIGNATURE_ALGORITHM
+#ifndef USE_UINT_ENUMS
+ {
+	NL_SIGN_HMAC_SHA256=0x0013,
+	NL_SIGN_HMAC_MD5=0x0077
+}
+#else
+ { __donnot_use_enum_NL_SIGNATURE_ALGORITHM=0x7FFFFFFF}
+#define NL_SIGN_HMAC_SHA256 ( 0x0013 )
+#define NL_SIGN_HMAC_MD5 ( 0x0077 )
+#endif
+;
+
+enum NL_SEAL_ALGORITHM
+#ifndef USE_UINT_ENUMS
+ {
+	NL_SEAL_AES128=0x001A,
+	NL_SEAL_RC4=0x007A,
+	NL_SEAL_NONE=0xFFFF
+}
+#else
+ { __donnot_use_enum_NL_SEAL_ALGORITHM=0x7FFFFFFF}
+#define NL_SEAL_AES128 ( 0x001A )
+#define NL_SEAL_RC4 ( 0x007A )
+#define NL_SEAL_NONE ( 0xFFFF )
+#endif
+;
+
+struct NL_AUTH_SIGNATURE {
+	enum NL_SIGNATURE_ALGORITHM SignatureAlgorithm;/* [value(NL_SIGN_HMAC_MD5)] */
+	enum NL_SEAL_ALGORITHM SealAlgorithm;
+	uint16_t Pad;
+	uint16_t Flags;
+	uint8_t SequenceNumber[8];
+	uint8_t Checksum[8];
+	uint8_t Confounder[8];
+}/* [public,flag(LIBNDR_PRINT_ARRAY_HEX)] */;
+
+struct NL_AUTH_SHA2_SIGNATURE {
+	enum NL_SIGNATURE_ALGORITHM SignatureAlgorithm;/* [value(NL_SIGN_HMAC_SHA256)] */
+	enum NL_SEAL_ALGORITHM SealAlgorithm;
+	uint16_t Pad;
+	uint16_t Flags;
+	uint8_t SequenceNumber[8];
+	uint8_t Checksum[32];
+	uint8_t Confounder[8];
+}/* [public,flag(LIBNDR_PRINT_ARRAY_HEX)] */;
+
 #endif /* _HEADER_schannel */

librpc/idl/schannel.idl

@@ -6,6 +6,10 @@
 
 import "netlogon.idl", "nbt.idl";
 
+[
+	pointer_default(unique),
+	helper("../librpc/ndr/ndr_schannel.h")
+]
 interface schannel
 {
 	/*
@@ -56,4 +60,73 @@ interface schannel
 		[string,charset(UTF8)] uint8 account_name[];
 		dom_sid *sid;
 	} netlogon_creds_CredentialState;
+
+	/* MS-NRPC 2.2.1.3.1 NL_AUTH_MESSAGE */
+
+	typedef [v1_enum] enum {
+		NL_NEGOTIATE_REQUEST	= 0x00000000,
+		NL_NEGOTIATE_RESPONSE	= 0x00000001
+	} NL_AUTH_MESSAGE_TYPE;
+
+	typedef [bitmap32bit] bitmap {
+		NL_FLAG_OEM_NETBIOS_DOMAIN_NAME		= 0x00000001,
+		NL_FLAG_OEM_NETBIOS_COMPUTER_NAME	= 0x00000002,
+		NL_FLAG_UTF8_DNS_DOMAIN_NAME		= 0x00000004,
+		NL_FLAG_UTF8_DNS_HOST_NAME		= 0x00000008,
+		NL_FLAG_UTF8_NETBIOS_COMPUTER_NAME	= 0x00000010
+	} NL_AUTH_MESSAGE_FLAGS;
+
+	typedef [public,nodiscriminant,noprint] union {
+		[case (NL_FLAG_OEM_NETBIOS_DOMAIN_NAME)]	astring	 a;
+		[case (NL_FLAG_OEM_NETBIOS_COMPUTER_NAME)]	astring	 a;
+		[case (NL_FLAG_UTF8_DNS_DOMAIN_NAME)]		nbt_string u;
+		[case (NL_FLAG_UTF8_DNS_HOST_NAME)]		nbt_string u;
+		[case (NL_FLAG_UTF8_NETBIOS_COMPUTER_NAME)]	nbt_string u;
+		[default];
+	} NL_AUTH_MESSAGE_BUFFER;
+
+	typedef [public,flag(NDR_PAHEX)] struct {
+		NL_AUTH_MESSAGE_TYPE MessageType;
+		NL_AUTH_MESSAGE_FLAGS Flags;
+		[switch_is(Flags & NL_FLAG_OEM_NETBIOS_DOMAIN_NAME)]	NL_AUTH_MESSAGE_BUFFER oem_netbios_domain;
+		[switch_is(Flags & NL_FLAG_OEM_NETBIOS_COMPUTER_NAME)]	NL_AUTH_MESSAGE_BUFFER oem_netbios_computer;
+		[switch_is(Flags & NL_FLAG_UTF8_DNS_DOMAIN_NAME)]	NL_AUTH_MESSAGE_BUFFER utf8_dns_domain;
+		[switch_is(Flags & NL_FLAG_UTF8_DNS_HOST_NAME)]		NL_AUTH_MESSAGE_BUFFER utf8_dns_host;
+		[switch_is(Flags & NL_FLAG_UTF8_NETBIOS_COMPUTER_NAME)]	NL_AUTH_MESSAGE_BUFFER utf8_netbios_computer;
+	} NL_AUTH_MESSAGE;
+
+	/* MS-NRPC 2.2.1.3.2 NL_AUTH_SIGNATURE */
+
+	typedef enum {
+		NL_SIGN_HMAC_SHA256	= 0x0013,
+		NL_SIGN_HMAC_MD5	= 0x0077
+	} NL_SIGNATURE_ALGORITHM;
+
+	typedef enum {
+		NL_SEAL_AES128		= 0x001A,
+		NL_SEAL_RC4		= 0x007A,
+		NL_SEAL_NONE		= 0xFFFF
+	} NL_SEAL_ALGORITHM;
+
+	typedef [public,flag(NDR_PAHEX)] struct {
+		[value(NL_SIGN_HMAC_MD5)] NL_SIGNATURE_ALGORITHM SignatureAlgorithm;
+		NL_SEAL_ALGORITHM SealAlgorithm;
+		uint16 Pad;
+		uint16 Flags;
+		uint8 SequenceNumber[8];
+		uint8 Checksum[8];
+		uint8 Confounder[8];
+	} NL_AUTH_SIGNATURE;
+
+	/* MS-NRPC 2.2.1.3.3 NL_AUTH_SHA2_SIGNATURE */
+
+	typedef [public,flag(NDR_PAHEX)] struct {
+		[value(NL_SIGN_HMAC_SHA256)] NL_SIGNATURE_ALGORITHM SignatureAlgorithm;
+		NL_SEAL_ALGORITHM SealAlgorithm;
+		uint16 Pad;
+		uint16 Flags;
+		uint8 SequenceNumber[8];
+		uint8 Checksum[32];
+		uint8 Confounder[8];
+	} NL_AUTH_SHA2_SIGNATURE;
 }

librpc/ndr/ndr_schannel.c

@@ -0,0 +1,55 @@
+/*
+   Unix SMB/CIFS implementation.
+
+   routines for marshalling/unmarshalling special schannel structures
+
+   Copyright (C) Guenther Deschner 2009
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "../librpc/gen_ndr/ndr_schannel.h"
+#include "../librpc/ndr/ndr_schannel.h"
+
+_PUBLIC_ void ndr_print_NL_AUTH_MESSAGE_BUFFER(struct ndr_print *ndr, const char *name, const union NL_AUTH_MESSAGE_BUFFER *r)
+{
+	int level;
+	level = ndr_print_get_switch_value(ndr, r);
+	switch (level) {
+		case NL_FLAG_OEM_NETBIOS_DOMAIN_NAME:
+			ndr_print_string(ndr, name, r->a);
+		break;
+
+		case NL_FLAG_OEM_NETBIOS_COMPUTER_NAME:
+			ndr_print_string(ndr, name, r->a);
+		break;
+
+		case NL_FLAG_UTF8_DNS_DOMAIN_NAME:
+			ndr_print_nbt_string(ndr, name, r->u);
+		break;
+
+		case NL_FLAG_UTF8_DNS_HOST_NAME:
+			ndr_print_nbt_string(ndr, name, r->u);
+		break;
+
+		case NL_FLAG_UTF8_NETBIOS_COMPUTER_NAME:
+			ndr_print_nbt_string(ndr, name, r->u);
+		break;
+
+		default:
+		break;
+
+	}
+}

librpc/ndr/ndr_schannel.h

@@ -0,0 +1,22 @@
+/*
+   Unix SMB/CIFS implementation.
+
+   routines for marshalling/unmarshalling special schannel structures
+
+   Copyright (C) Guenther Deschner 2009
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+void ndr_print_NL_AUTH_MESSAGE_BUFFER(struct ndr_print *ndr, const char *name, const union NL_AUTH_MESSAGE_BUFFER *r);

source3/Makefile.in

@@ -497,6 +497,7 @@ TLDAP_OBJ = lib/tldap.o lib/tldap_util.o lib/util_tsock.o
 SCHANNEL_OBJ = ../libcli/auth/credentials.o \
 	       ../libcli/auth/schannel_state_tdb.o \
 	       ../librpc/gen_ndr/ndr_schannel.o \
+	       ../librpc/ndr/ndr_schannel.o \
 	       passdb/secrets_schannel.o
 
 LIBSMB_OBJ = libsmb/clientgen.o libsmb/cliconnect.o libsmb/clifile.o \

source4/librpc/config.mk

@@ -266,7 +266,7 @@ NDR_NOTIFY_OBJ_FILES = $(gen_ndrsrcdir)/ndr_notify.o
 [SUBSYSTEM::NDR_SCHANNEL]
 PUBLIC_DEPENDENCIES = LIBNDR NDR_NBT
 
-NDR_SCHANNEL_OBJ_FILES = ../librpc/gen_ndr/ndr_schannel.o
+NDR_SCHANNEL_OBJ_FILES = ../librpc/gen_ndr/ndr_schannel.o ../librpc/ndr/ndr_schannel.o
 
 [SUBSYSTEM::NDR_NBT]
 PUBLIC_DEPENDENCIES = LIBNDR NDR_NBT_BUF NDR_SECURITY NDR_STANDARD LIBCLI_NDR_NETLOGON