Andrew, After running Samba RPC-PAC test, analyzing network trace and reviewing its source code, we think that we found the problem in the Sambatorture implementation. In the loop of setting message type from 0x00 to 0xFF, the test program sends the exactly same PAC_Validate buffer for each call. This can be observed from the network trace. Then we confirmed that in ndr_push_PAC_Validate(), which marshals the PAC_Validate structure, message type is always set to NETLOGON_GENERIC_KRB5_PAC_VALIDATE (0x3). That explains why Microsoft servers always return NT_STATUS_OK for all the calls in your test.
We also found that the other tests(wrong length, corrupted data, bad signature etc) performed by Smbtorture failed as expected. Please let us know if what we found is correct. Thanks ---------------------------------------------------------- Hongwei Sun - Sr. Support Escalation Engineer DSC Protocol Team, Microsoft [EMAIL PROTECTED] Tel: 469-7757027 x 57027 ----------------------------------------------------------- -----Original Message----- From: Andrew Bartlett [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 02, 2008 11:06 PM To: Interoperability Documentation Help Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Other types of Kerberos messages on SamLogon Generic MS-APDS 2.2.2.1 describes only one Generic message type (0x3) for the Package "Kerberos". However, Microsoft servers still return NT_STATUS_OK on a message type in the range 0x0..0xff (for example). What other message types are valid on this Package, and what are their formats? Thanks, Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Red Hat Inc. _______________________________________________ cifs-protocol mailing list [email protected] https://lists.samba.org/mailman/listinfo/cifs-protocol
