s3:smbd: call pthreadpool_tevent_init() already in smbd_process()

[Samba.git] / librpc / idl / krb5pac.idl

/*
  krb5 PAC
*/

#include "idl_types.h"

import "security.idl", "lsa.idl", "netlogon.idl", "samr.idl";

[
  uuid("12345778-1234-abcd-0000-00000000"),
  version(0.0),
  pointer_default(unique),
  helpstring("Active Directory KRB5 PAC"),
  helper("../librpc/ndr/ndr_krb5pac.h")
]
interface krb5pac
{
        typedef struct {
                NTTIME logon_time;
                [value(2*strlen_m(account_name))] uint16 size;
                [charset(UTF16)] uint8 account_name[size];
        } PAC_LOGON_NAME;

        typedef [public,flag(NDR_PAHEX)] struct {
                uint32 type;
                [flag(NDR_REMAINING)] DATA_BLOB signature;
        } PAC_SIGNATURE_DATA;

        typedef struct {
                dom_sid2 *domain_sid;
                samr_RidWithAttributeArray groups;
        } PAC_DOMAIN_GROUP_MEMBERSHIP;

        typedef struct {
                netr_SamInfo3 info3;
                /*
                 * On ndr_push:
                 * Pointers values of info3.sids[*].sid
                 * should be allocated before the following ones?
                 * (just the 0x30 0x00 0x02 0x00 value).
                 */
                PAC_DOMAIN_GROUP_MEMBERSHIP resource_groups;
        } PAC_LOGON_INFO;

        typedef [bitmap32bit] bitmap {
                PAC_CREDENTIAL_NTLM_HAS_LM_HASH = 0x00000001,
                PAC_CREDENTIAL_NTLM_HAS_NT_HASH = 0x00000002
        } PAC_CREDENTIAL_NTLM_FLAGS;

        typedef [public] struct {
                [value(0)] uint32 version;
                PAC_CREDENTIAL_NTLM_FLAGS flags;
                [noprint] samr_Password lm_password;
                [noprint] samr_Password nt_password;
        } PAC_CREDENTIAL_NTLM_SECPKG;

        typedef [public] struct {
                lsa_String package_name;
                uint32 credential_size;
                [size_is(credential_size), noprint] uint8 *credential;
        } PAC_CREDENTIAL_SUPPLEMENTAL_SECPKG;

        typedef [public] struct {
                uint32 credential_count;
                [size_is(credential_count)] PAC_CREDENTIAL_SUPPLEMENTAL_SECPKG credentials[*];
        } PAC_CREDENTIAL_DATA;

        typedef [public] struct {
                PAC_CREDENTIAL_DATA *data;
        } PAC_CREDENTIAL_DATA_CTR;

        typedef [public] struct {
                [subcontext(0xFFFFFC01)] PAC_CREDENTIAL_DATA_CTR ctr;
        } PAC_CREDENTIAL_DATA_NDR;

        typedef [public] struct {
                [value(0)] uint32 version;
                uint32 encryption_type;
                [flag(NDR_REMAINING)] DATA_BLOB encrypted_data;
        } PAC_CREDENTIAL_INFO;

        typedef struct {
                lsa_String proxy_target;
                uint32 num_transited_services;
                [size_is(num_transited_services)] lsa_String *transited_services;
        } PAC_CONSTRAINED_DELEGATION;

        typedef [bitmap32bit] bitmap {
                PAC_UPN_DNS_FLAG_CONSTRUCTED = 0x00000001
        } PAC_UPN_DNS_FLAGS;

        typedef struct {
                [value(2*strlen_m(upn_name))] uint16 upn_name_size;
                [relative_short,subcontext(0),subcontext_size(upn_name_size),flag(NDR_ALIGN8|STR_NOTERM|NDR_REMAINING)] string *upn_name;
                [value(2*strlen_m(dns_domain_name))] uint16 dns_domain_name_size;
                [relative_short,subcontext(0),subcontext_size(dns_domain_name_size),flag(NDR_ALIGN8|STR_NOTERM|NDR_REMAINING)] string *dns_domain_name;
                PAC_UPN_DNS_FLAGS flags;
        } PAC_UPN_DNS_INFO;

        typedef [public] struct {
                PAC_LOGON_INFO *info;
        } PAC_LOGON_INFO_CTR;

        typedef [public] struct {
                PAC_CONSTRAINED_DELEGATION *info;
        } PAC_CONSTRAINED_DELEGATION_CTR;

        typedef [public,v1_enum] enum {
                PAC_TYPE_LOGON_INFO = 1,
                PAC_TYPE_CREDENTIAL_INFO = 2,
                PAC_TYPE_SRV_CHECKSUM = 6,
                PAC_TYPE_KDC_CHECKSUM = 7,
                PAC_TYPE_LOGON_NAME = 10,
                PAC_TYPE_CONSTRAINED_DELEGATION = 11,
                PAC_TYPE_UPN_DNS_INFO = 12
        } PAC_TYPE;

        typedef struct {
                [flag(NDR_REMAINING)] DATA_BLOB remaining;
        } DATA_BLOB_REM;

        typedef [public,nodiscriminant,gensize] union {
                [case(PAC_TYPE_LOGON_INFO)][subcontext(0xFFFFFC01)] PAC_LOGON_INFO_CTR logon_info;
                [case(PAC_TYPE_CREDENTIAL_INFO)]        PAC_CREDENTIAL_INFO credential_info;
                [case(PAC_TYPE_SRV_CHECKSUM)]   PAC_SIGNATURE_DATA srv_cksum;
                [case(PAC_TYPE_KDC_CHECKSUM)]   PAC_SIGNATURE_DATA kdc_cksum;
                [case(PAC_TYPE_LOGON_NAME)]     PAC_LOGON_NAME logon_name;
                [case(PAC_TYPE_CONSTRAINED_DELEGATION)][subcontext(0xFFFFFC01)]
                        PAC_CONSTRAINED_DELEGATION_CTR constrained_delegation;
                [case(PAC_TYPE_UPN_DNS_INFO)]   PAC_UPN_DNS_INFO upn_dns_info;
                /* when new PAC info types are added they are supposed to be done
                   in such a way that they are backwards compatible with existing
                   servers. This makes it safe to just use a [default] for
                   unknown types, which lets us ignore the data */
                [default]       [subcontext(0)] DATA_BLOB_REM unknown;
        } PAC_INFO;

        typedef [public,nopush,nopull] struct {
                PAC_TYPE type;
                [value(_ndr_size_PAC_INFO(info, type, 0))] uint32 _ndr_size;
                /*
                 * We need to have two subcontexts to get the padding right,
                 * the outer subcontext uses NDR_ROUND(_ndr_size, 8), while
                 * the inner subcontext only uses _ndr_size.
                 *
                 * We do that in non-generated push/pull functions.
                 */
                [relative,switch_is(type),subcontext(0),subcontext_size(NDR_ROUND(_ndr_size,8)),flag(NDR_ALIGN8)] PAC_INFO *info;
                [value(0)] uint32 _pad; /* Top half of a 64 bit pointer? */
        } PAC_BUFFER;

        typedef [public] struct {
                uint32 num_buffers;
                uint32 version;
                PAC_BUFFER buffers[num_buffers];
        } PAC_DATA;

        typedef [public] struct {
                PAC_TYPE type;
                uint32 ndr_size;
                [relative,subcontext(0),subcontext_size(NDR_ROUND(ndr_size,8)),flag(NDR_ALIGN8)] DATA_BLOB_REM *info;
                [value(0)] uint32 _pad; /* Top half of a 64 bit pointer? */
        } PAC_BUFFER_RAW;

        typedef [public] struct {
                uint32 num_buffers;
                uint32 version;
                PAC_BUFFER_RAW buffers[num_buffers];
        } PAC_DATA_RAW;

        const int NETLOGON_GENERIC_KRB5_PAC_VALIDATE = 3;

        typedef [public] struct {
                [value(NETLOGON_GENERIC_KRB5_PAC_VALIDATE)] uint32 MessageType;
                uint32 ChecksumLength;
                int32 SignatureType;
                uint32 SignatureLength;
                [flag(NDR_REMAINING)] DATA_BLOB ChecksumAndSignature;
        } PAC_Validate;

        [nopython] void decode_pac(
                [in] PAC_DATA pac
                );

        [nopython] void decode_pac_raw(
                [in] PAC_DATA_RAW pac
                );

        [nopython] void decode_login_info(
                [in] PAC_LOGON_INFO logon_info
                );

        [nopython] void decode_login_info_ctr(
                [in] PAC_LOGON_INFO_CTR logon_info_ctr
                );

        [nopython] void decode_credential_data_ndr(
                [in] PAC_CREDENTIAL_DATA_NDR credential_data_ndr
                );

        [nopython] void decode_upn_dns_info(
                [in] PAC_UPN_DNS_INFO upn_dns_info
                );

        [nopython] void decode_pac_validate(
                [in] PAC_Validate pac_validate
                );

        /* used for samba3 netsamlogon cache */
        typedef [public] struct {
                time_t timestamp;
                netr_SamInfo3 info3;
        } netsamlogoncache_entry;
}