pidl/NDR/Parser: do array range validation in ParseArrayPullGetLength()
[Samba.git] / source3 / include / secrets.h
blob3c8e2ccf81ac166f5d9926c2f2f3580787e13726
1 /*
2 * Unix SMB/CIFS implementation.
3 * secrets.tdb file format info
4 * Copyright (C) Andrew Tridgell 2000
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 3 of the License, or (at your
9 * option) any later version.
11 * This program is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
14 * more details.
16 * You should have received a copy of the GNU General Public License along with
17 * this program; if not, see <http://www.gnu.org/licenses/>.
20 #ifndef _SECRETS_H
21 #define _SECRETS_H
23 /* the first one is for the hashed password (NT4 style) the latter
24 for plaintext (ADS)
26 #define SECRETS_MACHINE_ACCT_PASS "SECRETS/$MACHINE.ACC"
27 #define SECRETS_MACHINE_PASSWORD "SECRETS/MACHINE_PASSWORD"
28 #define SECRETS_MACHINE_LAST_CHANGE_TIME "SECRETS/MACHINE_LAST_CHANGE_TIME"
29 #define SECRETS_MACHINE_SEC_CHANNEL_TYPE "SECRETS/MACHINE_SEC_CHANNEL_TYPE"
30 #define SECRETS_MACHINE_TRUST_ACCOUNT_NAME "SECRETS/SECRETS_MACHINE_TRUST_ACCOUNT_NAME"
31 /* this one is for storing trusted domain account password */
32 #define SECRETS_DOMTRUST_ACCT_PASS "SECRETS/$DOMTRUST.ACC"
34 /* Store the principal name used for Kerberos DES key salt under this key name. */
35 #define SECRETS_SALTING_PRINCIPAL "SECRETS/SALTING_PRINCIPAL"
37 /* The domain sid and our sid are stored here even though they aren't
38 really secret. */
39 #define SECRETS_DOMAIN_SID "SECRETS/SID"
40 #define SECRETS_SAM_SID "SAM/SID"
42 /* The domain GUID and server GUID (NOT the same) are also not secret */
43 #define SECRETS_DOMAIN_GUID "SECRETS/DOMGUID"
44 #define SECRETS_SERVER_GUID "SECRETS/GUID"
46 #define SECRETS_LDAP_BIND_PW "SECRETS/LDAP_BIND_PW"
48 #define SECRETS_LOCAL_SCHANNEL_KEY "SECRETS/LOCAL_SCHANNEL_KEY"
50 /* Authenticated user info is stored in secrets.tdb under these keys */
52 #define SECRETS_AUTH_USER "SECRETS/AUTH_USER"
53 #define SECRETS_AUTH_DOMAIN "SECRETS/AUTH_DOMAIN"
54 #define SECRETS_AUTH_PASSWORD "SECRETS/AUTH_PASSWORD"
56 /* structure for storing machine account password
57 (ie. when samba server is member of a domain */
58 struct machine_acct_pass {
59 uint8 hash[16];
60 time_t mod_time;
64 * storage structure for trusted domain
66 typedef struct trusted_dom_pass {
67 size_t uni_name_len;
68 smb_ucs2_t uni_name[32]; /* unicode domain name */
69 size_t pass_len;
70 fstring pass; /* trust relationship's password */
71 time_t mod_time;
72 DOM_SID domain_sid; /* remote domain's sid */
73 } TRUSTED_DOM_PASS;
76 * trusted domain entry/entries returned by secrets_get_trusted_domains
77 * (used in _lsa_enum_trust_dom call)
79 struct trustdom_info {
80 char *name;
81 DOM_SID sid;
85 * Format of an OpenAFS keyfile
88 #define SECRETS_AFS_MAXKEYS 8
90 struct afs_key {
91 uint32 kvno;
92 char key[8];
95 struct afs_keyfile {
96 uint32 nkeys;
97 struct afs_key entry[SECRETS_AFS_MAXKEYS];
100 #define SECRETS_AFS_KEYFILE "SECRETS/AFS_KEYFILE"
102 #define SECRETS_SCHANNEL_STATE "SECRETS/SCHANNEL"
104 #endif /* _SECRETS_H */