s3-smbd: Added a become_user_by_session() function.
[Samba.git] / librpc / idl / krb5pac.idl
blobd7a99c99093b268dce81521bb964687791e725c8
1 /*
2 krb5 PAC
3 */
5 #include "idl_types.h"
7 import "security.idl", "netlogon.idl", "samr.idl";
10 uuid("12345778-1234-abcd-0000-00000000"),
11 version(0.0),
12 pointer_default(unique),
13 helpstring("Active Directory KRB5 PAC")
15 interface krb5pac
17 typedef struct {
18 NTTIME logon_time;
19 [value(2*strlen_m(account_name))] uint16 size;
20 [charset(UTF16)] uint8 account_name[size];
21 } PAC_LOGON_NAME;
23 typedef [public,flag(NDR_PAHEX)] struct {
24 uint32 type;
25 [flag(NDR_REMAINING)] DATA_BLOB signature;
26 } PAC_SIGNATURE_DATA;
28 typedef struct {
29 netr_SamInfo3 info3;
30 dom_sid2 *res_group_dom_sid;
31 samr_RidWithAttributeArray res_groups;
32 } PAC_LOGON_INFO;
34 typedef struct {
35 [value(2*strlen_m(upn_name))] uint16 upn_size;
36 uint16 upn_offset;
37 [value(2*strlen_m(domain_name))] uint16 domain_size;
38 uint16 domain_offset;
39 uint16 unknown3; /* 0x01 */
40 uint16 unknown4;
41 uint32 unknown5;
42 [charset(UTF16)] uint8 upn_name[upn_size+2];
43 [charset(UTF16)] uint8 domain_name[domain_size+2];
44 uint32 unknown6; /* padding */
45 } PAC_UNKNOWN_12;
47 typedef [public] struct {
48 PAC_LOGON_INFO *info;
49 } PAC_LOGON_INFO_CTR;
51 typedef [public,v1_enum] enum {
52 PAC_TYPE_LOGON_INFO = 1,
53 PAC_TYPE_SRV_CHECKSUM = 6,
54 PAC_TYPE_KDC_CHECKSUM = 7,
55 PAC_TYPE_LOGON_NAME = 10,
56 PAC_TYPE_CONSTRAINED_DELEGATION = 11,
57 PAC_TYPE_UNKNOWN_12 = 12
58 } PAC_TYPE;
60 typedef struct {
61 [flag(NDR_REMAINING)] DATA_BLOB remaining;
62 } DATA_BLOB_REM;
64 typedef [public,nodiscriminant,gensize] union {
65 [case(PAC_TYPE_LOGON_INFO)][subcontext(0xFFFFFC01)] PAC_LOGON_INFO_CTR logon_info;
66 [case(PAC_TYPE_SRV_CHECKSUM)] PAC_SIGNATURE_DATA srv_cksum;
67 [case(PAC_TYPE_KDC_CHECKSUM)] PAC_SIGNATURE_DATA kdc_cksum;
68 [case(PAC_TYPE_LOGON_NAME)] PAC_LOGON_NAME logon_name;
69 /* when new PAC info types are added they are supposed to be done
70 in such a way that they are backwards compatible with existing
71 servers. This makes it safe to just use a [default] for
72 unknown types, which lets us ignore the data */
73 [default] [subcontext(0)] DATA_BLOB_REM unknown;
74 /* [case(PAC_TYPE_UNKNOWN_12)] PAC_UNKNOWN_12 unknown; */
75 } PAC_INFO;
77 typedef [public,nopush,nopull,noprint] struct {
78 PAC_TYPE type;
79 [value(_ndr_size_PAC_INFO(info, type, 0))] uint32 _ndr_size;
80 [relative,switch_is(type),subcontext(0),subcontext_size(_subcontext_size_PAC_INFO(r, ndr->flags)),flag(NDR_ALIGN8)] PAC_INFO *info;
81 [value(0)] uint32 _pad; /* Top half of a 64 bit pointer? */
82 } PAC_BUFFER;
84 typedef [public] struct {
85 uint32 num_buffers;
86 uint32 version;
87 PAC_BUFFER buffers[num_buffers];
88 } PAC_DATA;
90 typedef [public] struct {
91 PAC_TYPE type;
92 uint32 ndr_size;
93 [relative,subcontext(0),subcontext_size(NDR_ROUND(ndr_size,8)),flag(NDR_ALIGN8)] DATA_BLOB_REM *info;
94 [value(0)] uint32 _pad; /* Top half of a 64 bit pointer? */
95 } PAC_BUFFER_RAW;
97 typedef [public] struct {
98 uint32 num_buffers;
99 uint32 version;
100 PAC_BUFFER_RAW buffers[num_buffers];
101 } PAC_DATA_RAW;
103 const int NETLOGON_GENERIC_KRB5_PAC_VALIDATE = 3;
105 typedef [public] struct {
106 [value(NETLOGON_GENERIC_KRB5_PAC_VALIDATE)] uint32 MessageType;
107 uint32 ChecksumLength;
108 int32 SignatureType;
109 uint32 SignatureLength;
110 [flag(NDR_REMAINING)] DATA_BLOB ChecksumAndSignature;
111 } PAC_Validate;
113 void decode_pac(
114 [in] PAC_DATA pac
117 void decode_pac_raw(
118 [in] PAC_DATA_RAW pac
121 void decode_login_info(
122 [in] PAC_LOGON_INFO logon_info
125 void decode_login_info_ctr(
126 [in] PAC_LOGON_INFO_CTR logon_info_ctr
129 void decode_pac_validate(
130 [in] PAC_Validate pac_validate
133 /* used for samba3 netsamlogon cache */
134 typedef [public] struct {
135 time_t timestamp;
136 netr_SamInfo3 info3;
137 } netsamlogoncache_entry;