CVE-2020-25719 heimdal:kdc: Move fetching krbtgt entry to before enctype selection

[Samba.git] / librpc / idl / krb5pac.idl

/*
  krb5 PAC
*/

#include "idl_types.h"

import "security.idl", "lsa.idl", "netlogon.idl", "samr.idl";

[
  uuid("12345778-1234-abcd-0000-00000000"),
  version(0.0),
  pointer_default(unique),
  helpstring("Active Directory KRB5 PAC"),
  helper("../librpc/ndr/ndr_krb5pac.h")
]
interface krb5pac
{
        typedef struct {
                NTTIME logon_time;
                [value(2*strlen_m(account_name))] uint16 size;
                [charset(UTF16)] uint8 account_name[size];
        } PAC_LOGON_NAME;

        typedef [public,flag(NDR_PAHEX)] struct {
                uint32 type;
                [flag(NDR_REMAINING)] DATA_BLOB signature;
        } PAC_SIGNATURE_DATA;

        typedef struct {
                dom_sid2 *domain_sid;
                samr_RidWithAttributeArray groups;
        } PAC_DOMAIN_GROUP_MEMBERSHIP;

        typedef struct {
                netr_SamInfo3 info3;
                /*
                 * On ndr_push:
                 * Pointers values of info3.sids[*].sid
                 * should be allocated before the following ones?
                 * (just the 0x30 0x00 0x02 0x00 value).
                 */
                PAC_DOMAIN_GROUP_MEMBERSHIP resource_groups;
        } PAC_LOGON_INFO;

        typedef [bitmap32bit] bitmap {
                PAC_CREDENTIAL_NTLM_HAS_LM_HASH = 0x00000001,
                PAC_CREDENTIAL_NTLM_HAS_NT_HASH = 0x00000002
        } PAC_CREDENTIAL_NTLM_FLAGS;

        typedef [public] struct {
                [value(0)] uint32 version;
                PAC_CREDENTIAL_NTLM_FLAGS flags;
                [noprint] samr_Password lm_password;
                [noprint] samr_Password nt_password;
        } PAC_CREDENTIAL_NTLM_SECPKG;

        typedef [public] struct {
                lsa_String package_name;
                uint32 credential_size;
                [size_is(credential_size), noprint] uint8 *credential;
        } PAC_CREDENTIAL_SUPPLEMENTAL_SECPKG;

        typedef [public] struct {
                uint32 credential_count;
                [size_is(credential_count)] PAC_CREDENTIAL_SUPPLEMENTAL_SECPKG credentials[*];
        } PAC_CREDENTIAL_DATA;

        typedef [public] struct {
                PAC_CREDENTIAL_DATA *data;
        } PAC_CREDENTIAL_DATA_CTR;

        typedef [public] struct {
                [subcontext(0xFFFFFC01)] PAC_CREDENTIAL_DATA_CTR ctr;
        } PAC_CREDENTIAL_DATA_NDR;

        typedef [public] struct {
                [value(0)] uint32 version;
                uint32 encryption_type;
                [flag(NDR_REMAINING)] DATA_BLOB encrypted_data;
        } PAC_CREDENTIAL_INFO;

        typedef struct {
                lsa_String proxy_target;
                uint32 num_transited_services;
                [size_is(num_transited_services)] lsa_String *transited_services;
        } PAC_CONSTRAINED_DELEGATION;

        typedef [bitmap32bit] bitmap {
                PAC_UPN_DNS_FLAG_CONSTRUCTED = 0x00000001,
                PAC_UPN_DNS_FLAG_HAS_SAM_NAME_AND_SID = 0x00000002
        } PAC_UPN_DNS_FLAGS;

        typedef struct {
                [value(2*strlen_m(samaccountname))] uint16 samaccountname_size;
                [relative_short,subcontext(0),subcontext_size(samaccountname_size),flag(NDR_ALIGN8|STR_NOTERM|NDR_REMAINING)] string *samaccountname;
                [value(ndr_size_dom_sid(objectsid, ndr->flags))] uint16 objectsid_size;
                [relative_short,subcontext(0),subcontext_size(objectsid_size)] dom_sid *objectsid;
        } PAC_UPN_DNS_INFO_SAM_NAME_AND_SID;

        typedef [nodiscriminant] union {
                [case(PAC_UPN_DNS_FLAG_HAS_SAM_NAME_AND_SID)] PAC_UPN_DNS_INFO_SAM_NAME_AND_SID sam_name_and_sid;
                [default];
        } PAC_UPN_DNS_INFO_EX;

        typedef struct {
                [value(2*strlen_m(upn_name))] uint16 upn_name_size;
                [relative_short,subcontext(0),subcontext_size(upn_name_size),flag(NDR_ALIGN8|STR_NOTERM|NDR_REMAINING)] string *upn_name;
                [value(2*strlen_m(dns_domain_name))] uint16 dns_domain_name_size;
                [relative_short,subcontext(0),subcontext_size(dns_domain_name_size),flag(NDR_ALIGN8|STR_NOTERM|NDR_REMAINING)] string *dns_domain_name;
                PAC_UPN_DNS_FLAGS flags;
                [switch_is(flags & PAC_UPN_DNS_FLAG_HAS_SAM_NAME_AND_SID)] PAC_UPN_DNS_INFO_EX ex;
        } PAC_UPN_DNS_INFO;

        typedef [bitmap32bit] bitmap {
                PAC_ATTRIBUTE_FLAG_PAC_WAS_REQUESTED = 0x00000001,
                PAC_ATTRIBUTE_FLAG_PAC_WAS_GIVEN_IMPLICITLY = 0x00000002
        } PAC_ATTRIBUTE_INFO_FLAGS;

        typedef struct {
                uint32 flags_length; /* length in bits */
                PAC_ATTRIBUTE_INFO_FLAGS flags;
        } PAC_ATTRIBUTES_INFO;

        typedef struct {
                dom_sid sid;
        } PAC_REQUESTER_SID;

        typedef [public] struct {
                PAC_LOGON_INFO *info;
        } PAC_LOGON_INFO_CTR;

        typedef [public] struct {
                PAC_CONSTRAINED_DELEGATION *info;
        } PAC_CONSTRAINED_DELEGATION_CTR;

        typedef [public,v1_enum] enum {
                PAC_TYPE_LOGON_INFO = 1,
                PAC_TYPE_CREDENTIAL_INFO = 2,
                PAC_TYPE_SRV_CHECKSUM = 6,
                PAC_TYPE_KDC_CHECKSUM = 7,
                PAC_TYPE_LOGON_NAME = 10,
                PAC_TYPE_CONSTRAINED_DELEGATION = 11,
                PAC_TYPE_UPN_DNS_INFO = 12,
                PAC_TYPE_CLIENT_CLAIMS_INFO = 13,
                PAC_TYPE_DEVICE_INFO = 14,
                PAC_TYPE_DEVICE_CLAIMS_INFO = 15,
                PAC_TYPE_TICKET_CHECKSUM = 16,
                PAC_TYPE_ATTRIBUTES_INFO = 17,
                PAC_TYPE_REQUESTER_SID = 18
        } PAC_TYPE;

        typedef struct {
                [flag(NDR_REMAINING)] DATA_BLOB remaining;
        } DATA_BLOB_REM;

        typedef [public,nodiscriminant,gensize] union {
                [case(PAC_TYPE_LOGON_INFO)][subcontext(0xFFFFFC01)] PAC_LOGON_INFO_CTR logon_info;
                [case(PAC_TYPE_CREDENTIAL_INFO)]        PAC_CREDENTIAL_INFO credential_info;
                [case(PAC_TYPE_SRV_CHECKSUM)]   PAC_SIGNATURE_DATA srv_cksum;
                [case(PAC_TYPE_KDC_CHECKSUM)]   PAC_SIGNATURE_DATA kdc_cksum;
                [case(PAC_TYPE_LOGON_NAME)]     PAC_LOGON_NAME logon_name;
                [case(PAC_TYPE_CONSTRAINED_DELEGATION)][subcontext(0xFFFFFC01)]
                        PAC_CONSTRAINED_DELEGATION_CTR constrained_delegation;
                [case(PAC_TYPE_UPN_DNS_INFO)]   PAC_UPN_DNS_INFO upn_dns_info;
                [case(PAC_TYPE_TICKET_CHECKSUM)]        PAC_SIGNATURE_DATA ticket_checksum;
                [case(PAC_TYPE_ATTRIBUTES_INFO)]        PAC_ATTRIBUTES_INFO attributes_info;
                [case(PAC_TYPE_REQUESTER_SID)]  PAC_REQUESTER_SID requester_sid;
                /* when new PAC info types are added they are supposed to be done
                   in such a way that they are backwards compatible with existing
                   servers. This makes it safe to just use a [default] for
                   unknown types, which lets us ignore the data */
                [default]       [subcontext(0)] DATA_BLOB_REM unknown;
        } PAC_INFO;

        typedef [public,nopush,nopull] struct {
                PAC_TYPE type;
                [value(_ndr_size_PAC_INFO(info, type, LIBNDR_FLAG_ALIGN8))] uint32 _ndr_size;
                /*
                 * We need to have two subcontexts to get the padding right,
                 * the outer subcontext uses NDR_ROUND(_ndr_size, 8), while
                 * the inner subcontext only uses _ndr_size.
                 *
                 * We do that in non-generated push/pull functions.
                 */
                [relative,switch_is(type),subcontext(0),subcontext_size(NDR_ROUND(_ndr_size,8)),flag(NDR_ALIGN8)] PAC_INFO *info;
                [value(0)] uint32 _pad; /* Top half of a 64 bit pointer? */
        } PAC_BUFFER;

        typedef [public] struct {
                uint32 num_buffers;
                uint32 version;
                PAC_BUFFER buffers[num_buffers];
        } PAC_DATA;

        typedef [public] struct {
                PAC_TYPE type;
                uint32 ndr_size;
                [relative,subcontext(0),subcontext_size(NDR_ROUND(ndr_size,8)),flag(NDR_ALIGN8)] DATA_BLOB_REM *info;
                [value(0)] uint32 _pad; /* Top half of a 64 bit pointer? */
        } PAC_BUFFER_RAW;

        typedef [public] struct {
                uint32 num_buffers;
                uint32 version;
                PAC_BUFFER_RAW buffers[num_buffers];
        } PAC_DATA_RAW;

        const int NETLOGON_GENERIC_KRB5_PAC_VALIDATE = 3;

        typedef [public] struct {
                [value(NETLOGON_GENERIC_KRB5_PAC_VALIDATE)] uint32 MessageType;
                uint32 ChecksumLength;
                int32 SignatureType;
                uint32 SignatureLength;
                [flag(NDR_REMAINING)] DATA_BLOB ChecksumAndSignature;
        } PAC_Validate;

        /* used for samba3 netsamlogon cache */
        typedef [public] struct {
                time_t timestamp;
                netr_SamInfo3 info3;
        } netsamlogoncache_entry;
}