source3/include/secrets.h

   1 /*
   2  * Unix SMB/CIFS implementation.
   3  * secrets.tdb file format info
   4  * Copyright (C) Andrew Tridgell              2000
   5  *
   6  * This program is free software; you can redistribute it and/or modify it
   7  * under the terms of the GNU General Public License as published by the
   8  * Free Software Foundation; either version 2 of the License, or (at your
   9  * option) any later version.
  10  *
  11  * This program is distributed in the hope that it will be useful, but WITHOUT
  12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
  14  * more details.
  15  *
  16  * You should have received a copy of the GNU General Public License along with
  17  * this program; if not, write to the Free Software Foundation, Inc., 675
  18  * Mass Ave, Cambridge, MA 02139, USA.
  19  */
  20
  21 #ifndef _SECRETS_H
  22 #define _SECRETS_H
  23
  24 /* the first one is for the hashed password (NT4 style) the latter
  25    for plaintext (ADS)
  26 */
  27 #define SECRETS_MACHINE_ACCT_PASS "SECRETS/$MACHINE.ACC"
  28 #define SECRETS_MACHINE_PASSWORD "SECRETS/MACHINE_PASSWORD"
  29 #define SECRETS_MACHINE_LAST_CHANGE_TIME "SECRETS/MACHINE_LAST_CHANGE_TIME"
  30 #define SECRETS_MACHINE_SEC_CHANNEL_TYPE "SECRETS/MACHINE_SEC_CHANNEL_TYPE"
  31 #define SECRETS_MACHINE_TRUST_ACCOUNT_NAME "SECRETS/SECRETS_MACHINE_TRUST_ACCOUNT_NAME"
  32 /* this one is for storing trusted domain account password */
  33 #define SECRETS_DOMTRUST_ACCT_PASS "SECRETS/$DOMTRUST.ACC"
  34
  35 /* The domain sid and our sid are stored here even though they aren't
  36    really secret. */
  37 #define SECRETS_DOMAIN_SID    "SECRETS/SID"
  38 #define SECRETS_SAM_SID       "SAM/SID"
  39
  40 /* The domain GUID and server GUID (NOT the same) are also not secret */
  41 #define SECRETS_DOMAIN_GUID   "SECRETS/DOMGUID"
  42 #define SECRETS_SERVER_GUID   "SECRETS/GUID"
  43
  44 #define SECRETS_LDAP_BIND_PW "SECRETS/LDAP_BIND_PW"
  45
  46 /* Authenticated user info is stored in secrets.tdb under these keys */
  47
  48 #define SECRETS_AUTH_USER      "SECRETS/AUTH_USER"
  49 #define SECRETS_AUTH_DOMAIN      "SECRETS/AUTH_DOMAIN"
  50 #define SECRETS_AUTH_PASSWORD  "SECRETS/AUTH_PASSWORD"
  51
  52 /* Trust password type flags */
  53 #define PASS_MACHINE_TRUST_NT       0x0001
  54 #define PASS_SERVER_TRUST_NT        0x0002
  55 #define PASS_DOMAIN_TRUST_NT        0x0004
  56 #define PASS_MACHINE_TRUST_ADS      0x0008
  57 #define PASS_DOMAIN_TRUST_ADS       0x0010
  58
  59 /* structure for storing machine account password
  60    (ie. when samba server is member of a domain */
  61 struct machine_acct_pass {
  62         uint8 hash[16];
  63         time_t mod_time;
  64 };
  65
  66 /*
  67  * storage structure for trusted domain
  68  */
  69 typedef struct trusted_dom_pass {
  70         size_t uni_name_len;
  71         smb_ucs2_t uni_name[32]; /* unicode domain name */
  72         size_t pass_len;
  73         fstring pass;           /* trust relationship's password */
  74         time_t mod_time;
  75         DOM_SID domain_sid;     /* remote domain's sid */
  76 } TRUSTED_DOM_PASS;
  77
  78 /*
  79  * trusted domain entry/entries returned by secrets_get_trusted_domains
  80  * (used in _lsa_enum_trust_dom call)
  81  */
  82 typedef struct trustdom {
  83         smb_ucs2_t *name;
  84         DOM_SID sid;
  85 } TRUSTDOM;
  86
  87 /*
  88  * Format of an OpenAFS keyfile
  89  */
  90
  91 #define SECRETS_AFS_MAXKEYS 8
  92
  93 struct afs_key {
  94         uint32 kvno;
  95         char key[8];
  96 };
  97
  98 struct afs_keyfile {
  99         uint32 nkeys;
 100         struct afs_key entry[SECRETS_AFS_MAXKEYS];
 101 };
 102
 103 #define SECRETS_AFS_KEYFILE "SECRETS/AFS_KEYFILE"
 104
 105 #endif /* _SECRETS_H */