source3/include/authdata.h

   1 /*
   2    Unix SMB/CIFS implementation.
   3    Kerberos authorization data
   4    Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2003
   5
   6
   7    This program is free software; you can redistribute it and/or modify
   8    it under the terms of the GNU General Public License as published by
   9    the Free Software Foundation; either version 3 of the License, or
  10    (at your option) any later version.
  11
  12    This program is distributed in the hope that it will be useful,
  13    but WITHOUT ANY WARRANTY; without even the implied warranty of
  14    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15    GNU General Public License for more details.
  16
  17    You should have received a copy of the GNU General Public License
  18    along with this program.  If not, see <http://www.gnu.org/licenses/>.
  19 */
  20
  21 #ifndef _AUTHDATA_H
  22 #define _AUTHDATA_H
  23
  24 #include "rpc_misc.h"
  25 #include "rpc_netlogon.h"
  26
  27 #define PAC_TYPE_LOGON_INFO 1
  28 #define PAC_TYPE_SERVER_CHECKSUM 6
  29 #define PAC_TYPE_PRIVSVR_CHECKSUM 7
  30 #define PAC_TYPE_LOGON_NAME 10
  31
  32 #ifndef KRB5_AUTHDATA_WIN2K_PAC
  33 #define KRB5_AUTHDATA_WIN2K_PAC 128
  34 #endif
  35
  36 #ifndef KRB5_AUTHDATA_IF_RELEVANT
  37 #define KRB5_AUTHDATA_IF_RELEVANT 1
  38 #endif
  39
  40
  41 typedef struct pac_logon_name {
  42         NTTIME logon_time;
  43         uint16 len;
  44         uint8 *username; /* Actually always little-endian. might not be null terminated, so not UNISTR */
  45 } PAC_LOGON_NAME;
  46
  47 typedef struct pac_signature_data {
  48         uint32 type;
  49         RPC_DATA_BLOB signature; /* this not the on-wire-format (!) */
  50 } PAC_SIGNATURE_DATA;
  51
  52 typedef struct group_membership {
  53         uint32 rid;
  54         uint32 attrs;
  55 } GROUP_MEMBERSHIP;
  56
  57 typedef struct group_membership_array {
  58         uint32 count;
  59         GROUP_MEMBERSHIP *group_membership;
  60 } GROUP_MEMBERSHIP_ARRAY;
  61
  62 #if 0 /* Unused, replaced by NET_USER_INFO_3 - Guenther */
  63
  64 typedef struct krb_sid_and_attrs {
  65         uint32 sid_ptr;
  66         uint32 attrs;
  67         DOM_SID2 *sid;
  68 } KRB_SID_AND_ATTRS;
  69
  70 typedef struct krb_sid_and_attr_array {
  71         uint32 count;
  72         KRB_SID_AND_ATTRS *krb_sid_and_attrs;
  73 } KRB_SID_AND_ATTR_ARRAY;
  74
  75
  76 /* This is awfully similar to a samr_user_info_23, but not identical.
  77    Many of the field names have been swiped from there, because it is
  78    so similar that they are likely the same, but many have been verified.
  79    Some are in a different order, though... */
  80 typedef struct pac_logon_info {
  81         NTTIME logon_time;            /* logon time */
  82         NTTIME logoff_time;           /* logoff time */
  83         NTTIME kickoff_time;          /* kickoff time */
  84         NTTIME pass_last_set_time;    /* password last set time */
  85         NTTIME pass_can_change_time;  /* password can change time */
  86         NTTIME pass_must_change_time; /* password must change time */
  87
  88         UNIHDR hdr_user_name;    /* user name unicode string header */
  89         UNIHDR hdr_full_name;    /* user's full name unicode string header */
  90         UNIHDR hdr_logon_script; /* these last 4 appear to be in a different */
  91         UNIHDR hdr_profile_path; /* order than in the info23 */
  92         UNIHDR hdr_home_dir;
  93         UNIHDR hdr_dir_drive;
  94
  95         uint16 logon_count; /* number of times user has logged onto domain */
  96         uint16 bad_password_count;      /* samba4 idl */
  97
  98         uint32 user_rid;
  99         uint32 group_rid;
 100         uint32 group_count;
 101         uint32 group_membership_ptr;
 102         uint32 user_flags;
 103
 104         uint8 session_key[16];          /* samba4 idl */
 105         UNIHDR hdr_dom_controller;
 106         UNIHDR hdr_dom_name;
 107
 108         uint32 ptr_dom_sid;
 109
 110         uint8 lm_session_key[8];        /* samba4 idl */
 111         uint32 acct_flags;              /* samba4 idl */
 112         uint32 unknown[7];
 113
 114         uint32 sid_count;
 115         uint32 ptr_extra_sids;
 116
 117         uint32 ptr_res_group_dom_sid;
 118         uint32 res_group_count;
 119         uint32 ptr_res_groups;
 120
 121         UNISTR2 uni_user_name;    /* user name unicode string header */
 122         UNISTR2 uni_full_name;    /* user's full name unicode string header */
 123         UNISTR2 uni_logon_script; /* these last 4 appear to be in a different*/
 124         UNISTR2 uni_profile_path; /* order than in the info23 */
 125         UNISTR2 uni_home_dir;
 126         UNISTR2 uni_dir_drive;
 127         UNISTR2 uni_dom_controller;
 128         UNISTR2 uni_dom_name;
 129         DOM_SID2 dom_sid;
 130         GROUP_MEMBERSHIP_ARRAY groups;
 131         KRB_SID_AND_ATTR_ARRAY extra_sids;
 132         DOM_SID2 res_group_dom_sid;
 133         GROUP_MEMBERSHIP_ARRAY res_groups;
 134
 135 } PAC_LOGON_INFO;
 136 #endif
 137
 138 typedef struct pac_logon_info {
 139         NET_USER_INFO_3 info3;
 140         DOM_SID2 res_group_dom_sid;
 141         GROUP_MEMBERSHIP_ARRAY res_groups;
 142
 143 } PAC_LOGON_INFO;
 144
 145 typedef struct pac_info_ctr
 146 {
 147         union
 148         {
 149                 PAC_LOGON_INFO *logon_info;
 150                 PAC_SIGNATURE_DATA *srv_cksum;
 151                 PAC_SIGNATURE_DATA *privsrv_cksum;
 152                 PAC_LOGON_NAME *logon_name;
 153         } pac;
 154 } PAC_INFO_CTR;
 155
 156 typedef struct pac_buffer {
 157         uint32 type;
 158         uint32 size;
 159         uint32 offset;
 160         uint32 offsethi;
 161         PAC_INFO_CTR *ctr;
 162         uint32 pad;
 163 } PAC_BUFFER;
 164
 165 typedef struct pac_data {
 166         uint32 num_buffers;
 167         uint32 version;
 168         PAC_BUFFER *pac_buffer;
 169 } PAC_DATA;
 170
 171
 172 #endif