summaryrefslogtreecommitdiff
path: root/librpc
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2011-06-28 14:47:56 +0200
committerStefan Metzmacher <metze@samba.org>2011-06-28 19:03:10 +0200
commit19090607980c48dc565377dce830310d3a0bca7a (patch)
tree65fa9bc23bb8dedc6af0b19119f143b95e145c9b /librpc
parent020f60287ce0389d4f7d838b4d6ded52a7e85453 (diff)
downloadsamba-19090607980c48dc565377dce830310d3a0bca7a.tar.gz
samba-19090607980c48dc565377dce830310d3a0bca7a.tar.bz2
samba-19090607980c48dc565377dce830310d3a0bca7a.zip
krb5pac.idl: add PAC_CONSTRAINED_DELEGATION (S4U_DELEGATION_INFO)
metze
Diffstat (limited to 'librpc')
-rw-r--r--librpc/idl/krb5pac.idl14
1 files changed, 13 insertions, 1 deletions
diff --git a/librpc/idl/krb5pac.idl b/librpc/idl/krb5pac.idl
index fcd32c63a7..8a6540c13b 100644
--- a/librpc/idl/krb5pac.idl
+++ b/librpc/idl/krb5pac.idl
@@ -4,7 +4,7 @@
#include "idl_types.h"
-import "security.idl", "netlogon.idl", "samr.idl";
+import "security.idl", "lsa.idl", "netlogon.idl", "samr.idl";
[
uuid("12345778-1234-abcd-0000-00000000"),
@@ -32,6 +32,12 @@ interface krb5pac
} PAC_LOGON_INFO;
typedef struct {
+ lsa_String proxy_target;
+ uint32 num_transited_services;
+ [size_is(num_transited_services)] lsa_String *transited_services;
+ } PAC_CONSTRAINED_DELEGATION;
+
+ typedef struct {
[value(2*strlen_m(upn_name))] uint16 upn_size;
uint16 upn_offset;
[value(2*strlen_m(domain_name))] uint16 domain_size;
@@ -48,6 +54,10 @@ interface krb5pac
PAC_LOGON_INFO *info;
} PAC_LOGON_INFO_CTR;
+ typedef [public] struct {
+ PAC_CONSTRAINED_DELEGATION *info;
+ } PAC_CONSTRAINED_DELEGATION_CTR;
+
typedef [public,v1_enum] enum {
PAC_TYPE_LOGON_INFO = 1,
PAC_TYPE_SRV_CHECKSUM = 6,
@@ -66,6 +76,8 @@ interface krb5pac
[case(PAC_TYPE_SRV_CHECKSUM)] PAC_SIGNATURE_DATA srv_cksum;
[case(PAC_TYPE_KDC_CHECKSUM)] PAC_SIGNATURE_DATA kdc_cksum;
[case(PAC_TYPE_LOGON_NAME)] PAC_LOGON_NAME logon_name;
+ [case(PAC_TYPE_CONSTRAINED_DELEGATION)][subcontext(0xFFFFFC01)]
+ PAC_CONSTRAINED_DELEGATION_CTR constrained_delegation;
/* when new PAC info types are added they are supposed to be done
in such a way that they are backwards compatible with existing
servers. This makes it safe to just use a [default] for