diff options
author | Stefan Metzmacher <metze@samba.org> | 2011-06-28 14:47:56 +0200 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2011-06-28 19:03:10 +0200 |
commit | 19090607980c48dc565377dce830310d3a0bca7a (patch) | |
tree | 65fa9bc23bb8dedc6af0b19119f143b95e145c9b /librpc | |
parent | 020f60287ce0389d4f7d838b4d6ded52a7e85453 (diff) | |
download | samba-19090607980c48dc565377dce830310d3a0bca7a.tar.gz samba-19090607980c48dc565377dce830310d3a0bca7a.tar.bz2 samba-19090607980c48dc565377dce830310d3a0bca7a.zip |
krb5pac.idl: add PAC_CONSTRAINED_DELEGATION (S4U_DELEGATION_INFO)
metze
Diffstat (limited to 'librpc')
-rw-r--r-- | librpc/idl/krb5pac.idl | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/librpc/idl/krb5pac.idl b/librpc/idl/krb5pac.idl index fcd32c63a7..8a6540c13b 100644 --- a/librpc/idl/krb5pac.idl +++ b/librpc/idl/krb5pac.idl @@ -4,7 +4,7 @@ #include "idl_types.h" -import "security.idl", "netlogon.idl", "samr.idl"; +import "security.idl", "lsa.idl", "netlogon.idl", "samr.idl"; [ uuid("12345778-1234-abcd-0000-00000000"), @@ -32,6 +32,12 @@ interface krb5pac } PAC_LOGON_INFO; typedef struct { + lsa_String proxy_target; + uint32 num_transited_services; + [size_is(num_transited_services)] lsa_String *transited_services; + } PAC_CONSTRAINED_DELEGATION; + + typedef struct { [value(2*strlen_m(upn_name))] uint16 upn_size; uint16 upn_offset; [value(2*strlen_m(domain_name))] uint16 domain_size; @@ -48,6 +54,10 @@ interface krb5pac PAC_LOGON_INFO *info; } PAC_LOGON_INFO_CTR; + typedef [public] struct { + PAC_CONSTRAINED_DELEGATION *info; + } PAC_CONSTRAINED_DELEGATION_CTR; + typedef [public,v1_enum] enum { PAC_TYPE_LOGON_INFO = 1, PAC_TYPE_SRV_CHECKSUM = 6, @@ -66,6 +76,8 @@ interface krb5pac [case(PAC_TYPE_SRV_CHECKSUM)] PAC_SIGNATURE_DATA srv_cksum; [case(PAC_TYPE_KDC_CHECKSUM)] PAC_SIGNATURE_DATA kdc_cksum; [case(PAC_TYPE_LOGON_NAME)] PAC_LOGON_NAME logon_name; + [case(PAC_TYPE_CONSTRAINED_DELEGATION)][subcontext(0xFFFFFC01)] + PAC_CONSTRAINED_DELEGATION_CTR constrained_delegation; /* when new PAC info types are added they are supposed to be done in such a way that they are backwards compatible with existing servers. This makes it safe to just use a [default] for |