Merge branch 'master' of ssh://git.samba.org/data/git/samba into crypt

author: Jelmer Vernooij <jelmer@samba.org> 2008-10-20 12:19:57 +0200
committer: Jelmer Vernooij <jelmer@samba.org> 2008-10-20 12:19:57 +0200
commit: d78f3be238c93a07ff16ead29d7d006de8f92605 (patch)
tree: f2fc45fccf777bc59b301e8904e9d0558b19a344 /source4/librpc/idl
parent: a8707a43d03d884e625e28dddcd1d43d613a520f (diff)
parent: 640847b4fc74c93dd74b2325b4ac92a001a81c92 (diff)
download: samba-d78f3be238c93a07ff16ead29d7d006de8f92605.tar.gz
samba-d78f3be238c93a07ff16ead29d7d006de8f92605.tar.bz2
samba-d78f3be238c93a07ff16ead29d7d006de8f92605.zip
2 files changed, 25 insertions, 137 deletions
diff --git a/source4/librpc/idl/krb5pac.idl b/source4/librpc/idl/krb5pac.idl
deleted file mode 100644
index bddba04165..0000000000
--- a/source4/librpc/idl/krb5pac.idl
+++ /dev/null
@@ -1,130 +0,0 @@
-/*
-  krb5 PAC
-*/
-
-#include "idl_types.h"
-
-import "security.idl", "netlogon.idl", "samr.idl";
-
-[
-  uuid("12345778-1234-abcd-0000-00000000"),
-  version(0.0),
-  pointer_default(unique),
-  helpstring("Active Directory KRB5 PAC")
-]
-interface krb5pac
-{
-	typedef struct {
-		NTTIME logon_time;
-		[value(2*strlen_m(account_name))] uint16 size;
-		[charset(UTF16)] uint8 account_name[size];
-	} PAC_LOGON_NAME;
-
-	typedef [public,flag(NDR_PAHEX)] struct {
-		uint32 type;
-		[flag(NDR_REMAINING)] DATA_BLOB signature;
-	} PAC_SIGNATURE_DATA;
-
-	typedef [gensize] struct {
-		netr_SamInfo3 info3;
-		dom_sid2 *res_group_dom_sid;
-		samr_RidWithAttributeArray res_groups;
-    	} PAC_LOGON_INFO;
-
-	typedef struct {
-		[value(2*strlen_m(upn_name))] uint16 upn_size;
-		uint16 upn_offset;
-		[value(2*strlen_m(domain_name))] uint16 domain_size;
-		uint16 domain_offset;
-		uint16 unknown3; /* 0x01 */
-		uint16 unknown4;
-		uint32 unknown5;
-		[charset(UTF16)] uint8 upn_name[upn_size+2];
-		[charset(UTF16)] uint8 domain_name[domain_size+2];
-		uint32 unknown6; /* padding */
-	} PAC_UNKNOWN_12;
-
-	typedef [public] struct {
-		PAC_LOGON_INFO *info;
-    	} PAC_LOGON_INFO_CTR;
-
-	typedef [public,v1_enum] enum {
-		PAC_TYPE_LOGON_INFO = 1,
-		PAC_TYPE_SRV_CHECKSUM = 6,
-		PAC_TYPE_KDC_CHECKSUM = 7,
-		PAC_TYPE_LOGON_NAME = 10,
-		PAC_TYPE_CONSTRAINED_DELEGATION = 11,
-		PAC_TYPE_UNKNOWN_12 = 12
-	} PAC_TYPE;
-
-	typedef struct {
-		[flag(NDR_REMAINING)] DATA_BLOB remaining;
-	} DATA_BLOB_REM;
-
-	typedef [public,nodiscriminant,gensize] union {
-		[case(PAC_TYPE_LOGON_INFO)][subcontext(0xFFFFFC01)] PAC_LOGON_INFO_CTR logon_info;
-		[case(PAC_TYPE_SRV_CHECKSUM)]	PAC_SIGNATURE_DATA srv_cksum;
-		[case(PAC_TYPE_KDC_CHECKSUM)]	PAC_SIGNATURE_DATA kdc_cksum;
-		[case(PAC_TYPE_LOGON_NAME)]	PAC_LOGON_NAME logon_name;
-		/* when new PAC info types are added they are supposed to be done
-		   in such a way that they are backwards compatible with existing
-		   servers. This makes it safe to just use a [default] for
-		   unknown types, which lets us ignore the data */
-		[default]	[subcontext(0)] DATA_BLOB_REM unknown;
-		/* [case(PAC_TYPE_UNKNOWN_12)]	PAC_UNKNOWN_12 unknown; */
-	} PAC_INFO;
-
-	typedef [public,nopush,nopull,noprint] struct {
-		PAC_TYPE type;
-		[value(_ndr_size_PAC_INFO(info, type, 0))] uint32 _ndr_size;
-		[relative,switch_is(type),subcontext(0),subcontext_size(_subcontext_size_PAC_INFO(r, ndr->flags)),flag(NDR_ALIGN8)] PAC_INFO *info;
-		[value(0)] uint32 _pad; /* Top half of a 64 bit pointer? */
-	} PAC_BUFFER;
-
-	typedef [public] struct {
-		uint32 num_buffers;
-		uint32 version;
-		PAC_BUFFER buffers[num_buffers];
-	} PAC_DATA;
-
-	typedef [public] struct {
-		PAC_TYPE type;
-		uint32 ndr_size;
-		[relative,subcontext(0),subcontext_size(NDR_ROUND(ndr_size,8)),flag(NDR_ALIGN8)] DATA_BLOB_REM *info;
-		[value(0)] uint32 _pad; /* Top half of a 64 bit pointer? */
-	} PAC_BUFFER_RAW;
-
-	typedef [public] struct {
-		uint32 num_buffers;
-		uint32 version;
-		PAC_BUFFER_RAW buffers[num_buffers];
-	} PAC_DATA_RAW;
-
-	const int NETLOGON_GENERIC_KRB5_PAC_VALIDATE = 3;
-
-	typedef [public] struct {
-		[value(NETLOGON_GENERIC_KRB5_PAC_VALIDATE)] uint32 MessageType;
-		uint32 ChecksumLength;
-		int32 SignatureType;
-		uint32 SignatureLength;
-		[flag(NDR_REMAINING)] DATA_BLOB ChecksumAndSignature;
-	} PAC_Validate;
-
-	void decode_pac(
-		[in] PAC_DATA pac
-		);
-
-	void decode_pac_raw(
-		[in] PAC_DATA_RAW pac
-		);
-
-	void decode_login_info(
-		[in] PAC_LOGON_INFO logon_info
-		);
-
-	void decode_pac_validate(
-		[in] PAC_Validate pac_validate
-		);
-
-
-}
diff --git a/source4/librpc/idl/lsa.idl b/source4/librpc/idl/lsa.idl
index dd9791d894..8745385a10 100644
--- a/source4/librpc/idl/lsa.idl
+++ b/source4/librpc/idl/lsa.idl
@@ -263,11 +263,12 @@ import "misc.idl", "security.idl";
 		LSA_POLICY_INFO_ROLE=6,
 		LSA_POLICY_INFO_REPLICA=7,
 		LSA_POLICY_INFO_QUOTA=8,
-		LSA_POLICY_INFO_DB=9,
+		LSA_POLICY_INFO_MOD=9,
 		LSA_POLICY_INFO_AUDIT_FULL_SET=10,
 		LSA_POLICY_INFO_AUDIT_FULL_QUERY=11,
 		LSA_POLICY_INFO_DNS=12,
-		LSA_POLICY_INFO_DNS_INT=13
+		LSA_POLICY_INFO_DNS_INT=13,
+		LSA_POLICY_INFO_L_ACCOUNT_DOMAIN=14
 	} lsa_PolicyInfo;
 
 	typedef [switch_type(uint16)] union {
@@ -279,11 +280,12 @@ import "misc.idl", "security.idl";
 		[case(LSA_POLICY_INFO_ROLE)]             lsa_ServerRole         role;
 		[case(LSA_POLICY_INFO_REPLICA)]          lsa_ReplicaSourceInfo  replica;
 		[case(LSA_POLICY_INFO_QUOTA)]            lsa_DefaultQuotaInfo   quota;
-		[case(LSA_POLICY_INFO_DB)]               lsa_ModificationInfo   db;
+		[case(LSA_POLICY_INFO_MOD)]              lsa_ModificationInfo   mod;
 		[case(LSA_POLICY_INFO_AUDIT_FULL_SET)]   lsa_AuditFullSetInfo   auditfullset;
 		[case(LSA_POLICY_INFO_AUDIT_FULL_QUERY)] lsa_AuditFullQueryInfo auditfullquery;
 		[case(LSA_POLICY_INFO_DNS)]              lsa_DnsDomainInfo      dns;
 		[case(LSA_POLICY_INFO_DNS_INT)]          lsa_DnsDomainInfo      dns;
+		[case(LSA_POLICY_INFO_L_ACCOUNT_DOMAIN)] lsa_DomainInfo         l_account_domain;
 	} lsa_PolicyInformation;
 
 	NTSTATUS lsa_QueryInfoPolicy (
@@ -512,23 +514,39 @@ import "misc.idl", "security.idl";
 	/* Function:           0x16 */
 	[todo] NTSTATUS lsa_SetQuotasForAccount();
 	
+	typedef [bitmap32bit] bitmap {
+		LSA_POLICY_MODE_INTERACTIVE             = 0x00000001,
+		LSA_POLICY_MODE_NETWORK                 = 0x00000002,
+		LSA_POLICY_MODE_BATCH                   = 0x00000004,
+		LSA_POLICY_MODE_SERVICE                 = 0x00000010,
+		LSA_POLICY_MODE_PROXY			= 0x00000020,
+		LSA_POLICY_MODE_DENY_INTERACTIVE        = 0x00000040,
+		LSA_POLICY_MODE_DENY_NETWORK            = 0x00000080,
+		LSA_POLICY_MODE_DENY_BATCH              = 0x00000100,
+		LSA_POLICY_MODE_DENY_SERVICE            = 0x00000200,
+		LSA_POLICY_MODE_REMOTE_INTERACTIVE      = 0x00000400,
+		LSA_POLICY_MODE_DENY_REMOTE_INTERACTIVE = 0x00000800,
+		LSA_POLICY_MODE_ALL			= 0x00000FF7,
+		LSA_POLICY_MODE_ALL_NT4			= 0x00000037
+	} lsa_SystemAccessModeFlags;
+
 	/* Function:    0x17 */
 	NTSTATUS lsa_GetSystemAccessAccount(
-		[in]	policy_handle *handle,
+		[in]      policy_handle *handle,
 		[out,ref] uint32 *access_mask
 		);
 
 	/* Function:    0x18 */
 	NTSTATUS lsa_SetSystemAccessAccount(
-		[in]	policy_handle *handle,
-		[in]	uint32 access_mask
+		[in] policy_handle *handle,
+		[in] uint32 access_mask
 		);
 
 	/* Function:        0x19 */
 	NTSTATUS lsa_OpenTrustedDomain(
 		[in]     policy_handle *handle,
 		[in]     dom_sid2      *sid,
-		[in]         uint32         access_mask,
+		[in]     uint32         access_mask,
 		[out]    policy_handle *trustdom_handle
 		);
author	Jelmer Vernooij <jelmer@samba.org>	2008-10-20 12:19:57 +0200
committer	Jelmer Vernooij <jelmer@samba.org>	2008-10-20 12:19:57 +0200
commit	d78f3be238c93a07ff16ead29d7d006de8f92605 (patch)
tree	f2fc45fccf777bc59b301e8904e9d0558b19a344 /source4/librpc/idl
parent	a8707a43d03d884e625e28dddcd1d43d613a520f (diff)
parent	640847b4fc74c93dd74b2325b4ac92a001a81c92 (diff)
download	samba-d78f3be238c93a07ff16ead29d7d006de8f92605.tar.gz samba-d78f3be238c93a07ff16ead29d7d006de8f92605.tar.bz2 samba-d78f3be238c93a07ff16ead29d7d006de8f92605.zip