summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/include/ndr.h1
-rw-r--r--source3/librpc/idl/idl_types.h17
-rw-r--r--source4/cldap_server/netlogon.c2
-rw-r--r--source4/lib/samba3/config.mk2
-rw-r--r--source4/lib/samba3/samba3.h190
-rw-r--r--source4/librpc/idl/lsa.idl17
-rw-r--r--source4/librpc/idl/nbt.idl81
-rw-r--r--source4/torture/ldap/cldap.c8
8 files changed, 65 insertions, 253 deletions
diff --git a/source3/include/ndr.h b/source3/include/ndr.h
deleted file mode 100644
index a416866ef2..0000000000
--- a/source3/include/ndr.h
+++ /dev/null
@@ -1 +0,0 @@
-/* dummy file to deal with pidl autogenerated ndr files */
diff --git a/source3/librpc/idl/idl_types.h b/source3/librpc/idl/idl_types.h
index f21f3e660d..9885ca5bf6 100644
--- a/source3/librpc/idl/idl_types.h
+++ b/source3/librpc/idl/idl_types.h
@@ -5,33 +5,16 @@
#define STR_NOTERM LIBNDR_FLAG_STR_NOTERM
#define STR_NULLTERM LIBNDR_FLAG_STR_NULLTERM
#define STR_BYTESIZE LIBNDR_FLAG_STR_BYTESIZE
-#define STR_FIXLEN32 LIBNDR_FLAG_STR_FIXLEN32
-#define STR_FIXLEN15 LIBNDR_FLAG_STR_FIXLEN15
#define STR_CONFORMANT LIBNDR_FLAG_STR_CONFORMANT
#define STR_CHARLEN LIBNDR_FLAG_STR_CHARLEN
#define STR_UTF8 LIBNDR_FLAG_STR_UTF8
/*
- a UCS2 string prefixed with [size], 32 bits
-*/
-#define lstring [flag(STR_SIZE4)] string
-
-/*
a null terminated UCS2 string
*/
#define nstring [flag(STR_NULLTERM)] string
/*
- fixed length 32 character UCS-2 string
-*/
-#define string32 [flag(STR_FIXLEN32)] string
-
-/*
- fixed length 16 character ascii string
-*/
-#define astring15 [flag(STR_ASCII|STR_FIXLEN15)] string
-
-/*
an ascii string prefixed with [offset] [length], both 32 bits
null terminated
*/
diff --git a/source4/cldap_server/netlogon.c b/source4/cldap_server/netlogon.c
index 1cb0d50d02..cc2c69b27e 100644
--- a/source4/cldap_server/netlogon.c
+++ b/source4/cldap_server/netlogon.c
@@ -349,7 +349,7 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx,
if (version & NETLOGON_NT_VERSION_5EX_WITH_IP) {
/* Clearly this needs to be fixed up for IPv6 */
extra_flags = NETLOGON_NT_VERSION_5EX_WITH_IP;
- netlogon->data.nt5_ex.sockaddr.sa_family = 2;
+ netlogon->data.nt5_ex.sockaddr.sockaddr_family = 2;
netlogon->data.nt5_ex.sockaddr.pdc_ip = pdc_ip;
netlogon->data.nt5_ex.sockaddr.remaining = data_blob_talloc_zero(mem_ctx, 8);
}
diff --git a/source4/lib/samba3/config.mk b/source4/lib/samba3/config.mk
index e089149393..365347fe21 100644
--- a/source4/lib/samba3/config.mk
+++ b/source4/lib/samba3/config.mk
@@ -6,5 +6,3 @@ PRIVATE_DEPENDENCIES = CHARSET LIBSAMBA-UTIL
################################################
SMBPASSWD_OBJ_FILES = $(libsrcdir)/samba3/smbpasswd.o
-
-$(eval $(call proto_header_template,$(libsrcdir)/samba3/samba3_smbpasswd_proto.h,$(SMBPASSWD_OBJ_FILES:.o=.c)))
diff --git a/source4/lib/samba3/samba3.h b/source4/lib/samba3/samba3.h
index aea87dac14..1a0ce04143 100644
--- a/source4/lib/samba3/samba3.h
+++ b/source4/lib/samba3/samba3.h
@@ -24,191 +24,9 @@
#include "librpc/gen_ndr/samr.h"
#include "param/param.h"
-struct samba3_samaccount {
- uint32_t logon_time,
- logoff_time,
- kickoff_time,
- bad_password_time,
- pass_last_set_time,
- pass_can_change_time,
- pass_must_change_time;
- char *username;
- char *domain;
- char *nt_username;
- char *dir_drive;
- char *unknown_str;
- char *munged_dial;
- char *fullname;
- char *homedir;
- char *logon_script;
- char *profile_path;
- char *acct_desc;
- char *workstations;
- uint32_t user_rid, group_rid, hours_len, unknown_6;
- uint16_t acct_ctrl, logon_divs;
- uint16_t bad_password_count, logon_count;
- struct samr_Password lm_pw, nt_pw;
- uint8_t *nt_pw_hist_ptr;
- uint8_t *hours;
-};
-
-struct samba3_groupmapping {
- gid_t gid;
- struct dom_sid *sid;
- int sid_name_use;
- const char *nt_name;
- const char *comment;
-};
-
-struct samba3_alias {
- struct dom_sid *sid;
- uint32_t member_count;
- struct dom_sid **members;
-};
-
-struct samba3_groupdb {
- uint32_t groupmap_count;
- struct samba3_groupmapping *groupmappings;
-
- uint32_t alias_count;
- struct samba3_alias *aliases;
-};
-
-struct samba3_idmap_mapping
-{
- enum { IDMAP_GROUP, IDMAP_USER } type;
- uint32_t unix_id;
- struct dom_sid *sid;
-};
-
-struct samba3_idmapdb
-{
- /* High water marks */
- uint32_t user_hwm;
- uint32_t group_hwm;
-
- uint32_t mapping_count;
- struct samba3_idmap_mapping *mappings;
-};
-
-struct samba3_winsdb_entry
-{
- char *name;
- int nb_flags;
- int type;
- time_t ttl;
- uint32_t ip_count;
- struct in_addr *ips;
-};
-
-struct samba3_policy
-{
- uint32_t min_password_length;
- uint32_t password_history;
- uint32_t user_must_logon_to_change_password;
- uint32_t maximum_password_age;
- uint32_t minimum_password_age;
- uint32_t lockout_duration;
- uint32_t reset_count_minutes;
- uint32_t bad_lockout_minutes;
- uint32_t disconnect_time;
- uint32_t refuse_machine_password_change;
-};
-
-struct samba3_regval {
- char *name;
- uint16_t type;
- DATA_BLOB data;
-};
-
-struct samba3_regkey {
- char *name;
-
- uint32_t value_count;
- struct samba3_regval *values;
-
- uint32_t subkey_count;
- char **subkeys;
-};
-
-struct samba3_regdb
-{
- uint32_t key_count;
- struct samba3_regkey *keys;
-};
-
-struct samba3_secrets
-{
- struct cli_credentials *ipc_cred;
-
- uint32_t ldappw_count;
- struct samba3_ldappw
- {
- char *dn;
- char *password;
- } *ldappws;
-
- uint32_t domain_count;
- struct samba3_domainsecrets
- {
- char *name;
- struct dom_sid sid;
- struct GUID guid;
- char *plaintext_pw;
- time_t last_change_time;
- struct {
- uint8_t hash[16];
- time_t mod_time;
- } hash_pw;
- int sec_channel_type;
- } *domains;
-
- uint32_t trusted_domain_count;
- struct samba3_trusted_dom_pass {
- uint32_t uni_name_len;
- const char *uni_name[32]; /* unicode domain name */
- const char *pass; /* trust relationship's password */
- time_t mod_time;
- struct dom_sid domain_sid; /* remote domain's sid */
- } *trusted_domains;
-
- uint32_t afs_keyfile_count;
-
- struct samba3_afs_keyfile {
- uint32_t nkeys;
- struct {
- uint32_t kvno;
- char key[8];
- } entry[8];
- char *cell;
- } *afs_keyfiles;
-};
-
-struct samba3_share_info {
- char *name;
- struct security_descriptor secdesc;
-};
-
-struct samba3
-{
- struct param_context *configuration;
-
- uint32_t winsdb_count;
- struct samba3_winsdb_entry *winsdb_entries;
-
- uint32_t samaccount_count;
- struct samba3_samaccount *samaccounts;
-
- uint32_t share_count;
- struct samba3_share_info *shares;
-
- struct samba3_secrets secrets;
- struct samba3_groupdb group;
- struct samba3_idmapdb idmap;
- struct samba3_policy policy;
- struct samba3_regdb registry;
-};
-
-#include "lib/samba3/samba3_smbpasswd_proto.h"
+struct samr_Password *smbpasswd_gethexpwd(TALLOC_CTX *mem_ctx, const char *p);
+char *smbpasswd_sethexpwd(TALLOC_CTX *mem_ctx, struct samr_Password *pwd, uint16_t acb_info);
+uint16_t smbpasswd_decode_acb_info(const char *p);
+char *smbpasswd_encode_acb_info(TALLOC_CTX *mem_ctx, uint16_t acb_info);
#endif /* _SAMBA3_H */
diff --git a/source4/librpc/idl/lsa.idl b/source4/librpc/idl/lsa.idl
index 4dce6d6d1e..341489ed23 100644
--- a/source4/librpc/idl/lsa.idl
+++ b/source4/librpc/idl/lsa.idl
@@ -124,12 +124,27 @@ import "misc.idl", "security.idl";
lsa_QosInfo *sec_qos;
} lsa_ObjectAttribute;
+ typedef [public,bitmap32bit] bitmap {
+ LSA_POLICY_VIEW_LOCAL_INFORMATION = 0x00000001,
+ LSA_POLICY_VIEW_AUDIT_INFORMATION = 0x00000002,
+ LSA_POLICY_GET_PRIVATE_INFORMATION = 0x00000004,
+ LSA_POLICY_TRUST_ADMIN = 0x00000008,
+ LSA_POLICY_CREATE_ACCOUNT = 0x00000010,
+ LSA_POLICY_CREATE_SECRET = 0x00000020,
+ LSA_POLICY_CREATE_PRIVILEGE = 0x00000040,
+ LSA_POLICY_SET_DEFAULT_QUOTA_LIMITS = 0x00000080,
+ LSA_POLICY_SET_AUDIT_REQUIREMENTS = 0x00000100,
+ LSA_POLICY_AUDIT_LOG_ADMIN = 0x00000200,
+ LSA_POLICY_SERVER_ADMIN = 0x00000400,
+ LSA_POLICY_LOOKUP_NAMES = 0x00000800
+ } lsa_PolicyAccessMask;
+
/* notice the screwup with the system_name - thats why MS created
OpenPolicy2 */
[public] NTSTATUS lsa_OpenPolicy (
[in,unique] uint16 *system_name,
[in] lsa_ObjectAttribute *attr,
- [in] uint32 access_mask,
+ [in] lsa_PolicyAccessMask access_mask,
[out] policy_handle *handle
);
diff --git a/source4/librpc/idl/nbt.idl b/source4/librpc/idl/nbt.idl
index 38a2b9596a..b001b0a500 100644
--- a/source4/librpc/idl/nbt.idl
+++ b/source4/librpc/idl/nbt.idl
@@ -291,7 +291,7 @@ interface nbt
[switch_is(smb_command)] smb_body body;
} dgram_smb_packet;
- const uint32 DGRAM_SMB = 0xff534d42; /* 0xffSMB */
+ const uint32 DGRAM_SMB = 0xff534d42; /* 0xffSMB */
typedef [nodiscriminant] union {
[case(DGRAM_SMB)] dgram_smb_packet smb;
@@ -334,58 +334,57 @@ interface nbt
/******************************************
* \MAILSLOT\NET\NETLOGON mailslot requests
- * and
- * \MAILSLOT\NET\NTLOGON mailslot requests
+ * and
+ * \MAILSLOT\NET\NTLOGON mailslot requests
*/
typedef [public,gensize] struct {
- uint32 sa_family;
+ uint32 sockaddr_family;
[flag(NDR_BIG_ENDIAN)] ipv4address pdc_ip;
[flag(NDR_REMAINING)] DATA_BLOB remaining;
} nbt_sockaddr;
typedef [bitmap32bit,public] bitmap {
- NBT_SERVER_PDC = 0x00000001,
- NBT_SERVER_GC = 0x00000004,
- NBT_SERVER_LDAP = 0x00000008,
- NBT_SERVER_DS = 0x00000010,
- NBT_SERVER_KDC = 0x00000020,
- NBT_SERVER_TIMESERV = 0x00000040,
- NBT_SERVER_CLOSEST = 0x00000080,
- NBT_SERVER_WRITABLE = 0x00000100,
- NBT_SERVER_GOOD_TIMESERV = 0x00000200,
- NBT_SERVER_NDNC = 0x00000400,
- NBT_SERVER_SEL_SEC_DOM_6 = 0x00000800,
- NBT_SERVER_FUL_SEC_DOM_6 = 0x00001000,
- NBT_SERVER_DS_DNS_CONTR = 0x04000000,
- NBT_SERVER_DS_DNS_DOMAIN = 0x02000000,
- NBT_SERVER_DS_DNS_FOREST = 0x01000000
+ NBT_SERVER_PDC = 0x00000001,
+ NBT_SERVER_GC = 0x00000004,
+ NBT_SERVER_LDAP = 0x00000008,
+ NBT_SERVER_DS = 0x00000010,
+ NBT_SERVER_KDC = 0x00000020,
+ NBT_SERVER_TIMESERV = 0x00000040,
+ NBT_SERVER_CLOSEST = 0x00000080,
+ NBT_SERVER_WRITABLE = 0x00000100,
+ NBT_SERVER_GOOD_TIMESERV = 0x00000200,
+ NBT_SERVER_NDNC = 0x00000400,
+ NBT_SERVER_SELECT_SECRET_DOMAIN_6 = 0x00000800,
+ NBT_SERVER_FULL_SECRET_DOMAIN_6 = 0x00001000,
+ NBT_SERVER_DS_DNS_CONTR = 0x04000000,
+ NBT_SERVER_DS_DNS_DOMAIN = 0x02000000,
+ NBT_SERVER_DS_DNS_FOREST = 0x01000000
} nbt_server_type;
typedef [bitmap32bit,public] bitmap {
- NETLOGON_NT_VERSION_1 = 0x00000001,
- NETLOGON_NT_VERSION_5 = 0x00000002,
- NETLOGON_NT_VERSION_5EX = 0x00000004,
- NETLOGON_NT_VERSION_5EX_WITH_IP = 0x00000008,
- NETLOGON_NT_VERSION_WITH_CLOSEST_SITE = 0x00000010,
- NETLOGON_NT_VERSION_AVIOD_NT4EMUL = 0x01000000,
- NETLOGON_NT_VERSION_PDC = 0x10000000,
- NETLOGON_NT_VERSION_IP = 0x20000000,
- NETLOGON_NT_VERSION_LOCAL = 0x40000000,
- NETLOGON_NT_VERSION_GC = 0x80000000
+ NETLOGON_NT_VERSION_1 = 0x00000001,
+ NETLOGON_NT_VERSION_5 = 0x00000002,
+ NETLOGON_NT_VERSION_5EX = 0x00000004,
+ NETLOGON_NT_VERSION_5EX_WITH_IP = 0x00000008,
+ NETLOGON_NT_VERSION_WITH_CLOSEST_SITE = 0x00000010,
+ NETLOGON_NT_VERSION_AVIOD_NT4EMUL = 0x01000000,
+ NETLOGON_NT_VERSION_PDC = 0x10000000,
+ NETLOGON_NT_VERSION_IP = 0x20000000,
+ NETLOGON_NT_VERSION_LOCAL = 0x40000000,
+ NETLOGON_NT_VERSION_GC = 0x80000000
} netlogon_nt_version_flags;
-
typedef [enum16bit,public] enum {
LOGON_PRIMARY_QUERY = 7, /* Was also NETLOGON_QUERY_FOR_PDC */
NETLOGON_ANNOUNCE_UAS = 10,
NETLOGON_RESPONSE_FROM_PDC = 12,
LOGON_SAM_LOGON_REQUEST = 18, /* Was also NETLOGON_QUERY_FOR_PDC2, NTLOGON_SAM_LOGON */
LOGON_SAM_LOGON_RESPONSE = 19, /* Was also NTLOGON_SAM_LOGON_REPLY */
- LOGON_SAM_LOGON_PAUSE_RESPONSE = 20,
+ LOGON_SAM_LOGON_PAUSE_RESPONSE = 20,
LOGON_SAM_LOGON_USER_UNKNOWN = 21, /* Was also NTLOGON_SAM_LOGON_REPLY15 */
LOGON_SAM_LOGON_RESPONSE_EX = 23, /* was NETLOGON_RESPONSE_FROM_PDC2 */
- LOGON_SAM_LOGON_PAUSE_RESPONSE_EX = 24,
+ LOGON_SAM_LOGON_PAUSE_RESPONSE_EX = 24,
LOGON_SAM_LOGON_USER_UNKNOWN_EX = 25 /* was NETLOGON_RESPONSE_FROM_PDC_USER */
} netlogon_command;
@@ -437,7 +436,7 @@ interface nbt
nbt_server_type server_type;
netlogon_nt_version_flags nt_version;
uint16 lmnt_token;
- uint16 lm20_token;
+ uint16 lm20_token;
} NETLOGON_SAM_LOGON_RESPONSE;
/* response from pdc hand marshaled (we have an additional
@@ -458,11 +457,11 @@ interface nbt
nbt_string client_site;
/* Optional on NETLOGON_NT_VERSION_5EX_WITH_IP */
- [value(ndr_size_nbt_sockaddr(&sockaddr, ndr->flags))] uint8 sockaddr_size;
- [subcontext(0),subcontext_size(sockaddr_size)] nbt_sockaddr sockaddr;
-
+ [value(ndr_size_nbt_sockaddr(&sockaddr, ndr->flags))] uint8 sockaddr_size;
+ [subcontext(0),subcontext_size(sockaddr_size)] nbt_sockaddr sockaddr;
+
/* Optional on NETLOGON_NT_VERSION_WITH_CLOSEST_SITE */
- nbt_string next_closest_site;
+ nbt_string next_closest_site;
netlogon_nt_version_flags nt_version;
uint16 lmnt_token;
@@ -548,7 +547,7 @@ interface nbt
/********************************************************/
typedef bitmap svcctl_ServerType svcctl_ServerType;
- typedef [enum8bit] enum {
+ typedef [enum8bit] enum {
HostAnnouncement = 1,
AnnouncementRequest = 2,
Election = 8,
@@ -576,7 +575,7 @@ interface nbt
typedef struct {
uint8 Unused;
- astring ResponseName;
+ astring ResponseName;
} nbt_browse_announcement_request;
typedef struct {
@@ -584,7 +583,7 @@ interface nbt
uint32 Criteria;
uint32 UpTime; /* In milliseconds */
uint32 Reserved; /* Must be zero */
- astring ServerName;
+ astring ServerName;
} nbt_browse_election_request;
typedef struct {
@@ -649,6 +648,6 @@ interface nbt
typedef [public,flag(NDR_NOALIGN)] struct {
nbt_browse_opcode opcode;
- [switch_is(opcode)] nbt_browse_payload payload;
+ [switch_is(opcode)] nbt_browse_payload payload;
} nbt_browse_packet;
}
diff --git a/source4/torture/ldap/cldap.c b/source4/torture/ldap/cldap.c
index 23b0554c4f..2c95d46058 100644
--- a/source4/torture/ldap/cldap.c
+++ b/source4/torture/ldap/cldap.c
@@ -280,10 +280,10 @@ static bool test_cldap_netlogon_flags(struct torture_context *tctx,
printf("NBT_SERVER_GOOD_TIMESERV ");
if (server_type & NBT_SERVER_NDNC)
printf("NBT_SERVER_NDNC ");
- if (server_type & NBT_SERVER_SEL_SEC_DOM_6)
- printf("NBT_SERVER_SEL_SEC_DOM_6 ");
- if (server_type & NBT_SERVER_FUL_SEC_DOM_6)
- printf("NBT_SERVER_FUL_SEC_DOM_6 ");
+ if (server_type & NBT_SERVER_SELECT_SECRET_DOMAIN_6)
+ printf("NBT_SERVER_SELECT_SECRET_DOMAIN_6");
+ if (server_type & NBT_SERVER_FULL_SECRET_DOMAIN_6)
+ printf("NBT_SERVER_FULL_SECRET_DOMAIN_6");
if (server_type & NBT_SERVER_DS_DNS_CONTR)
printf("NBT_SERVER_DS_DNS_CONTR ");
if (server_type & NBT_SERVER_DS_DNS_DOMAIN)