10 files changed, 67 insertions, 59 deletions

diff --git a/source4/dsdb/samdb/samdb.c b/source4/dsdb/samdb/samdb.c
index 9dbf1f9882..52ffb0a3d1 100644
--- a/source4/dsdb/samdb/samdb.c
+++ b/source4/dsdb/samdb/samdb.c
@@ -837,11 +837,11 @@ int samdb_msg_add_uint64(void *ctx, TALLOC_CTX *mem_ctx, struct ldb_message *msg
   add a samr_Password element to a message
 */
 int samdb_msg_add_hash(void *ctx, TALLOC_CTX *mem_ctx, struct ldb_message *msg,
-		       const char *attr_name, struct samr_Password hash)
+		       const char *attr_name, struct samr_Password *hash)
 {
 	struct ldb_wrap *sam_ctx = ctx;
 	struct ldb_val val;
-	val.data = talloc_memdup(mem_ctx, hash.hash, 16);
+	val.data = talloc_memdup(mem_ctx, hash->hash, 16);
 	if (!val.data) {
 		return -1;
 	}
diff --git a/source4/include/structs.h b/source4/include/structs.h
index 006446b4b1..06aa8ea2cf 100644
--- a/source4/include/structs.h
+++ b/source4/include/structs.h
@@ -42,10 +42,12 @@ struct samr_ChangePasswordUser;
 struct samr_OemChangePasswordUser2;
 struct samr_ChangePasswordUser3;
 struct samr_ChangePasswordUser2;
+struct samr_Password;
 struct samr_CryptPassword;
 struct samr_CryptPasswordEx;
 struct samr_LogonHours;
 
+struct netr_Credential;
 struct netr_Authenticator;
 union netr_Validation;
 
diff --git a/source4/libcli/auth/credentials.h b/source4/libcli/auth/credentials.h
index 01206bc282..ffefcc0305 100644
--- a/source4/libcli/auth/credentials.h
+++ b/source4/libcli/auth/credentials.h
@@ -20,6 +20,8 @@
    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 */
 
+#include "librpc/gen_ndr/ndr_netlogon.h"
+
 struct creds_CredentialState {
 	uint32_t negotiate_flags;
 	uint8_t session_key[16];
@@ -32,8 +34,6 @@ struct creds_CredentialState {
 	char *account_name;
 };
 
-
-
 /* for the timebeing, use the same neg flags as Samba3. */
 /* The 7 here seems to be required to get Win2k not to downgrade us
    to NT4.  Actually, anything other than 1ff would seem to do... */
diff --git a/source4/libcli/auth/ntlmssp.h b/source4/libcli/auth/ntlmssp.h
index a6d1510450..e8a2356e2c 100644
--- a/source4/libcli/auth/ntlmssp.h
+++ b/source4/libcli/auth/ntlmssp.h
@@ -20,6 +20,8 @@
    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 */
 
+#include "librpc/gen_ndr/ndr_samr.h"
+
 /* NTLMSSP mode */
 enum ntlmssp_role
 {
diff --git a/source4/librpc/idl/misc.idl b/source4/librpc/idl/misc.idl
index 61adf04630..13306b6876 100644
--- a/source4/librpc/idl/misc.idl
+++ b/source4/librpc/idl/misc.idl
@@ -6,15 +6,6 @@
 
 interface misc
 {
-	/* server roles */
-	typedef enum {
-		ROLE_STANDALONE    = 0,
-		ROLE_DOMAIN_MEMBER = 1,
-		ROLE_DOMAIN_BDC    = 2,
-		ROLE_DOMAIN_PDC    = 3
-	} samr_Role;
-
-
 	typedef [public,noprint,gensize] struct {
 		uint32 time_low;
 		uint16 time_mid;
@@ -27,18 +18,4 @@ interface misc
 		uint32 handle_type;
 		GUID   uuid;
 	} policy_handle;
-
-	typedef [public, flag(NDR_PAHEX)] struct {
-		uint8 hash[16];
-	} samr_Password;
-
-	typedef [public, flag(NDR_PAHEX)] struct {
-		uint8 data[8];
-	} netr_Credential;
-
-	typedef [public] struct {
-		netr_Credential cred;
-		time_t timestamp;
-	} netr_Authenticator;
-
 }
diff --git a/source4/librpc/idl/netlogon.idl b/source4/librpc/idl/netlogon.idl
index 85ff0b714c..3b4f299d7c 100644
--- a/source4/librpc/idl/netlogon.idl
+++ b/source4/librpc/idl/netlogon.idl
@@ -216,6 +216,15 @@ interface netlogon
 		[case(6)] netr_SamInfo6 *sam6;
 	} netr_Validation;
 
+	typedef [public, flag(NDR_PAHEX)] struct {
+		uint8 data[8];
+	} netr_Credential;
+
+	typedef [public] struct {
+		netr_Credential cred;
+		time_t timestamp;
+	} netr_Authenticator;
+
 	NTSTATUS netr_LogonSamLogon(
 		[in] unistr *server_name,
 		[in] unistr *workstation,
@@ -259,14 +268,16 @@ interface netlogon
 	/* secure channel types */
 	/* Only SEC_CHAN_WKSTA can forward requests to other domains. */
 
-	const int SEC_CHAN_WKSTA   = 2;
-	const int SEC_CHAN_DOMAIN  = 4;
-	const int SEC_CHAN_BDC     = 6;
+	typedef enum {
+		SEC_CHAN_WKSTA   = 2,
+		SEC_CHAN_DOMAIN  = 4,
+		SEC_CHAN_BDC     = 6
+	} netr_SchannelType;
 
 	NTSTATUS netr_ServerAuthenticate(
 		[in]         unistr *server_name,
 		[in]         unistr account_name,
-		[in]         uint16 secure_channel_type,
+		[in]         netr_SchannelType secure_channel_type,
 		[in]         unistr computer_name,
 		[in,out,ref] netr_Credential *credentials
 		);
@@ -278,7 +289,7 @@ interface netlogon
 	NTSTATUS netr_ServerPasswordSet(
 		[in]  unistr *server_name,
 		[in]  unistr account_name,
-		[in]  uint16 secure_channel_type,
+		[in]  netr_SchannelType secure_channel_type,
 		[in]  unistr computer_name,
 		[in]  netr_Authenticator credential,
 		[in]  samr_Password new_password,
@@ -290,9 +301,11 @@ interface netlogon
 	/* Function 0x07 */
 
 	/* SAM database types */
-	const int SAM_DATABASE_DOMAIN  = 0x00; /* Domain users and groups */
-	const int SAM_DATABASE_BUILTIN = 0x01; /* BUILTIN users and groups */
-	const int SAM_DATABASE_PRIVS   = 0x02; /* Privileges */
+	typedef [v1_enum] enum {
+		SAM_DATABASE_DOMAIN  = 0, /* Domain users and groups */
+		SAM_DATABASE_BUILTIN = 1, /* BUILTIN users and groups */
+		SAM_DATABASE_PRIVS   = 2 /* Privileges */
+	} netr_SamDatabaseID;
 
 	typedef struct {
 		unistr *account_name;
@@ -656,7 +669,7 @@ interface netlogon
 		[in]      unistr computername,
 		[in]      netr_Authenticator credential,
 		[in,out]  netr_Authenticator return_authenticator,
-		[in]      uint32 database_id,
+		[in]      netr_SamDatabaseID database_id,
 		[in,out]  uint64 sequence_num,
 		[in]      uint32 preferredmaximumlength,
 		[out]     netr_DELTA_ENUM_ARRAY *delta_enum_array
@@ -671,7 +684,7 @@ interface netlogon
 		[in]     unistr computername,
 		[in]     netr_Authenticator credential,
 		[in,out] netr_Authenticator return_authenticator,
-		[in]     uint32 database_id,
+		[in]     netr_SamDatabaseID database_id,
 		[in,out] uint32 sync_context,
 		[in]     uint32 preferredmaximumlength,
 		[out]    netr_DELTA_ENUM_ARRAY *delta_enum_array
@@ -737,8 +750,6 @@ interface netlogon
 		[out] unistr *dcname
 		);
 
-
-
 	/*****************/
 	/* Function 0x0C */
 
@@ -771,14 +782,16 @@ interface netlogon
 	} netr_CONTROL_QUERY_INFORMATION;
 
 	/* function_code values */
-	const int NETLOGON_CONTROL_REDISCOVER       = 5;
-	const int NETLOGON_CONTROL_TC_QUERY         = 6;
-	const int NETLOGON_CONTROL_TRANSPORT_NOTIFY = 7;
-	const int NETLOGON_CONTROL_SET_DBFLAG       = 65534;
+	typedef [v1_enum] enum {
+		NETLOGON_CONTROL_REDISCOVER       = 5,
+		NETLOGON_CONTROL_TC_QUERY         = 6,
+		NETLOGON_CONTROL_TRANSPORT_NOTIFY = 7,
+		NETLOGON_CONTROL_SET_DBFLAG       = 65534
+	} netr_LogonControlCode;
 
 	WERROR netr_LogonControl(
 		[in]   unistr *logon_server,
-		[in]   uint32 function_code,
+		[in]   netr_LogonControlCode function_code,
 		[in]   uint32 level,
 		[out,switch_is(level)]  netr_CONTROL_QUERY_INFORMATION info
 		);
@@ -826,7 +839,7 @@ interface netlogon
 	NTSTATUS netr_ServerAuthenticate2(
 		[in]         unistr *server_name,
 		[in]         unistr account_name,
-		[in]         uint16 secure_channel_type,
+		[in]         netr_SchannelType secure_channel_type,
 		[in]         unistr computer_name,
 		[in,out,ref] netr_Credential *credentials,
 		[in,out,ref] uint32 *negotiate_flags
@@ -841,7 +854,7 @@ interface netlogon
 		[in]     unistr computername,
 		[in]     netr_Authenticator credential,
 		[in,out] netr_Authenticator return_authenticator,
-		[in]     uint32 database_id,
+		[in]     netr_SamDatabaseID database_id,
 		[in]     uint16 restart_state,
 		[in,out] uint32 sync_context,
 		[in]     uint32 preferredmaximumlength,
@@ -909,7 +922,7 @@ interface netlogon
 	NTSTATUS netr_ServerAuthenticate3(
 		[in]         unistr *server_name,
 		[in]         unistr account_name,
-		[in]         uint16 secure_channel_type,
+		[in]         netr_SchannelType secure_channel_type,
 		[in]         unistr computer_name,
 		[in,out,ref] netr_Credential *credentials,
 		[in,out,ref] uint32 *negotiate_flags,
@@ -1064,17 +1077,19 @@ interface netlogon
 	/****************/
 	/* Function 0x28 */
 
-	const int NETR_TRUST_FLAG_IN_FOREST = 0x01;
-	const int NETR_TRUST_FLAG_OUTBOUND  = 0x02;
-	const int NETR_TRUST_FLAG_TREEROOT  = 0x04;
-	const int NETR_TRUST_FLAG_PRIMARY   = 0x08;
-	const int NETR_TRUST_FLAG_NATIVE    = 0x10;
-	const int NETR_TRUST_FLAG_INBOUND   = 0x20;
+	typedef bitmap {
+		NETR_TRUST_FLAG_IN_FOREST = 0x00000001,
+		NETR_TRUST_FLAG_OUTBOUND  = 0x00000002,
+		NETR_TRUST_FLAG_TREEROOT  = 0x00000004,
+		NETR_TRUST_FLAG_PRIMARY   = 0x00000008,
+		NETR_TRUST_FLAG_NATIVE    = 0x00000010,
+		NETR_TRUST_FLAG_INBOUND   = 0x00000020
+	} netr_TrustFlags;
 
 	typedef struct {
 		unistr *netbios_name;
 		unistr *dns_name;
-		uint32 trust_flags;
+		netr_TrustFlags trust_flags;
 		uint32 parent_index;
 		uint32 trust_type;
 		uint32 trust_attributes;
diff --git a/source4/librpc/idl/samr.idl b/source4/librpc/idl/samr.idl
index 41414b1abe..56387936c7 100644
--- a/source4/librpc/idl/samr.idl
+++ b/source4/librpc/idl/samr.idl
@@ -122,6 +122,13 @@
 
 	/************************/
 	/* Function    0x08     */
+	/* server roles */
+	typedef [v1_enum] enum {
+		ROLE_STANDALONE    = 0,
+		ROLE_DOMAIN_MEMBER = 1,
+		ROLE_DOMAIN_BDC    = 2,
+		ROLE_DOMAIN_PDC    = 3
+	} samr_Role;
 
 	typedef struct {
 		uint16 min_password_length;
@@ -139,7 +146,7 @@
 		samr_String primary; /* PDC name if this is a BDC */
 		uint64 sequence_num;
 		uint32 unknown2;
-		uint32 role;
+		samr_Role role;
 		uint32 unknown3;
 		uint32 num_users;
 		uint32 num_groups;
@@ -163,7 +170,7 @@
 	} samr_DomInfo6;
 
 	typedef struct {
-		uint32 role;
+		samr_Role role;
 	} samr_DomInfo7;
 
 	typedef struct {
@@ -780,7 +787,10 @@
 
 	/************************/
 	/* Function    0x26     */
-	
+	typedef [public, flag(NDR_PAHEX)] struct {
+		uint8 hash[16];
+	} samr_Password;
+
 	/*
 	  this is a password change interface that doesn't give
 	  the server the plaintext password. Depricated.
diff --git a/source4/param/loadparm.c b/source4/param/loadparm.c
index 526ec8b85b..eed10fb44c 100644
--- a/source4/param/loadparm.c
+++ b/source4/param/loadparm.c
@@ -59,6 +59,7 @@
 #include "system/network.h"
 #include "system/printing.h"
 #include "librpc/gen_ndr/ndr_svcctl.h"
+#include "librpc/gen_ndr/ndr_samr.h"
 #include "dlinklist.h"
 
 BOOL in_client = False;		/* Not in the client by default */
diff --git a/source4/rpc_server/dssetup/dcesrv_dssetup.c b/source4/rpc_server/dssetup/dcesrv_dssetup.c
index 64f67b28f9..dd6554b9f7 100644
--- a/source4/rpc_server/dssetup/dcesrv_dssetup.c
+++ b/source4/rpc_server/dssetup/dcesrv_dssetup.c
@@ -22,6 +22,7 @@
 
 #include "includes.h"
 #include "rpc_server/dcerpc_server.h"
+#include "librpc/gen_ndr/ndr_samr.h"
 #include "librpc/gen_ndr/ndr_dssetup.h"
 #include "rpc_server/common/common.h"
 
diff --git a/source4/rpc_server/samr/samr_password.c b/source4/rpc_server/samr/samr_password.c
index faf542baa2..0e009f7b02 100644
--- a/source4/rpc_server/samr/samr_password.c
+++ b/source4/rpc_server/samr/samr_password.c
@@ -648,13 +648,13 @@ NTSTATUS samdb_set_password(void *ctx, TALLOC_CTX *mem_ctx,
 
 	/* the password is acceptable. Start forming the new fields */
 	if (lmNewHash) {
-		CHECK_RET(samdb_msg_add_hash(ctx, mem_ctx, mod, "lmPwdHash", *lmNewHash));
+		CHECK_RET(samdb_msg_add_hash(ctx, mem_ctx, mod, "lmPwdHash", lmNewHash));
 	} else {
 		CHECK_RET(samdb_msg_add_delete(ctx, mem_ctx, mod, "lmPwdHash"));
 	}
 
 	if (ntNewHash) {
-		CHECK_RET(samdb_msg_add_hash(ctx, mem_ctx, mod, "ntPwdHash", *ntNewHash));
+		CHECK_RET(samdb_msg_add_hash(ctx, mem_ctx, mod, "ntPwdHash", ntNewHash));
 	} else {
 		CHECK_RET(samdb_msg_add_delete(ctx, mem_ctx, mod, "ntPwdHash"));
 	}