From 19090607980c48dc565377dce830310d3a0bca7a Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Tue, 28 Jun 2011 14:47:56 +0200 Subject: krb5pac.idl: add PAC_CONSTRAINED_DELEGATION (S4U_DELEGATION_INFO) metze --- librpc/idl/krb5pac.idl | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) (limited to 'librpc') diff --git a/librpc/idl/krb5pac.idl b/librpc/idl/krb5pac.idl index fcd32c63a7..8a6540c13b 100644 --- a/librpc/idl/krb5pac.idl +++ b/librpc/idl/krb5pac.idl @@ -4,7 +4,7 @@ #include "idl_types.h" -import "security.idl", "netlogon.idl", "samr.idl"; +import "security.idl", "lsa.idl", "netlogon.idl", "samr.idl"; [ uuid("12345778-1234-abcd-0000-00000000"), @@ -31,6 +31,12 @@ interface krb5pac samr_RidWithAttributeArray res_groups; } PAC_LOGON_INFO; + typedef struct { + lsa_String proxy_target; + uint32 num_transited_services; + [size_is(num_transited_services)] lsa_String *transited_services; + } PAC_CONSTRAINED_DELEGATION; + typedef struct { [value(2*strlen_m(upn_name))] uint16 upn_size; uint16 upn_offset; @@ -48,6 +54,10 @@ interface krb5pac PAC_LOGON_INFO *info; } PAC_LOGON_INFO_CTR; + typedef [public] struct { + PAC_CONSTRAINED_DELEGATION *info; + } PAC_CONSTRAINED_DELEGATION_CTR; + typedef [public,v1_enum] enum { PAC_TYPE_LOGON_INFO = 1, PAC_TYPE_SRV_CHECKSUM = 6, @@ -66,6 +76,8 @@ interface krb5pac [case(PAC_TYPE_SRV_CHECKSUM)] PAC_SIGNATURE_DATA srv_cksum; [case(PAC_TYPE_KDC_CHECKSUM)] PAC_SIGNATURE_DATA kdc_cksum; [case(PAC_TYPE_LOGON_NAME)] PAC_LOGON_NAME logon_name; + [case(PAC_TYPE_CONSTRAINED_DELEGATION)][subcontext(0xFFFFFC01)] + PAC_CONSTRAINED_DELEGATION_CTR constrained_delegation; /* when new PAC info types are added they are supposed to be done in such a way that they are backwards compatible with existing servers. This makes it safe to just use a [default] for -- cgit