1/* 2 Unix SMB/CIFS implementation. 3 Kerberos authorization data 4 Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2003 5 6 7 This program is free software; you can redistribute it and/or modify 8 it under the terms of the GNU General Public License as published by 9 the Free Software Foundation; either version 2 of the License, or 10 (at your option) any later version. 11 12 This program is distributed in the hope that it will be useful, 13 but WITHOUT ANY WARRANTY; without even the implied warranty of 14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 GNU General Public License for more details. 16 17 You should have received a copy of the GNU General Public License 18 along with this program; if not, write to the Free Software 19 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. 20*/ 21 22#ifndef _AUTHDATA_H 23#define _AUTHDATA_H 24 25#include "rpc_misc.h" 26#include "rpc_netlogon.h" 27 28#define PAC_TYPE_LOGON_INFO 1 29#define PAC_TYPE_SERVER_CHECKSUM 6 30#define PAC_TYPE_PRIVSVR_CHECKSUM 7 31#define PAC_TYPE_LOGON_NAME 10 32 33#ifndef KRB5_AUTHDATA_WIN2K_PAC 34#define KRB5_AUTHDATA_WIN2K_PAC 128 35#endif 36 37#ifndef KRB5_AUTHDATA_IF_RELEVANT 38#define KRB5_AUTHDATA_IF_RELEVANT 1 39#endif 40 41 42typedef struct pac_logon_name { 43 NTTIME logon_time; 44 uint16 len; 45 uint8 *username; /* Actually always little-endian. might not be null terminated, so not UNISTR */ 46} PAC_LOGON_NAME; 47 48typedef struct pac_signature_data { 49 uint32 type; 50 RPC_DATA_BLOB signature; /* this not the on-wire-format (!) */ 51} PAC_SIGNATURE_DATA; 52 53typedef struct group_membership { 54 uint32 rid; 55 uint32 attrs; 56} GROUP_MEMBERSHIP; 57 58typedef struct group_membership_array { 59 uint32 count; 60 GROUP_MEMBERSHIP *group_membership; 61} GROUP_MEMBERSHIP_ARRAY; 62 63#if 0 /* Unused, replaced by NET_USER_INFO_3 - Guenther */ 64 65typedef struct krb_sid_and_attrs { 66 uint32 sid_ptr; 67 uint32 attrs; 68 DOM_SID2 *sid; 69} KRB_SID_AND_ATTRS; 70 71typedef struct krb_sid_and_attr_array { 72 uint32 count; 73 KRB_SID_AND_ATTRS *krb_sid_and_attrs; 74} KRB_SID_AND_ATTR_ARRAY; 75 76 77/* This is awfully similar to a samr_user_info_23, but not identical. 78 Many of the field names have been swiped from there, because it is 79 so similar that they are likely the same, but many have been verified. 80 Some are in a different order, though... */ 81typedef struct pac_logon_info { 82 NTTIME logon_time; /* logon time */ 83 NTTIME logoff_time; /* logoff time */ 84 NTTIME kickoff_time; /* kickoff time */ 85 NTTIME pass_last_set_time; /* password last set time */ 86 NTTIME pass_can_change_time; /* password can change time */ 87 NTTIME pass_must_change_time; /* password must change time */ 88 89 UNIHDR hdr_user_name; /* user name unicode string header */ 90 UNIHDR hdr_full_name; /* user's full name unicode string header */ 91 UNIHDR hdr_logon_script; /* these last 4 appear to be in a different */ 92 UNIHDR hdr_profile_path; /* order than in the info23 */ 93 UNIHDR hdr_home_dir; 94 UNIHDR hdr_dir_drive; 95 96 uint16 logon_count; /* number of times user has logged onto domain */ 97 uint16 bad_password_count; /* samba4 idl */ 98 99 uint32 user_rid; 100 uint32 group_rid; 101 uint32 group_count; 102 uint32 group_membership_ptr; 103 uint32 user_flags; 104 105 uint8 session_key[16]; /* samba4 idl */ 106 UNIHDR hdr_dom_controller; 107 UNIHDR hdr_dom_name; 108 109 uint32 ptr_dom_sid; 110 111 uint8 lm_session_key[8]; /* samba4 idl */ 112 uint32 acct_flags; /* samba4 idl */ 113 uint32 unknown[7]; 114 115 uint32 sid_count; 116 uint32 ptr_extra_sids; 117 118 uint32 ptr_res_group_dom_sid; 119 uint32 res_group_count; 120 uint32 ptr_res_groups; 121 122 UNISTR2 uni_user_name; /* user name unicode string header */ 123 UNISTR2 uni_full_name; /* user's full name unicode string header */ 124 UNISTR2 uni_logon_script; /* these last 4 appear to be in a different*/ 125 UNISTR2 uni_profile_path; /* order than in the info23 */ 126 UNISTR2 uni_home_dir; 127 UNISTR2 uni_dir_drive; 128 UNISTR2 uni_dom_controller; 129 UNISTR2 uni_dom_name; 130 DOM_SID2 dom_sid; 131 GROUP_MEMBERSHIP_ARRAY groups; 132 KRB_SID_AND_ATTR_ARRAY extra_sids; 133 DOM_SID2 res_group_dom_sid; 134 GROUP_MEMBERSHIP_ARRAY res_groups; 135 136} PAC_LOGON_INFO; 137#endif 138 139typedef struct pac_logon_info { 140 NET_USER_INFO_3 info3; 141 DOM_SID2 res_group_dom_sid; 142 GROUP_MEMBERSHIP_ARRAY res_groups; 143 144} PAC_LOGON_INFO; 145 146typedef struct pac_info_ctr 147{ 148 union 149 { 150 PAC_LOGON_INFO *logon_info; 151 PAC_SIGNATURE_DATA *srv_cksum; 152 PAC_SIGNATURE_DATA *privsrv_cksum; 153 PAC_LOGON_NAME *logon_name; 154 } pac; 155} PAC_INFO_CTR; 156 157typedef struct pac_buffer { 158 uint32 type; 159 uint32 size; 160 uint32 offset; 161 uint32 offsethi; 162 PAC_INFO_CTR *ctr; 163 uint32 pad; 164} PAC_BUFFER; 165 166typedef struct pac_data { 167 uint32 num_buffers; 168 uint32 version; 169 PAC_BUFFER *pac_buffer; 170} PAC_DATA; 171 172 173#endif 174