1/* 2 * Unix SMB/CIFS implementation. 3 * secrets.tdb file format info 4 * Copyright (C) Andrew Tridgell 2000 5 * 6 * This program is free software; you can redistribute it and/or modify it 7 * under the terms of the GNU General Public License as published by the 8 * Free Software Foundation; either version 2 of the License, or (at your 9 * option) any later version. 10 * 11 * This program is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for 14 * more details. 15 * 16 * You should have received a copy of the GNU General Public License along with 17 * this program; if not, write to the Free Software Foundation, Inc., 675 18 * Mass Ave, Cambridge, MA 02139, USA. 19 */ 20 21#ifndef _SECRETS_H 22#define _SECRETS_H 23 24/* the first one is for the hashed password (NT4 style) the latter 25 for plaintext (ADS) 26*/ 27#define SECRETS_MACHINE_ACCT_PASS "SECRETS/$MACHINE.ACC" 28#define SECRETS_MACHINE_PASSWORD "SECRETS/MACHINE_PASSWORD" 29#define SECRETS_MACHINE_LAST_CHANGE_TIME "SECRETS/MACHINE_LAST_CHANGE_TIME" 30#define SECRETS_MACHINE_SEC_CHANNEL_TYPE "SECRETS/MACHINE_SEC_CHANNEL_TYPE" 31#define SECRETS_MACHINE_TRUST_ACCOUNT_NAME "SECRETS/SECRETS_MACHINE_TRUST_ACCOUNT_NAME" 32/* this one is for storing trusted domain account password */ 33#define SECRETS_DOMTRUST_ACCT_PASS "SECRETS/$DOMTRUST.ACC" 34 35/* Store the principal name used for Kerberos DES key salt under this key name. */ 36#define SECRETS_SALTING_PRINCIPAL "SECRETS/SALTING_PRINCIPAL" 37 38/* The domain sid and our sid are stored here even though they aren't 39 really secret. */ 40#define SECRETS_DOMAIN_SID "SECRETS/SID" 41#define SECRETS_SAM_SID "SAM/SID" 42 43/* The domain GUID and server GUID (NOT the same) are also not secret */ 44#define SECRETS_DOMAIN_GUID "SECRETS/DOMGUID" 45#define SECRETS_SERVER_GUID "SECRETS/GUID" 46 47#define SECRETS_LDAP_BIND_PW "SECRETS/LDAP_BIND_PW" 48 49/* Authenticated user info is stored in secrets.tdb under these keys */ 50 51#define SECRETS_AUTH_USER "SECRETS/AUTH_USER" 52#define SECRETS_AUTH_DOMAIN "SECRETS/AUTH_DOMAIN" 53#define SECRETS_AUTH_PASSWORD "SECRETS/AUTH_PASSWORD" 54 55/* structure for storing machine account password 56 (ie. when samba server is member of a domain */ 57struct machine_acct_pass { 58 uint8 hash[16]; 59 time_t mod_time; 60}; 61 62/* 63 * storage structure for trusted domain 64 */ 65typedef struct trusted_dom_pass { 66 size_t uni_name_len; 67 smb_ucs2_t uni_name[32]; /* unicode domain name */ 68 size_t pass_len; 69 fstring pass; /* trust relationship's password */ 70 time_t mod_time; 71 DOM_SID domain_sid; /* remote domain's sid */ 72} TRUSTED_DOM_PASS; 73 74/* 75 * trusted domain entry/entries returned by secrets_get_trusted_domains 76 * (used in _lsa_enum_trust_dom call) 77 */ 78typedef struct trustdom { 79 smb_ucs2_t *name; 80 DOM_SID sid; 81} TRUSTDOM; 82 83/* 84 * Format of an OpenAFS keyfile 85 */ 86 87#define SECRETS_AFS_MAXKEYS 8 88 89struct afs_key { 90 uint32 kvno; 91 char key[8]; 92}; 93 94struct afs_keyfile { 95 uint32 nkeys; 96 struct afs_key entry[SECRETS_AFS_MAXKEYS]; 97}; 98 99#define SECRETS_AFS_KEYFILE "SECRETS/AFS_KEYFILE" 100 101#endif /* _SECRETS_H */ 102