diff options
Diffstat (limited to 'source3/include')
| -rw-r--r-- | source3/include/ads.h | 2 | ||||
| -rw-r--r-- | source3/include/auth.h | 29 | ||||
| -rw-r--r-- | source3/include/doserr.h | 1 | ||||
| -rw-r--r-- | source3/include/event.h | 31 | ||||
| -rw-r--r-- | source3/include/gpo.h | 91 | ||||
| -rw-r--r-- | source3/include/idmap.h | 4 | ||||
| -rw-r--r-- | source3/include/includes.h | 11 | ||||
| -rw-r--r-- | source3/include/local.h | 9 | ||||
| -rw-r--r-- | source3/include/messages.h | 2 | ||||
| -rw-r--r-- | source3/include/nt_status.h | 6 | ||||
| -rw-r--r-- | source3/include/passdb.h | 30 | ||||
| -rw-r--r-- | source3/include/rpc_dfs.h | 532 | ||||
| -rw-r--r-- | source3/include/rpc_lsa.h | 56 | ||||
| -rw-r--r-- | source3/include/rpc_netlogon.h | 13 | ||||
| -rw-r--r-- | source3/include/rpc_samr.h | 4 | ||||
| -rw-r--r-- | source3/include/secrets.h | 6 | ||||
| -rw-r--r-- | source3/include/smb.h | 70 | ||||
| -rw-r--r-- | source3/include/smbldap.h | 15 |
18 files changed, 714 insertions, 198 deletions
diff --git a/source3/include/ads.h b/source3/include/ads.h index decb823ea99..ce643666ad9 100644 --- a/source3/include/ads.h +++ b/source3/include/ads.h @@ -30,6 +30,7 @@ typedef struct { unsigned flags; int time_offset; time_t expire; + time_t renewable; } auth; /* info derived from the servers config */ @@ -91,6 +92,7 @@ typedef void **ADS_MODLIST; #define ADS_NO_REFERRALS_OID "1.2.840.113556.1.4.1339" #define ADS_SERVER_SORT_OID "1.2.840.113556.1.4.473" #define ADS_PERMIT_MODIFY_OID "1.2.840.113556.1.4.1413" +#define ADS_ASQ_OID "1.2.840.113556.1.4.1504" /* ldap attribute oids (Services for Unix) */ #define ADS_ATTR_SFU_UIDNUMBER_OID "1.2.840.113556.1.6.18.1.310" diff --git a/source3/include/auth.h b/source3/include/auth.h index 03206c03c6a..79fbb93895f 100644 --- a/source3/include/auth.h +++ b/source3/include/auth.h @@ -20,12 +20,6 @@ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ -/* AUTH_STR - string */ -typedef struct normal_string { - int len; - char *str; -} AUTH_STR; - typedef struct auth_usersupplied_info { DATA_BLOB lm_resp; DATA_BLOB nt_resp; @@ -35,25 +29,24 @@ typedef struct auth_usersupplied_info { BOOL encrypted; - AUTH_STR client_domain; /* domain name string */ - AUTH_STR domain; /* domain name after mapping */ - AUTH_STR internal_username; /* username after mapping */ - AUTH_STR smb_name; /* username before mapping */ - AUTH_STR wksta_name; /* workstation name (netbios calling name) unicode string */ + char *client_domain; /* domain name string */ + char *domain; /* domain name after mapping */ + char *internal_username; /* username after mapping */ + char *smb_name; /* username before mapping */ + char *wksta_name; /* workstation name (netbios calling + * name) unicode string */ uint32 logon_parameters; } auth_usersupplied_info; -#define SAM_FILL_NAME 0x01 -#define SAM_FILL_INFO3 0x02 -#define SAM_FILL_SAM 0x04 -#define SAM_FILL_UNIX 0x08 -#define SAM_FILL_ALL (SAM_FILL_NAME | SAM_FILL_INFO3 | SAM_FILL_SAM | SAM_FILL_UNIX) - typedef struct auth_serversupplied_info { BOOL guest; + DOM_SID *sids; /* These SIDs are preliminary between + check_ntlm_password and the token creation. */ + size_t num_sids; + uid_t uid; gid_t gid; @@ -70,8 +63,6 @@ typedef struct auth_serversupplied_info { char *login_server; /* which server authorized the login? */ - uint32 sam_fill_level; /* How far is this structure filled? */ - SAM_ACCOUNT *sam_account; void *pam_handle; diff --git a/source3/include/doserr.h b/source3/include/doserr.h index 62c1e4fa22d..8f8ea066964 100644 --- a/source3/include/doserr.h +++ b/source3/include/doserr.h @@ -200,6 +200,7 @@ #define WERR_SERVICE_NEVER_STARTED W_ERROR(1077) #define WERR_MACHINE_LOCKED W_ERROR(1271) #define WERR_INVALID_SECURITY_DESCRIPTOR W_ERROR(1338) +#define WERR_TIME_SKEW W_ERROR(1398) #define WERR_EVENTLOG_FILE_CORRUPT W_ERROR(1500) #define WERR_SERVER_UNAVAILABLE W_ERROR(1722) #define WERR_INVALID_FORM_NAME W_ERROR(1902) diff --git a/source3/include/event.h b/source3/include/event.h new file mode 100644 index 00000000000..fdb990678db --- /dev/null +++ b/source3/include/event.h @@ -0,0 +1,31 @@ +/* + Unix SMB/CIFS implementation. + event handling + Copyright (C) Andrew Tridgell 1992-1998 + Copyright (C) Volker Lendecke 2005 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +struct timed_event { + struct timed_event *next, *prev; + struct timeval when; + const char *event_name; + void (*handler)(struct timed_event *te, + const struct timeval *now, + void *private_data); + void *private_data; +}; + diff --git a/source3/include/gpo.h b/source3/include/gpo.h new file mode 100644 index 00000000000..65c96c31e6b --- /dev/null +++ b/source3/include/gpo.h @@ -0,0 +1,91 @@ +/* + * Unix SMB/CIFS implementation. + * Group Policy Object Support + * Copyright (C) Guenther Deschner 2005 + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + */ + + +enum GPO_LINK_TYPE { + GP_LINK_UNKOWN, + GP_LINK_MACHINE, + GP_LINK_SITE, + GP_LINK_DOMAIN, + GP_LINK_OU +}; + +/* GPO_OPTIONS */ +#define GPO_FLAG_DISABLE 0x00000001 +#define GPO_FLAG_FORCE 0x00000002 + +/* GPO_LIST_FLAGS */ +#define GPO_LIST_FLAG_MACHINE 0x00000001 +#define GPO_LIST_FLAG_SITEONLY 0x00000002 + +struct GROUP_POLICY_OBJECT { + uint32 options; /* GPFLAGS_* */ + uint32 version; + uint16 version_user; + uint16 version_machine; + const char *ds_path; + const char *file_sys_path; + const char *display_name; + const char *name; + const char *link; + uint32 link_type; /* GPO_LINK_TYPE */ + const char *user_extensions; + const char *machine_extensions; + struct GROUP_POLICY_OBJECT *next, *prev; +}; + +/* the following is seen on the DS (see adssearch.pl for details) */ + +/* the type field in a 'gPLink', the same as GPO_FLAG ? */ +#define GPO_LINK_OPT_NONE 0x00000000 +#define GPO_LINK_OPT_DISABLED 0x00000001 +#define GPO_LINK_OPT_ENFORCED 0x00000002 + +/* GPO_LINK_OPT_ENFORCED takes precedence over GPOPTIONS_BLOCK_INHERITANCE */ + +/* 'gPOptions', maybe a bitmask as well */ +enum GPO_INHERIT { + GPOPTIONS_INHERIT, + GPOPTIONS_BLOCK_INHERITANCE +}; + +/* 'flags' in a 'groupPolicyContainer' object */ +#define GPFLAGS_ALL_ENABLED 0x00000000 +#define GPFLAGS_USER_SETTINGS_DISABLED 0x00000001 +#define GPFLAGS_MACHINE_SETTINGS_DISABLED 0x00000002 +#define GPFLAGS_ALL_DISABLED (GPFLAGS_USER_SETTINGS_DISABLED | \ + GPFLAGS_MACHINE_SETTINGS_DISABLED) + +struct GP_LINK { + const char *gp_link; /* raw link name */ + uint32 gp_opts; /* inheritance options GPO_INHERIT */ + uint32 num_links; /* number of links */ + char **link_names; /* array of parsed link names */ + uint32 *link_opts; /* array of parsed link opts GPO_LINK_OPT_* */ +}; + +struct GP_EXT { + const char *gp_extension; /* raw extension name */ + uint32 num_exts; + char **extensions; + char **extensions_guid; + char **snapins; + char **snapins_guid; +}; diff --git a/source3/include/idmap.h b/source3/include/idmap.h index c81b94a718a..474982f2926 100644 --- a/source3/include/idmap.h +++ b/source3/include/idmap.h @@ -24,6 +24,9 @@ Boston, MA 02111-1307, USA. */ +/* idmap version determines auto-conversion */ +#define IDMAP_VERSION 2 + #define SMB_IDMAP_INTERFACE_VERSION 2 @@ -43,7 +46,6 @@ struct idmap_methods { /* Called when backend is first loaded */ NTSTATUS (*init)( char *params ); - NTSTATUS (*allocate_rid)(uint32 *rid, int rid_type); NTSTATUS (*allocate_id)(unid_t *id, int id_type); NTSTATUS (*get_sid_from_id)(DOM_SID *sid, unid_t id, int id_type); NTSTATUS (*get_id_from_sid)(unid_t *id, int *id_type, const DOM_SID *sid); diff --git a/source3/include/includes.h b/source3/include/includes.h index a9b792d5f67..8aa10032408 100644 --- a/source3/include/includes.h +++ b/source3/include/includes.h @@ -989,6 +989,8 @@ extern int errno; #include "rpc_client.h" +#include "event.h" + /* * Type for wide character dirent structure. * Only d_name is defined by POSIX. @@ -1018,6 +1020,11 @@ struct functable { int (*fn)(int argc, const char **argv); }; +struct functable2 { + const char *funcname; + int (*fn)(int argc, const char **argv); + const char *helptext; +}; /* Defines for wisXXX functions. */ #define UNI_UPPER 0x1 @@ -1508,8 +1515,10 @@ BOOL smb_krb5_principal_compare_any_realm(krb5_context context, krb5_const_principal princ1, krb5_const_principal princ2); int cli_krb5_get_ticket(const char *principal, time_t time_offset, - DATA_BLOB *ticket, DATA_BLOB *session_key_krb5, uint32 extra_ap_opts); + DATA_BLOB *ticket, DATA_BLOB *session_key_krb5, uint32 extra_ap_opts, const char *ccname); PAC_LOGON_INFO *get_logon_info_from_pac(PAC_DATA *pac_data); +krb5_error_code smb_krb5_renew_ticket(const char *ccache_string, const char *client_string, const char *service_string, time_t *new_start_time); +krb5_error_code kpasswd_err_to_krb5_err(krb5_error_code res_code); #endif /* HAVE_KRB5 */ diff --git a/source3/include/local.h b/source3/include/local.h index c9b54ab1a21..916fb6e46d3 100644 --- a/source3/include/local.h +++ b/source3/include/local.h @@ -238,4 +238,13 @@ /* tdb hash size for the open database. */ #define SMB_OPEN_DATABASE_TDB_HASH_SIZE 1049 +/* Characters we disallow in sharenames. */ +#define INVALID_SHARENAME_CHARS "%<>*?|/\\+=;:\"," + +/* Seconds between connection attempts to a remote server. */ +#define FAILED_CONNECTION_CACHE_TIMEOUT 30 + +/* Default hash size for the winbindd cache. */ +#define WINBINDD_CACHE_TDB_DEFAULT_HASH_SIZE 5000 + #endif diff --git a/source3/include/messages.h b/source3/include/messages.h index 4b1732d42d1..dc4f4ca2c03 100644 --- a/source3/include/messages.h +++ b/source3/include/messages.h @@ -73,6 +73,8 @@ /* winbind messages */ #define MSG_WINBIND_FINISHED 4001 #define MSG_WINBIND_FORGET_STATE 4002 +#define MSG_WINBIND_ONLINE 4003 +#define MSG_WINBIND_OFFLINE 4004 /* Flags to classify messages - used in message_send_all() */ /* Sender will filter by flag. */ diff --git a/source3/include/nt_status.h b/source3/include/nt_status.h index ab768258df1..14c83eba4b3 100644 --- a/source3/include/nt_status.h +++ b/source3/include/nt_status.h @@ -61,4 +61,10 @@ typedef uint32 WERROR; #define W_ERROR_IS_OK(x) (W_ERROR_V(x) == 0) #define W_ERROR_EQUAL(x,y) (W_ERROR_V(x) == W_ERROR_V(y)) +#define NT_STATUS_HAVE_NO_MEMORY(x) do { \ + if (!(x)) {\ + return NT_STATUS_NO_MEMORY;\ + }\ +} while (0) + #endif diff --git a/source3/include/passdb.h b/source3/include/passdb.h index f1896710dc9..0035fc5b05e 100644 --- a/source3/include/passdb.h +++ b/source3/include/passdb.h @@ -304,9 +304,10 @@ typedef struct pdb_context size_t *p_num_members); NTSTATUS (*pdb_enum_group_memberships)(struct pdb_context *context, - const char *username, - gid_t primary_gid, - DOM_SID **pp_sids, gid_t **pp_gids, + TALLOC_CTX *mem_ctx, + SAM_ACCOUNT *user, + DOM_SID **pp_sids, + gid_t **pp_gids, size_t *p_num_groups); NTSTATUS (*pdb_find_alias)(struct pdb_context *context, @@ -376,6 +377,15 @@ typedef struct pdb_context BOOL (*pdb_search_aliases)(struct pdb_context *context, struct pdb_search *search, const DOM_SID *sid); + BOOL (*pdb_uid_to_rid)(struct pdb_context *context, + uid_t uid, uint32 *rid); + BOOL (*pdb_gid_to_sid)(struct pdb_context *context, + uid_t gid, DOM_SID *sid); + BOOL (*pdb_sid_to_id)(struct pdb_context *context, const DOM_SID *sid, + union unid_t *id, enum SID_NAME_USE *type); + + BOOL (*pdb_rid_algorithm)(struct pdb_context *context); + BOOL (*pdb_new_rid)(struct pdb_context *context, uint32 *rid); void (*free_fn)(struct pdb_context **); @@ -439,8 +449,8 @@ typedef struct pdb_methods size_t *p_num_members); NTSTATUS (*enum_group_memberships)(struct pdb_methods *methods, - const char *username, - gid_t primary_gid, + TALLOC_CTX *mem_ctx, + SAM_ACCOUNT *user, DOM_SID **pp_sids, gid_t **pp_gids, size_t *p_num_groups); @@ -507,6 +517,16 @@ typedef struct pdb_methods struct pdb_search *search, const DOM_SID *sid); + BOOL (*uid_to_rid)(struct pdb_methods *methods, uid_t uid, + uint32 *rid); + BOOL (*gid_to_sid)(struct pdb_methods *methods, gid_t gid, + DOM_SID *sid); + BOOL (*sid_to_id)(struct pdb_methods *methods, const DOM_SID *sid, + union unid_t *id, enum SID_NAME_USE *type); + + BOOL (*rid_algorithm)(struct pdb_methods *methods); + BOOL (*new_rid)(struct pdb_methods *methods, uint32 *rid); + void *private_data; /* Private data of some kind */ void (*free_private_data)(void **); diff --git a/source3/include/rpc_dfs.h b/source3/include/rpc_dfs.h index 7aee208c14b..adf25c9938b 100644 --- a/source3/include/rpc_dfs.h +++ b/source3/include/rpc_dfs.h @@ -1,164 +1,396 @@ -/* - Unix SMB/CIFS implementation. - Samba parameters and setup - Copyright (C) Andrew Tridgell 1992-2000 - Copyright (C) Luke Kenneth Casson Leighton 1996 - 2000 - Copyright (C) Shirish Kalele 2000 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#ifndef _RPC_DFS_H -#define _RPC_DFS_H - -/* NETDFS pipe: calls */ -#define DFS_EXIST 0x00 -#define DFS_ADD 0x01 -#define DFS_REMOVE 0x02 -#define DFS_GET_INFO 0x04 -#define DFS_ENUM 0x05 - -/* dfsadd flags */ -#define DFSFLAG_ADD_VOLUME 0x00000001 -#define DFSFLAG_RESTORE_VOLUME 0x00000002 - -typedef struct dfs_q_dfs_exist { - uint32 dummy; -} DFS_Q_DFS_EXIST; - -/* status == 1 if dfs exists. */ -typedef struct dfs_r_dfs_exist { - uint32 status; /* Not a WERROR or NTSTATUS code */ -} DFS_R_DFS_EXIST; - -typedef struct dfs_q_dfs_add { - uint32 ptr_DfsEntryPath; - UNISTR2 DfsEntryPath; - uint32 ptr_ServerName; - UNISTR2 ServerName; - uint32 ptr_ShareName; - UNISTR2 ShareName; - uint32 ptr_Comment; - UNISTR2 Comment; - uint32 Flags; -} DFS_Q_DFS_ADD; - -typedef struct dfs_r_dfs_add { - WERROR status; -} DFS_R_DFS_ADD; - -/********************************************/ -typedef struct dfs_q_dfs_remove { - UNISTR2 DfsEntryPath; - uint32 ptr_ServerName; - UNISTR2 ServerName; - uint32 ptr_ShareName; - UNISTR2 ShareName; -} DFS_Q_DFS_REMOVE; - -typedef struct dfs_r_dfs_remove { - WERROR status; -} DFS_R_DFS_REMOVE; - -/********************************************/ -typedef struct dfs_info_1 { - uint32 ptr_entrypath; - UNISTR2 entrypath; -} DFS_INFO_1; - -typedef struct dfs_info_2 { - uint32 ptr_entrypath; - UNISTR2 entrypath; - uint32 ptr_comment; +/* + * Unix SMB/CIFS implementation. + * header auto-generated by pidl. DO NOT MODIFY! + */ + + +#ifndef _RPC_NETDFS_H +#define _RPC_NETDFS_H + +#define DFS_GETMANAGERVERSION 0 +#define DFS_ADD 1 +#define DFS_REMOVE 2 +#define DFS_SETINFO 3 +#define DFS_GETINFO 4 +#define DFS_ENUM 5 +#define DFS_RENAME 6 +#define DFS_MOVE 7 +#define DFS_MANAGERGETCONFIGINFO 8 +#define DFS_MANAGERSENDSITEINFO 9 +#define DFS_ADDFTROOT 10 +#define DFS_REMOVEFTROOT 11 +#define DFS_ADDSTDROOT 12 +#define DFS_REMOVESTDROOT 13 +#define DFS_MANAGERINITIALIZE 14 +#define DFS_ADDSTDROOTFORCED 15 +#define DFS_GETDCADDRESS 16 +#define DFS_SETDCADDRESS 17 +#define DFS_FLUSHFTTABLE 18 +#define DFS_ADD2 19 +#define DFS_REMOVE2 20 +#define DFS_ENUMEX 21 +#define DFS_SETINFO2 22 + +typedef struct netdfs_dfs_Info0 { + uint32 dummy; +} NETDFS_DFS_INFO0; + +typedef struct netdfs_dfs_Info1 { + uint32 ptr0_path; + UNISTR2 path; +} NETDFS_DFS_INFO1; + +typedef struct netdfs_dfs_Info2 { + uint32 ptr0_path; + UNISTR2 path; + uint32 ptr0_comment; UNISTR2 comment; uint32 state; - uint32 num_storages; -} DFS_INFO_2; + uint32 num_stores; +} NETDFS_DFS_INFO2; -typedef struct dfs_storage_info { +typedef struct netdfs_dfs_StorageInfo { uint32 state; - uint32 ptr_servername; - UNISTR2 servername; - uint32 ptr_sharename; - UNISTR2 sharename; -} DFS_STORAGE_INFO; - -typedef struct dfs_info_3 { - uint32 ptr_entrypath; - UNISTR2 entrypath; - uint32 ptr_comment; + uint32 ptr0_server; + UNISTR2 server; + uint32 ptr0_share; + UNISTR2 share; +} NETDFS_DFS_STORAGEINFO; + +typedef struct netdfs_dfs_Info3 { + uint32 ptr0_path; + UNISTR2 path; + uint32 ptr0_comment; UNISTR2 comment; uint32 state; - uint32 num_storages; - uint32 ptr_storages; - uint32 num_storage_infos; - DFS_STORAGE_INFO* storages; -} DFS_INFO_3; + uint32 num_stores; + uint32 ptr0_stores; + uint32 size_stores; + NETDFS_DFS_STORAGEINFO *stores; +} NETDFS_DFS_INFO3; + +typedef struct netdfs_dfs_Info4 { + uint32 ptr0_path; + UNISTR2 path; + uint32 ptr0_comment; + UNISTR2 comment; + uint32 state; + uint32 timeout; + struct uuid guid; + uint32 num_stores; + uint32 ptr0_stores; + uint32 size_stores; + NETDFS_DFS_STORAGEINFO *stores; +} NETDFS_DFS_INFO4; + +typedef struct netdfs_dfs_Info100 { + uint32 ptr0_comment; + UNISTR2 comment; +} NETDFS_DFS_INFO100; + +typedef struct netdfs_dfs_Info101 { + uint32 state; +} NETDFS_DFS_INFO101; -typedef struct dfs_info_ctr { +typedef struct netdfs_dfs_Info102 { + uint32 timeout; +} NETDFS_DFS_INFO102; + +typedef struct netdfs_dfs_Info200 { + uint32 ptr0_dom_root; + UNISTR2 dom_root; +} NETDFS_DFS_INFO200; + +typedef struct netdfs_dfs_Info300 { + uint32 flags; + uint32 ptr0_dom_root; + UNISTR2 dom_root; +} NETDFS_DFS_INFO300; + +typedef struct netdfs_dfs_Info_ctr { uint32 switch_value; - uint32 num_entries; - uint32 ptr_dfs_ctr; /* pointer to dfs info union */ - union { - DFS_INFO_1 *info1; - DFS_INFO_2 *info2; - DFS_INFO_3 *info3; - } dfs; -} DFS_INFO_CTR; - -typedef struct dfs_q_dfs_get_info { - UNISTR2 uni_path; - - uint32 ptr_server; - UNISTR2 uni_server; - - uint32 ptr_share; - UNISTR2 uni_share; - - uint32 level; -} DFS_Q_DFS_GET_INFO; + uint32 ptr0; + union netdfs_dfs_Info { + NETDFS_DFS_INFO0 info0; + NETDFS_DFS_INFO1 info1; + NETDFS_DFS_INFO2 info2; + NETDFS_DFS_INFO3 info3; + NETDFS_DFS_INFO4 info4; + NETDFS_DFS_INFO100 info100; + NETDFS_DFS_INFO101 info101; + NETDFS_DFS_INFO102 info102; + } u; +} NETDFS_DFS_INFO_CTR; + +typedef struct netdfs_dfs_EnumArray1 { + uint32 count; + uint32 ptr0_s; + uint32 size_s; + NETDFS_DFS_INFO1 *s; +} NETDFS_DFS_ENUMARRAY1; + +typedef struct netdfs_dfs_EnumArray2 { + uint32 count; + uint32 ptr0_s; + uint32 size_s; + NETDFS_DFS_INFO2 *s; +} NETDFS_DFS_ENUMARRAY2; + +typedef struct netdfs_dfs_EnumArray3 { + uint32 count; + uint32 ptr0_s; + uint32 size_s; + NETDFS_DFS_INFO3 *s; +} NETDFS_DFS_ENUMARRAY3; -typedef struct dfs_r_dfs_get_info { +typedef struct netdfs_dfs_EnumArray4 { + uint32 count; + uint32 ptr0_s; + uint32 size_s; + NETDFS_DFS_INFO4 *s; +} NETDFS_DFS_ENUMARRAY4; + +typedef struct netdfs_dfs_EnumArray200 { + uint32 count; + uint32 ptr0_s; + uint32 size_s; + NETDFS_DFS_INFO200 *s; +} NETDFS_DFS_ENUMARRAY200; + +typedef struct netdfs_dfs_EnumArray300 { + uint32 count; + uint32 ptr0_s; + uint32 size_s; + NETDFS_DFS_INFO300 *s; +} NETDFS_DFS_ENUMARRAY300; + +typedef struct netdfs_dfs_EnumInfo_ctr { + uint32 switch_value; + uint32 ptr0; + union netdfs_dfs_EnumInfo { + NETDFS_DFS_ENUMARRAY1 info1; + NETDFS_DFS_ENUMARRAY2 info2; + NETDFS_DFS_ENUMARRAY3 info3; + NETDFS_DFS_ENUMARRAY4 info4; + NETDFS_DFS_ENUMARRAY200 info200; + NETDFS_DFS_ENUMARRAY300 info300; + } u; +} NETDFS_DFS_ENUMINFO_CTR; + +typedef struct netdfs_dfs_EnumStruct { uint32 level; - uint32 ptr_ctr; - DFS_INFO_CTR ctr; + NETDFS_DFS_ENUMINFO_CTR e; +} NETDFS_DFS_ENUMSTRUCT; + +typedef struct netdfs_q_dfs_GetManagerVersion { + uint32 dummy; +} NETDFS_Q_DFS_GETMANAGERVERSION; + +typedef struct netdfs_r_dfs_GetManagerVersion { + uint32 exist_flag; +} NETDFS_R_DFS_GETMANAGERVERSION; + +typedef struct netdfs_q_dfs_Add { + UNISTR2 path; + UNISTR2 server; + uint32 ptr0_share; + UNISTR2 share; + uint32 ptr0_comment; + UNISTR2 comment; + uint32 flags; +} NETDFS_Q_DFS_ADD; + +typedef struct netdfs_r_dfs_Add { + WERROR status; +} NETDFS_R_DFS_ADD; + +typedef struct netdfs_q_dfs_Remove { + UNISTR2 path; + uint32 ptr0_server; + UNISTR2 server; + uint32 ptr0_share; + UNISTR2 share; +} NETDFS_Q_DFS_REMOVE; + +typedef struct netdfs_r_dfs_Remove { WERROR status; -} DFS_R_DFS_GET_INFO; +} NETDFS_R_DFS_REMOVE; -typedef struct dfs_q_dfs_enum { +typedef struct netdfs_q_dfs_SetInfo { + uint32 dummy; +} NETDFS_Q_DFS_SETINFO; + +typedef struct netdfs_r_dfs_SetInfo { + WERROR status; +} NETDFS_R_DFS_SETINFO; + +typedef struct netdfs_q_dfs_GetInfo { + UNISTR2 path; + uint32 ptr0_server; + UNISTR2 server; + uint32 ptr0_share; + UNISTR2 share; uint32 level; - uint32 maxpreflen; - uint32 ptr_buffer; - uint32 level2; - uint32 ptr_num_entries; - uint32 num_entries; - uint32 ptr_num_entries2; - uint32 num_entries2; - ENUM_HND reshnd; -} DFS_Q_DFS_ENUM; - -typedef struct dfs_r_dfs_enum { - DFS_INFO_CTR *ctr; - uint32 ptr_buffer; +} NETDFS_Q_DFS_GETINFO; + +typedef struct netdfs_r_dfs_GetInfo { + NETDFS_DFS_INFO_CTR info; + WERROR status; +} NETDFS_R_DFS_GETINFO; + +typedef struct netdfs_q_dfs_Enum { uint32 level; - uint32 level2; - uint32 ptr_num_entries; - uint32 num_entries; - uint32 ptr_num_entries2; - uint32 num_entries2; - ENUM_HND reshnd; - WERROR status; -} DFS_R_DFS_ENUM; -#endif + uint32 bufsize; + uint32 ptr0_info; + NETDFS_DFS_ENUMSTRUCT info; + uint32 ptr0_unknown; + uint32 unknown; + uint32 ptr0_total; + uint32 total; +} NETDFS_Q_DFS_ENUM; + +typedef struct netdfs_r_dfs_Enum { + uint32 ptr0_info; + NETDFS_DFS_ENUMSTRUCT info; + uint32 ptr0_total; + uint32 total; + WERROR status; +} NETDFS_R_DFS_ENUM; + +typedef struct netdfs_q_dfs_Rename { + uint32 dummy; +} NETDFS_Q_DFS_RENAME; + +typedef struct netdfs_r_dfs_Rename { + WERROR status; +} NETDFS_R_DFS_RENAME; + +typedef struct netdfs_q_dfs_Move { + uint32 dummy; +} NETDFS_Q_DFS_MOVE; + +typedef struct netdfs_r_dfs_Move { + WERROR status; +} NETDFS_R_DFS_MOVE; + +typedef struct netdfs_q_dfs_ManagerGetConfigInfo { + uint32 dummy; +} NETDFS_Q_DFS_MANAGERGETCONFIGINFO; + +typedef struct netdfs_r_dfs_ManagerGetConfigInfo { + WERROR status; +} NETDFS_R_DFS_MANAGERGETCONFIGINFO; + +typedef struct netdfs_q_dfs_ManagerSendSiteInfo { + uint32 dummy; +} NETDFS_Q_DFS_MANAGERSENDSITEINFO; + +typedef struct netdfs_r_dfs_ManagerSendSiteInfo { + WERROR status; +} NETDFS_R_DFS_MANAGERSENDSITEINFO; + +typedef struct netdfs_q_dfs_AddFtRoot { + uint32 dummy; +} NETDFS_Q_DFS_ADDFTROOT; + +typedef struct netdfs_r_dfs_AddFtRoot { + WERROR status; +} NETDFS_R_DFS_ADDFTROOT; + +typedef struct netdfs_q_dfs_RemoveFtRoot { + uint32 dummy; +} NETDFS_Q_DFS_REMOVEFTROOT; + +typedef struct netdfs_r_dfs_RemoveFtRoot { + WERROR status; +} NETDFS_R_DFS_REMOVEFTROOT; + +typedef struct netdfs_q_dfs_AddStdRoot { + uint32 dummy; +} NETDFS_Q_DFS_ADDSTDROOT; + +typedef struct netdfs_r_dfs_AddStdRoot { + WERROR status; +} NETDFS_R_DFS_ADDSTDROOT; + +typedef struct netdfs_q_dfs_RemoveStdRoot { + uint32 dummy; +} NETDFS_Q_DFS_REMOVESTDROOT; + +typedef struct netdfs_r_dfs_RemoveStdRoot { + WERROR status; +} NETDFS_R_DFS_REMOVESTDROOT; + +typedef struct netdfs_q_dfs_ManagerInitialize { + uint32 dummy; +} NETDFS_Q_DFS_MANAGERINITIALIZE; + +typedef struct netdfs_r_dfs_ManagerInitialize { + WERROR status; +} NETDFS_R_DFS_MANAGERINITIALIZE; + +typedef struct netdfs_q_dfs_AddStdRootForced { + uint32 dummy; +} NETDFS_Q_DFS_ADDSTDROOTFORCED; + +typedef struct netdfs_r_dfs_AddStdRootForced { + WERROR status; +} NETDFS_R_DFS_ADDSTDROOTFORCED; + +typedef struct netdfs_q_dfs_GetDcAddress { + uint32 dummy; +} NETDFS_Q_DFS_GETDCADDRESS; + +typedef struct netdfs_r_dfs_GetDcAddress { + WERROR status; +} NETDFS_R_DFS_GETDCADDRESS; + +typedef struct netdfs_q_dfs_SetDcAddress { + uint32 dummy; +} NETDFS_Q_DFS_SETDCADDRESS; + +typedef struct netdfs_r_dfs_SetDcAddress { + WERROR status; +} NETDFS_R_DFS_SETDCADDRESS; + +typedef struct netdfs_q_dfs_FlushFtTable { + uint32 dummy; +} NETDFS_Q_DFS_FLUSHFTTABLE; + +typedef struct netdfs_r_dfs_FlushFtTable { + WERROR status; +} NETDFS_R_DFS_FLUSHFTTABLE; + +typedef struct netdfs_q_dfs_Add2 { + uint32 dummy; +} NETDFS_Q_DFS_ADD2; + +typedef struct netdfs_r_dfs_Add2 { + WERROR status; +} NETDFS_R_DFS_ADD2; + +typedef struct netdfs_q_dfs_Remove2 { + uint32 dummy; +} NETDFS_Q_DFS_REMOVE2; + +typedef struct netdfs_r_dfs_Remove2 { + WERROR status; +} NETDFS_R_DFS_REMOVE2; + +typedef struct netdfs_q_dfs_EnumEx { + uint32 dummy; +} NETDFS_Q_DFS_ENUMEX; + +typedef struct netdfs_r_dfs_EnumEx { + WERROR status; +} NETDFS_R_DFS_ENUMEX; + +typedef struct netdfs_q_dfs_SetInfo2 { + uint32 dummy; +} NETDFS_Q_DFS_SETINFO2; + +typedef struct netdfs_r_dfs_SetInfo2 { + WERROR status; +} NETDFS_R_DFS_SETINFO2; + +#endif /* _RPC_NETDFS_H */ diff --git a/source3/include/rpc_lsa.h b/source3/include/rpc_lsa.h index dd255c28d5d..c8d6a210b51 100644 --- a/source3/include/rpc_lsa.h +++ b/source3/include/rpc_lsa.h @@ -80,6 +80,7 @@ #define LSA_UNK_GET_CONNUSER 0x2d /* LsaGetConnectedCredentials ? */ #define LSA_QUERYINFO2 0x2e #define LSA_QUERYTRUSTDOMINFOBYNAME 0x30 +#define LSA_QUERYDOMINFOPOL 0x35 #define LSA_OPENTRUSTDOMBYNAME 0x37 /* XXXX these are here to get a compile! */ @@ -393,7 +394,7 @@ typedef struct lsa_trans_name_info } LSA_TRANS_NAME; /* This number is based on Win2k and later maximum response allowed */ -#define MAX_LOOKUP_SIDS 20480 +#define MAX_LOOKUP_SIDS 20480 /* 0x5000 */ /* LSA_TRANS_NAME_ENUM - LSA Translated Name Enumeration container */ typedef struct lsa_trans_name_enum_info @@ -750,6 +751,25 @@ typedef struct { /*******************************************************/ +/* LSA_Q_OPEN_TRUSTED_DOMAIN_BY_NAME - LSA Query Open Trusted Domain by Name*/ +typedef struct lsa_q_open_trusted_domain_by_name +{ + POLICY_HND pol; /* policy handle */ + LSA_STRING name; /* domain name */ + uint32 access_mask; /* access mask */ + +} LSA_Q_OPEN_TRUSTED_DOMAIN_BY_NAME; + +/* LSA_R_OPEN_TRUSTED_DOMAIN_BY_NAME - response to LSA Query Open Trusted Domain by Name */ +typedef struct { + POLICY_HND handle; /* trustdom policy handle */ + NTSTATUS status; /* return code */ +} LSA_R_OPEN_TRUSTED_DOMAIN_BY_NAME; + + +/*******************************************************/ + + typedef struct { POLICY_HND handle; UNISTR4 secretname; @@ -955,4 +975,38 @@ typedef struct r_lsa_query_trusted_domain_info NTSTATUS status; } LSA_R_QUERY_TRUSTED_DOMAIN_INFO; +typedef struct dom_info_kerberos { + uint32 enforce_restrictions; + NTTIME service_tkt_lifetime; + NTTIME user_tkt_lifetime; + NTTIME user_tkt_renewaltime; + NTTIME clock_skew; + NTTIME unknown6; +} LSA_DOM_INFO_POLICY_KERBEROS; + +typedef struct dom_info_efs { + uint32 blob_len; + UNISTR2 efs_blob; +} LSA_DOM_INFO_POLICY_EFS; + +typedef struct lsa_dom_info_union { + uint16 info_class; + LSA_DOM_INFO_POLICY_EFS efs_policy; + LSA_DOM_INFO_POLICY_KERBEROS krb_policy; +} LSA_DOM_INFO_UNION; + +/* LSA_Q_QUERY_DOM_INFO_POLICY - LSA query info */ +typedef struct lsa_q_query_dom_info_policy +{ + POLICY_HND pol; /* policy handle */ + uint16 info_class; /* info class */ +} LSA_Q_QUERY_DOM_INFO_POLICY; + +typedef struct lsa_r_query_dom_info_policy +{ + LSA_DOM_INFO_UNION *info; + NTSTATUS status; +} LSA_R_QUERY_DOM_INFO_POLICY; + + #endif /* _RPC_LSA_H */ diff --git a/source3/include/rpc_netlogon.h b/source3/include/rpc_netlogon.h index c1d85403448..91f85601e30 100644 --- a/source3/include/rpc_netlogon.h +++ b/source3/include/rpc_netlogon.h @@ -86,8 +86,17 @@ #define NL_CTRL_REPL_IN_PROGRESS 0x0002 #define NL_CTRL_FULL_SYNC 0x0004 -#define LOGON_EXTRA_SIDS 0x0020 -#define LOGON_RESOURCE_GROUPS 0x0200 +#define LOGON_GUEST 0x00000001 +#define LOGON_NOENCRYPTION 0x00000002 +#define LOGON_CACHED_ACCOUNT 0x00000004 +#define LOGON_USED_LM_PASSWORD 0x00000008 +#define LOGON_EXTRA_SIDS 0x00000020 +#define LOGON_SUBAUTH_SESSION_KEY 0x00000040 +#define LOGON_SERVER_TRUST_ACCOUNT 0x00000080 +#define LOGON_NTLMV2_ENABLED 0x00000100 +#define LOGON_RESOURCE_GROUPS 0x00000200 +#define LOGON_PROFILE_PATH_RETURNED 0x00000400 +#define LOGON_GRACE_LOGON 0x01000000 #define SE_GROUP_MANDATORY 0x00000001 #define SE_GROUP_ENABLED_BY_DEFAULT 0x00000002 diff --git a/source3/include/rpc_samr.h b/source3/include/rpc_samr.h index 342db37ea57..2fae514c3d1 100644 --- a/source3/include/rpc_samr.h +++ b/source3/include/rpc_samr.h @@ -1843,6 +1843,10 @@ typedef struct q_samr_chgpasswd3 } SAMR_Q_CHGPASSWD3; +#define REJECT_REASON_TOO_SHORT 0x00000001 +#define REJECT_REASON_IN_HISTORY 0x00000002 +#define REJECT_REASON_NOT_COMPLEX 0x00000005 + /* SAMR_CHANGE_REJECT */ typedef struct samr_change_reject { diff --git a/source3/include/secrets.h b/source3/include/secrets.h index f2d1afd96b3..610a14b52be 100644 --- a/source3/include/secrets.h +++ b/source3/include/secrets.h @@ -75,10 +75,10 @@ typedef struct trusted_dom_pass { * trusted domain entry/entries returned by secrets_get_trusted_domains * (used in _lsa_enum_trust_dom call) */ -typedef struct trustdom { - smb_ucs2_t *name; +struct trustdom_info { + char *name; DOM_SID sid; -} TRUSTDOM; +}; /* * Format of an OpenAFS keyfile diff --git a/source3/include/smb.h b/source3/include/smb.h index 3a6f68b9ecc..b167e4ee126 100644 --- a/source3/include/smb.h +++ b/source3/include/smb.h @@ -224,18 +224,26 @@ typedef struct nttime_info { /* Allowable account control bits */ -#define ACB_DISABLED 0x0001 /* 1 = User account disabled */ -#define ACB_HOMDIRREQ 0x0002 /* 1 = Home directory required */ -#define ACB_PWNOTREQ 0x0004 /* 1 = User password not required */ -#define ACB_TEMPDUP 0x0008 /* 1 = Temporary duplicate account */ -#define ACB_NORMAL 0x0010 /* 1 = Normal user account */ -#define ACB_MNS 0x0020 /* 1 = MNS logon user account */ -#define ACB_DOMTRUST 0x0040 /* 1 = Interdomain trust account */ -#define ACB_WSTRUST 0x0080 /* 1 = Workstation trust account */ -#define ACB_SVRTRUST 0x0100 /* 1 = Server trust account (BDC) */ -#define ACB_PWNOEXP 0x0200 /* 1 = User password does not expire */ -#define ACB_AUTOLOCK 0x0400 /* 1 = Account auto locked */ - +#define ACB_DISABLED 0x00000001 /* 1 = User account disabled */ +#define ACB_HOMDIRREQ 0x00000002 /* 1 = Home directory required */ +#define ACB_PWNOTREQ 0x00000004 /* 1 = User password not required */ +#define ACB_TEMPDUP 0x00000008 /* 1 = Temporary duplicate account */ +#define ACB_NORMAL 0x00000010 /* 1 = Normal user account */ +#define ACB_MNS 0x00000020 /* 1 = MNS logon user account */ +#define ACB_DOMTRUST 0x00000040 /* 1 = Interdomain trust account */ +#define ACB_WSTRUST 0x00000080 /* 1 = Workstation trust account */ +#define ACB_SVRTRUST 0x00000100 /* 1 = Server trust account (BDC) */ +#define ACB_PWNOEXP 0x00000200 /* 1 = User password does not expire */ +#define ACB_AUTOLOCK 0x00000400 /* 1 = Account auto locked */ + +/* only valid for > Windows 2000 */ +#define ACB_ENC_TXT_PWD_ALLOWED 0x00000800 /* 1 = Text password encryped */ +#define ACB_SMARTCARD_REQUIRED 0x00001000 /* 1 = Smart Card required */ +#define ACB_TRUSTED_FOR_DELEGATION 0x00002000 /* 1 = Trusted for Delegation */ +#define ACB_NOT_DELEGATED 0x00004000 /* 1 = Not delegated */ +#define ACB_USE_DES_KEY_ONLY 0x00008000 /* 1 = Use DES key only */ +#define ACB_DONT_REQUIRE_PREAUTH 0x00010000 /* 1 = Preauth not required */ + #define MAX_HOURS_LEN 32 #ifndef MAXSUBAUTHS @@ -262,6 +270,9 @@ enum SID_NAME_USE { #define LOOKUP_NAME_REMOTE 2 /* Ask others */ #define LOOKUP_NAME_ALL (LOOKUP_NAME_ISOLATED|LOOKUP_NAME_REMOTE) +#define LOOKUP_NAME_GROUP 4 /* This is a NASTY hack for valid users = @foo + * where foo also exists in as user. */ + /** * @brief Security Identifier * @@ -280,6 +291,21 @@ typedef struct sid_info { uint32 sub_auths[MAXSUBAUTHS]; } DOM_SID; +struct lsa_dom_info { + BOOL valid; + DOM_SID sid; + const char *name; + int num_idxs; + int *idxs; +}; + +struct lsa_name_info { + uint32 rid; + enum SID_NAME_USE type; + const char *name; + int dom_idx; +}; + /* Some well-known SIDs */ extern const DOM_SID global_sid_World_Domain; extern const DOM_SID global_sid_World; @@ -302,6 +328,8 @@ extern const DOM_SID global_sid_Builtin_Server_Operators; extern const DOM_SID global_sid_Builtin_Print_Operators; extern const DOM_SID global_sid_Builtin_Backup_Operators; extern const DOM_SID global_sid_Builtin_Replicator; +extern const DOM_SID global_sid_Unix_Users; +extern const DOM_SID global_sid_Unix_Groups; /* * The complete list of SIDS belonging to this user. @@ -316,7 +344,7 @@ extern const DOM_SID global_sid_Builtin_Replicator; #define PRIMARY_USER_SID_INDEX 0 #define PRIMARY_GROUP_SID_INDEX 1 -typedef struct _nt_user_token { +typedef struct nt_user_token { size_t num_sids; DOM_SID *user_sids; SE_PRIV privileges; @@ -1719,6 +1747,22 @@ typedef struct uuid_flat { /* map readonly options */ enum mapreadonly_options {MAP_READONLY_NO, MAP_READONLY_YES, MAP_READONLY_PERMISSIONS}; +/* usershare error codes. */ +enum usershare_err { + USERSHARE_OK=0, + USERSHARE_MALFORMED_FILE, + USERSHARE_BAD_VERSION, + USERSHARE_MALFORMED_PATH, + USERSHARE_MALFORMED_COMMENT_DEF, + USERSHARE_MALFORMED_ACL_DEF, + USERSHARE_ACL_ERR, + USERSHARE_PATH_NOT_ABSOLUTE, + USERSHARE_PATH_IS_DENIED, + USERSHARE_PATH_NOT_ALLOWED, + USERSHARE_PATH_NOT_DIRECTORY, + USERSHARE_POSIX_ERR +}; + /* Different reasons for closing a file. */ enum file_close_type {NORMAL_CLOSE=0,SHUTDOWN_CLOSE,ERROR_CLOSE}; diff --git a/source3/include/smbldap.h b/source3/include/smbldap.h index bea1a6d84a3..8870205bbbc 100644 --- a/source3/include/smbldap.h +++ b/source3/include/smbldap.h @@ -131,8 +131,7 @@ NTSTATUS smbldap_init(TALLOC_CTX *mem_ctx, struct smbldap_state **smbldap_state); const char* get_attr_key2string( ATTRIB_MAP_ENTRY table[], int key ); -const char** get_attr_list( ATTRIB_MAP_ENTRY table[] ); -void free_attr_list( const char **list ); +const char** get_attr_list( TALLOC_CTX *mem_ctx, ATTRIB_MAP_ENTRY table[] ); void smbldap_set_mod (LDAPMod *** modlist, int modop, const char *attribute, const char *value); void smbldap_make_mod(LDAP *ldap_struct, LDAPMessage *existing, LDAPMod ***mods, @@ -207,7 +206,17 @@ int ldapsam_search_suffix_by_name(struct ldapsam_privates *ldap_state, NTSTATUS pdb_init_ldapsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location); -const char** get_userattr_list( int schema_ver ); +const char** get_userattr_list( TALLOC_CTX *mem_ctx, int schema_ver ); + +char * smbldap_talloc_single_attribute(LDAP *ldap_struct, LDAPMessage *entry, + const char *attribute, + TALLOC_CTX *mem_ctx); +void talloc_autofree_ldapmsg(TALLOC_CTX *mem_ctx, LDAPMessage *result); +void talloc_autofree_ldapmod(TALLOC_CTX *mem_ctx, LDAPMod **mod); +const char *smbldap_talloc_dn(TALLOC_CTX *mem_ctx, LDAP *ld, + LDAPMessage *entry); + + #endif /* HAVE_LDAP */ |