/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* or http://www.opensolaris.org/os/licensing.
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2008 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*
* Copyright 2014 Nexenta Systems, Inc. All rights reserved.
*/
#ifndef _MLSVC_NETR_NDL_
#define _MLSVC_NETR_NDL_
/*
***********************************************************************
*
* NetLogon RPC (NETR) interface definition.
*
***********************************************************************
*/
#include "ndrtypes.ndl"
#define NETR_OPNUM_UasLogon 0x00
#define NETR_OPNUM_UasLogoff 0x01
#define NETR_OPNUM_SamLogon 0x02
#define NETR_OPNUM_SamLogoff 0x03
#define NETR_OPNUM_ServerReqChallenge 0x04
#define NETR_OPNUM_ServerAuthenticate 0x05
#define NETR_OPNUM_ServerPasswordSet 0x06
#define NETR_OPNUM_DatabaseDeltas 0x07
#define NETR_OPNUM_DatabaseSync 0x08
#define NETR_OPNUM_AccountDeltas 0x09
#define NETR_OPNUM_AccountSync 0x0a
#define NETR_OPNUM_GetDCName 0x0b
#define NETR_OPNUM_LogonControl 0x0c
#define NETR_OPNUM_GetAnyDCName 0x0d
#define NETR_OPNUM_LogonControl2 0x0E
#define NETR_OPNUM_ServerAuthenticate2 0x0F
#define NETR_OPNUM_DatabaseSync2 0x10
#define NETR_OPNUM_DatabaseRedo 0x11
#define NETR_OPNUM_LogonControl2Ex 0x12
#define NETR_OPNUM_TrustDomainList 0x13
#define NETR_OPNUM_DsrGetDcName 0x14
#define NETR_OPNUM_LogonGetCapabilities 0x15
#define NETR_OPNUM_LogonSetServiceBits 0x16
#define NETR_OPNUM_LogonGetTrustRid 0x17
#define NETR_OPNUM_LogonComputeServerDigest 0x18
#define NETR_OPNUM_LogonComputeClientDigest 0x19
#define NETR_OPNUM_ServerAuthenticate3 0x1A
#define NETR_OPNUM_DsrGetDcNameEx 0x1B
#define NETR_OPNUM_DsrGetSiteName 0x1C
#define NETR_OPNUM_LogonGetDomainInfo 0x1D
#define NETR_OPNUM_ServerPasswordSet2 0x1E
/*
* This is not a real NETR OPNUM. It's used to unpack the
* struct krb5_validation_info found in the Kerberos PAC.
*/
#define NETR_OPNUM_decode_krb5_pac 1000
struct netr_sid {
BYTE Revision;
BYTE SubAuthCount;
BYTE Authority[6];
SIZE_IS(SubAuthCount)
DWORD SubAuthority[ANY_SIZE_ARRAY];
};
struct netr_string {
WORD length;
WORD allosize;
LPTSTR str;
};
typedef struct netr_string netr_string_t;
/*
* Alternative varying/conformant string definition - for
* non-null terminated strings. This definition must match
* ndr_vcbuf_t.
*/
struct netr_vcs {
/*
* size_is (actually a copy of length_is) will
* be inserted here by the marshalling library.
*/
DWORD vc_first_is;
DWORD vc_length_is;
SIZE_IS(vc_length_is)
WORD buffer[ANY_SIZE_ARRAY];
};
struct netr_vcstr {
WORD wclen;
WORD wcsize;
struct netr_vcs *vcs;
};
typedef struct netr_vcstr netr_vcstr_t;
struct netr_vcb {
/*
* size_is (actually a copy of length_is) will
* be inserted here by the marshalling library.
*/
DWORD vc_first_is;
DWORD vc_length_is;
SIZE_IS(vc_length_is)
BYTE buffer[ANY_SIZE_ARRAY];
};
struct netr_vcbuf {
WORD len;
WORD size;
struct netr_vcb *vcb;
};
typedef struct netr_vcbuf netr_vcbuf_t;
struct netr_credential {
BYTE data[8];
};
struct netr_authenticator {
struct netr_credential credential;
DWORD timestamp;
};
typedef struct netr_authenticator netr_auth_t;
struct OLD_LARGE_INTEGER {
DWORD LowPart;
DWORD HighPart;
};
typedef struct OLD_LARGE_INTEGER netr_int64_t;
struct CYPHER_BLOCK {
BYTE data[8];
};
struct OWF_PASSWORD {
BYTE data[16];
};
typedef struct OWF_PASSWORD netr_owf_password_t;
/*
* NL_TRUST_PASSWORD
* See also: samr_user_password
*/
#define NETR_TRUST_PWLEN 256
struct netr_trust_password {
WORD Buffer[NETR_TRUST_PWLEN];
DWORD Length;
};
typedef struct netr_trust_password netr_trust_password_t;
struct USER_SESSION_KEY {
struct CYPHER_BLOCK data[2];
};
/*
***********************************************************************
* ServerReqChallenge
***********************************************************************
*/
ALIGN(2)
OPERATION(NETR_OPNUM_ServerReqChallenge)
struct netr_ServerReqChallenge {
IN LPTSTR servername;
IN REFERENCE LPTSTR hostname;
IN struct netr_credential client_challenge;
OUT struct netr_credential server_challenge;
OUT DWORD status;
};
/*
***********************************************************************
* ServerAuthenticate2
***********************************************************************
*/
ALIGN(2)
OPERATION(NETR_OPNUM_ServerAuthenticate2)
struct netr_ServerAuthenticate2 {
IN LPTSTR servername;
IN REFERENCE LPTSTR account_name;
IN WORD account_type;
IN REFERENCE LPTSTR hostname;
IN struct netr_credential client_credential;
OUT struct netr_credential server_credential;
INOUT DWORD negotiate_flags;
OUT DWORD status;
};
/*
***********************************************************************
* ServerPasswordSet
***********************************************************************
*/
ALIGN(2)
OPERATION(NETR_OPNUM_ServerPasswordSet)
struct netr_PasswordSet {
IN LPTSTR servername;
IN REFERENCE LPTSTR account_name;
IN WORD sec_chan_type;
IN REFERENCE LPTSTR hostname;
INOUT struct netr_authenticator auth;
IN netr_owf_password_t owf_password;
OUT DWORD status;
};
OPERATION(NETR_OPNUM_ServerPasswordSet2)
struct netr_PasswordSet2 {
IN LPTSTR servername;
IN REFERENCE LPTSTR account_name;
IN WORD sec_chan_type;
IN REFERENCE LPTSTR hostname;
INOUT struct netr_authenticator auth;
IN netr_trust_password_t trust_password;
OUT DWORD status;
};
/*
***********************************************************************
* SamLogon
***********************************************************************
*/
/*
* The challenge-response data should always be 24 bytes.
*/
#define NETR_CR_PASSWORD_SIZE 24
struct lm_challenge {
BYTE data[8];
};
typedef struct lm_challenge lm_challenge_t;
/*
* Input data
*/
struct netr_logon_identity_info {
netr_vcstr_t domain_name;
DWORD parameter_control;
struct OLD_LARGE_INTEGER logon_id;
netr_vcstr_t username;
netr_vcstr_t workstation;
};
typedef struct netr_logon_identity_info netr_logon_id_t;
/*
* Level 1: interactive logon
*/
struct netr_logon_info1 {
netr_logon_id_t identity;
netr_owf_password_t lm_owf_password;
netr_owf_password_t nt_owf_password;
};
/*
* Level 2: network logon.
*/
struct netr_logon_info2 {
netr_logon_id_t identity;
lm_challenge_t lm_challenge;
netr_vcbuf_t nt_response;
netr_vcbuf_t lm_response;
};
union netr_logon_info_u {
UNION_INFO_PTR(1,netr_logon_info);
UNION_INFO_PTR(2,netr_logon_info);
DEFAULT DWORD nothing;
};
struct netr_login_info {
WORD logon_level;
WORD switch_value;
SWITCH(switch_value)
union netr_logon_info_u ru;
};
/*
* Output data
*/
struct netr_group_membership {
DWORD rid;
DWORD attributes;
};
struct netr_sid_and_attributes {
struct netr_sid *sid;
DWORD attributes;
};
struct netr_validation_info3 {
struct OLD_LARGE_INTEGER LogonTime;
struct OLD_LARGE_INTEGER LogoffTime;
struct OLD_LARGE_INTEGER KickOffTime;
struct OLD_LARGE_INTEGER PasswordLastSet;
struct OLD_LARGE_INTEGER PasswordCanChange;
struct OLD_LARGE_INTEGER PasswordMustChange;
netr_string_t EffectiveName;
netr_string_t FullName;
netr_string_t LogonScript;
netr_string_t ProfilePath;
netr_string_t HomeDirectory;
netr_string_t HomeDirectoryDrive;
WORD LogonCount;
WORD BadPasswordCount;
DWORD UserId;
DWORD PrimaryGroupId;
DWORD GroupCount;
SIZE_IS(GroupCount)
struct netr_group_membership *GroupIds;
DWORD UserFlags;
struct USER_SESSION_KEY UserSessionKey;
netr_string_t LogonServer;
netr_string_t LogonDomainName;
struct netr_sid *LogonDomainId;
DWORD ExpansionRoom[10];
DWORD SidCount;
SIZE_IS(SidCount)
struct netr_sid_and_attributes *ExtraSids;
};
/* NETR_OPNUM_decode_krb5_pac */
struct krb5_validation_info {
struct netr_validation_info3 info3;
/* Kerberos PAC "resource group" stuff. */
struct netr_sid *rg_dom_sid;
DWORD rg_rid_cnt;
SIZE_IS(rg_rid_cnt)
struct netr_group_membership *rg_rids;
};
union netr_validation_u {
CASE(3) struct netr_validation_info3 *info3;
DEFAULT DWORD nothing;
};
/*
* This structure needs to be declared, even though it can't be used
* in netr_SamLogon, in order to get the appropriate size to calculate
* the correct fixup offsets. If ndrgen did the right thing,
* netr_validation_info would be one of the out parameters. However,
* if we do it that way, the switch_value isn't known early enough to
* do the fixup calculation. So it all has to go in netr_SamLogon.
*/
struct netr_validation_info {
WORD validation_level;
SWITCH(validation_level)
union netr_validation_u ru;
};
/*
* WARNING
*
* Validation_level is really a WORD and authoritative is really a
* BYTE. They are declared as DWORD here due to the way things are
* unmarshalled. NT does not clear out the unused bytes in the
* DWORD so they must be cast to get the correct value.
*/
OPERATION(NETR_OPNUM_SamLogon)
struct netr_SamLogon {
IN LPTSTR servername;
IN LPTSTR hostname;
IN struct netr_authenticator *auth;
INOUT struct netr_authenticator *ret_auth;
IN struct netr_login_info logon_info;
INOUT WORD validation_level;
SWITCH(validation_level)
OUT union netr_validation_u ru;
OUT DWORD authoritative;
OUT DWORD status;
};
/*
***********************************************************************
* SamLogoff
***********************************************************************
*/
OPERATION(NETR_OPNUM_SamLogoff)
struct netr_SamLogoff {
IN LPTSTR servername;
IN REFERENCE LPTSTR hostname;
IN struct netr_authenticator auth;
INOUT struct netr_authenticator ret_auth;
IN DWORD logon_level;
SWITCH(logon_level)
IN union netr_logon_info_u ru;
OUT DWORD status;
};
/*
***********************************************************************
* The NETR interface definition.
***********************************************************************
*/
INTERFACE(0)
union netr_interface {
CASE(NETR_OPNUM_ServerReqChallenge)
struct netr_ServerReqChallenge ServerReqChallenge;
CASE(NETR_OPNUM_ServerAuthenticate2)
struct netr_ServerAuthenticate2 ServerAuthenticate2;
CASE(NETR_OPNUM_SamLogon)
struct netr_SamLogon SamLogon;
CASE(NETR_OPNUM_SamLogoff)
struct netr_SamLogoff SamLogoff;
CASE(NETR_OPNUM_ServerPasswordSet)
struct netr_PasswordSet PasswordSet;
CASE(NETR_OPNUM_ServerPasswordSet2)
struct netr_PasswordSet2 PasswordSet2;
/* Special, for smb_decode_krb5_pac() */
CASE(NETR_OPNUM_decode_krb5_pac)
struct krb5_validation_info krb5pac;
};
typedef union netr_interface netr_interface_t;
EXTERNTYPEINFO(netr_interface)
#endif /* _MLSVC_NETR_NDL_ */