search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
ctdb-tests: Update statd-callout tests to handle both modes
[samba4-gss.git] / source3 / librpc / idl / secrets.idl
blob2c06fa6990dbfba9de15174f57b048fbebb14ca1
1 #include "idl_types.h"
2
3 import "misc.idl", "samr.idl", "lsa.idl", "netlogon.idl", "security.idl";
4
5 /*
6 IDL structures for secrets code
7 */
8
9 [
10 pointer_default(unique)
11 ]
12 interface secrets
13 {
14
15 /*
16 * s3 on-disc storage structure for trusted domains, do not change !
17 */
18
19 typedef [flag(NDR_NOALIGN),public] struct {
20 [value(strlen_m_term(uni_name))] uint32 uni_name_len;
21 [charset(UTF16)] uint16 uni_name[32]; /* unicode domain name */
22 [value(strlen(pass))] uint32 pass_len;
23 astring pass; /* trust relationship's password */
24 time_t mod_time;
25 dom_sid domain_sid; /* remote domain's sid */
26 } TRUSTED_DOM_PASS;
27
28 /*
29 * s3 on-disc storage structure for lsa secrets, do not change !
30 */
31
32 typedef [public] struct {
33 DATA_BLOB *secret_current;
34 NTTIME secret_current_lastchange;
35 DATA_BLOB *secret_old;
36 NTTIME secret_old_lastchange;
37 security_descriptor *sd;
38 } lsa_secret;
39
40 /*
41 * This is the on-disc format the workstation trust.
42 *
43 * DO NOT CHANGE
44 * without changing secrets_domain_info_version
45 * and adding glue code. Discuss on samba-technical
46 * first!
47 */
48 typedef struct {
49 uint32 keytype;
50 uint32 iteration_count;
51 [flag(NDR_SECRET)] DATA_BLOB value;
52 } secrets_domain_info1_kerberos_key;
53
54 typedef struct {
55 NTTIME change_time;
56 [string,charset(UTF16)] uint16 change_server[];
57
58 [flag(NDR_SECRET)] DATA_BLOB cleartext_blob;
59 [flag(NDR_SECRET)] samr_Password nt_hash;
60
61 [string,charset(UTF16)] uint16 *salt_data;
62 uint32 default_iteration_count;
63 uint16 num_keys;
64 secrets_domain_info1_kerberos_key keys[num_keys];
65 } secrets_domain_info1_password;
66
67 typedef struct {
68 NTSTATUS local_status;
69 NTSTATUS remote_status;
70 NTTIME change_time;
71 [string,charset(UTF16)] uint16 change_server[];
72 [ref] secrets_domain_info1_password *password;
73 } secrets_domain_info1_change;
74
75 typedef [public] struct {
76 [value(0)] hyper reserved_flags;
77
78 NTTIME join_time;
79
80 [string,charset(UTF16)] uint16 computer_name[];
81 [string,charset(UTF16)] uint16 account_name[];
82 netr_SchannelType secure_channel_type;
83
84 lsa_DnsDomainInfo domain_info;
85 netr_TrustFlags trust_flags;
86 lsa_TrustType trust_type;
87 lsa_TrustAttributes trust_attributes;
88
89 /*
90 * This is unused currently, it might
91 * be useful to implement multi-tenancy (joining multiple domains)
92 * in future.
93 *
94 * Or we could use it to do other filtering of domains.
95 */
96 [value(NULL)] lsa_ForestTrustInformation *reserved_routing;
97
98 kerb_EncTypes supported_enc_types;
99 [string,charset(UTF16)] uint16 *salt_principal;
100
101 NTTIME password_last_change;
102 hyper password_changes;
103 secrets_domain_info1_change *next_change;
104
105 [ref] secrets_domain_info1_password *password;
106 secrets_domain_info1_password *old_password;
107 secrets_domain_info1_password *older_password;
108 } secrets_domain_info1;
109
110 typedef [v1_enum] enum {
111 SECRETS_DOMAIN_INFO_VERSION_1 = 0x00000001
112 } secrets_domain_info_version;
113
114 /*
115 * If we ever need to change this we need to
116 * change secrets_domain_info into
117 * secrets_domain_info_v1
118 */
119 typedef union {
120 [case(SECRETS_DOMAIN_INFO_VERSION_1)]
121 secrets_domain_info1 *info1;
122 [default];
123 } secrets_domain_infoU;
124
125 typedef [public] struct {
126 secrets_domain_info_version version;
127 [value(0)] uint32 reserved;
128 [switch_is(version)] secrets_domain_infoU info;
129 } secrets_domain_infoB;
130 }
131
GSS-enabled samba4