/* * CDDL HEADER START * * The contents of this file are subject to the terms of the * Common Development and Distribution License (the "License"). * You may not use this file except in compliance with the License. * * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE * or http://www.opensolaris.org/os/licensing. * See the License for the specific language governing permissions * and limitations under the License. * * When distributing Covered Code, include this CDDL HEADER in each * file and include the License file at usr/src/OPENSOLARIS.LICENSE. * If applicable, add the following below this CDDL HEADER, with the * fields enclosed by brackets "[]" replaced with your own identifying * information: Portions Copyright [yyyy] [name of copyright owner] * * CDDL HEADER END */ /* * Copyright 2008 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. * * Copyright 2018 Nexenta Systems, Inc. All rights reserved. */ #ifndef _MLSVC_NETR_NDL_ #define _MLSVC_NETR_NDL_ /* *********************************************************************** * * NetLogon RPC (NETR) interface definition. * *********************************************************************** */ #include #define NETR_OPNUM_UasLogon 0x00 #define NETR_OPNUM_UasLogoff 0x01 #define NETR_OPNUM_SamLogon 0x02 #define NETR_OPNUM_SamLogoff 0x03 #define NETR_OPNUM_ServerReqChallenge 0x04 #define NETR_OPNUM_ServerAuthenticate 0x05 #define NETR_OPNUM_ServerPasswordSet 0x06 #define NETR_OPNUM_DatabaseDeltas 0x07 #define NETR_OPNUM_DatabaseSync 0x08 #define NETR_OPNUM_AccountDeltas 0x09 #define NETR_OPNUM_AccountSync 0x0a #define NETR_OPNUM_GetDCName 0x0b #define NETR_OPNUM_LogonControl 0x0c #define NETR_OPNUM_GetAnyDCName 0x0d #define NETR_OPNUM_LogonControl2 0x0E #define NETR_OPNUM_ServerAuthenticate2 0x0F #define NETR_OPNUM_DatabaseSync2 0x10 #define NETR_OPNUM_DatabaseRedo 0x11 #define NETR_OPNUM_LogonControl2Ex 0x12 #define NETR_OPNUM_TrustDomainList 0x13 #define NETR_OPNUM_DsrGetDcName 0x14 #define NETR_OPNUM_LogonGetCapabilities 0x15 #define NETR_OPNUM_LogonSetServiceBits 0x16 #define NETR_OPNUM_LogonGetTrustRid 0x17 #define NETR_OPNUM_LogonComputeServerDigest 0x18 #define NETR_OPNUM_LogonComputeClientDigest 0x19 #define NETR_OPNUM_ServerAuthenticate3 0x1A #define NETR_OPNUM_DsrGetDcNameEx 0x1B #define NETR_OPNUM_DsrGetSiteName 0x1C #define NETR_OPNUM_LogonGetDomainInfo 0x1D #define NETR_OPNUM_ServerPasswordSet2 0x1E /* * This is not a real NETR OPNUM. It's used to unpack the * struct krb5_validation_info found in the Kerberos PAC. */ #define NETR_OPNUM_decode_krb5_pac 1000 struct netr_sid { BYTE Revision; BYTE SubAuthCount; BYTE Authority[6]; SIZE_IS(SubAuthCount) DWORD SubAuthority[ANY_SIZE_ARRAY]; }; struct netr_string { WORD length; WORD allosize; LPTSTR str; }; typedef struct netr_string netr_string_t; /* * Alternative varying/conformant string definition - for * non-null terminated strings. This definition must match * ndr_vcbuf_t. */ struct netr_vcs { /* * size_is (actually a copy of length_is) will * be inserted here by the marshalling library. */ DWORD vc_first_is; DWORD vc_length_is; SIZE_IS(vc_length_is) WORD buffer[ANY_SIZE_ARRAY]; }; struct netr_vcstr { WORD wclen; WORD wcsize; struct netr_vcs *vcs; }; typedef struct netr_vcstr netr_vcstr_t; struct netr_vcb { /* * size_is (actually a copy of length_is) will * be inserted here by the marshalling library. */ DWORD vc_first_is; DWORD vc_length_is; SIZE_IS(vc_length_is) BYTE buffer[ANY_SIZE_ARRAY]; }; struct netr_vcbuf { WORD len; WORD size; struct netr_vcb *vcb; }; typedef struct netr_vcbuf netr_vcbuf_t; struct netr_credential { BYTE data[8]; }; struct netr_authenticator { struct netr_credential credential; DWORD timestamp; }; typedef struct netr_authenticator netr_auth_t; struct OLD_LARGE_INTEGER { DWORD LowPart; DWORD HighPart; }; typedef struct OLD_LARGE_INTEGER netr_int64_t; struct CYPHER_BLOCK { BYTE data[8]; }; struct OWF_PASSWORD { BYTE data[16]; }; typedef struct OWF_PASSWORD netr_owf_password_t; /* * NL_TRUST_PASSWORD * See also: samr_user_password */ #define NETR_TRUST_PWLEN 256 struct netr_trust_password { WORD Buffer[NETR_TRUST_PWLEN]; DWORD Length; }; typedef struct netr_trust_password netr_trust_password_t; struct USER_SESSION_KEY { struct CYPHER_BLOCK data[2]; }; /* *********************************************************************** * ServerReqChallenge *********************************************************************** */ ALIGN(2) OPERATION(NETR_OPNUM_ServerReqChallenge) struct netr_ServerReqChallenge { IN LPTSTR servername; IN REFERENCE LPTSTR hostname; IN struct netr_credential client_challenge; OUT struct netr_credential server_challenge; OUT DWORD status; }; /* *********************************************************************** * ServerAuthenticate2 *********************************************************************** */ ALIGN(2) OPERATION(NETR_OPNUM_ServerAuthenticate2) struct netr_ServerAuthenticate2 { IN LPTSTR servername; IN REFERENCE LPTSTR account_name; IN WORD account_type; IN REFERENCE LPTSTR hostname; IN struct netr_credential client_credential; OUT struct netr_credential server_credential; INOUT DWORD negotiate_flags; OUT DWORD status; }; /* *********************************************************************** * ServerPasswordSet *********************************************************************** */ ALIGN(2) OPERATION(NETR_OPNUM_ServerPasswordSet) struct netr_PasswordSet { IN LPTSTR servername; IN REFERENCE LPTSTR account_name; IN WORD sec_chan_type; IN REFERENCE LPTSTR hostname; INOUT struct netr_authenticator auth; IN netr_owf_password_t owf_password; OUT DWORD status; }; OPERATION(NETR_OPNUM_ServerPasswordSet2) struct netr_PasswordSet2 { IN LPTSTR servername; IN REFERENCE LPTSTR account_name; IN WORD sec_chan_type; IN REFERENCE LPTSTR hostname; INOUT struct netr_authenticator auth; IN netr_trust_password_t trust_password; OUT DWORD status; }; /* *********************************************************************** * SamLogon *********************************************************************** */ /* * The challenge-response data should always be 24 bytes. */ #define NETR_CR_PASSWORD_SIZE 24 struct lm_challenge { BYTE data[8]; }; typedef struct lm_challenge lm_challenge_t; /* * Input data */ struct netr_logon_identity_info { netr_vcstr_t domain_name; DWORD parameter_control; struct OLD_LARGE_INTEGER logon_id; netr_vcstr_t username; netr_vcstr_t workstation; }; typedef struct netr_logon_identity_info netr_logon_id_t; /* * Level 1: interactive logon */ struct netr_logon_info1 { netr_logon_id_t identity; netr_owf_password_t lm_owf_password; netr_owf_password_t nt_owf_password; }; /* * Level 2: network logon. */ struct netr_logon_info2 { netr_logon_id_t identity; lm_challenge_t lm_challenge; netr_vcbuf_t nt_response; netr_vcbuf_t lm_response; }; union netr_logon_info_u { UNION_INFO_PTR(1,netr_logon_info); UNION_INFO_PTR(2,netr_logon_info); DEFAULT DWORD nothing; }; struct netr_login_info { WORD logon_level; WORD switch_value; SWITCH(switch_value) union netr_logon_info_u ru; }; /* * Output data */ struct netr_group_membership { DWORD rid; DWORD attributes; }; struct netr_sid_and_attributes { struct netr_sid *sid; DWORD attributes; }; struct netr_validation_info3 { struct OLD_LARGE_INTEGER LogonTime; struct OLD_LARGE_INTEGER LogoffTime; struct OLD_LARGE_INTEGER KickOffTime; struct OLD_LARGE_INTEGER PasswordLastSet; struct OLD_LARGE_INTEGER PasswordCanChange; struct OLD_LARGE_INTEGER PasswordMustChange; netr_string_t EffectiveName; netr_string_t FullName; netr_string_t LogonScript; netr_string_t ProfilePath; netr_string_t HomeDirectory; netr_string_t HomeDirectoryDrive; WORD LogonCount; WORD BadPasswordCount; DWORD UserId; DWORD PrimaryGroupId; DWORD GroupCount; SIZE_IS(GroupCount) struct netr_group_membership *GroupIds; DWORD UserFlags; struct USER_SESSION_KEY UserSessionKey; netr_string_t LogonServer; netr_string_t LogonDomainName; struct netr_sid *LogonDomainId; DWORD ExpansionRoom[10]; DWORD SidCount; SIZE_IS(SidCount) struct netr_sid_and_attributes *ExtraSids; }; /* NETR_OPNUM_decode_krb5_pac */ struct krb5_validation_info { struct netr_validation_info3 info3; /* Kerberos PAC "resource group" stuff. */ struct netr_sid *rg_dom_sid; DWORD rg_rid_cnt; SIZE_IS(rg_rid_cnt) struct netr_group_membership *rg_rids; }; union netr_validation_u { CASE(3) struct netr_validation_info3 *info3; DEFAULT DWORD nothing; }; /* * This structure needs to be declared, even though it can't be used * in netr_SamLogon, in order to get the appropriate size to calculate * the correct fixup offsets. If ndrgen did the right thing, * netr_validation_info would be one of the out parameters. However, * if we do it that way, the switch_value isn't known early enough to * do the fixup calculation. So it all has to go in netr_SamLogon. */ struct netr_validation_info { WORD validation_level; SWITCH(validation_level) union netr_validation_u ru; }; /* * WARNING * * Validation_level is really a WORD and authoritative is really a * BYTE. They are declared as DWORD here due to the way things are * unmarshalled. NT does not clear out the unused bytes in the * DWORD so they must be cast to get the correct value. */ ALIGN(2) OPERATION(NETR_OPNUM_SamLogon) struct netr_SamLogon { IN LPTSTR servername; IN LPTSTR hostname; IN struct netr_authenticator *auth; INOUT struct netr_authenticator *ret_auth; IN struct netr_login_info logon_info; INOUT WORD validation_level; SWITCH(validation_level) OUT union netr_validation_u ru; OUT DWORD authoritative; OUT DWORD status; }; /* *********************************************************************** * SamLogoff *********************************************************************** */ OPERATION(NETR_OPNUM_SamLogoff) struct netr_SamLogoff { IN LPTSTR servername; IN REFERENCE LPTSTR hostname; IN struct netr_authenticator auth; INOUT struct netr_authenticator ret_auth; IN DWORD logon_level; SWITCH(logon_level) IN union netr_logon_info_u ru; OUT DWORD status; }; /* *********************************************************************** * The NETR interface definition. *********************************************************************** */ INTERFACE(0) union netr_interface { CASE(NETR_OPNUM_ServerReqChallenge) struct netr_ServerReqChallenge ServerReqChallenge; CASE(NETR_OPNUM_ServerAuthenticate2) struct netr_ServerAuthenticate2 ServerAuthenticate2; CASE(NETR_OPNUM_SamLogon) struct netr_SamLogon SamLogon; CASE(NETR_OPNUM_SamLogoff) struct netr_SamLogoff SamLogoff; CASE(NETR_OPNUM_ServerPasswordSet) struct netr_PasswordSet PasswordSet; CASE(NETR_OPNUM_ServerPasswordSet2) struct netr_PasswordSet2 PasswordSet2; /* Special, for smb_decode_krb5_pac() */ CASE(NETR_OPNUM_decode_krb5_pac) struct krb5_validation_info krb5pac; }; typedef union netr_interface netr_interface_t; EXTERNTYPEINFO(netr_interface) #endif /* _MLSVC_NETR_NDL_ */