xref: /illumos-gate/usr/src/uts/common/smbsrv/ndl/netlogon.ndl (revision 2983dda76a6d296fdb560c88114fe41caad1b84f)
1/*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21/*
22 * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
23 * Use is subject to license terms.
24 */
25
26#ifndef _MLSVC_NETR_NDL_
27#define _MLSVC_NETR_NDL_
28
29/*
30 ***********************************************************************
31 *
32 * NetLogon RPC (NETR) interface definition.
33 *
34 ***********************************************************************
35 */
36
37#include "ndrtypes.ndl"
38
39
40#define NETR_OPNUM_UasLogon			0x00
41#define NETR_OPNUM_UasLogoff			0x01
42#define NETR_OPNUM_SamLogon			0x02
43#define NETR_OPNUM_SamLogoff			0x03
44#define NETR_OPNUM_ServerReqChallenge		0x04
45#define NETR_OPNUM_ServerAuthenticate		0x05
46#define NETR_OPNUM_ServerPasswordSet		0x06
47#define NETR_OPNUM_DatabaseDeltas		0x07
48#define NETR_OPNUM_DatabaseSync			0x08
49#define NETR_OPNUM_AccountDeltas		0x09
50#define NETR_OPNUM_AccountSync			0x0a
51#define NETR_OPNUM_GetDCName			0x0b
52#define NETR_OPNUM_LogonControl			0x0c
53#define NETR_OPNUM_GetAnyDCName			0x0d
54#define NETR_OPNUM_LogonControl2		0x0E
55#define NETR_OPNUM_ServerAuthenticate2		0x0F
56#define NETR_OPNUM_DatabaseSync2		0x10
57#define NETR_OPNUM_DatabaseRedo			0x11
58#define NETR_OPNUM_LogonControl2Ex		0x12
59#define NETR_OPNUM_TrustDomainList		0x13
60
61
62struct netr_sid {
63	BYTE		Revision;
64	BYTE		SubAuthCount;
65	BYTE		Authority[6];
66  SIZE_IS(SubAuthCount)
67	DWORD		SubAuthority[ANY_SIZE_ARRAY];
68};
69
70
71struct netr_string {
72	WORD		length;
73	WORD		allosize;
74	LPTSTR		str;
75};
76typedef struct netr_string netr_string_t;
77
78
79/*
80 * Alternative varying/conformant string definition - for
81 * non-null terminated strings. This definition must match
82 * ndr_vcbuf_t.
83 */
84struct netr_vcs {
85	/*
86	 * size_is (actually a copy of length_is) will
87	 * be inserted here by the marshalling library.
88	 */
89	DWORD vc_first_is;
90	DWORD vc_length_is;
91  SIZE_IS(vc_length_is)
92	WORD buffer[ANY_SIZE_ARRAY];
93};
94
95struct netr_vcstr {
96	WORD wclen;
97	WORD wcsize;
98	struct netr_vcs *vcs;
99};
100typedef struct netr_vcstr netr_vcstr_t;
101
102struct netr_vcb {
103	/*
104	 * size_is (actually a copy of length_is) will
105	 * be inserted here by the marshalling library.
106	 */
107	DWORD vc_first_is;
108	DWORD vc_length_is;
109  SIZE_IS(vc_length_is)
110	BYTE buffer[ANY_SIZE_ARRAY];
111};
112
113struct netr_vcbuf {
114	WORD len;
115	WORD size;
116	struct netr_vcb *vcb;
117};
118typedef struct netr_vcbuf netr_vcbuf_t;
119
120struct netr_credential {
121	BYTE data[8];
122};
123
124struct netr_authenticator {
125	struct netr_credential credential;
126	DWORD timestamp;
127};
128typedef struct netr_authenticator netr_auth_t;
129
130
131struct OLD_LARGE_INTEGER {
132	DWORD LowPart;
133	DWORD HighPart;
134};
135typedef struct OLD_LARGE_INTEGER netr_int64_t;
136
137
138struct OWF_PASSWORD {
139	BYTE data[16];
140};
141typedef struct OWF_PASSWORD netr_owf_password_t;
142
143
144struct CYPHER_BLOCK {
145	BYTE data[8];
146};
147
148
149struct USER_SESSION_KEY {
150	struct CYPHER_BLOCK data[2];
151};
152
153
154
155
156/*
157 ***********************************************************************
158 * ServerReqChallenge
159 ***********************************************************************
160 */
161ALIGN(2)
162OPERATION(NETR_OPNUM_ServerReqChallenge)
163struct netr_ServerReqChallenge {
164	IN		LPTSTR servername;
165	IN REFERENCE	LPTSTR hostname;
166	IN		struct netr_credential client_challenge;
167	OUT		struct netr_credential server_challenge;
168	OUT		DWORD status;
169};
170
171
172/*
173 ***********************************************************************
174 * ServerAuthenticate2
175 ***********************************************************************
176 */
177ALIGN(2)
178OPERATION(NETR_OPNUM_ServerAuthenticate2)
179struct netr_ServerAuthenticate2 {
180	IN		LPTSTR servername;
181	IN REFERENCE	LPTSTR account_name;
182	IN		WORD account_type;
183	IN REFERENCE	LPTSTR hostname;
184	IN		struct netr_credential client_credential;
185	OUT		struct netr_credential server_credential;
186	INOUT	DWORD negotiate_flags;
187	OUT		DWORD status;
188};
189
190
191/*
192 ***********************************************************************
193 * ServerPasswordSet
194 ***********************************************************************
195 */
196ALIGN(2)
197OPERATION(NETR_OPNUM_ServerPasswordSet)
198struct netr_PasswordSet {
199	IN		LPTSTR servername;
200	IN REFERENCE	LPTSTR account_name;
201	IN		WORD account_type;
202	IN REFERENCE	LPTSTR hostname;
203	INOUT	struct netr_authenticator auth;
204	IN		netr_owf_password_t uas_new_password;
205	OUT		DWORD status;
206};
207
208
209/*
210 ***********************************************************************
211 * SamLogon
212 ***********************************************************************
213 */
214
215/*
216 * The challenge-response data should always be 24 bytes.
217 */
218#define NETR_CR_PASSWORD_SIZE			24
219
220
221struct lm_challenge {
222	BYTE data[8];
223};
224typedef struct lm_challenge lm_challenge_t;
225
226/*
227 * Input data
228 */
229struct netr_logon_identity_info {
230	netr_vcstr_t domain_name;
231	DWORD parameter_control;
232	struct OLD_LARGE_INTEGER logon_id;
233	netr_vcstr_t username;
234	netr_vcstr_t workstation;
235};
236typedef struct netr_logon_identity_info netr_logon_id_t;
237
238
239/*
240 * Level 1: interactive logon
241 */
242struct netr_logon_info1 {
243	netr_logon_id_t identity;
244	netr_owf_password_t lm_owf_password;
245	netr_owf_password_t nt_owf_password;
246};
247
248
249/*
250 * Level 2: network logon.
251 */
252struct netr_logon_info2 {
253	netr_logon_id_t identity;
254	lm_challenge_t lm_challenge;
255	netr_vcbuf_t nt_response;
256	netr_vcbuf_t lm_response;
257};
258
259
260union netr_logon_info_u {
261	UNION_INFO_PTR(1,netr_logon_info);
262	UNION_INFO_PTR(2,netr_logon_info);
263	DEFAULT	DWORD nothing;
264};
265
266
267struct netr_login_info {
268	WORD logon_level;
269	WORD switch_value;
270  SWITCH(switch_value)
271	union netr_logon_info_u ru;
272};
273
274
275/*
276 * Output data
277 */
278struct netr_group_membership {
279	DWORD rid;
280	DWORD attributes;
281};
282
283
284struct netr_sid_and_attributes {
285	struct netr_sid *sid;
286	DWORD attributes;
287};
288
289
290struct netr_validation_info3 {
291	struct OLD_LARGE_INTEGER LogonTime;
292	struct OLD_LARGE_INTEGER LogoffTime;
293	struct OLD_LARGE_INTEGER KickOffTime;
294	struct OLD_LARGE_INTEGER PasswordLastSet;
295	struct OLD_LARGE_INTEGER PasswordCanChange;
296	struct OLD_LARGE_INTEGER PasswordMustChange;
297	netr_string_t EffectiveName;
298	netr_string_t FullName;
299	netr_string_t LogonScript;
300	netr_string_t ProfilePath;
301	netr_string_t HomeDirectory;
302	netr_string_t HomeDirectoryDrive;
303	WORD LogonCount;
304	WORD BadPasswordCount;
305	DWORD UserId;
306	DWORD PrimaryGroupId;
307	DWORD GroupCount;
308  SIZE_IS(GroupCount)
309	struct netr_group_membership *GroupIds;
310	DWORD UserFlags;
311	struct USER_SESSION_KEY UserSessionKey;
312	netr_string_t LogonServer;
313	netr_string_t LogonDomainName;
314	struct netr_sid *LogonDomainId;
315	DWORD ExpansionRoom[10];
316	DWORD SidCount;
317  SIZE_IS(SidCount)
318	struct netr_sid_and_attributes *ExtraSids;
319};
320
321
322union netr_validation_u {
323	CASE(3) struct netr_validation_info3 *info3;
324	DEFAULT	DWORD nothing;
325};
326
327
328/*
329 * This structure needs to be declared, even though it can't be used
330 * in netr_SamLogon, in order to get the appropriate size to calculate
331 * the correct fixup offsets.  If ndrgen did the right thing,
332 * netr_validation_info would be one of the out parameters. However,
333 * if we do it that way, the switch_value isn't known early enough to
334 * do the fixup calculation. So it all has to go in netr_SamLogon.
335 */
336struct netr_validation_info {
337	WORD validation_level;
338  SWITCH(validation_level)
339	union netr_validation_u ru;
340};
341
342
343/*
344 * WARNING
345 *
346 * Validation_level is really a WORD and authoritative is really a
347 * BYTE. They are declared as DWORD here due to the way things are
348 * unmarshalled. NT does not clear out the unused bytes in the
349 * DWORD so they must be cast to get the correct value.
350 */
351OPERATION(NETR_OPNUM_SamLogon)
352struct netr_SamLogon {
353	IN		LPTSTR servername;
354	IN		LPTSTR hostname;
355	IN		struct netr_authenticator *auth;
356	INOUT	struct netr_authenticator *ret_auth;
357	IN		struct netr_login_info logon_info;
358	INOUT	WORD validation_level;
359  SWITCH(validation_level)
360	OUT		union netr_validation_u ru;
361	OUT		DWORD authoritative;
362	OUT		DWORD status;
363};
364
365
366/*
367 ***********************************************************************
368 * SamLogoff
369 ***********************************************************************
370 */
371OPERATION(NETR_OPNUM_SamLogoff)
372struct netr_SamLogoff {
373	IN		LPTSTR servername;
374	IN REFERENCE	LPTSTR hostname;
375	IN		struct netr_authenticator auth;
376	INOUT	struct netr_authenticator ret_auth;
377	IN		DWORD logon_level;
378  SWITCH(logon_level)
379	IN		union netr_logon_info_u ru;
380	OUT		DWORD status;
381};
382
383
384/*
385 ***********************************************************************
386 * The NETR interface definition.
387 ***********************************************************************
388 */
389INTERFACE(0)
390union netr_interface {
391	CASE(NETR_OPNUM_ServerReqChallenge)
392		struct netr_ServerReqChallenge		ServerReqChallenge;
393	CASE(NETR_OPNUM_ServerAuthenticate2)
394		struct netr_ServerAuthenticate2		ServerAuthenticate2;
395	CASE(NETR_OPNUM_SamLogon)
396		struct netr_SamLogon			SamLogon;
397	CASE(NETR_OPNUM_SamLogoff)
398		struct netr_SamLogoff			SamLogoff;
399	CASE(NETR_OPNUM_ServerPasswordSet)
400		struct netr_PasswordSet			PasswordSet;
401};
402typedef union netr_interface netr_interface_t;
403EXTERNTYPEINFO(netr_interface)
404
405#endif /* _MLSVC_NETR_NDL_ */
406