xref: /illumos-gate/usr/src/uts/common/smbsrv/ndl/netlogon.ndl (revision d321a33cdd896e6b211d113a33698dd76e89b861)
1/*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21/*
22 * Copyright 2007 Sun Microsystems, Inc.  All rights reserved.
23 * Use is subject to license terms.
24 */
25
26#ifndef _MLSVC_NETR_NDL_
27#define _MLSVC_NETR_NDL_
28
29#pragma ident	"%Z%%M%	%I%	%E% SMI"
30
31/*
32 ***********************************************************************
33 *
34 * NetLogon RPC (NETR) interface definition.
35 *
36 ***********************************************************************
37 */
38
39#include "ndrtypes.ndl"
40
41
42#define NETR_OPNUM_SamLogon			0x02
43#define NETR_OPNUM_SamLogoff			0x03
44#define NETR_OPNUM_ServerReqChallenge		0x04
45#define NETR_OPNUM_ServerPasswordSet		0x06
46#define NETR_OPNUM_LogonControl2		0x0E
47#define NETR_OPNUM_ServerAuthenticate2		0x0F
48#define NETR_OPNUM_TrustDomainList		0x13
49
50
51struct netr_sid {
52	BYTE		Revision;
53	BYTE		SubAuthCount;
54	BYTE		Authority[6];
55  SIZE_IS(SubAuthCount)
56	DWORD		SubAuthority[ANY_SIZE_ARRAY];
57};
58
59
60struct netr_string {
61	WORD		length;
62	WORD		allosize;
63	LPTSTR		str;
64};
65typedef struct netr_string netr_string_t;
66
67
68/*
69 * Alternative varying/conformant string definition - for
70 * non-null terminated strings. This definition must match
71 * mlrpc_vcbuf_t.
72 */
73struct netr_vcb {
74	/*
75	 * size_is (actually a copy of length_is) will
76	 * be inserted here by the marshalling library.
77	 */
78	DWORD vc_first_is;
79	DWORD vc_length_is;
80  SIZE_IS(vc_length_is)
81	WORD buffer[ANY_SIZE_ARRAY];
82};
83
84struct netr_vcbuf {
85	WORD wclen;
86	WORD wcsize;
87	struct netr_vcb *vcb;
88};
89typedef struct netr_vcbuf netr_vcbuf_t;
90
91
92struct netr_credential {
93	BYTE data[8];
94};
95
96
97struct netr_authenticator {
98	struct netr_credential credential;
99	DWORD timestamp;
100};
101typedef struct netr_authenticator netr_auth_t;
102
103
104struct OLD_LARGE_INTEGER {
105	DWORD LowPart;
106	DWORD HighPart;
107};
108typedef struct OLD_LARGE_INTEGER netr_int64_t;
109
110
111struct OWF_PASSWORD {
112	BYTE data[16];
113};
114typedef struct OWF_PASSWORD netr_owf_password_t;
115
116
117struct CYPHER_BLOCK {
118	BYTE data[8];
119};
120
121
122struct USER_SESSION_KEY {
123	struct CYPHER_BLOCK data[2];
124};
125
126
127
128
129/*
130 ***********************************************************************
131 * ServerReqChallenge
132 ***********************************************************************
133 */
134ALIGN(2)
135OPERATION(NETR_OPNUM_ServerReqChallenge)
136struct netr_ServerReqChallenge {
137	IN		LPTSTR servername;
138	IN REFERENCE	LPTSTR hostname;
139	IN		struct netr_credential client_challenge;
140	OUT		struct netr_credential server_challenge;
141	OUT		DWORD status;
142};
143
144
145/*
146 ***********************************************************************
147 * ServerAuthenticate2
148 ***********************************************************************
149 */
150ALIGN(2)
151OPERATION(NETR_OPNUM_ServerAuthenticate2)
152struct netr_ServerAuthenticate2 {
153	IN		LPTSTR servername;
154	IN REFERENCE	LPTSTR account_name;
155	IN		WORD account_type;
156	IN REFERENCE	LPTSTR hostname;
157	IN		struct netr_credential client_credential;
158	OUT		struct netr_credential server_credential;
159	INOUT	DWORD negotiate_flags;
160	OUT		DWORD status;
161};
162
163
164/*
165 ***********************************************************************
166 * ServerPasswordSet
167 ***********************************************************************
168 */
169ALIGN(2)
170OPERATION(NETR_OPNUM_ServerPasswordSet)
171struct netr_PasswordSet {
172	IN		LPTSTR servername;
173	IN REFERENCE	LPTSTR account_name;
174	IN		WORD account_type;
175	IN REFERENCE	LPTSTR hostname;
176	INOUT	struct netr_authenticator auth;
177	IN		netr_owf_password_t uas_new_password;
178	OUT		DWORD status;
179};
180
181
182/*
183 ***********************************************************************
184 * SamLogon
185 ***********************************************************************
186 */
187
188/*
189 * The challenge-response data should always be 24 bytes.
190 */
191#define NETR_CR_PASSWORD_SIZE			24
192
193
194struct lm_challenge {
195	BYTE data[8];
196};
197typedef struct lm_challenge lm_challenge_t;
198
199
200struct netr_response {
201	DWORD 	length;
202	DWORD	start;
203	DWORD 	max_length;
204	BYTE	data[NETR_CR_PASSWORD_SIZE];
205};
206typedef struct netr_response netr_response_t;
207
208
209struct netr_response_desc {
210	WORD 	length;
211	WORD	max_length;
212	netr_response_t *data;
213};
214typedef struct netr_response_desc netr_response_desc_t;
215
216/*
217 * Input data
218 */
219struct netr_logon_identity_info {
220	netr_vcbuf_t domain_name;
221	DWORD parameter_control;
222	struct OLD_LARGE_INTEGER logon_id;
223	netr_vcbuf_t username;
224	netr_vcbuf_t workstation;
225};
226typedef struct netr_logon_identity_info netr_logon_id_t;
227
228
229/*
230 * Level 1: interactive logon
231 */
232struct netr_logon_info1 {
233	netr_logon_id_t identity;
234	netr_owf_password_t lm_owf_password;
235	netr_owf_password_t nt_owf_password;
236};
237
238
239/*
240 * Level 2: network logon.
241 */
242struct netr_logon_info2 {
243	netr_logon_id_t identity;
244	lm_challenge_t lm_challenge;
245	netr_response_desc_t nt_response;
246	netr_response_desc_t lm_response;
247};
248
249
250union netr_logon_info_u {
251	UNION_INFO_PTR(1,netr_logon_info);
252	UNION_INFO_PTR(2,netr_logon_info);
253	DEFAULT	DWORD nothing;
254};
255
256
257struct netr_login_info {
258	WORD logon_level;
259	WORD switch_value;
260  SWITCH(switch_value)
261	union netr_logon_info_u ru;
262};
263
264
265/*
266 * Output data
267 */
268struct netr_group_membership {
269	DWORD rid;
270	DWORD attributes;
271};
272
273
274struct netr_sid_and_attributes {
275	struct netr_sid *sid;
276	DWORD attributes;
277};
278
279
280struct netr_validation_info3 {
281	struct OLD_LARGE_INTEGER LogonTime;
282	struct OLD_LARGE_INTEGER LogoffTime;
283	struct OLD_LARGE_INTEGER KickOffTime;
284	struct OLD_LARGE_INTEGER PasswordLastSet;
285	struct OLD_LARGE_INTEGER PasswordCanChange;
286	struct OLD_LARGE_INTEGER PasswordMustChange;
287	netr_string_t EffectiveName;
288	netr_string_t FullName;
289	netr_string_t LogonScript;
290	netr_string_t ProfilePath;
291	netr_string_t HomeDirectory;
292	netr_string_t HomeDirectoryDrive;
293	WORD LogonCount;
294	WORD BadPasswordCount;
295	DWORD UserId;
296	DWORD PrimaryGroupId;
297	DWORD GroupCount;
298  SIZE_IS(GroupCount)
299	struct netr_group_membership *GroupIds;
300	DWORD UserFlags;
301	struct USER_SESSION_KEY UserSessionKey;
302	netr_string_t LogonServer;
303	netr_string_t LogonDomainName;
304	struct netr_sid *LogonDomainId;
305	DWORD ExpansionRoom[10];
306	DWORD SidCount;
307  SIZE_IS(SidCount)
308	struct netr_sid_and_attributes *ExtraSids;
309};
310
311
312union netr_validation_u {
313	CASE(3) struct netr_validation_info3 *info3;
314	DEFAULT	DWORD nothing;
315};
316
317
318/*
319 * This structure needs to be declared, even though it can't be used
320 * in netr_SamLogon, in order to get the appropriate size to calculate
321 * the correct fixup offsets.  If ndrgen did the right thing,
322 * netr_validation_info would be one of the out parameters. However,
323 * if we do it that way, the switch_value isn't known early enough to
324 * do the fixup calculation. So it all has to go in netr_SamLogon.
325 */
326struct netr_validation_info {
327	WORD validation_level;
328  SWITCH(validation_level)
329	union netr_validation_u ru;
330};
331
332
333/*
334 * WARNING
335 *
336 * Validation_level is really a WORD and authoritative is really a
337 * BYTE. They are declared as DWORD here due to the way things are
338 * unmarshalled. NT does not clear out the unused bytes in the
339 * DWORD so they must be cast to get the correct value.
340 */
341OPERATION(NETR_OPNUM_SamLogon)
342struct netr_SamLogon {
343	IN		LPTSTR servername;
344	IN		LPTSTR hostname;
345	IN		struct netr_authenticator *auth;
346	INOUT	struct netr_authenticator *ret_auth;
347	IN		struct netr_login_info logon_info;
348	INOUT	WORD validation_level;
349  SWITCH(validation_level)
350	OUT		union netr_validation_u ru;
351	OUT		DWORD authoritative;
352	OUT		DWORD status;
353};
354
355
356/*
357 ***********************************************************************
358 * SamLogoff
359 ***********************************************************************
360 */
361OPERATION(NETR_OPNUM_SamLogoff)
362struct netr_SamLogoff {
363	IN		LPTSTR servername;
364	IN REFERENCE	LPTSTR hostname;
365	IN		struct netr_authenticator auth;
366	INOUT	struct netr_authenticator ret_auth;
367	IN		DWORD logon_level;
368  SWITCH(logon_level)
369	IN		union netr_logon_info_u ru;
370	OUT		DWORD status;
371};
372
373
374/*
375 ***********************************************************************
376 * The NETR interface definition.
377 ***********************************************************************
378 */
379INTERFACE(0)
380union netr_interface {
381	CASE(NETR_OPNUM_ServerReqChallenge)
382		struct netr_ServerReqChallenge		ServerReqChallenge;
383	CASE(NETR_OPNUM_ServerAuthenticate2)
384		struct netr_ServerAuthenticate2		ServerAuthenticate2;
385	CASE(NETR_OPNUM_SamLogon)
386		struct netr_SamLogon			SamLogon;
387	CASE(NETR_OPNUM_SamLogoff)
388		struct netr_SamLogoff			SamLogoff;
389	CASE(NETR_OPNUM_ServerPasswordSet)
390		struct netr_PasswordSet			PasswordSet;
391};
392typedef union netr_interface netr_interface_t;
393EXTERNTYPEINFO(netr_interface)
394
395#endif /* _MLSVC_NETR_NDL_ */
396