1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright 2007 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 26 #ifndef _SMBSRV_NETRAUTH_H 27 #define _SMBSRV_NETRAUTH_H 28 29 #pragma ident "%Z%%M% %I% %E% SMI" 30 31 32 /* 33 * Interface definitions for the NETR remote authentication and logon 34 * services. 35 */ 36 37 #include <sys/types.h> 38 #include <smbsrv/wintypes.h> 39 #include <smbsrv/mlsvc.h> 40 41 #ifndef _KERNEL 42 #include <syslog.h> 43 #endif /* _KERNEL */ 44 45 #ifdef __cplusplus 46 extern "C" { 47 #endif 48 49 /* 50 * See also netlogon.ndl. 51 */ 52 #define NETR_WKSTA_TRUST_ACCOUNT_TYPE 0x02 53 #define NETR_DOMAIN_TRUST_ACCOUNT_TYPE 0x04 54 55 /* 56 * Negotiation flags for challenge/response authentication. 57 * The extra flag (0x40000000) was added in SP4. 58 */ 59 #define NETR_NEGOTIATE_FLAGS 0x000001FF 60 #define NETR_NEGOTIATE_SP4_FLAG 0x40000000 61 62 #define NETR_SESSION_KEY_SZ 8 63 #define NETR_CRED_DATA_SZ 8 64 #define NETR_OWF_PASSWORD_SZ 16 65 66 67 /* 68 * SAM logon levels: interactive and network. 69 */ 70 #define NETR_INTERACTIVE_LOGON 0x01 71 #define NETR_NETWORK_LOGON 0x02 72 73 74 /* 75 * SAM logon validation levels. 76 */ 77 #define NETR_VALIDATION_LEVEL3 0x03 78 79 80 /* 81 * This is a duplicate of the netr_credential 82 * from netlogon.ndl. 83 */ 84 typedef struct netr_cred { 85 BYTE data[NETR_CRED_DATA_SZ]; 86 } netr_cred_t; 87 88 89 90 #define NETR_FLG_NULL 0x00000001 91 #define NETR_FLG_VALID 0x00000001 92 #define NETR_FLG_INIT 0x00000002 93 94 95 typedef struct netr_info { 96 DWORD flags; 97 char server[MLSVC_DOMAIN_NAME_MAX * 2]; 98 char hostname[MLSVC_DOMAIN_NAME_MAX * 2]; 99 netr_cred_t client_challenge; 100 netr_cred_t server_challenge; 101 netr_cred_t client_credential; 102 netr_cred_t server_credential; 103 BYTE session_key[NETR_SESSION_KEY_SZ]; 104 BYTE password[MLSVC_MACHINE_ACCT_PASSWD_MAX]; 105 time_t timestamp; 106 } netr_info_t; 107 108 /* 109 * netr_client_t flags 110 * 111 * NETR_CFLG_ANON Anonymous connection 112 * NETR_CFLG_LOCAL Local user 113 * NETR_CFLG_DOMAIN Domain user 114 */ 115 #define NETR_CFLG_ANON 0x01 116 #define NETR_CFLG_LOCAL 0x02 117 #define NETR_CFLG_DOMAIN 0x04 118 119 120 typedef struct netr_client { 121 uint16_t logon_level; 122 char *username; 123 char *domain; 124 char *workstation; 125 uint32_t ipaddr; 126 struct { 127 uint32_t challenge_key_len; 128 uint8_t *challenge_key_val; 129 } challenge_key; 130 struct { 131 uint32_t nt_password_len; 132 uint8_t *nt_password_val; 133 } nt_password; 134 struct { 135 uint32_t lm_password_len; 136 uint8_t *lm_password_val; 137 } lm_password; 138 uint32_t logon_id; 139 int native_os; 140 int native_lm; 141 uint32_t local_ipaddr; 142 uint16_t local_port; 143 uint32_t flags; 144 } netr_client_t; 145 146 147 /* 148 * NETLOGON private interface. 149 */ 150 int netr_gen_session_key(netr_info_t *netr_info); 151 152 int netr_gen_credentials(BYTE *session_key, netr_cred_t *challenge, 153 DWORD timestamp, netr_cred_t *out_cred); 154 155 156 #define NETR_A2H(c) (isdigit(c)) ? ((c) - '0') : ((c) - 'A' + 10) 157 158 #ifdef __cplusplus 159 } 160 #endif 161 162 #endif /* _SMBSRV_NETRAUTH_H */ 163