/*
Unix SMB/CIFS implementation.
SMB parameters and setup
- Copyright (C) Andrew Tridgell 1992-1997
- Copyright (C) Luke Kenneth Casson Leighton 1996-1997
- Copyright (C) Paul Ashton 1997
+ Copyright (C) Andrew Tridgell 1992-1997
+ Copyright (C) Luke Kenneth Casson Leighton 1996-1997
+ Copyright (C) Paul Ashton 1997
+ Copyright (C) Gerald (Jerry) Carter 2005
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
#ifndef _RPC_LSA_H /* _RPC_LSA_H */
#define _RPC_LSA_H
-#include "rpc_misc.h"
-
/* Opcodes available on PIPE_LSARPC */
#if 0 /* UNIMPLEMENTED */
#define LSA_CLEARAUDITLOG 0x09
#define LSA_CREATEACCOUNT 0x0a
#define LSA_ENUM_ACCOUNTS 0x0b
-#define LSA_CREATETRUSTDOM 0x0c
+#define LSA_CREATETRUSTDOM 0x0c /* TODO: implement this one -- jerry */
#define LSA_ENUMTRUSTDOM 0x0d
#define LSA_LOOKUPNAMES 0x0e
#define LSA_LOOKUPSIDS 0x0f
-#define LSA_CREATESECRET 0x10
+#define LSA_CREATESECRET 0x10 /* TODO: implement this one -- jerry */
#define LSA_OPENACCOUNT 0x11
#define LSA_ENUMPRIVSACCOUNT 0x12
#define LSA_ADDPRIVS 0x13
#define LSA_SETQUOTAS 0x16
#define LSA_GETSYSTEMACCOUNT 0x17
#define LSA_SETSYSTEMACCOUNT 0x18
-#define LSA_OPENTRUSTDOM 0x19
-#define LSA_QUERYTRUSTDOM 0x1a
+#define LSA_OPENTRUSTDOM 0x19 /* TODO: implement this one -- jerry */
+#define LSA_QUERYTRUSTDOMINFO 0x1a
#define LSA_SETINFOTRUSTDOM 0x1b
-#define LSA_OPENSECRET 0x1c
-#define LSA_SETSECRET 0x1d
+#define LSA_OPENSECRET 0x1c /* TODO: implement this one -- jerry */
+#define LSA_SETSECRET 0x1d /* TODO: implement this one -- jerry */
#define LSA_QUERYSECRET 0x1e
#define LSA_LOOKUPPRIVVALUE 0x1f
#define LSA_LOOKUPPRIVNAME 0x20
#define LSA_PRIV_GET_DISPNAME 0x21
-#define LSA_DELETEOBJECT 0x22
-#define LSA_ENUMACCTWITHRIGHT 0x23
+#define LSA_DELETEOBJECT 0x22 /* TODO: implement this one -- jerry */
+#define LSA_ENUMACCTWITHRIGHT 0x23 /* TODO: implement this one -- jerry */
#define LSA_ENUMACCTRIGHTS 0x24
#define LSA_ADDACCTRIGHTS 0x25
#define LSA_REMOVEACCTRIGHTS 0x26
-#define LSA_QUERYTRUSTDOMINFO 0x27
+#define LSA_QUERYTRUSTDOMINFOBYSID 0x27
#define LSA_SETTRUSTDOMINFO 0x28
#define LSA_DELETETRUSTDOM 0x29
#define LSA_STOREPRIVDATA 0x2a
#define LSA_OPENPOLICY2 0x2c
#define LSA_UNK_GET_CONNUSER 0x2d /* LsaGetConnectedCredentials ? */
#define LSA_QUERYINFO2 0x2e
+#define LSA_QUERYTRUSTDOMINFOBYNAME 0x30
+#define LSA_OPENTRUSTDOMBYNAME 0x37
/* XXXX these are here to get a compile! */
#define LSA_LOOKUPRIDS 0xFD
NTSTATUS status;
} LSA_R_QUERY_INFO2;
-/* LSA_Q_ENUM_TRUST_DOM - LSA enumerate trusted domains */
-typedef struct lsa_enum_trust_dom_info
-{
- POLICY_HND pol; /* policy handle */
- uint32 enum_context; /* enumeration context handle */
- uint32 preferred_len; /* preferred maximum length */
+/*******************************************************/
+typedef struct {
+ POLICY_HND pol;
+ uint32 enum_context;
+ uint32 preferred_len; /* preferred maximum length */
} LSA_Q_ENUM_TRUST_DOM;
-/* LSA_R_ENUM_TRUST_DOM - response to LSA enumerate trusted domains */
-typedef struct lsa_r_enum_trust_dom_info
-{
- uint32 enum_context; /* enumeration context handle */
- uint32 num_domains; /* number of domains */
- uint32 ptr_enum_domains; /* buffer pointer to num domains */
-
- /* this lot is only added if ptr_enum_domains is non-NULL */
- uint32 num_domains2; /* number of domains */
- UNIHDR2 *hdr_domain_name;
- UNISTR2 *uni_domain_name;
- DOM_SID2 *domain_sid;
+typedef struct {
+ UNISTR4 name;
+ DOM_SID2 *sid;
+} DOMAIN_INFO;
- NTSTATUS status; /* return code */
+typedef struct {
+ uint32 count;
+ DOMAIN_INFO *domains;
+} DOMAIN_LIST;
+typedef struct {
+ uint32 enum_context;
+ uint32 count;
+ DOMAIN_LIST *domlist;
+ NTSTATUS status;
} LSA_R_ENUM_TRUST_DOM;
+/*******************************************************/
+
/* LSA_Q_CLOSE */
typedef struct lsa_q_close_info
{
POLICY_HND pol; /* policy handle */
LSA_SID_ENUM sids;
LSA_TRANS_NAME_ENUM names;
- LOOKUP_LEVEL level;
+ uint16 level;
uint32 mapped_count;
} LSA_Q_LOOKUP_SIDS;
NTSTATUS status; /* return code */
} LSA_R_LOOKUP_NAMES;
-/* This is probably a policy handle but at the moment we
- never read it - so use a dummy struct. */
-
-typedef struct lsa_q_open_secret
-{
- uint32 dummy;
-} LSA_Q_OPEN_SECRET;
-
-/* We always return "not found" at present - so just marshal the minimum. */
-
-typedef struct lsa_r_open_secret
-{
- uint32 dummy1;
- uint32 dummy2;
- uint32 dummy3;
- uint32 dummy4;
- NTSTATUS status;
-} LSA_R_OPEN_SECRET;
-
typedef struct lsa_enum_priv_entry
{
UNIHDR hdr_name;
typedef struct
{
uint32 count;
- UNISTR2_ARRAY rights;
+ UNISTR4_ARRAY *rights;
NTSTATUS status;
} LSA_R_ENUM_ACCT_RIGHTS;
{
POLICY_HND pol; /* policy handle */
DOM_SID2 sid;
- UNISTR2_ARRAY rights;
uint32 count;
+ UNISTR4_ARRAY *rights;
} LSA_Q_ADD_ACCT_RIGHTS;
/* LSA_R_ADD_ACCT_RIGHTS - LSA add account rights */
POLICY_HND pol; /* policy handle */
DOM_SID2 sid;
uint32 removeall;
- UNISTR2_ARRAY rights;
uint32 count;
+ UNISTR4_ARRAY *rights;
} LSA_Q_REMOVE_ACCT_RIGHTS;
/* LSA_R_REMOVE_ACCT_RIGHTS - LSA remove account rights */
NTSTATUS status;
} LSA_R_SETSYSTEMACCOUNT;
+typedef struct {
+ UNIHDR hdr;
+ UNISTR2 unistring;
+} LSA_STRING;
-typedef struct lsa_q_lookupprivvalue
-{
+typedef struct {
POLICY_HND pol; /* policy handle */
- UNIHDR hdr_right;
- UNISTR2 uni2_right;
-} LSA_Q_LOOKUPPRIVVALUE;
+ LSA_STRING privname;
+} LSA_Q_LOOKUP_PRIV_VALUE;
-typedef struct lsa_r_lookupprivvalue
-{
+typedef struct {
LUID luid;
NTSTATUS status;
-} LSA_R_LOOKUPPRIVVALUE;
-
+} LSA_R_LOOKUP_PRIV_VALUE;
typedef struct lsa_q_addprivs
{
NTSTATUS status;
} LSA_R_REMOVEPRIVS;
+/*******************************************************/
+#if 0 /* jerry, I think this not correct - gd */
+typedef struct {
+ POLICY_HND handle;
+ uint32 count; /* ??? this is what ethereal calls it */
+ DOM_SID sid;
+} LSA_Q_OPEN_TRUSTED_DOMAIN;
+#endif
+
+/* LSA_Q_OPEN_TRUSTED_DOMAIN - LSA Query Open Trusted Domain */
+typedef struct lsa_q_open_trusted_domain
+{
+ POLICY_HND pol; /* policy handle */
+ DOM_SID2 sid; /* domain sid */
+ uint32 access_mask; /* access mask */
+
+} LSA_Q_OPEN_TRUSTED_DOMAIN;
+
+/* LSA_R_OPEN_TRUSTED_DOMAIN - response to LSA Query Open Trusted Domain */
+typedef struct {
+ POLICY_HND handle; /* trustdom policy handle */
+ NTSTATUS status; /* return code */
+} LSA_R_OPEN_TRUSTED_DOMAIN;
+
+
+/*******************************************************/
+
+typedef struct {
+ POLICY_HND handle;
+ UNISTR4 secretname;
+ uint32 access;
+} LSA_Q_OPEN_SECRET;
+
+typedef struct {
+ POLICY_HND handle;
+ NTSTATUS status;
+} LSA_R_OPEN_SECRET;
+
+
+/*******************************************************/
+
+typedef struct {
+ POLICY_HND handle;
+} LSA_Q_DELETE_OBJECT;
+
+typedef struct {
+ NTSTATUS status;
+} LSA_R_DELETE_OBJECT;
+
+
+/*******************************************************/
+
+typedef struct {
+ POLICY_HND handle;
+ UNISTR4 secretname;
+ uint32 access;
+} LSA_Q_CREATE_SECRET;
+
+typedef struct {
+ POLICY_HND handle;
+ NTSTATUS status;
+} LSA_R_CREATE_SECRET;
+
+
+/*******************************************************/
+
+typedef struct {
+ POLICY_HND handle;
+ UNISTR4 secretname;
+ uint32 access;
+} LSA_Q_CREATE_TRUSTED_DOMAIN;
+
+typedef struct {
+ POLICY_HND handle;
+ NTSTATUS status;
+} LSA_R_CREATE_TRUSTED_DOMAIN;
+
+
+/*******************************************************/
+
+typedef struct {
+ uint32 size; /* size is written on the wire twice so I
+ can only assume that one is supposed to
+ be a max length and one is a size */
+ UNISTR2 *data; /* not really a UNICODE string but the parsing
+ is the same */
+} LSA_DATA_BLOB;
+
+typedef struct {
+ POLICY_HND handle;
+ LSA_DATA_BLOB *old_value;
+ LSA_DATA_BLOB *new_value;
+} LSA_Q_SET_SECRET;
+
+typedef struct {
+ NTSTATUS status;
+} LSA_R_SET_SECRET;
+
+/* LSA_Q_QUERY_TRUSTED_DOMAIN_INFO - LSA query trusted domain info */
+typedef struct lsa_query_trusted_domain_info
+{
+ POLICY_HND pol; /* policy handle */
+ uint16 info_class; /* info class */
+
+} LSA_Q_QUERY_TRUSTED_DOMAIN_INFO;
+
+/* LSA_Q_QUERY_TRUSTED_DOMAIN_INFO_BY_SID - LSA query trusted domain info */
+typedef struct lsa_query_trusted_domain_info_by_sid
+{
+ POLICY_HND pol; /* policy handle */
+ DOM_SID2 dom_sid; /* domain sid */
+ uint16 info_class; /* info class */
+
+} LSA_Q_QUERY_TRUSTED_DOMAIN_INFO_BY_SID;
+
+/* LSA_Q_QUERY_TRUSTED_DOMAIN_INFO_BY_NAME - LSA query trusted domain info */
+typedef struct lsa_query_trusted_domain_info_by_name
+{
+ POLICY_HND pol; /* policy handle */
+ LSA_STRING domain_name; /* domain name */
+ uint16 info_class; /* info class */
+
+} LSA_Q_QUERY_TRUSTED_DOMAIN_INFO_BY_NAME;
+
+typedef struct trusted_domain_info_name {
+ LSA_STRING netbios_name;
+} TRUSTED_DOMAIN_INFO_NAME;
+
+typedef struct trusted_domain_info_posix_offset {
+ uint32 posix_offset;
+} TRUSTED_DOMAIN_INFO_POSIX_OFFSET;
+
+typedef struct lsa_data_buf {
+ uint32 size;
+ uint32 offset;
+ uint32 length;
+ uint8 *data;
+} LSA_DATA_BUF;
+
+typedef struct lsa_data_buf_hdr {
+ uint32 length;
+ uint32 size;
+ uint32 data_ptr;
+} LSA_DATA_BUF_HDR;
+
+
+typedef struct lsa_data_buf2 {
+ uint32 size;
+ uint8 *data;
+} LSA_DATA_BUF2;
+
+typedef struct trusted_domain_info_password {
+ uint32 ptr_password;
+ uint32 ptr_old_password;
+ LSA_DATA_BUF_HDR password_hdr;
+ LSA_DATA_BUF_HDR old_password_hdr;
+ LSA_DATA_BUF password;
+ LSA_DATA_BUF old_password;
+} TRUSTED_DOMAIN_INFO_PASSWORD;
+
+typedef struct trusted_domain_info_basic {
+ LSA_STRING netbios_name;
+ DOM_SID2 sid;
+} TRUSTED_DOMAIN_INFO_BASIC;
+
+typedef struct trusted_domain_info_ex {
+ LSA_STRING domain_name;
+ LSA_STRING netbios_name;
+ DOM_SID2 sid;
+ uint32 trust_direction;
+ uint32 trust_type;
+ uint32 trust_attributes;
+} TRUSTED_DOMAIN_INFO_EX;
+
+typedef struct trust_domain_info_buffer {
+ NTTIME last_update_time;
+ uint32 secret_type;
+ LSA_DATA_BUF2 data;
+} LSA_TRUSTED_DOMAIN_INFO_BUFFER;
+
+typedef struct trusted_domain_info_auth_info {
+ uint32 incoming_count;
+ LSA_TRUSTED_DOMAIN_INFO_BUFFER incoming_current_auth_info;
+ LSA_TRUSTED_DOMAIN_INFO_BUFFER incoming_previous_auth_info;
+ uint32 outgoing_count;
+ LSA_TRUSTED_DOMAIN_INFO_BUFFER outgoing_current_auth_info;
+ LSA_TRUSTED_DOMAIN_INFO_BUFFER outgoing_previous_auth_info;
+} TRUSTED_DOMAIN_INFO_AUTH_INFO;
+
+typedef struct trusted_domain_info_full_info {
+ TRUSTED_DOMAIN_INFO_EX info_ex;
+ TRUSTED_DOMAIN_INFO_POSIX_OFFSET posix_offset;
+ TRUSTED_DOMAIN_INFO_AUTH_INFO auth_info;
+} TRUSTED_DOMAIN_INFO_FULL_INFO;
+
+typedef struct trusted_domain_info_11 {
+ TRUSTED_DOMAIN_INFO_EX info_ex;
+ LSA_DATA_BUF2 data1;
+} TRUSTED_DOMAIN_INFO_11;
+
+typedef struct trusted_domain_info_all {
+ TRUSTED_DOMAIN_INFO_EX info_ex;
+ LSA_DATA_BUF2 data1;
+ TRUSTED_DOMAIN_INFO_POSIX_OFFSET posix_offset;
+ TRUSTED_DOMAIN_INFO_AUTH_INFO auth_info;
+} TRUSTED_DOMAIN_INFO_ALL;
+
+/* LSA_TRUSTED_DOMAIN_INFO */
+typedef union lsa_trusted_domain_info
+{
+ uint16 info_class;
+ TRUSTED_DOMAIN_INFO_NAME name;
+ /* deprecated - gd
+ TRUSTED_DOMAIN_INFO_CONTROLLERS_INFO controllers; */
+ TRUSTED_DOMAIN_INFO_POSIX_OFFSET posix_offset;
+ TRUSTED_DOMAIN_INFO_PASSWORD password;
+ TRUSTED_DOMAIN_INFO_BASIC basic;
+ TRUSTED_DOMAIN_INFO_EX info_ex;
+ TRUSTED_DOMAIN_INFO_AUTH_INFO auth_info;
+ TRUSTED_DOMAIN_INFO_FULL_INFO full_info;
+ TRUSTED_DOMAIN_INFO_11 info11;
+ TRUSTED_DOMAIN_INFO_ALL info_all;
+
+} LSA_TRUSTED_DOMAIN_INFO;
+
+/* LSA_R_QUERY_TRUSTED_DOMAIN_INFO - LSA query trusted domain info */
+typedef struct r_lsa_query_trusted_domain_info
+{
+ LSA_TRUSTED_DOMAIN_INFO *info;
+ NTSTATUS status;
+} LSA_R_QUERY_TRUSTED_DOMAIN_INFO;
#endif /* _RPC_LSA_H */