r24804: As a temporary workaround, also try to guess the server's principal in the

[samba.git] / source3 / include / ads.h

diff --git a/source3/include/ads.h b/source3/include/ads.h
index c103c3a43ee13db36199e8786de54a3135a10402..37d09f1e4261a1a69241d07e2522924ccfcf2831 100644 (file)
--- a/source3/include/ads.h
+++ b/source3/include/ads.h
@@ -36,7 +36,13 @@ struct ads_saslwrap_ops {
        const char *name;
        ADS_STATUS (*wrap)(struct ads_struct *, uint8 *buf, uint32 len);
        ADS_STATUS (*unwrap)(struct ads_struct *);
-       ADS_STATUS (*disconnect)(struct ads_struct *);
+       void (*disconnect)(struct ads_struct *);
+};
+
+enum ads_saslwrap_type {
+       ADS_SASLWRAP_TYPE_PLAIN = 1,
+       ADS_SASLWRAP_TYPE_SIGN = 2,
+       ADS_SASLWRAP_TYPE_SEAL = 4
 };
 
 typedef struct ads_struct {
@@ -85,8 +91,11 @@ typedef struct ads_struct {
                time_t last_attempt; /* last attempt to reconnect */
                int port;
 
+               enum ads_saslwrap_type wrap_type;
+
 #ifdef HAVE_LDAP_SASL_WRAPPING
                Sockbuf_IO_Desc *sbiod; /* lowlevel state for LDAP wrapping */
+#endif /* HAVE_LDAP_SASL_WRAPPING */
                TALLOC_CTX *mem_ctx;
                const struct ads_saslwrap_ops *wrap_ops;
                void *wrap_private_data;
@@ -94,21 +103,21 @@ typedef struct ads_struct {
                        uint32 ofs;
                        uint32 needed;
                        uint32 left;
-                       uint32 max;
-                       uint32 min;
+#define        ADS_SASL_WRAPPING_IN_MAX_WRAPPED        0x0FFFFFFF
+                       uint32 max_wrapped;
+                       uint32 min_wrapped;
                        uint32 size;
                        uint8 *buf;
                } in;
                struct {
                        uint32 ofs;
                        uint32 left;
-                       uint32 max;
-                       uint32 min;
+#define        ADS_SASL_WRAPPING_OUT_MAX_WRAPPED       0x00A00000
+                       uint32 max_unwrapped;
                        uint32 sig_size;
                        uint32 size;
                        uint8 *buf;
                } out;
-#endif /* HAVE_LDAP_SASL_WRAPPING */
        } ldap;
 #endif /* HAVE_LDAP */
 } ADS_STRUCT;
@@ -321,6 +330,9 @@ typedef void **ADS_MODLIST;
 #define ADS_AUTH_ANON_BIND        0x04
 #define ADS_AUTH_SIMPLE_BIND      0x08
 #define ADS_AUTH_ALLOW_NTLMSSP    0x10
+#define ADS_AUTH_SASL_SIGN        0x20
+#define ADS_AUTH_SASL_SEAL        0x40
+#define ADS_AUTH_SASL_FORCE       0x80
 
 /* Kerberos environment variable names */
 #define KRB5_ENV_CCNAME "KRB5CCNAME"
@@ -382,4 +394,6 @@ typedef struct {
 
 #define ADS_EXTENDED_RIGHT_APPLY_GROUP_POLICY "edacfd8f-ffb3-11d1-b41d-00a0c968f939"
 
+#define ADS_IGNORE_PRINCIPAL "not_defined_in_RFC4178@please_ignore"
+
 #endif /* _INCLUDE_ADS_H_ */