libads: add ADS_AUTH_USER_CREDS to avoid magic overwriting of usernames.

[samba.git] / source3 / include / ads.h

diff --git a/source3/include/ads.h b/source3/include/ads.h
index 56c70233379fdf3c1162faf542848df6dcbbbd74..d4551765aa0febd541cf168543b343ec1fadeb32 100644 (file)
--- a/source3/include/ads.h
+++ b/source3/include/ads.h
@@ -43,7 +43,7 @@ enum ads_saslwrap_type {
        ADS_SASLWRAP_TYPE_PLAIN = 1,
        ADS_SASLWRAP_TYPE_SIGN = 2,
        ADS_SASLWRAP_TYPE_SEAL = 4
-} wrap_type;
+};
 
 typedef struct ads_struct {
        int is_mine;    /* do I own this structure's memory? */
@@ -87,7 +87,7 @@ typedef struct ads_struct {
 #ifdef HAVE_LDAP
        struct {
                LDAP *ld;
-               struct in_addr ip; /* the ip of the active connection, if any */
+               struct sockaddr_storage ss; /* the ip of the active connection, if any */
                time_t last_attempt; /* last attempt to reconnect */
                int port;
 
@@ -103,16 +103,17 @@ typedef struct ads_struct {
                        uint32 ofs;
                        uint32 needed;
                        uint32 left;
-                       uint32 max;
-                       uint32 min;
+#define        ADS_SASL_WRAPPING_IN_MAX_WRAPPED        0x0FFFFFFF
+                       uint32 max_wrapped;
+                       uint32 min_wrapped;
                        uint32 size;
                        uint8 *buf;
                } in;
                struct {
                        uint32 ofs;
                        uint32 left;
-                       uint32 max;
-                       uint32 min;
+#define        ADS_SASL_WRAPPING_OUT_MAX_WRAPPED       0x00A00000
+                       uint32 max_unwrapped;
                        uint32 sig_size;
                        uint32 size;
                        uint8 *buf;
@@ -318,20 +319,16 @@ typedef void **ADS_MODLIST;
 #define ADS_DNS_DOMAIN     0x40000000  /* DomainName is a DNS name */
 #define ADS_DNS_FOREST     0x80000000  /* DnsForestName is a DNS name */
 
-/* DomainControllerAddressType */
-#define ADS_INET_ADDRESS      0x00000001
-#define ADS_NETBIOS_ADDRESS   0x00000002
-
-
 /* ads auth control flags */
-#define ADS_AUTH_DISABLE_KERBEROS 0x01
-#define ADS_AUTH_NO_BIND          0x02
-#define ADS_AUTH_ANON_BIND        0x04
-#define ADS_AUTH_SIMPLE_BIND      0x08
-#define ADS_AUTH_ALLOW_NTLMSSP    0x10
-#define ADS_AUTH_SASL_SIGN        0x20
-#define ADS_AUTH_SASL_SEAL        0x40
-#define ADS_AUTH_SASL_FORCE       0x80
+#define ADS_AUTH_DISABLE_KERBEROS 0x0001
+#define ADS_AUTH_NO_BIND          0x0002
+#define ADS_AUTH_ANON_BIND        0x0004
+#define ADS_AUTH_SIMPLE_BIND      0x0008
+#define ADS_AUTH_ALLOW_NTLMSSP    0x0010
+#define ADS_AUTH_SASL_SIGN        0x0020
+#define ADS_AUTH_SASL_SEAL        0x0040
+#define ADS_AUTH_SASL_FORCE       0x0080
+#define ADS_AUTH_USER_CREDS       0x0100
 
 /* Kerberos environment variable names */
 #define KRB5_ENV_CCNAME "KRB5CCNAME"
@@ -393,4 +390,13 @@ typedef struct {
 
 #define ADS_EXTENDED_RIGHT_APPLY_GROUP_POLICY "edacfd8f-ffb3-11d1-b41d-00a0c968f939"
 
+#define ADS_IGNORE_PRINCIPAL "not_defined_in_RFC4178@please_ignore"
+
+/* Settings for the domainFunctionality attribute in the rootDSE */
+
+#define DS_DOMAIN_FUNCTION_2000                0
+#define DS_DOMAIN_FUCNTION_2003_MIXED  1
+#define DS_DOMAIN_FUNCTION_2003                2
+#define DS_DOMAIN_FUNCTION_2008                3
+
 #endif /* _INCLUDE_ADS_H_ */