s3:schannel streamline interface

[ira/wip.git] / source3 / include / secrets.h

diff --git a/source3/include/secrets.h b/source3/include/secrets.h
index 183b29d7a8a594baf9cb826cc70b9db6da8e6f93..d0848bdfa4a2cf67bf2000ecbc2b045f3ed60968 100644 (file)
--- a/source3/include/secrets.h
+++ b/source3/include/secrets.h
@@ -5,7 +5,7 @@
  * 
  * This program is free software; you can redistribute it and/or modify it
  * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
+ * Free Software Foundation; either version 3 of the License, or (at your
  * option) any later version.
  * 
  * This program is distributed in the hope that it will be useful, but WITHOUT
@@ -14,8 +14,7 @@
  * more details.
  * 
  * You should have received a copy of the GNU General Public License along with
- * this program; if not, write to the Free Software Foundation, Inc., 675
- * Mass Ave, Cambridge, MA 02139, USA.  
+ * this program; if not, see <http://www.gnu.org/licenses/>.  
  */
 
 #ifndef _SECRETS_H
@@ -26,10 +25,15 @@
 */
 #define SECRETS_MACHINE_ACCT_PASS "SECRETS/$MACHINE.ACC"
 #define SECRETS_MACHINE_PASSWORD "SECRETS/MACHINE_PASSWORD"
-
+#define SECRETS_MACHINE_LAST_CHANGE_TIME "SECRETS/MACHINE_LAST_CHANGE_TIME"
+#define SECRETS_MACHINE_SEC_CHANNEL_TYPE "SECRETS/MACHINE_SEC_CHANNEL_TYPE"
+#define SECRETS_MACHINE_TRUST_ACCOUNT_NAME "SECRETS/SECRETS_MACHINE_TRUST_ACCOUNT_NAME"
 /* this one is for storing trusted domain account password */
 #define SECRETS_DOMTRUST_ACCT_PASS "SECRETS/$DOMTRUST.ACC"
 
+/* Store the principal name used for Kerberos DES key salt under this key name. */
+#define SECRETS_SALTING_PRINCIPAL "SECRETS/SALTING_PRINCIPAL"
+
 /* The domain sid and our sid are stored here even though they aren't
    really secret. */
 #define SECRETS_DOMAIN_SID    "SECRETS/SID"
@@ -41,6 +45,8 @@
 
 #define SECRETS_LDAP_BIND_PW "SECRETS/LDAP_BIND_PW"
 
+#define SECRETS_LOCAL_SCHANNEL_KEY "SECRETS/LOCAL_SCHANNEL_KEY"
+
 /* Authenticated user info is stored in secrets.tdb under these keys */
 
 #define SECRETS_AUTH_USER      "SECRETS/AUTH_USER"
@@ -55,25 +61,30 @@ struct machine_acct_pass {
 };
 
 /*
- * storage structure for trusted domain
+ * trusted domain entry/entries returned by secrets_get_trusted_domains
+ * (used in _lsa_enum_trust_dom call)
  */
-struct trusted_dom_pass {
-       size_t uni_name_len;
-       smb_ucs2_t uni_name[32]; /* unicode domain name */
-       size_t pass_len;
-       fstring pass;           /* trust relationship's password */
-       time_t mod_time;
-       DOM_SID domain_sid;     /* remote domain's sid */
+struct trustdom_info {
+       char *name;
+       DOM_SID sid;
 };
 
 /*
- * trusted domain entry/entries returned by secrets_get_trusted_domains
- * (used in _lsa_enum_trust_dom call)
+ * Format of an OpenAFS keyfile
  */
-typedef struct trustdom {
-       smb_ucs2_t *name;
-       DOM_SID sid;
-} TRUSTDOM;
 
+#define SECRETS_AFS_MAXKEYS 8
+
+struct afs_key {
+       uint32 kvno;
+       char key[8];
+};
+
+struct afs_keyfile {
+       uint32 nkeys;
+       struct afs_key entry[SECRETS_AFS_MAXKEYS];
+};
+
+#define SECRETS_AFS_KEYFILE "SECRETS/AFS_KEYFILE"
 
 #endif /* _SECRETS_H */