secrets.idl: add secrets_domain_info that will be used in secrets.tdb for machine...

This blob will be store in secrets.tdb. It makes it possible to store much
more useful details about the workstation trust.

The key feature that that triggered this change is the ability
to store details for the next password change before doing
the remote change. This will allow us to recover from failures.

While being there I also thought about possible new features,
which we may implement in the near future.

We also store the raw UTF16 like cleartext buffer as well as derived
keys like the NTHASH (arcfour-hmac-md5 key) and other kerberos keys.
This will allow us to avoid recalculating the keys for an in memory
keytab in future.

I also added pointer to an optional lsa_ForestTrustInformation structure,
which might be useful to implement multi-tenancy in future.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

diff --git a/source3/librpc/idl/secrets.idl b/source3/librpc/idl/secrets.idl
index 1d0ba1940ab5c92dd6dba332a139b0180a8d0653..2c06fa6990dbfba9de15174f57b048fbebb14ca1 100644 (file)
--- a/source3/librpc/idl/secrets.idl
+++ b/source3/librpc/idl/secrets.idl
@@ -1,6 +1,6 @@
 #include "idl_types.h"
 
-import "security.idl";
+import "misc.idl", "samr.idl", "lsa.idl", "netlogon.idl", "security.idl";
 
 /*
    IDL structures for secrets code
@@ -37,5 +37,95 @@ import "security.idl";
                security_descriptor *sd;
        } lsa_secret;
 
+       /*
+        * This is the on-disc format the workstation trust.
+        *
+        * DO NOT CHANGE
+        * without changing secrets_domain_info_version
+        * and adding glue code. Discuss on samba-technical
+        * first!
+        */
+       typedef struct {
+               uint32 keytype;
+               uint32 iteration_count;
+               [flag(NDR_SECRET)] DATA_BLOB value;
+       } secrets_domain_info1_kerberos_key;
+
+       typedef struct {
+               NTTIME change_time;
+               [string,charset(UTF16)] uint16 change_server[];
+
+               [flag(NDR_SECRET)] DATA_BLOB cleartext_blob;
+               [flag(NDR_SECRET)] samr_Password nt_hash;
+
+               [string,charset(UTF16)] uint16 *salt_data;
+               uint32 default_iteration_count;
+               uint16 num_keys;
+               secrets_domain_info1_kerberos_key keys[num_keys];
+       } secrets_domain_info1_password;
+
+       typedef struct {
+               NTSTATUS local_status;
+               NTSTATUS remote_status;
+               NTTIME change_time;
+               [string,charset(UTF16)] uint16 change_server[];
+               [ref] secrets_domain_info1_password *password;
+       } secrets_domain_info1_change;
+
+       typedef [public] struct {
+               [value(0)] hyper reserved_flags;
+
+               NTTIME join_time;
+
+               [string,charset(UTF16)] uint16 computer_name[];
+               [string,charset(UTF16)] uint16 account_name[];
+               netr_SchannelType secure_channel_type;
+
+               lsa_DnsDomainInfo domain_info;
+               netr_TrustFlags trust_flags;
+               lsa_TrustType trust_type;
+               lsa_TrustAttributes trust_attributes;
+
+               /*
+                * This is unused currently, it might
+                * be useful to implement multi-tenancy (joining multiple domains)
+                * in future.
+                *
+                * Or we could use it to do other filtering of domains.
+                */
+               [value(NULL)] lsa_ForestTrustInformation *reserved_routing;
+
+               kerb_EncTypes supported_enc_types;
+               [string,charset(UTF16)] uint16 *salt_principal;
+
+               NTTIME password_last_change;
+               hyper password_changes;
+               secrets_domain_info1_change *next_change;
+
+               [ref] secrets_domain_info1_password *password;
+               secrets_domain_info1_password *old_password;
+               secrets_domain_info1_password *older_password;
+       } secrets_domain_info1;
+
+       typedef [v1_enum] enum {
+               SECRETS_DOMAIN_INFO_VERSION_1 = 0x00000001
+       } secrets_domain_info_version;
+
+       /*
+        * If we ever need to change this we need to
+        * change secrets_domain_info into
+        * secrets_domain_info_v1
+        */
+       typedef union {
+               [case(SECRETS_DOMAIN_INFO_VERSION_1)]
+                       secrets_domain_info1 *info1;
+               [default];
+       } secrets_domain_infoU;
+
+       typedef [public] struct {
+               secrets_domain_info_version version;
+               [value(0)] uint32 reserved;
+               [switch_is(version)] secrets_domain_infoU info;
+       } secrets_domain_infoB;
 }
 

diff --git a/source3/librpc/wscript_build b/source3/librpc/wscript_build
index 1d8c17b0c7f61885a62200fb843e1cfd4f31ea36..9260350931113ab62ca373b0272b7ec36bdecb45 100644 (file)
--- a/source3/librpc/wscript_build
+++ b/source3/librpc/wscript_build
@@ -27,7 +27,7 @@ bld.SAMBA3_SUBSYSTEM('NDR_LEASES_DB',
 
 bld.SAMBA3_SUBSYSTEM('NDR_SECRETS',
        source='gen_ndr/ndr_secrets.c',
-       public_deps='ndr NDR_SECURITY'
+       public_deps='ndr NDR_SAMR NDR_LSA NDR_NETLOGON NDR_SECURITY'
        )
 
 bld.SAMBA3_SUBSYSTEM('NDR_PERFCOUNT',