From: Stefan Metzmacher Date: Mon, 2 May 2016 06:36:39 +0000 (+0200) Subject: krb5pac.idl: add PAC_CREDENTIAL related structures X-Git-Tag: tdb-1.3.10~633 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=fdcdf349473430b590a7a2ea8d1ba663e46b9b98;p=thirdparty%2Fsamba.git krb5pac.idl: add PAC_CREDENTIAL related structures See [MS-PAC] 2.6 PAC Credentials. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11441 Signed-off-by: Stefan Metzmacher Reviewed-by: Andrew Bartlett --- diff --git a/librpc/idl/krb5pac.idl b/librpc/idl/krb5pac.idl index 8a6540c13b1..1590dbf6ada 100644 --- a/librpc/idl/krb5pac.idl +++ b/librpc/idl/krb5pac.idl @@ -31,6 +31,43 @@ interface krb5pac samr_RidWithAttributeArray res_groups; } PAC_LOGON_INFO; + typedef [bitmap32bit] bitmap { + PAC_CREDENTIAL_NTLM_HAS_LM_HASH = 0x00000001, + PAC_CREDENTIAL_NTLM_HAS_NT_HASH = 0x00000002 + } PAC_CREDENTIAL_NTLM_FLAGS; + + typedef [public] struct { + [value(0)] uint32 version; + PAC_CREDENTIAL_NTLM_FLAGS flags; + [noprint] samr_Password lm_password; + [noprint] samr_Password nt_password; + } PAC_CREDENTIAL_NTLM_SECPKG; + + typedef [public] struct { + lsa_String package_name; + uint32 credential_size; + [size_is(credential_size), noprint] uint8 *credential; + } PAC_CREDENTIAL_SUPPLEMENTAL_SECPKG; + + typedef [public] struct { + uint32 credential_count; + [size_is(credential_count)] PAC_CREDENTIAL_SUPPLEMENTAL_SECPKG credentials[*]; + } PAC_CREDENTIAL_DATA; + + typedef [public] struct { + PAC_CREDENTIAL_DATA *data; + } PAC_CREDENTIAL_DATA_CTR; + + typedef [public] struct { + [subcontext(0xFFFFFC01)] PAC_CREDENTIAL_DATA_CTR ctr; + } PAC_CREDENTIAL_DATA_NDR; + + typedef [public] struct { + [value(0)] uint32 version; + uint32 encryption_type; + [flag(NDR_REMAINING)] DATA_BLOB encrypted_data; + } PAC_CREDENTIAL_INFO; + typedef struct { lsa_String proxy_target; uint32 num_transited_services; @@ -60,6 +97,7 @@ interface krb5pac typedef [public,v1_enum] enum { PAC_TYPE_LOGON_INFO = 1, + PAC_TYPE_CREDENTIAL_INFO = 2, PAC_TYPE_SRV_CHECKSUM = 6, PAC_TYPE_KDC_CHECKSUM = 7, PAC_TYPE_LOGON_NAME = 10, @@ -73,6 +111,7 @@ interface krb5pac typedef [public,nodiscriminant,gensize] union { [case(PAC_TYPE_LOGON_INFO)][subcontext(0xFFFFFC01)] PAC_LOGON_INFO_CTR logon_info; + [case(PAC_TYPE_CREDENTIAL_INFO)] PAC_CREDENTIAL_INFO credential_info; [case(PAC_TYPE_SRV_CHECKSUM)] PAC_SIGNATURE_DATA srv_cksum; [case(PAC_TYPE_KDC_CHECKSUM)] PAC_SIGNATURE_DATA kdc_cksum; [case(PAC_TYPE_LOGON_NAME)] PAC_LOGON_NAME logon_name; @@ -138,6 +177,10 @@ interface krb5pac [in] PAC_LOGON_INFO_CTR logon_info_ctr ); + [nopython] void decode_credential_data_ndr( + [in] PAC_CREDENTIAL_DATA_NDR credential_data_ndr + ); + [nopython] void decode_pac_validate( [in] PAC_Validate pac_validate );