00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015 #ifndef CONST_DISCARD
00016 #define CONST_DISCARD(type, ptr) ((type) ((void *) (ptr)))
00017 #endif
00018
00019 #ifndef CONST_ADD
00020 #define CONST_ADD(type, ptr) ((type) ((const void *) (ptr)))
00021 #endif
00022
00023 #ifndef SAFE_FREE
00024 #define SAFE_FREE(x) do { if(x) {free(x); x=NULL;} } while(0)
00025 #endif
00026
00027 #ifndef _WINBINDD_NTDOM_H
00028 #define _WINBINDD_NTDOM_H
00029
00030 #define WINBINDD_SOCKET_NAME "pipe"
00031 #define WINBINDD_SOCKET_DIR "/var/run/winbindd"
00032 #define WINBINDD_PRIV_SOCKET_SUBDIR "winbindd_privileged"
00033 #define WINBINDD_DOMAIN_ENV "WINBINDD_DOMAIN"
00034 #define WINBINDD_DONT_ENV "_NO_WINBINDD"
00035
00036
00037
00038 #define WINBIND_INTERFACE_VERSION 18
00039
00040
00041
00042
00043
00044
00045 #if defined(int64)
00046 # define SMB_TIME_T int64
00047 #else
00048 # define SMB_TIME_T time_t
00049 #endif
00050
00051
00052
00053 enum winbindd_cmd {
00054
00055 WINBINDD_INTERFACE_VERSION,
00056
00057
00058
00059 WINBINDD_GETPWNAM,
00060 WINBINDD_GETPWUID,
00061 WINBINDD_GETGRNAM,
00062 WINBINDD_GETGRGID,
00063 WINBINDD_GETGROUPS,
00064
00065
00066
00067 WINBINDD_SETPWENT,
00068 WINBINDD_ENDPWENT,
00069 WINBINDD_GETPWENT,
00070 WINBINDD_SETGRENT,
00071 WINBINDD_ENDGRENT,
00072 WINBINDD_GETGRENT,
00073
00074
00075
00076 WINBINDD_PAM_AUTH,
00077 WINBINDD_PAM_AUTH_CRAP,
00078 WINBINDD_PAM_CHAUTHTOK,
00079 WINBINDD_PAM_LOGOFF,
00080 WINBINDD_PAM_CHNG_PSWD_AUTH_CRAP,
00081
00082
00083
00084 WINBINDD_LIST_USERS,
00085 WINBINDD_LIST_GROUPS,
00086 WINBINDD_LIST_TRUSTDOM,
00087
00088
00089
00090 WINBINDD_LOOKUPSID,
00091 WINBINDD_LOOKUPNAME,
00092 WINBINDD_LOOKUPRIDS,
00093
00094
00095
00096 WINBINDD_SID_TO_UID,
00097 WINBINDD_SID_TO_GID,
00098 WINBINDD_SIDS_TO_XIDS,
00099 WINBINDD_UID_TO_SID,
00100 WINBINDD_GID_TO_SID,
00101
00102 WINBINDD_ALLOCATE_UID,
00103 WINBINDD_ALLOCATE_GID,
00104 WINBINDD_SET_MAPPING,
00105 WINBINDD_SET_HWM,
00106
00107
00108
00109 WINBINDD_DUMP_MAPS,
00110
00111 WINBINDD_CHECK_MACHACC,
00112 WINBINDD_PING,
00113 WINBINDD_INFO,
00114 WINBINDD_DOMAIN_NAME,
00115
00116 WINBINDD_DOMAIN_INFO,
00117
00118 WINBINDD_GETDCNAME,
00119
00120 WINBINDD_SHOW_SEQUENCE,
00121
00122
00123
00124 WINBINDD_WINS_BYIP,
00125 WINBINDD_WINS_BYNAME,
00126
00127
00128 WINBINDD_GETGRLST,
00129
00130 WINBINDD_NETBIOS_NAME,
00131
00132
00133 WINBINDD_PRIV_PIPE_DIR,
00134
00135
00136 WINBINDD_GETUSERSIDS,
00137
00138
00139 WINBINDD_GETUSERDOMGROUPS,
00140
00141
00142 WINBINDD_INIT_CONNECTION,
00143
00144
00145
00146 WINBINDD_DUAL_SID2UID,
00147 WINBINDD_DUAL_SID2GID,
00148 WINBINDD_DUAL_SIDS2XIDS,
00149 WINBINDD_DUAL_UID2SID,
00150 WINBINDD_DUAL_GID2SID,
00151 WINBINDD_DUAL_SET_MAPPING,
00152 WINBINDD_DUAL_SET_HWM,
00153 WINBINDD_DUAL_DUMP_MAPS,
00154
00155
00156 WINBINDD_DUAL_UID2NAME,
00157 WINBINDD_DUAL_NAME2UID,
00158 WINBINDD_DUAL_GID2NAME,
00159 WINBINDD_DUAL_NAME2GID,
00160
00161 WINBINDD_DUAL_USERINFO,
00162 WINBINDD_DUAL_GETSIDALIASES,
00163
00164
00165
00166 WINBINDD_CCACHE_NTLMAUTH,
00167
00168 WINBINDD_NUM_CMDS
00169 };
00170
00171 typedef struct winbindd_pw {
00172 fstring pw_name;
00173 fstring pw_passwd;
00174 uid_t pw_uid;
00175 gid_t pw_gid;
00176 fstring pw_gecos;
00177 fstring pw_dir;
00178 fstring pw_shell;
00179 } WINBINDD_PW;
00180
00181
00182 typedef struct winbindd_gr {
00183 fstring gr_name;
00184 fstring gr_passwd;
00185 gid_t gr_gid;
00186 uint32 num_gr_mem;
00187 uint32 gr_mem_ofs;
00188 } WINBINDD_GR;
00189
00190
00191 #define WBFLAG_PAM_INFO3_NDR 0x0001
00192 #define WBFLAG_PAM_INFO3_TEXT 0x0002
00193 #define WBFLAG_PAM_USER_SESSION_KEY 0x0004
00194 #define WBFLAG_PAM_LMKEY 0x0008
00195 #define WBFLAG_PAM_CONTACT_TRUSTDOM 0x0010
00196 #define WBFLAG_QUERY_ONLY 0x0020
00197 #define WBFLAG_PAM_UNIX_NAME 0x0080
00198 #define WBFLAG_PAM_AFS_TOKEN 0x0100
00199 #define WBFLAG_PAM_NT_STATUS_SQUASH 0x0200
00200
00201
00202 #define WBFLAG_IS_PRIVILEGED 0x0400
00203
00204 #define WBFLAG_RECURSE 0x0800
00205
00206 #define WBFLAG_PAM_KRB5 0x1000
00207 #define WBFLAG_PAM_FALLBACK_AFTER_KRB5 0x2000
00208 #define WBFLAG_PAM_CACHED_LOGIN 0x4000
00209 #define WBFLAG_PAM_GET_PWD_POLICY 0x8000
00210
00211 #define WINBINDD_MAX_EXTRA_DATA (128*1024)
00212
00213
00214
00215
00216
00217
00218
00219
00220
00221
00222
00223 struct winbindd_request {
00224 uint32 length;
00225 enum winbindd_cmd cmd;
00226 pid_t pid;
00227 uint32 flags;
00228 fstring domain_name;
00229
00230 union {
00231 fstring winsreq;
00232 fstring username;
00233 fstring groupname;
00234 uid_t uid;
00235 gid_t gid;
00236 struct {
00237
00238
00239
00240 fstring user;
00241 fstring pass;
00242 pstring require_membership_of_sid;
00243 fstring krb5_cc_type;
00244 uid_t uid;
00245 } auth;
00246 struct {
00247 unsigned char chal[8];
00248 uint32 logon_parameters;
00249 fstring user;
00250 fstring domain;
00251 fstring lm_resp;
00252 uint32 lm_resp_len;
00253 fstring nt_resp;
00254 uint32 nt_resp_len;
00255 fstring workstation;
00256 fstring require_membership_of_sid;
00257 } auth_crap;
00258 struct {
00259 fstring user;
00260 fstring oldpass;
00261 fstring newpass;
00262 } chauthtok;
00263 struct {
00264 fstring user;
00265 fstring domain;
00266 unsigned char new_nt_pswd[516];
00267 uint16 new_nt_pswd_len;
00268 unsigned char old_nt_hash_enc[16];
00269 uint16 old_nt_hash_enc_len;
00270 unsigned char new_lm_pswd[516];
00271 uint16 new_lm_pswd_len;
00272 unsigned char old_lm_hash_enc[16];
00273 uint16 old_lm_hash_enc_len;
00274 } chng_pswd_auth_crap;
00275 struct {
00276 fstring user;
00277 fstring krb5ccname;
00278 uid_t uid;
00279 } logoff;
00280 fstring sid;
00281 struct {
00282 fstring dom_name;
00283 fstring name;
00284 } name;
00285 uint32 num_entries;
00286 struct {
00287 fstring username;
00288 fstring groupname;
00289 } acct_mgt;
00290 struct {
00291 BOOL is_primary;
00292 fstring dcname;
00293 } init_conn;
00294 struct {
00295 fstring sid;
00296 fstring name;
00297 } dual_sid2id;
00298 struct {
00299 fstring sid;
00300 uint32 type;
00301 uint32 id;
00302 } dual_idmapset;
00303 BOOL list_all_domains;
00304
00305 struct {
00306 uid_t uid;
00307 fstring user;
00308
00309
00310
00311
00312
00313
00314 uint32 initial_blob_len;
00315 uint32 challenge_blob_len;
00316 } ccache_ntlm_auth;
00317
00318
00319
00320
00321
00322 char padding[1800];
00323 } data;
00324 union {
00325 SMB_TIME_T padding;
00326 char *data;
00327 } extra_data;
00328 uint32 extra_len;
00329 char null_term;
00330 };
00331
00332
00333
00334 enum winbindd_result {
00335 WINBINDD_ERROR,
00336 WINBINDD_PENDING,
00337 WINBINDD_OK
00338 };
00339
00340
00341
00342
00343
00344
00345
00346
00347
00348
00349
00350 struct winbindd_response {
00351
00352
00353
00354 uint32 length;
00355 enum winbindd_result result;
00356
00357
00358
00359 union {
00360 int interface_version;
00361
00362 fstring winsresp;
00363
00364
00365
00366 struct winbindd_pw pw;
00367
00368
00369
00370 struct winbindd_gr gr;
00371
00372 uint32 num_entries;
00373 struct winbindd_sid {
00374 fstring sid;
00375 int type;
00376 } sid;
00377 struct winbindd_name {
00378 fstring dom_name;
00379 fstring name;
00380 int type;
00381 } name;
00382 uid_t uid;
00383 gid_t gid;
00384 struct winbindd_info {
00385 char winbind_separator;
00386 fstring samba_version;
00387 } info;
00388 fstring domain_name;
00389 fstring netbios_name;
00390 fstring dc_name;
00391
00392 struct auth_reply {
00393 uint32 nt_status;
00394 fstring nt_status_string;
00395 fstring error_string;
00396 int pam_error;
00397 char user_session_key[16];
00398 char first_8_lm_hash[8];
00399 fstring krb5ccname;
00400 uint32 reject_reason;
00401 uint32 padding;
00402 struct policy_settings {
00403 uint32 min_length_password;
00404 uint32 password_history;
00405 uint32 password_properties;
00406 uint32 padding;
00407 SMB_TIME_T expire;
00408 SMB_TIME_T min_passwordage;
00409 } policy;
00410 struct info3_text {
00411 SMB_TIME_T logon_time;
00412 SMB_TIME_T logoff_time;
00413 SMB_TIME_T kickoff_time;
00414 SMB_TIME_T pass_last_set_time;
00415 SMB_TIME_T pass_can_change_time;
00416 SMB_TIME_T pass_must_change_time;
00417 uint32 logon_count;
00418 uint32 bad_pw_count;
00419 uint32 user_rid;
00420 uint32 group_rid;
00421 uint32 num_groups;
00422 uint32 user_flgs;
00423 uint32 acct_flags;
00424 uint32 num_other_sids;
00425 fstring dom_sid;
00426 fstring user_name;
00427 fstring full_name;
00428 fstring logon_script;
00429 fstring profile_path;
00430 fstring home_dir;
00431 fstring dir_drive;
00432 fstring logon_srv;
00433 fstring logon_dom;
00434 } info3;
00435 } auth;
00436 struct {
00437 fstring name;
00438 fstring alt_name;
00439 fstring sid;
00440 BOOL native_mode;
00441 BOOL active_directory;
00442 BOOL primary;
00443 uint32 sequence_number;
00444 } domain_info;
00445 struct {
00446 fstring acct_name;
00447 fstring full_name;
00448 fstring homedir;
00449 fstring shell;
00450 uint32 primary_gid;
00451 uint32 group_rid;
00452 } user_info;
00453 struct {
00454 uint32 auth_blob_len;
00455 } ccache_ntlm_auth;
00456 } data;
00457
00458
00459
00460 union {
00461 SMB_TIME_T padding;
00462 void *data;
00463 } extra_data;
00464 };
00465
00466 struct WINBINDD_MEMORY_CREDS {
00467 struct WINBINDD_MEMORY_CREDS *next, *prev;
00468 const char *username;
00469 uid_t uid;
00470 int ref_count;
00471 size_t len;
00472 unsigned char *nt_hash;
00473 unsigned char *lm_hash;
00474 char *pass;
00475 };
00476
00477 struct WINBINDD_CCACHE_ENTRY {
00478 struct WINBINDD_CCACHE_ENTRY *next, *prev;
00479 const char *principal_name;
00480 const char *ccname;
00481 const char *service;
00482 const char *username;
00483 const char *realm;
00484 struct WINBINDD_MEMORY_CREDS *cred_ptr;
00485 int ref_count;
00486 uid_t uid;
00487 time_t create_time;
00488 time_t renew_until;
00489 time_t refresh_time;
00490 struct timed_event *event;
00491 };
00492
00493 #endif