2001-10-02 07:43:26 +04:00
/*
2002-01-30 09:08:46 +03:00
* Unix SMB / CIFS implementation .
2001-10-02 07:43:26 +04:00
* secrets . tdb file format info
* Copyright ( C ) Andrew Tridgell 2000
*
* This program is free software ; you can redistribute it and / or modify it
* under the terms of the GNU General Public License as published by the
2007-07-09 23:25:36 +04:00
* Free Software Foundation ; either version 3 of the License , or ( at your
2001-10-02 07:43:26 +04:00
* option ) any later version .
*
* This program is distributed in the hope that it will be useful , but WITHOUT
* ANY WARRANTY ; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE . See the GNU General Public License for
* more details .
*
* You should have received a copy of the GNU General Public License along with
2007-07-10 09:23:25 +04:00
* this program ; if not , see < http : //www.gnu.org/licenses/>.
2001-10-02 07:43:26 +04:00
*/
2000-05-08 14:42:21 +04:00
2001-10-02 07:43:26 +04:00
# ifndef _SECRETS_H
# define _SECRETS_H
2000-05-08 14:42:21 +04:00
2001-11-24 17:16:41 +03:00
/* the first one is for the hashed password (NT4 style) the latter
2002-03-01 05:56:35 +03:00
for plaintext ( ADS )
2001-11-24 17:16:41 +03:00
*/
2000-05-08 14:42:21 +04:00
# define SECRETS_MACHINE_ACCT_PASS "SECRETS / $MACHINE.ACC"
2001-11-24 17:16:41 +03:00
# define SECRETS_MACHINE_PASSWORD "SECRETS / MACHINE_PASSWORD"
2010-05-21 11:57:29 +04:00
# define SECRETS_MACHINE_PASSWORD_PREV "SECRETS / MACHINE_PASSWORD.PREV"
2003-04-21 18:09:03 +04:00
# define SECRETS_MACHINE_LAST_CHANGE_TIME "SECRETS / MACHINE_LAST_CHANGE_TIME"
# define SECRETS_MACHINE_SEC_CHANNEL_TYPE "SECRETS / MACHINE_SEC_CHANNEL_TYPE"
# define SECRETS_MACHINE_TRUST_ACCOUNT_NAME "SECRETS / SECRETS_MACHINE_TRUST_ACCOUNT_NAME"
2002-03-01 05:56:35 +03:00
/* this one is for storing trusted domain account password */
# define SECRETS_DOMTRUST_ACCT_PASS "SECRETS / $DOMTRUST.ACC"
2004-10-30 02:38:10 +04:00
/* Store the principal name used for Kerberos DES key salt under this key name. */
# define SECRETS_SALTING_PRINCIPAL "SECRETS / SALTING_PRINCIPAL"
2002-04-10 04:35:00 +04:00
/* The domain sid and our sid are stored here even though they aren't
really secret . */
2000-05-29 05:23:48 +04:00
# define SECRETS_DOMAIN_SID "SECRETS / SID"
# define SECRETS_SAM_SID "SAM / SID"
2000-05-08 14:42:21 +04:00
2002-08-17 21:00:51 +04:00
/* The domain GUID and server GUID (NOT the same) are also not secret */
# define SECRETS_DOMAIN_GUID "SECRETS / DOMGUID"
# define SECRETS_SERVER_GUID "SECRETS / GUID"
2002-07-15 14:35:28 +04:00
# define SECRETS_LDAP_BIND_PW "SECRETS / LDAP_BIND_PW"
2008-09-22 21:23:21 +04:00
# define SECRETS_LOCAL_SCHANNEL_KEY "SECRETS / LOCAL_SCHANNEL_KEY"
2002-04-10 04:35:00 +04:00
/* Authenticated user info is stored in secrets.tdb under these keys */
# define SECRETS_AUTH_USER "SECRETS / AUTH_USER"
# define SECRETS_AUTH_DOMAIN "SECRETS / AUTH_DOMAIN"
# define SECRETS_AUTH_PASSWORD "SECRETS / AUTH_PASSWORD"
2002-03-01 05:56:35 +03:00
/* structure for storing machine account password
( ie . when samba server is member of a domain */
2000-05-08 14:42:21 +04:00
struct machine_acct_pass {
uint8 hash [ 16 ] ;
time_t mod_time ;
} ;
2003-09-07 20:36:13 +04:00
/*
* Format of an OpenAFS keyfile
*/
# define SECRETS_AFS_MAXKEYS 8
struct afs_key {
uint32 kvno ;
char key [ 8 ] ;
} ;
struct afs_keyfile {
uint32 nkeys ;
struct afs_key entry [ SECRETS_AFS_MAXKEYS ] ;
} ;
# define SECRETS_AFS_KEYFILE "SECRETS / AFS_KEYFILE"
2002-07-15 14:35:28 +04:00
2010-08-05 04:25:37 +04:00
/* The following definitions come from passdb/secrets.c */
bool secrets_init ( void ) ;
struct db_context * secrets_db_ctx ( void ) ;
void secrets_shutdown ( void ) ;
void * secrets_fetch ( const char * key , size_t * size ) ;
bool secrets_store ( const char * key , const void * data , size_t size ) ;
bool secrets_delete ( const char * key ) ;
bool secrets_store_domain_sid ( const char * domain , const struct dom_sid * sid ) ;
bool secrets_fetch_domain_sid ( const char * domain , struct dom_sid * sid ) ;
bool secrets_store_domain_guid ( const char * domain , struct GUID * guid ) ;
bool secrets_fetch_domain_guid ( const char * domain , struct GUID * guid ) ;
void * secrets_get_trust_account_lock ( TALLOC_CTX * mem_ctx , const char * domain ) ;
enum netr_SchannelType get_default_sec_channel ( void ) ;
bool secrets_fetch_trust_account_password_legacy ( const char * domain ,
uint8 ret_pwd [ 16 ] ,
time_t * pass_last_set_time ,
enum netr_SchannelType * channel ) ;
bool secrets_fetch_trust_account_password ( const char * domain , uint8 ret_pwd [ 16 ] ,
time_t * pass_last_set_time ,
enum netr_SchannelType * channel ) ;
bool secrets_fetch_trusted_domain_password ( const char * domain , char * * pwd ,
struct dom_sid * sid , time_t * pass_last_set_time ) ;
bool secrets_store_trusted_domain_password ( const char * domain , const char * pwd ,
const struct dom_sid * sid ) ;
bool secrets_delete_machine_password ( const char * domain ) ;
bool secrets_delete_machine_password_ex ( const char * domain ) ;
bool secrets_delete_domain_sid ( const char * domain ) ;
bool secrets_store_machine_password ( const char * pass , const char * domain , enum netr_SchannelType sec_channel ) ;
char * secrets_fetch_prev_machine_password ( const char * domain ) ;
char * secrets_fetch_machine_password ( const char * domain ,
time_t * pass_last_set_time ,
enum netr_SchannelType * channel ) ;
bool trusted_domain_password_delete ( const char * domain ) ;
bool secrets_store_ldap_pw ( const char * dn , char * pw ) ;
bool fetch_ldap_pw ( char * * dn , char * * pw ) ;
NTSTATUS secrets_trusted_domains ( TALLOC_CTX * mem_ctx , uint32 * num_domains ,
struct trustdom_info * * * domains ) ;
bool secrets_store_afs_keyfile ( const char * cell , const struct afs_keyfile * keyfile ) ;
bool secrets_fetch_afs_key ( const char * cell , struct afs_key * result ) ;
void secrets_fetch_ipc_userpass ( char * * username , char * * domain , char * * password ) ;
bool secrets_store_generic ( const char * owner , const char * key , const char * secret ) ;
char * secrets_fetch_generic ( const char * owner , const char * key ) ;
bool secrets_delete_generic ( const char * owner , const char * key ) ;
bool secrets_store_local_schannel_key ( uint8_t schannel_key [ 16 ] ) ;
bool secrets_fetch_local_schannel_key ( uint8_t schannel_key [ 16 ] ) ;
2001-10-02 07:43:26 +04:00
# endif /* _SECRETS_H */