mirror of
https://github.com/samba-team/samba.git
synced 2024-12-29 11:21:54 +03:00
3b12c38ac0
Make calling schannel much easier by removing the need to explicitly open the database. Let the abstraction do it instead.
91 lines
2.8 KiB
C
91 lines
2.8 KiB
C
/*
|
|
* Unix SMB/CIFS implementation.
|
|
* secrets.tdb file format info
|
|
* Copyright (C) Andrew Tridgell 2000
|
|
*
|
|
* This program is free software; you can redistribute it and/or modify it
|
|
* under the terms of the GNU General Public License as published by the
|
|
* Free Software Foundation; either version 3 of the License, or (at your
|
|
* option) any later version.
|
|
*
|
|
* This program is distributed in the hope that it will be useful, but WITHOUT
|
|
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
|
|
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
|
|
* more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License along with
|
|
* this program; if not, see <http://www.gnu.org/licenses/>.
|
|
*/
|
|
|
|
#ifndef _SECRETS_H
|
|
#define _SECRETS_H
|
|
|
|
/* the first one is for the hashed password (NT4 style) the latter
|
|
for plaintext (ADS)
|
|
*/
|
|
#define SECRETS_MACHINE_ACCT_PASS "SECRETS/$MACHINE.ACC"
|
|
#define SECRETS_MACHINE_PASSWORD "SECRETS/MACHINE_PASSWORD"
|
|
#define SECRETS_MACHINE_LAST_CHANGE_TIME "SECRETS/MACHINE_LAST_CHANGE_TIME"
|
|
#define SECRETS_MACHINE_SEC_CHANNEL_TYPE "SECRETS/MACHINE_SEC_CHANNEL_TYPE"
|
|
#define SECRETS_MACHINE_TRUST_ACCOUNT_NAME "SECRETS/SECRETS_MACHINE_TRUST_ACCOUNT_NAME"
|
|
/* this one is for storing trusted domain account password */
|
|
#define SECRETS_DOMTRUST_ACCT_PASS "SECRETS/$DOMTRUST.ACC"
|
|
|
|
/* Store the principal name used for Kerberos DES key salt under this key name. */
|
|
#define SECRETS_SALTING_PRINCIPAL "SECRETS/SALTING_PRINCIPAL"
|
|
|
|
/* The domain sid and our sid are stored here even though they aren't
|
|
really secret. */
|
|
#define SECRETS_DOMAIN_SID "SECRETS/SID"
|
|
#define SECRETS_SAM_SID "SAM/SID"
|
|
|
|
/* The domain GUID and server GUID (NOT the same) are also not secret */
|
|
#define SECRETS_DOMAIN_GUID "SECRETS/DOMGUID"
|
|
#define SECRETS_SERVER_GUID "SECRETS/GUID"
|
|
|
|
#define SECRETS_LDAP_BIND_PW "SECRETS/LDAP_BIND_PW"
|
|
|
|
#define SECRETS_LOCAL_SCHANNEL_KEY "SECRETS/LOCAL_SCHANNEL_KEY"
|
|
|
|
/* Authenticated user info is stored in secrets.tdb under these keys */
|
|
|
|
#define SECRETS_AUTH_USER "SECRETS/AUTH_USER"
|
|
#define SECRETS_AUTH_DOMAIN "SECRETS/AUTH_DOMAIN"
|
|
#define SECRETS_AUTH_PASSWORD "SECRETS/AUTH_PASSWORD"
|
|
|
|
/* structure for storing machine account password
|
|
(ie. when samba server is member of a domain */
|
|
struct machine_acct_pass {
|
|
uint8 hash[16];
|
|
time_t mod_time;
|
|
};
|
|
|
|
/*
|
|
* trusted domain entry/entries returned by secrets_get_trusted_domains
|
|
* (used in _lsa_enum_trust_dom call)
|
|
*/
|
|
struct trustdom_info {
|
|
char *name;
|
|
DOM_SID sid;
|
|
};
|
|
|
|
/*
|
|
* Format of an OpenAFS keyfile
|
|
*/
|
|
|
|
#define SECRETS_AFS_MAXKEYS 8
|
|
|
|
struct afs_key {
|
|
uint32 kvno;
|
|
char key[8];
|
|
};
|
|
|
|
struct afs_keyfile {
|
|
uint32 nkeys;
|
|
struct afs_key entry[SECRETS_AFS_MAXKEYS];
|
|
};
|
|
|
|
#define SECRETS_AFS_KEYFILE "SECRETS/AFS_KEYFILE"
|
|
|
|
#endif /* _SECRETS_H */
|