1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-25 06:04:04 +03:00
Pavel Filipenský 5f70396e62 idl: secrets_domain_info1_change is not a recursive structure
575d39048e3b4f619d65d65303ac809c40c5d495 has marked
several structures as recursive, they contain typically a
backpointer named '* next'. secrets_domain_info1 is not self
recursive, it only contains a pointer named '*next_change'.

Signed-off-by: Pavel Filipenský <pfilipen@redhat.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Jun 29 03:07:17 UTC 2021 on sn-devel-184
2021-06-29 03:07:17 +00:00

132 lines
3.2 KiB
Plaintext

#include "idl_types.h"
import "misc.idl", "samr.idl", "lsa.idl", "netlogon.idl", "security.idl";
/*
IDL structures for secrets code
*/
[
pointer_default(unique)
]
interface secrets
{
/*
* s3 on-disc storage structure for trusted domains, do not change !
*/
typedef [flag(NDR_NOALIGN),public] struct {
[value(strlen_m_term(uni_name))] uint32 uni_name_len;
[charset(UTF16)] uint16 uni_name[32]; /* unicode domain name */
[value(strlen(pass))] uint32 pass_len;
astring pass; /* trust relationship's password */
time_t mod_time;
dom_sid domain_sid; /* remote domain's sid */
} TRUSTED_DOM_PASS;
/*
* s3 on-disc storage structure for lsa secrets, do not change !
*/
typedef [public] struct {
DATA_BLOB *secret_current;
NTTIME secret_current_lastchange;
DATA_BLOB *secret_old;
NTTIME secret_old_lastchange;
security_descriptor *sd;
} lsa_secret;
/*
* This is the on-disc format the workstation trust.
*
* DO NOT CHANGE
* without changing secrets_domain_info_version
* and adding glue code. Discuss on samba-technical
* first!
*/
typedef struct {
uint32 keytype;
uint32 iteration_count;
[flag(NDR_SECRET)] DATA_BLOB value;
} secrets_domain_info1_kerberos_key;
typedef struct {
NTTIME change_time;
[string,charset(UTF16)] uint16 change_server[];
[flag(NDR_SECRET)] DATA_BLOB cleartext_blob;
[flag(NDR_SECRET)] samr_Password nt_hash;
[string,charset(UTF16)] uint16 *salt_data;
uint32 default_iteration_count;
uint16 num_keys;
secrets_domain_info1_kerberos_key keys[num_keys];
} secrets_domain_info1_password;
typedef struct {
NTSTATUS local_status;
NTSTATUS remote_status;
NTTIME change_time;
[string,charset(UTF16)] uint16 change_server[];
[ref] secrets_domain_info1_password *password;
} secrets_domain_info1_change;
typedef [public] struct {
[value(0)] hyper reserved_flags;
NTTIME join_time;
[string,charset(UTF16)] uint16 computer_name[];
[string,charset(UTF16)] uint16 account_name[];
netr_SchannelType secure_channel_type;
lsa_DnsDomainInfo domain_info;
netr_TrustFlags trust_flags;
lsa_TrustType trust_type;
lsa_TrustAttributes trust_attributes;
/*
* This is unused currently, it might
* be useful to implement multi-tenancy (joining multiple domains)
* in future.
*
* Or we could use it to do other filtering of domains.
*/
[value(NULL)] lsa_ForestTrustInformation *reserved_routing;
kerb_EncTypes supported_enc_types;
[string,charset(UTF16)] uint16 *salt_principal;
NTTIME password_last_change;
hyper password_changes;
secrets_domain_info1_change *next_change;
[ref] secrets_domain_info1_password *password;
secrets_domain_info1_password *old_password;
secrets_domain_info1_password *older_password;
} secrets_domain_info1;
typedef [v1_enum] enum {
SECRETS_DOMAIN_INFO_VERSION_1 = 0x00000001
} secrets_domain_info_version;
/*
* If we ever need to change this we need to
* change secrets_domain_info into
* secrets_domain_info_v1
*/
typedef union {
[case(SECRETS_DOMAIN_INFO_VERSION_1)]
secrets_domain_info1 *info1;
[default];
} secrets_domain_infoU;
typedef [public] struct {
secrets_domain_info_version version;
[value(0)] uint32 reserved;
[switch_is(version)] secrets_domain_infoU info;
} secrets_domain_infoB;
}