Context Navigation

← Previous Revision
Next Revision →
Normal
Revision Log

secrets.h

Visit:

Last change on this file was 745, checked in by Silvan Scherrer, 13 years ago
Samba Server: updated trunk to 3.6.0
File size: 5.4 KB

Rev	Line
[480]	1	/*
	2	* Unix SMB/CIFS implementation.
	3	* secrets.tdb file format info
	4	* Copyright (C) Andrew Tridgell 2000
	5	*
	6	* This program is free software; you can redistribute it and/or modify it
	7	* under the terms of the GNU General Public License as published by the
	8	* Free Software Foundation; either version 3 of the License, or (at your
	9	* option) any later version.
	10	*
	11	* This program is distributed in the hope that it will be useful, but WITHOUT
	12	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
	13	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
	14	* more details.
	15	*
	16	* You should have received a copy of the GNU General Public License along with
	17	* this program; if not, see <http://www.gnu.org/licenses/>.
	18	*/
	19
	20	#ifndef _SECRETS_H
	21	#define _SECRETS_H
	22
	23	/* the first one is for the hashed password (NT4 style) the latter
	24	for plaintext (ADS)
	25	*/
	26	#define SECRETS_MACHINE_ACCT_PASS "SECRETS/$MACHINE.ACC"
	27	#define SECRETS_MACHINE_PASSWORD "SECRETS/MACHINE_PASSWORD"
	28	#define SECRETS_MACHINE_PASSWORD_PREV "SECRETS/MACHINE_PASSWORD.PREV"
	29	#define SECRETS_MACHINE_LAST_CHANGE_TIME "SECRETS/MACHINE_LAST_CHANGE_TIME"
	30	#define SECRETS_MACHINE_SEC_CHANNEL_TYPE "SECRETS/MACHINE_SEC_CHANNEL_TYPE"
	31	#define SECRETS_MACHINE_TRUST_ACCOUNT_NAME "SECRETS/SECRETS_MACHINE_TRUST_ACCOUNT_NAME"
	32	/* this one is for storing trusted domain account password */
	33	#define SECRETS_DOMTRUST_ACCT_PASS "SECRETS/$DOMTRUST.ACC"
	34
	35	/* Store the principal name used for Kerberos DES key salt under this key name. */
	36	#define SECRETS_SALTING_PRINCIPAL "SECRETS/SALTING_PRINCIPAL"
	37
	38	/* The domain sid and our sid are stored here even though they aren't
	39	really secret. */
	40	#define SECRETS_DOMAIN_SID "SECRETS/SID"
	41	#define SECRETS_SAM_SID "SAM/SID"
	42
	43	/* The domain GUID and server GUID (NOT the same) are also not secret */
	44	#define SECRETS_DOMAIN_GUID "SECRETS/DOMGUID"
	45	#define SECRETS_SERVER_GUID "SECRETS/GUID"
	46
	47	#define SECRETS_LDAP_BIND_PW "SECRETS/LDAP_BIND_PW"
	48
	49	#define SECRETS_LOCAL_SCHANNEL_KEY "SECRETS/LOCAL_SCHANNEL_KEY"
	50
	51	/* Authenticated user info is stored in secrets.tdb under these keys */
	52
	53	#define SECRETS_AUTH_USER "SECRETS/AUTH_USER"
	54	#define SECRETS_AUTH_DOMAIN "SECRETS/AUTH_DOMAIN"
	55	#define SECRETS_AUTH_PASSWORD "SECRETS/AUTH_PASSWORD"
	56
	57	/* structure for storing machine account password
	58	(ie. when samba server is member of a domain */
	59	struct machine_acct_pass {
	60	uint8 hash[16];
	61	time_t mod_time;
	62	};
	63
	64	/*
	65	* Format of an OpenAFS keyfile
	66	*/
	67
	68	#define SECRETS_AFS_MAXKEYS 8
	69
	70	struct afs_key {
	71	uint32 kvno;
	72	char key[8];
	73	};
	74
	75	struct afs_keyfile {
	76	uint32 nkeys;
	77	struct afs_key entry[SECRETS_AFS_MAXKEYS];
	78	};
	79
	80	#define SECRETS_AFS_KEYFILE "SECRETS/AFS_KEYFILE"
	81
[745]	82	/* The following definitions come from passdb/secrets.c */
[480]	83
[745]	84	bool secrets_init(void);
	85	struct db_context *secrets_db_ctx(void);
	86	void secrets_shutdown(void);
	87	void secrets_fetch(const char key, size_t *size);
	88	bool secrets_store(const char key, const void data, size_t size);
	89	bool secrets_delete(const char *key);
	90	bool secrets_store_domain_sid(const char domain, const struct dom_sid sid);
	91	bool secrets_fetch_domain_sid(const char domain, struct dom_sid sid);
	92	bool secrets_store_domain_guid(const char domain, struct GUID guid);
	93	bool secrets_fetch_domain_guid(const char domain, struct GUID guid);
	94	void secrets_get_trust_account_lock(TALLOC_CTX mem_ctx, const char *domain);
	95	enum netr_SchannelType get_default_sec_channel(void);
	96	bool secrets_fetch_trust_account_password_legacy(const char *domain,
	97	uint8 ret_pwd[16],
	98	time_t *pass_last_set_time,
	99	enum netr_SchannelType *channel);
	100	bool secrets_fetch_trust_account_password(const char *domain, uint8 ret_pwd[16],
	101	time_t *pass_last_set_time,
	102	enum netr_SchannelType *channel);
	103	bool secrets_fetch_trusted_domain_password(const char domain, char* pwd,
	104	struct dom_sid sid, time_t pass_last_set_time);
	105	bool secrets_store_trusted_domain_password(const char* domain, const char* pwd,
	106	const struct dom_sid *sid);
	107	bool secrets_delete_machine_password(const char *domain);
	108	bool secrets_delete_machine_password_ex(const char *domain);
	109	bool secrets_delete_domain_sid(const char *domain);
	110	bool secrets_store_machine_password(const char pass, const char domain, enum netr_SchannelType sec_channel);
	111	char secrets_fetch_prev_machine_password(const char domain);
	112	char secrets_fetch_machine_password(const char domain,
	113	time_t *pass_last_set_time,
	114	enum netr_SchannelType *channel);
	115	bool trusted_domain_password_delete(const char *domain);
	116	bool secrets_store_ldap_pw(const char* dn, char* pw);
	117	bool fetch_ldap_pw(char dn, char pw);
	118	struct trustdom_info;
	119	NTSTATUS secrets_trusted_domains(TALLOC_CTX mem_ctx, uint32 num_domains,
	120	struct trustdom_info ***domains);
	121	bool secrets_store_afs_keyfile(const char cell, const struct afs_keyfile keyfile);
	122	bool secrets_fetch_afs_key(const char cell, struct afs_key result);
	123	void secrets_fetch_ipc_userpass(char username, char domain, char **password);
	124	bool secrets_store_generic(const char owner, const char key, const char *secret);
	125	char secrets_fetch_generic(const char owner, const char *key);
	126	bool secrets_delete_generic(const char owner, const char key);
	127
[480]	128	#endif /* _SECRETS_H */

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: trunk/server/source3/include/secrets.h

Download in other formats: