Home | History | Annotate | Download | only in smbsrv
      1 /*
      2  * CDDL HEADER START
      3  *
      4  * The contents of this file are subject to the terms of the
      5  * Common Development and Distribution License (the "License").
      6  * You may not use this file except in compliance with the License.
      7  *
      8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
      9  * or http://www.opensolaris.org/os/licensing.
     10  * See the License for the specific language governing permissions
     11  * and limitations under the License.
     12  *
     13  * When distributing Covered Code, include this CDDL HEADER in each
     14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
     15  * If applicable, add the following below this CDDL HEADER, with the
     16  * fields enclosed by brackets "[]" replaced with your own identifying
     17  * information: Portions Copyright [yyyy] [name of copyright owner]
     18  *
     19  * CDDL HEADER END
     20  */
     21 /*
     22  * Copyright 2007 Sun Microsystems, Inc.  All rights reserved.
     23  * Use is subject to license terms.
     24  */
     25 
     26 #ifndef _SMBSRV_NETRAUTH_H
     27 #define	_SMBSRV_NETRAUTH_H
     28 
     29 #pragma ident	"@(#)netrauth.h	1.1	07/10/25 SMI"
     30 
     31 
     32 /*
     33  * Interface definitions for the NETR remote authentication and logon
     34  * services.
     35  */
     36 
     37 #include <sys/types.h>
     38 #include <smbsrv/wintypes.h>
     39 #include <smbsrv/mlsvc.h>
     40 
     41 #ifndef _KERNEL
     42 #include <syslog.h>
     43 #endif /* _KERNEL */
     44 
     45 #ifdef __cplusplus
     46 extern "C" {
     47 #endif
     48 
     49 /*
     50  * See also netlogon.ndl.
     51  */
     52 #define	NETR_WKSTA_TRUST_ACCOUNT_TYPE		0x02
     53 #define	NETR_DOMAIN_TRUST_ACCOUNT_TYPE		0x04
     54 
     55 /*
     56  * Negotiation flags for challenge/response authentication.
     57  * The extra flag (0x40000000) was added in SP4.
     58  */
     59 #define	NETR_NEGOTIATE_FLAGS			0x000001FF
     60 #define	NETR_NEGOTIATE_SP4_FLAG			0x40000000
     61 
     62 #define	NETR_SESSION_KEY_SZ			8
     63 #define	NETR_CRED_DATA_SZ			8
     64 #define	NETR_OWF_PASSWORD_SZ			16
     65 
     66 
     67 /*
     68  * SAM logon levels: interactive and network.
     69  */
     70 #define	NETR_INTERACTIVE_LOGON			0x01
     71 #define	NETR_NETWORK_LOGON			0x02
     72 
     73 
     74 /*
     75  * SAM logon validation levels.
     76  */
     77 #define	NETR_VALIDATION_LEVEL3			0x03
     78 
     79 
     80 /*
     81  * This is a duplicate of the netr_credential
     82  * from netlogon.ndl.
     83  */
     84 typedef struct netr_cred {
     85     BYTE data[NETR_CRED_DATA_SZ];
     86 } netr_cred_t;
     87 
     88 
     89 
     90 #define	NETR_FLG_NULL		0x00000001
     91 #define	NETR_FLG_VALID		0x00000001
     92 #define	NETR_FLG_INIT		0x00000002
     93 
     94 
     95 typedef struct netr_info {
     96 	DWORD flags;
     97 	char server[MLSVC_DOMAIN_NAME_MAX * 2];
     98 	char hostname[MLSVC_DOMAIN_NAME_MAX * 2];
     99 	netr_cred_t client_challenge;
    100 	netr_cred_t server_challenge;
    101 	netr_cred_t client_credential;
    102 	netr_cred_t server_credential;
    103 	BYTE session_key[NETR_SESSION_KEY_SZ];
    104 	BYTE password[MLSVC_MACHINE_ACCT_PASSWD_MAX];
    105 	time_t timestamp;
    106 } netr_info_t;
    107 
    108 /*
    109  * netr_client_t flags
    110  *
    111  * NETR_CFLG_ANON               Anonymous connection
    112  * NETR_CFLG_LOCAL              Local user
    113  * NETR_CFLG_DOMAIN		Domain user
    114  */
    115 #define	NETR_CFLG_ANON  	0x01
    116 #define	NETR_CFLG_LOCAL 	0x02
    117 #define	NETR_CFLG_DOMAIN	0x04
    118 
    119 
    120 typedef struct netr_client {
    121 	uint16_t logon_level;
    122 	char *username;
    123 	char *domain;
    124 	char *workstation;
    125 	uint32_t ipaddr;
    126 	struct {
    127 		uint32_t challenge_key_len;
    128 		uint8_t *challenge_key_val;
    129 	} challenge_key;
    130 	struct {
    131 		uint32_t nt_password_len;
    132 		uint8_t *nt_password_val;
    133 	} nt_password;
    134 	struct {
    135 		uint32_t lm_password_len;
    136 		uint8_t *lm_password_val;
    137 	} lm_password;
    138 	uint32_t logon_id;
    139 	int native_os;
    140 	int native_lm;
    141 	uint32_t local_ipaddr;
    142 	uint16_t local_port;
    143 	uint32_t flags;
    144 } netr_client_t;
    145 
    146 
    147 /*
    148  * NETLOGON private interface.
    149  */
    150 int netr_gen_session_key(netr_info_t *netr_info);
    151 
    152 int netr_gen_credentials(BYTE *session_key, netr_cred_t *challenge,
    153     DWORD timestamp, netr_cred_t *out_cred);
    154 
    155 
    156 #define	NETR_A2H(c) (isdigit(c)) ? ((c) - '0') : ((c) - 'A' + 10)
    157 
    158 #ifdef __cplusplus
    159 }
    160 #endif
    161 
    162 #endif /* _SMBSRV_NETRAUTH_H */
    163