xref: /onnv-gate/usr/src/uts/common/smbsrv/netrauth.h (revision 5331:3047ad28a67b) 
1*5331Samw /*
2*5331Samw  * CDDL HEADER START
3*5331Samw  *
4*5331Samw  * The contents of this file are subject to the terms of the
5*5331Samw  * Common Development and Distribution License (the "License").
6*5331Samw  * You may not use this file except in compliance with the License.
7*5331Samw  *
8*5331Samw  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9*5331Samw  * or http://www.opensolaris.org/os/licensing.
10*5331Samw  * See the License for the specific language governing permissions
11*5331Samw  * and limitations under the License.
12*5331Samw  *
13*5331Samw  * When distributing Covered Code, include this CDDL HEADER in each
14*5331Samw  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15*5331Samw  * If applicable, add the following below this CDDL HEADER, with the
16*5331Samw  * fields enclosed by brackets "[]" replaced with your own identifying
17*5331Samw  * information: Portions Copyright [yyyy] [name of copyright owner]
18*5331Samw  *
19*5331Samw  * CDDL HEADER END
20*5331Samw  */
21*5331Samw /*
22*5331Samw  * Copyright 2007 Sun Microsystems, Inc.  All rights reserved.
23*5331Samw  * Use is subject to license terms.
24*5331Samw  */
25*5331Samw 
26*5331Samw #ifndef _SMBSRV_NETRAUTH_H
27*5331Samw #define	_SMBSRV_NETRAUTH_H
28*5331Samw 
29*5331Samw #pragma ident	"%Z%%M%	%I%	%E% SMI"
30*5331Samw 
31*5331Samw 
32*5331Samw /*
33*5331Samw  * Interface definitions for the NETR remote authentication and logon
34*5331Samw  * services.
35*5331Samw  */
36*5331Samw 
37*5331Samw #include <sys/types.h>
38*5331Samw #include <smbsrv/wintypes.h>
39*5331Samw #include <smbsrv/mlsvc.h>
40*5331Samw 
41*5331Samw #ifndef _KERNEL
42*5331Samw #include <syslog.h>
43*5331Samw #endif /* _KERNEL */
44*5331Samw 
45*5331Samw #ifdef __cplusplus
46*5331Samw extern "C" {
47*5331Samw #endif
48*5331Samw 
49*5331Samw /*
50*5331Samw  * See also netlogon.ndl.
51*5331Samw  */
52*5331Samw #define	NETR_WKSTA_TRUST_ACCOUNT_TYPE		0x02
53*5331Samw #define	NETR_DOMAIN_TRUST_ACCOUNT_TYPE		0x04
54*5331Samw 
55*5331Samw /*
56*5331Samw  * Negotiation flags for challenge/response authentication.
57*5331Samw  * The extra flag (0x40000000) was added in SP4.
58*5331Samw  */
59*5331Samw #define	NETR_NEGOTIATE_FLAGS			0x000001FF
60*5331Samw #define	NETR_NEGOTIATE_SP4_FLAG			0x40000000
61*5331Samw 
62*5331Samw #define	NETR_SESSION_KEY_SZ			8
63*5331Samw #define	NETR_CRED_DATA_SZ			8
64*5331Samw #define	NETR_OWF_PASSWORD_SZ			16
65*5331Samw 
66*5331Samw 
67*5331Samw /*
68*5331Samw  * SAM logon levels: interactive and network.
69*5331Samw  */
70*5331Samw #define	NETR_INTERACTIVE_LOGON			0x01
71*5331Samw #define	NETR_NETWORK_LOGON			0x02
72*5331Samw 
73*5331Samw 
74*5331Samw /*
75*5331Samw  * SAM logon validation levels.
76*5331Samw  */
77*5331Samw #define	NETR_VALIDATION_LEVEL3			0x03
78*5331Samw 
79*5331Samw 
80*5331Samw /*
81*5331Samw  * This is a duplicate of the netr_credential
82*5331Samw  * from netlogon.ndl.
83*5331Samw  */
84*5331Samw typedef struct netr_cred {
85*5331Samw     BYTE data[NETR_CRED_DATA_SZ];
86*5331Samw } netr_cred_t;
87*5331Samw 
88*5331Samw 
89*5331Samw 
90*5331Samw #define	NETR_FLG_NULL		0x00000001
91*5331Samw #define	NETR_FLG_VALID		0x00000001
92*5331Samw #define	NETR_FLG_INIT		0x00000002
93*5331Samw 
94*5331Samw 
95*5331Samw typedef struct netr_info {
96*5331Samw 	DWORD flags;
97*5331Samw 	char server[MLSVC_DOMAIN_NAME_MAX * 2];
98*5331Samw 	char hostname[MLSVC_DOMAIN_NAME_MAX * 2];
99*5331Samw 	netr_cred_t client_challenge;
100*5331Samw 	netr_cred_t server_challenge;
101*5331Samw 	netr_cred_t client_credential;
102*5331Samw 	netr_cred_t server_credential;
103*5331Samw 	BYTE session_key[NETR_SESSION_KEY_SZ];
104*5331Samw 	BYTE password[MLSVC_MACHINE_ACCT_PASSWD_MAX];
105*5331Samw 	time_t timestamp;
106*5331Samw } netr_info_t;
107*5331Samw 
108*5331Samw /*
109*5331Samw  * netr_client_t flags
110*5331Samw  *
111*5331Samw  * NETR_CFLG_ANON               Anonymous connection
112*5331Samw  * NETR_CFLG_LOCAL              Local user
113*5331Samw  * NETR_CFLG_DOMAIN		Domain user
114*5331Samw  */
115*5331Samw #define	NETR_CFLG_ANON  	0x01
116*5331Samw #define	NETR_CFLG_LOCAL 	0x02
117*5331Samw #define	NETR_CFLG_DOMAIN	0x04
118*5331Samw 
119*5331Samw 
120*5331Samw typedef struct netr_client {
121*5331Samw 	uint16_t logon_level;
122*5331Samw 	char *username;
123*5331Samw 	char *domain;
124*5331Samw 	char *workstation;
125*5331Samw 	uint32_t ipaddr;
126*5331Samw 	struct {
127*5331Samw 		uint32_t challenge_key_len;
128*5331Samw 		uint8_t *challenge_key_val;
129*5331Samw 	} challenge_key;
130*5331Samw 	struct {
131*5331Samw 		uint32_t nt_password_len;
132*5331Samw 		uint8_t *nt_password_val;
133*5331Samw 	} nt_password;
134*5331Samw 	struct {
135*5331Samw 		uint32_t lm_password_len;
136*5331Samw 		uint8_t *lm_password_val;
137*5331Samw 	} lm_password;
138*5331Samw 	uint32_t logon_id;
139*5331Samw 	int native_os;
140*5331Samw 	int native_lm;
141*5331Samw 	uint32_t local_ipaddr;
142*5331Samw 	uint16_t local_port;
143*5331Samw 	uint32_t flags;
144*5331Samw } netr_client_t;
145*5331Samw 
146*5331Samw 
147*5331Samw /*
148*5331Samw  * NETLOGON private interface.
149*5331Samw  */
150*5331Samw int netr_gen_session_key(netr_info_t *netr_info);
151*5331Samw 
152*5331Samw int netr_gen_credentials(BYTE *session_key, netr_cred_t *challenge,
153*5331Samw     DWORD timestamp, netr_cred_t *out_cred);
154*5331Samw 
155*5331Samw 
156*5331Samw #define	NETR_A2H(c) (isdigit(c)) ? ((c) - '0') : ((c) - 'A' + 10)
157*5331Samw 
158*5331Samw #ifdef __cplusplus
159*5331Samw }
160*5331Samw #endif
161*5331Samw 
162*5331Samw #endif /* _SMBSRV_NETRAUTH_H */
163