diff options
author | Joseph Sutton <josephsutton@catalyst.net.nz> | 2022-03-04 16:17:40 +1300 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2022-09-09 00:14:38 +0000 |
commit | 88c9e2af205cc8327d4977b9ca0ea626b6a3c1e1 (patch) | |
tree | d433157ec3ea6f2e73702b3adcf71fe736298aec /librpc | |
parent | e53455497c90be9665905fa878efb40872efa09b (diff) | |
download | samba-88c9e2af205cc8327d4977b9ca0ea626b6a3c1e1.tar.gz |
krb5pac.idl: Add definitions for claims PAC buffers
The PAC device info definition comes from [MS-PAC] 2.12.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Diffstat (limited to 'librpc')
-rw-r--r-- | librpc/idl/krb5pac.idl | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/librpc/idl/krb5pac.idl b/librpc/idl/krb5pac.idl index bbe4a253e3a..d2f8414d69e 100644 --- a/librpc/idl/krb5pac.idl +++ b/librpc/idl/krb5pac.idl @@ -1,5 +1,10 @@ /* krb5 PAC + + Portions obtained from MS-KILE which is Copyright © 2021 Microsoft + Corporation as permitted by the Open Specifications terms + reproduced in IDL_LICENCE.txt + */ #include "idl_types.h" @@ -133,6 +138,21 @@ interface krb5pac PAC_CONSTRAINED_DELEGATION *info; } PAC_CONSTRAINED_DELEGATION_CTR; + typedef struct { + uint32 rid; + uint32 primary_gid; + dom_sid2 *domain_sid; + samr_RidWithAttributeArray groups; + uint32 sid_count; + [size_is(sid_count)] netr_SidAttr *sids; + uint32 domain_group_count; + [size_is(domain_group_count)] PAC_DOMAIN_GROUP_MEMBERSHIP *domain_groups; + } PAC_DEVICE_INFO; + + typedef struct { + PAC_DEVICE_INFO *info; + } PAC_DEVICE_INFO_CTR; + typedef [public,v1_enum] enum { PAC_TYPE_LOGON_INFO = 1, PAC_TYPE_CREDENTIAL_INFO = 2, @@ -165,6 +185,9 @@ interface krb5pac [case(PAC_TYPE_TICKET_CHECKSUM)] PAC_SIGNATURE_DATA ticket_checksum; [case(PAC_TYPE_ATTRIBUTES_INFO)] PAC_ATTRIBUTES_INFO attributes_info; [case(PAC_TYPE_REQUESTER_SID)] PAC_REQUESTER_SID requester_sid; + [case(PAC_TYPE_CLIENT_CLAIMS_INFO)][subcontext(0)] DATA_BLOB_REM client_claims_info; + [case(PAC_TYPE_DEVICE_INFO)][subcontext(0xFFFFFC01)] PAC_DEVICE_INFO_CTR device_info; + [case(PAC_TYPE_DEVICE_CLAIMS_INFO)][subcontext(0)] DATA_BLOB_REM device_claims_info; /* when new PAC info types are added they are supposed to be done in such a way that they are backwards compatible with existing servers. This makes it safe to just use a [default] for |