From 90222b8fa7d6c7967155d556aa9c73109fd7e03e Mon Sep 17 00:00:00 2001
From: Philipp Gesang <phg@phi-gamma.net>
Date: Wed, 31 Oct 2018 00:03:33 +0100
Subject: sid: predefine more well known constants

Add the constants from MS-DTYP 2.4.2.4 to Sid.WellKnown.
---
 sid.mli | 354 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 346 insertions(+), 8 deletions(-)

(limited to 'sid.mli')

diff --git a/sid.mli b/sid.mli
index 9012df8..f8e34cb 100644
--- a/sid.mli
+++ b/sid.mli
@@ -53,26 +53,364 @@ module PacketRep :
 module WellKnown :
   sig
     val null : t
+    (** The SID {e S-1-0-0}. *)
+
     val everyone : t
+    (** The SID {e S-1-1-0}. *)
+
     val world : t
+    (** Alias for [everyone]. *)
+
     val local : t
+    (** The SID {e S-1-2-0}. *)
+
+    val console_logon : t
+    (** The SID {e S-1-2-1}. *)
+
     val creator_owner_id : t
+    (** The SID {e S-1-3-0}. *)
+
     val creator_group_id : t
+    (** The SID {e S-1-3-1}. *)
+
+    val creator_owner_server : t
+    (** The SID {e S-1-3-2}. *)
+
+    val creator_group_server : t
+    (** The SID {e S-1-3-3}. *)
+
+    val owner_rights : t
+    (** The SID {e S-1-3-4}. *)
+
     val elite : t
 
+    val nt_authority : t
+    (** The SID {e S-1-5}. *)
+
+    val dialup : t
+    (** The SID {e S-1-5-1}. *)
+
+    val network : t
+    (** The SID {e S-1-5-2}. *)
+
+    val batch : t
+    (** The SID {e S-1-5-3}. *)
+
+    val interactive : t
+    (** The SID {e S-1-5-4}. *)
+
+    val logon_id : t
+    (** The SID {e S-1-5-5}. *)
+
+    val service : t
+    (** The SID {e S-1-5-6}. *)
+
+    val anonymous : t
+    (** The SID {e S-1-5-7}. *)
+
+    val proxy : t
+    (** The SID {e S-1-5-8}. *)
+
+    val enterprise_domain_controllers : t
+    (** The SID {e S-1-5-9}. *)
+
+    val principal_self : t
+    (** The SID {e S-1-5-10}. *)
+
+    val authenticated_users : t
+    (** The SID {e S-1-5-11}. *)
+
+    val restricted_code : t
+    (** The SID {e S-1-5-12}. *)
+
+    val terminal_server_user : t
+    (** The SID {e S-1-5-13}. *)
+
+    val remote_interactive_logon : t
+    (** The SID {e S-1-5-14}. *)
+
+    val this_organisation : t
+    (** The SID {e S-1-5-15}. *)
+
+    val iusr : t
+    (** The SID {e S-1-5-17}. *)
+
+    val local_system : t
+    (** The SID {e S-1-5-18}. *)
+
+    val local_service : t
+    (** The SID {e S-1-5-19}. *)
+
+    val compounded_authentication : t
+    (** The SID {e S-1-5-21-0-0-0-496}. *)
+
+    val claims_valid : t
+    (** The SID {e S-1-5-21-0-0-0-497}. *)
+
+    val administrator : Stdint.Uint32.t -> t
+    (** [administrator machine] constructs a SID {e S-1-5-21-[machine]-500}. *)
+
+    val guest : Stdint.Uint32.t -> t
+    (** [guest machine] constructs a SID {e S-1-5-21-[machine]-501}. *)
+
+    val krbtgt : Stdint.Uint32.t -> t
+    (** [krbtgt domain] constructs a SID {e S-1-5-21-[domain]-502}. *)
+
+    val domain_admins : Stdint.Uint32.t -> t
+    (** [domain_admins domain] constructs a SID {e S-1-5-21-[domain]-512}. *)
+
+    val domain_users : Stdint.Uint32.t -> t
+    (** [domain_users domain] constructs a SID {e S-1-5-21-[domain]-513}. *)
+
+    val domain_guests : Stdint.Uint32.t -> t
+    (** [domain_guests domain] constructs a SID {e S-1-5-21-[domain]-514}. *)
+
+    val domain_computers : Stdint.Uint32.t -> t
+    (** [domain_computers domain] constructs a SID {e S-1-5-21-[domain]-515}. *)
+
+    val domain_domain_controllers : Stdint.Uint32.t -> t
+    (** [domain_domain_controllers domain] constructs a SID
+        {e S-1-5-21-[domain]-516}. *)
+
+    val cert_publishers : Stdint.Uint32.t -> t
+    (** [cert_publishers domain] constructs a SID {e S-1-5-21-[domain]-517}. *)
+
+    val schema_administrators : Stdint.Uint32.t -> t
+    (** [schema_administrators root_domain] constructs a SID
+        {e S-1-5-21-[root_domain]-518}. *)
+
+    val enterprise_admins : Stdint.Uint32.t -> t
+    (** [enterprise_admins root_domain] constructs a SID
+        {e S-1-5-21-[root_domain]-519}. *)
+
+    val group_policy_creator_owners : Stdint.Uint32.t -> t
+    (** [group_policy_creator_owners domain] constructs a SID
+        {e S-1-5-21-[domain]-520}. *)
+
+    val readonly_domain_controllers : Stdint.Uint32.t -> t
+    (** [readonly_domain_controllers domain] constructs a SID
+        {e S-1-5-21-[domain]-521}. *)
+
+    val cloneable_controllers : Stdint.Uint32.t -> t
+    (** [cloneable_controllers domain] constructs a SID
+        {e S-1-5-21-[domain]-522}. *)
+
+    val protected_users : Stdint.Uint32.t -> t
+    (** [protected_users domain] constructs a SID {e S-1-5-21-[domain]-525}. *)
+
+    val key_admins : Stdint.Uint32.t -> t
+    (** [key_admins domain] constructs a SID {e S-1-5-21-[domain]-526}. *)
+
+    val enterprise_key_admins : Stdint.Uint32.t -> t
+    (** [enterprise_key_admins domain] constructs a SID {e S-1-5-21-[domain]-527}. *)
+
+    val ras_servers : Stdint.Uint32.t -> t
+    (** [ras_servers domain] constructs a SID {e S-1-5-21-[domain]-553}. *)
+
+    val allowed_rodc_password_replication_group : Stdint.Uint32.t -> t
+    (** [allowed_rodc_password_replication_group domain] constructs a SID
+        {e S-1-5-21-[domain]-571}. *)
+
+    val denied_rodc_password_replication_group : Stdint.Uint32.t -> t
+    (** [denied_rodc_password_replication_group domain] constructs a SID
+        {e S-1-5-21-[domain]-572}. *)
+
+    val builtin_administrators : t
+    (** The SID {e S-1-5-32-544}. *)
+
+    val builtin_users : t
+    (** The SID {e S-1-5-32-545}. *)
+
+    val builtin_guests : t
+    (** The SID {e S-1-5-32-546}. *)
+
+    val power_users : t
+    (** The SID {e S-1-5-32-547}. *)
+
+    val account_operators : t
+    (** The SID {e S-1-5-32-548}. *)
+
+    val server_operators : t
+    (** The SID {e S-1-5-32-549}. *)
+
+    val printer_operators : t
+    (** The SID {e S-1-5-32-550}. *)
+
+    val backup_operators : t
+    (** The SID {e S-1-5-32-551}. *)
+
+    val replicator : t
+    (** The SID {e S-1-5-32-552}. *)
+
+    val alias_prew2kcompacc : t
+    (** The SID {e S-1-5-32-554}. *)
+
+    val remote_desktop : t
+    (** The SID {e S-1-5-32-555}. *)
+
+    val network_configuration_ops : t
+    (** The SID {e S-1-5-32-556}. *)
+
+    val incoming_forest_trust_builders : t
+    (** The SID {e S-1-5-32-557}. *)
+
+    val perfmon_users : t
+    (** The SID {e S-1-5-32-558}. *)
+
+    val perflog_users : t
+    (** The SID {e S-1-5-32-559}. *)
+
+    val windows_authorization_access_group : t
+    (** The SID {e S-1-5-32-560}. *)
+
+    val terminal_server_license_servers : t
+    (** The SID {e S-1-5-32-561}. *)
+
+    val distributed_com_users : t
+    (** The SID {e S-1-5-32-562}. *)
+
+    val iis_iusrs : t
+    (** The SID {e S-1-5-32-568}. *)
+
+    val cryptographic_operators : t
+    (** The SID {e S-1-5-32-569}. *)
+
+    val event_log_readers : t
+    (** The SID {e S-1-5-32-573}. *)
+
+    val certificate_service_dcom_access : t
+    (** The SID {e S-1-5-32-574}. *)
+
+    val rds_remote_access_servers : t
+    (** The SID {e S-1-5-32-575}. *)
+
+    val rds_endpoint_servers : t
+    (** The SID {e S-1-5-32-576}. *)
+
+    val rds_management_servers : t
+    (** The SID {e S-1-5-32-577}. *)
+
+    val hyper_v_admins : t
+    (** The SID {e S-1-5-32-578}. *)
+
+    val access_control_assistance_ops : t
+    (** The SID {e S-1-5-32-579}. *)
+
+    val remote_management_users : t
+    (** The SID {e S-1-5-32-580}. *)
+
+    val write_restricted_code : t
+    (** The SID {e S-1-5-33}. *)
+
+    val ntlm_authentication : t
+    (** The SID {e S-1-5-64-10}. *)
+
+    val schannel_authentication : t
+    (** The SID {e S-1-5-64-14}. *)
+
+    val digest_authentication : t
+    (** The SID {e S-1-5-64-21}. *)
+
+    val this_organization_certificate : t
+    (** The SID {e S-1-5-65-1}. *)
+
+    val nt_service : t
+    (** The SID {e S-1-5-80}. *)
+
+    val user_mode_drivers : t
+    (** The SID {e S-1-5-84-0-0-0-0-0}. *)
+
+    val local_account : t
+    (** The SID {e S-1-5-113}. *)
+
+    val local_account_and_member_of_administrators_group : t
+    (** The SID {e S-1-5-114}. *)
+
+    val other_organization : t
+    (** The SID {e S-1-5-1000}. *)
+
+    val all_app_packages : t
+    (** The SID {e S-1-15-2-1}. *)
+
+    val ml_untrusted : t
+    (** The SID {e S-1-16-0}. *)
+
+    val ml_low : t
+    (** The SID {e S-1-16-4096}. *)
+
+    val ml_medium : t
+    (** The SID {e S-1-16-8192}. *)
+
+    val ml_medium_plus : t
+    (** The SID {e S-1-16-8448}. *)
+
+    val ml_high : t
+    (** The SID {e S-1-16-12288}. *)
+
+    val ml_system : t
+    (** The SID {e S-1-16-16384}. *)
+
+    val ml_protected_process : t
+    (** The SID {e S-1-16-20480}. *)
+
+    val ml_secure_process : t
+    (** The SID {e S-1-16-28672}. *)
+
+    val authentication_authority_asserted_identity : t
+    (** The SID {e S-1-18-1}. *)
+
+    val service_asserted_identity : t
+    (** The SID {e S-1-18-2}. *)
+
+    val fresh_public_key_identity : t
+    (** The SID {e S-1-18-3}. *)
+
+    val key_trust_identity : t
+    (** The SID {e S-1-18-4}. *)
+
+    val key_property_mfa : t
+    (** The SID {e S-1-18-5}. *)
+
+    val key_property_attestation : t
+    (** The SID {e S-1-18-6}. *)
+
     module Prefix :
       sig
-        type toplevel_auth = ?sa:sub_auths -> unit -> t
+        val security_null_sid_authority : ?sa:sub_auths -> unit -> t
+        (** [security_null_sid_authority sub_auths ()] constructs a SID
+            {e S-1-0-[sub_auths]…}. *)
+
+        val security_world_sid_authority : ?sa:sub_auths -> unit -> t
+        (** [security_world_sid_authority sub_auths ()] constructs a SID
+            {e S-1-1-[sub_auths]…}. *)
+
+        val security_local_sid_authority : ?sa:sub_auths -> unit -> t
+        (** [security_local_sid_authority sub_auths ()] constructs a SID
+            {e S-1-2-[sub_auths]…}. *)
 
-        val security_null_sid_authority    : toplevel_auth
-        val security_world_sid_authority   : ?sa:sub_auths -> unit -> t
-        val security_local_sid_authority   : ?sa:sub_auths -> unit -> t
         val security_creator_sid_authority : ?sa:sub_auths -> unit -> t
-        val security_nt_authority          : ?sa:sub_auths -> unit -> t
-        val security_app_package_authority      : ?sa:sub_auths -> unit -> t
-        val security_mandatory_label_authority  : ?sa:sub_auths -> unit -> t
+        (** [security_creator_sid_authority sub_auths ()] constructs a SID
+            {e S-1-3-[sub_auths]…}. *)
+
+        val security_nt_authority : ?sa:sub_auths -> unit -> t
+        (** [security_nt_authority sub_auths ()] constructs a SID
+            {e S-1-5-[sub_auths]…}. *)
+
+        val security_app_package_authority : ?sa:sub_auths -> unit -> t
+        (** [security_app_package_authority sub_auths ()] constructs a SID
+            {e S-1-15-[sub_auths]…}. *)
+
+        val security_mandatory_label_authority : ?sa:sub_auths -> unit -> t
+        (** [security_mandatory_label_authority sub_auths ()] constructs a SID
+            {e S-1-16-[sub_auths]…}. *)
+
         val security_scoped_policy_id_authority : ?sa:sub_auths -> unit -> t
-        val security_authentication_authority   : ?sa:sub_auths -> unit -> t
+        (** [security_scoped_policy_id_authority sub_auths ()] constructs a SID
+            {e S-1-17-[sub_auths]…}. *)
+
+        val security_authentication_authority : ?sa:sub_auths -> unit -> t
+        (** [security_authentication_authority sub_auths ()] constructs a SID
+            {e S-1-18-[sub_auths]…}. *)
       end
   end
 
-- 
cgit v1.2.3