source: Daodan/MSYS2/mingw32/i686-w64-mingw32/include/ntsecpkg.h@ 1181

Last change on this file since 1181 was 1166, checked in by rossy, 3 years ago

Daodan: Replace MinGW build env with an up-to-date MSYS2 env

File size: 38.3 KB
Line 
1/**
2 * This file has no copyright assigned and is placed in the Public Domain.
3 * This file is part of the mingw-w64 runtime package.
4 * No warranty is given; refer to the file DISCLAIMER.PD within this package.
5 */
6#ifndef _NTSECPKG_
7#define _NTSECPKG_
8
9#ifdef __cplusplus
10extern "C" {
11#endif
12
13 typedef PVOID *PLSA_CLIENT_REQUEST;
14
15 typedef enum _LSA_TOKEN_INFORMATION_TYPE {
16 LsaTokenInformationNull,
17 LsaTokenInformationV1,
18 LsaTokenInformationV2
19 } LSA_TOKEN_INFORMATION_TYPE,*PLSA_TOKEN_INFORMATION_TYPE;
20
21 typedef struct _LSA_TOKEN_INFORMATION_NULL {
22 LARGE_INTEGER ExpirationTime;
23 PTOKEN_GROUPS Groups;
24 } LSA_TOKEN_INFORMATION_NULL,*PLSA_TOKEN_INFORMATION_NULL;
25
26 typedef struct _LSA_TOKEN_INFORMATION_V1 {
27 LARGE_INTEGER ExpirationTime;
28 TOKEN_USER User;
29 PTOKEN_GROUPS Groups;
30 TOKEN_PRIMARY_GROUP PrimaryGroup;
31 PTOKEN_PRIVILEGES Privileges;
32 TOKEN_OWNER Owner;
33 TOKEN_DEFAULT_DACL DefaultDacl;
34 } LSA_TOKEN_INFORMATION_V1,*PLSA_TOKEN_INFORMATION_V1;
35
36 typedef LSA_TOKEN_INFORMATION_V1 LSA_TOKEN_INFORMATION_V2,*PLSA_TOKEN_INFORMATION_V2;
37 typedef NTSTATUS (NTAPI LSA_CREATE_LOGON_SESSION)(PLUID LogonId);
38 typedef NTSTATUS (NTAPI LSA_DELETE_LOGON_SESSION)(PLUID LogonId);
39 typedef NTSTATUS (NTAPI LSA_ADD_CREDENTIAL)(PLUID LogonId,ULONG AuthenticationPackage,PLSA_STRING PrimaryKeyValue,PLSA_STRING Credentials);
40 typedef NTSTATUS (NTAPI LSA_GET_CREDENTIALS)(PLUID LogonId,ULONG AuthenticationPackage,PULONG QueryContext,BOOLEAN RetrieveAllCredentials,PLSA_STRING PrimaryKeyValue,PULONG PrimaryKeyLength,PLSA_STRING Credentials);
41 typedef NTSTATUS (NTAPI LSA_DELETE_CREDENTIAL)(PLUID LogonId,ULONG AuthenticationPackage,PLSA_STRING PrimaryKeyValue);
42 typedef PVOID (NTAPI LSA_ALLOCATE_LSA_HEAP)(ULONG Length);
43 typedef VOID (NTAPI LSA_FREE_LSA_HEAP)(PVOID Base);
44 typedef PVOID (NTAPI LSA_ALLOCATE_PRIVATE_HEAP)(SIZE_T Length);
45 typedef VOID (NTAPI LSA_FREE_PRIVATE_HEAP)(PVOID Base);
46 typedef NTSTATUS (NTAPI LSA_ALLOCATE_CLIENT_BUFFER)(PLSA_CLIENT_REQUEST ClientRequest,ULONG LengthRequired,PVOID *ClientBaseAddress);
47 typedef NTSTATUS (NTAPI LSA_FREE_CLIENT_BUFFER)(PLSA_CLIENT_REQUEST ClientRequest,PVOID ClientBaseAddress);
48 typedef NTSTATUS (NTAPI LSA_COPY_TO_CLIENT_BUFFER)(PLSA_CLIENT_REQUEST ClientRequest,ULONG Length,PVOID ClientBaseAddress,PVOID BufferToCopy);
49 typedef NTSTATUS (NTAPI LSA_COPY_FROM_CLIENT_BUFFER)(PLSA_CLIENT_REQUEST ClientRequest,ULONG Length,PVOID BufferToCopy,PVOID ClientBaseAddress);
50
51 typedef LSA_CREATE_LOGON_SESSION *PLSA_CREATE_LOGON_SESSION;
52 typedef LSA_DELETE_LOGON_SESSION *PLSA_DELETE_LOGON_SESSION;
53 typedef LSA_ADD_CREDENTIAL *PLSA_ADD_CREDENTIAL;
54 typedef LSA_GET_CREDENTIALS *PLSA_GET_CREDENTIALS;
55 typedef LSA_DELETE_CREDENTIAL *PLSA_DELETE_CREDENTIAL;
56 typedef LSA_ALLOCATE_LSA_HEAP *PLSA_ALLOCATE_LSA_HEAP;
57 typedef LSA_FREE_LSA_HEAP *PLSA_FREE_LSA_HEAP;
58 typedef LSA_ALLOCATE_PRIVATE_HEAP *PLSA_ALLOCATE_PRIVATE_HEAP;
59 typedef LSA_FREE_PRIVATE_HEAP *PLSA_FREE_PRIVATE_HEAP;
60 typedef LSA_ALLOCATE_CLIENT_BUFFER *PLSA_ALLOCATE_CLIENT_BUFFER;
61 typedef LSA_FREE_CLIENT_BUFFER *PLSA_FREE_CLIENT_BUFFER;
62 typedef LSA_COPY_TO_CLIENT_BUFFER *PLSA_COPY_TO_CLIENT_BUFFER;
63 typedef LSA_COPY_FROM_CLIENT_BUFFER *PLSA_COPY_FROM_CLIENT_BUFFER;
64
65 typedef struct _LSA_DISPATCH_TABLE {
66 PLSA_CREATE_LOGON_SESSION CreateLogonSession;
67 PLSA_DELETE_LOGON_SESSION DeleteLogonSession;
68 PLSA_ADD_CREDENTIAL AddCredential;
69 PLSA_GET_CREDENTIALS GetCredentials;
70 PLSA_DELETE_CREDENTIAL DeleteCredential;
71 PLSA_ALLOCATE_LSA_HEAP AllocateLsaHeap;
72 PLSA_FREE_LSA_HEAP FreeLsaHeap;
73 PLSA_ALLOCATE_CLIENT_BUFFER AllocateClientBuffer;
74 PLSA_FREE_CLIENT_BUFFER FreeClientBuffer;
75 PLSA_COPY_TO_CLIENT_BUFFER CopyToClientBuffer;
76 PLSA_COPY_FROM_CLIENT_BUFFER CopyFromClientBuffer;
77 } LSA_DISPATCH_TABLE,*PLSA_DISPATCH_TABLE;
78
79#define LSA_AP_NAME_INITIALIZE_PACKAGE "LsaApInitializePackage\0"
80#define LSA_AP_NAME_LOGON_USER "LsaApLogonUser\0"
81#define LSA_AP_NAME_LOGON_USER_EX "LsaApLogonUserEx\0"
82#define LSA_AP_NAME_CALL_PACKAGE "LsaApCallPackage\0"
83#define LSA_AP_NAME_LOGON_TERMINATED "LsaApLogonTerminated\0"
84#define LSA_AP_NAME_CALL_PACKAGE_UNTRUSTED "LsaApCallPackageUntrusted\0"
85#define LSA_AP_NAME_CALL_PACKAGE_PASSTHROUGH "LsaApCallPackagePassthrough\0"
86
87 typedef NTSTATUS (NTAPI LSA_AP_INITIALIZE_PACKAGE)(ULONG AuthenticationPackageId,PLSA_DISPATCH_TABLE LsaDispatchTable,PLSA_STRING Database,PLSA_STRING Confidentiality,PLSA_STRING *AuthenticationPackageName);
88 typedef NTSTATUS (NTAPI LSA_AP_LOGON_USER)(PLSA_CLIENT_REQUEST ClientRequest,SECURITY_LOGON_TYPE LogonType,PVOID AuthenticationInformation,PVOID ClientAuthenticationBase,ULONG AuthenticationInformationLength,PVOID *ProfileBuffer,PULONG ProfileBufferLength,PLUID LogonId,PNTSTATUS SubStatus,PLSA_TOKEN_INFORMATION_TYPE TokenInformationType,PVOID *TokenInformation,PLSA_UNICODE_STRING *AccountName,PLSA_UNICODE_STRING *AuthenticatingAuthority);
89 typedef NTSTATUS (NTAPI LSA_AP_LOGON_USER_EX)(PLSA_CLIENT_REQUEST ClientRequest,SECURITY_LOGON_TYPE LogonType,PVOID AuthenticationInformation,PVOID ClientAuthenticationBase,ULONG AuthenticationInformationLength,PVOID *ProfileBuffer,PULONG ProfileBufferLength,PLUID LogonId,PNTSTATUS SubStatus,PLSA_TOKEN_INFORMATION_TYPE TokenInformationType,PVOID *TokenInformation,PUNICODE_STRING *AccountName,PUNICODE_STRING *AuthenticatingAuthority,PUNICODE_STRING *MachineName);
90 typedef NTSTATUS (NTAPI LSA_AP_CALL_PACKAGE)(PLSA_CLIENT_REQUEST ClientRequest,PVOID ProtocolSubmitBuffer,PVOID ClientBufferBase,ULONG SubmitBufferLength,PVOID *ProtocolReturnBuffer,PULONG ReturnBufferLength,PNTSTATUS ProtocolStatus);
91 typedef NTSTATUS (NTAPI LSA_AP_CALL_PACKAGE_PASSTHROUGH)(PLSA_CLIENT_REQUEST ClientRequest,PVOID ProtocolSubmitBuffer,PVOID ClientBufferBase,ULONG SubmitBufferLength,PVOID *ProtocolReturnBuffer,PULONG ReturnBufferLength,PNTSTATUS ProtocolStatus);
92 typedef VOID (NTAPI LSA_AP_LOGON_TERMINATED)(PLUID LogonId);
93
94 typedef LSA_AP_CALL_PACKAGE LSA_AP_CALL_PACKAGE_UNTRUSTED;
95 typedef LSA_AP_INITIALIZE_PACKAGE *PLSA_AP_INITIALIZE_PACKAGE;
96 typedef LSA_AP_LOGON_USER *PLSA_AP_LOGON_USER;
97 typedef LSA_AP_LOGON_USER_EX *PLSA_AP_LOGON_USER_EX;
98 typedef LSA_AP_CALL_PACKAGE *PLSA_AP_CALL_PACKAGE;
99 typedef LSA_AP_CALL_PACKAGE_PASSTHROUGH *PLSA_AP_CALL_PACKAGE_PASSTHROUGH;
100 typedef LSA_AP_LOGON_TERMINATED *PLSA_AP_LOGON_TERMINATED;
101 typedef LSA_AP_CALL_PACKAGE_UNTRUSTED *PLSA_AP_CALL_PACKAGE_UNTRUSTED;
102
103#ifndef _SAM_CREDENTIAL_UPDATE_DEFINED
104#define _SAM_CREDENTIAL_UPDATE_DEFINED
105
106 typedef NTSTATUS (*PSAM_CREDENTIAL_UPDATE_NOTIFY_ROUTINE)(PUNICODE_STRING ClearPassword,PVOID OldCredentials,ULONG OldCredentialSize,ULONG UserAccountControl,PUNICODE_STRING UPN,PUNICODE_STRING UserName,PUNICODE_STRING NetbiosDomainName,PUNICODE_STRING DnsDomainName,PVOID *NewCredentials,ULONG *NewCredentialSize);
107
108#define SAM_CREDENTIAL_UPDATE_NOTIFY_ROUTINE "CredentialUpdateNotify"
109
110 typedef BOOLEAN (*PSAM_CREDENTIAL_UPDATE_REGISTER_ROUTINE)(PUNICODE_STRING CredentialName);
111
112#define SAM_CREDENTIAL_UPDATE_REGISTER_ROUTINE "CredentialUpdateRegister"
113
114 typedef VOID (*PSAM_CREDENTIAL_UPDATE_FREE_ROUTINE)(PVOID p);
115
116#define SAM_CREDENTIAL_UPDATE_FREE_ROUTINE "CredentialUpdateFree"
117#endif
118
119#ifdef SECURITY_KERNEL
120
121 typedef PVOID SEC_THREAD_START;
122 typedef PVOID SEC_ATTRS;
123#else
124 typedef LPTHREAD_START_ROUTINE SEC_THREAD_START;
125 typedef LPSECURITY_ATTRIBUTES SEC_ATTRS;
126#endif
127
128#define SecEqualLuid(L1,L2) ((((PLUID)L1)->LowPart==((PLUID)L2)->LowPart) && (((PLUID)L1)->HighPart==((PLUID)L2)->HighPart))
129#define SecIsZeroLuid(L1) ((L1->LowPart | L1->HighPart)==0)
130
131 typedef struct _SECPKG_CLIENT_INFO {
132 LUID LogonId;
133 ULONG ProcessID;
134 ULONG ThreadID;
135 BOOLEAN HasTcbPrivilege;
136 BOOLEAN Impersonating;
137 BOOLEAN Restricted;
138
139 UCHAR ClientFlags;
140 SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
141
142 } SECPKG_CLIENT_INFO,*PSECPKG_CLIENT_INFO;
143
144#define SECPKG_CLIENT_PROCESS_TERMINATED 0x01
145#define SECPKG_CLIENT_THREAD_TERMINATED 0x02
146
147 typedef struct _SECPKG_CALL_INFO {
148 ULONG ProcessId;
149 ULONG ThreadId;
150 ULONG Attributes;
151 ULONG CallCount;
152 } SECPKG_CALL_INFO,*PSECPKG_CALL_INFO;
153
154#define SECPKG_CALL_KERNEL_MODE 0x00000001
155#define SECPKG_CALL_ANSI 0x00000002
156#define SECPKG_CALL_URGENT 0x00000004
157#define SECPKG_CALL_RECURSIVE 0x00000008
158#define SECPKG_CALL_IN_PROC 0x00000010
159#define SECPKG_CALL_CLEANUP 0x00000020
160#define SECPKG_CALL_WOWCLIENT 0x00000040
161#define SECPKG_CALL_THREAD_TERM 0x00000080
162#define SECPKG_CALL_PROCESS_TERM 0x00000100
163#define SECPKG_CALL_IS_TCB 0x00000200
164
165 typedef struct _SECPKG_SUPPLEMENTAL_CRED {
166 UNICODE_STRING PackageName;
167 ULONG CredentialSize;
168 PUCHAR Credentials;
169 } SECPKG_SUPPLEMENTAL_CRED,*PSECPKG_SUPPLEMENTAL_CRED;
170
171 typedef ULONG_PTR LSA_SEC_HANDLE;
172 typedef LSA_SEC_HANDLE *PLSA_SEC_HANDLE;
173 typedef struct _SECPKG_SUPPLEMENTAL_CRED_ARRAY {
174 ULONG CredentialCount;
175 SECPKG_SUPPLEMENTAL_CRED Credentials[1];
176 } SECPKG_SUPPLEMENTAL_CRED_ARRAY,*PSECPKG_SUPPLEMENTAL_CRED_ARRAY;
177
178#define SECBUFFER_UNMAPPED 0x40000000
179
180#define SECBUFFER_KERNEL_MAP 0x20000000
181
182 typedef NTSTATUS (NTAPI LSA_CALLBACK_FUNCTION)(ULONG_PTR Argument1,ULONG_PTR Argument2,PSecBuffer InputBuffer,PSecBuffer OutputBuffer);
183
184 typedef LSA_CALLBACK_FUNCTION *PLSA_CALLBACK_FUNCTION;
185
186#define PRIMARY_CRED_CLEAR_PASSWORD 0x1
187#define PRIMARY_CRED_OWF_PASSWORD 0x2
188#define PRIMARY_CRED_UPDATE 0x4
189#define PRIMARY_CRED_CACHED_LOGON 0x8
190#define PRIMARY_CRED_LOGON_NO_TCB 0x10
191
192#define PRIMARY_CRED_LOGON_PACKAGE_SHIFT 24
193#define PRIMARY_CRED_PACKAGE_MASK 0xff000000
194
195 typedef struct _SECPKG_PRIMARY_CRED {
196 LUID LogonId;
197 UNICODE_STRING DownlevelName;
198 UNICODE_STRING DomainName;
199 UNICODE_STRING Password;
200 UNICODE_STRING OldPassword;
201 PSID UserSid;
202 ULONG Flags;
203 UNICODE_STRING DnsDomainName;
204 UNICODE_STRING Upn;
205 UNICODE_STRING LogonServer;
206 UNICODE_STRING Spare1;
207 UNICODE_STRING Spare2;
208 UNICODE_STRING Spare3;
209 UNICODE_STRING Spare4;
210 } SECPKG_PRIMARY_CRED,*PSECPKG_PRIMARY_CRED;
211
212#define MAX_CRED_SIZE 1024
213
214#define SECPKG_STATE_ENCRYPTION_PERMITTED 0x01
215#define SECPKG_STATE_STRONG_ENCRYPTION_PERMITTED 0x02
216#define SECPKG_STATE_DOMAIN_CONTROLLER 0x04
217#define SECPKG_STATE_WORKSTATION 0x08
218#define SECPKG_STATE_STANDALONE 0x10
219
220 typedef struct _SECPKG_PARAMETERS {
221 ULONG Version;
222 ULONG MachineState;
223 ULONG SetupMode;
224 PSID DomainSid;
225 UNICODE_STRING DomainName;
226 UNICODE_STRING DnsDomainName;
227 GUID DomainGuid;
228 } SECPKG_PARAMETERS,*PSECPKG_PARAMETERS;
229
230 typedef enum _SECPKG_EXTENDED_INFORMATION_CLASS {
231 SecpkgGssInfo = 1,
232 SecpkgContextThunks,
233 SecpkgMutualAuthLevel,
234 SecpkgWowClientDll,
235 SecpkgExtraOids,
236 SecpkgMaxInfo
237 } SECPKG_EXTENDED_INFORMATION_CLASS;
238
239 typedef struct _SECPKG_GSS_INFO {
240 ULONG EncodedIdLength;
241 UCHAR EncodedId[4];
242 } SECPKG_GSS_INFO,*PSECPKG_GSS_INFO;
243
244 typedef struct _SECPKG_CONTEXT_THUNKS {
245 ULONG InfoLevelCount;
246 ULONG Levels[1];
247 } SECPKG_CONTEXT_THUNKS,*PSECPKG_CONTEXT_THUNKS;
248
249 typedef struct _SECPKG_MUTUAL_AUTH_LEVEL {
250 ULONG MutualAuthLevel;
251 } SECPKG_MUTUAL_AUTH_LEVEL,*PSECPKG_MUTUAL_AUTH_LEVEL;
252
253 typedef struct _SECPKG_WOW_CLIENT_DLL {
254 SECURITY_STRING WowClientDllPath;
255 } SECPKG_WOW_CLIENT_DLL,*PSECPKG_WOW_CLIENT_DLL;
256
257#define SECPKG_MAX_OID_LENGTH 32
258
259 typedef struct _SECPKG_SERIALIZED_OID {
260 ULONG OidLength;
261 ULONG OidAttributes;
262 UCHAR OidValue[SECPKG_MAX_OID_LENGTH ];
263 } SECPKG_SERIALIZED_OID,*PSECPKG_SERIALIZED_OID;
264
265 typedef struct _SECPKG_EXTRA_OIDS {
266 ULONG OidCount;
267 SECPKG_SERIALIZED_OID Oids[1 ];
268 } SECPKG_EXTRA_OIDS,*PSECPKG_EXTRA_OIDS;
269
270 typedef struct _SECPKG_EXTENDED_INFORMATION {
271 SECPKG_EXTENDED_INFORMATION_CLASS Class;
272 union {
273 SECPKG_GSS_INFO GssInfo;
274 SECPKG_CONTEXT_THUNKS ContextThunks;
275 SECPKG_MUTUAL_AUTH_LEVEL MutualAuthLevel;
276 SECPKG_WOW_CLIENT_DLL WowClientDll;
277 SECPKG_EXTRA_OIDS ExtraOids;
278 } Info;
279 } SECPKG_EXTENDED_INFORMATION,*PSECPKG_EXTENDED_INFORMATION;
280
281#define SECPKG_ATTR_SASL_CONTEXT 0x00010000
282
283 typedef struct _SecPkgContext_SaslContext {
284 PVOID SaslContext;
285 } SecPkgContext_SaslContext,*PSecPkgContext_SaslContext;
286
287#define SECPKG_ATTR_THUNK_ALL 0x00010000
288
289#ifndef SECURITY_USER_DATA_DEFINED
290#define SECURITY_USER_DATA_DEFINED
291
292 typedef struct _SECURITY_USER_DATA {
293 SECURITY_STRING UserName;
294 SECURITY_STRING LogonDomainName;
295 SECURITY_STRING LogonServer;
296 PSID pSid;
297 } SECURITY_USER_DATA,*PSECURITY_USER_DATA;
298
299 typedef SECURITY_USER_DATA SecurityUserData,*PSecurityUserData;
300
301#define UNDERSTANDS_LONG_NAMES 1
302#define NO_LONG_NAMES 2
303#endif
304
305 typedef NTSTATUS (NTAPI LSA_IMPERSONATE_CLIENT)(VOID);
306 typedef NTSTATUS (NTAPI LSA_UNLOAD_PACKAGE)(VOID);
307 typedef NTSTATUS (NTAPI LSA_DUPLICATE_HANDLE)(HANDLE SourceHandle,PHANDLE DestionationHandle);
308 typedef NTSTATUS (NTAPI LSA_SAVE_SUPPLEMENTAL_CREDENTIALS)(PLUID LogonId,ULONG SupplementalCredSize,PVOID SupplementalCreds,BOOLEAN Synchronous);
309 typedef HANDLE (NTAPI LSA_CREATE_THREAD)(SEC_ATTRS SecurityAttributes,ULONG StackSize,SEC_THREAD_START StartFunction,PVOID ThreadParameter,ULONG CreationFlags,PULONG ThreadId);
310 typedef NTSTATUS (NTAPI LSA_GET_CLIENT_INFO)(PSECPKG_CLIENT_INFO ClientInfo);
311 typedef HANDLE (NTAPI LSA_REGISTER_NOTIFICATION)(SEC_THREAD_START StartFunction,PVOID Parameter,ULONG NotificationType,ULONG NotificationClass,ULONG NotificationFlags,ULONG IntervalMinutes,HANDLE WaitEvent);
312 typedef NTSTATUS (NTAPI LSA_CANCEL_NOTIFICATION)(HANDLE NotifyHandle);
313 typedef NTSTATUS (NTAPI LSA_MAP_BUFFER)(PSecBuffer InputBuffer,PSecBuffer OutputBuffer);
314 typedef NTSTATUS (NTAPI LSA_CREATE_TOKEN)(PLUID LogonId,PTOKEN_SOURCE TokenSource,SECURITY_LOGON_TYPE LogonType,SECURITY_IMPERSONATION_LEVEL ImpersonationLevel,LSA_TOKEN_INFORMATION_TYPE TokenInformationType,PVOID TokenInformation,PTOKEN_GROUPS TokenGroups,PUNICODE_STRING AccountName,PUNICODE_STRING AuthorityName,PUNICODE_STRING Workstation,PUNICODE_STRING ProfilePath,PHANDLE Token,PNTSTATUS SubStatus);
315
316 typedef enum _SECPKG_SESSIONINFO_TYPE {
317 SecSessionPrimaryCred
318 } SECPKG_SESSIONINFO_TYPE;
319
320 typedef NTSTATUS (NTAPI LSA_CREATE_TOKEN_EX)(PLUID LogonId,PTOKEN_SOURCE TokenSource,SECURITY_LOGON_TYPE LogonType,SECURITY_IMPERSONATION_LEVEL ImpersonationLevel,LSA_TOKEN_INFORMATION_TYPE TokenInformationType,PVOID TokenInformation,PTOKEN_GROUPS TokenGroups,PUNICODE_STRING Workstation,PUNICODE_STRING ProfilePath,PVOID SessionInformation,SECPKG_SESSIONINFO_TYPE SessionInformationType,PHANDLE Token,PNTSTATUS SubStatus);
321 typedef VOID (NTAPI LSA_AUDIT_LOGON)(NTSTATUS Status,NTSTATUS SubStatus,PUNICODE_STRING AccountName,PUNICODE_STRING AuthenticatingAuthority,PUNICODE_STRING WorkstationName,PSID UserSid,SECURITY_LOGON_TYPE LogonType,PTOKEN_SOURCE TokenSource,PLUID LogonId);
322 typedef NTSTATUS (NTAPI LSA_CALL_PACKAGE)(PUNICODE_STRING AuthenticationPackage,PVOID ProtocolSubmitBuffer,ULONG SubmitBufferLength,PVOID *ProtocolReturnBuffer,PULONG ReturnBufferLength,PNTSTATUS ProtocolStatus);
323 typedef NTSTATUS (NTAPI LSA_CALL_PACKAGEEX)(PUNICODE_STRING AuthenticationPackage,PVOID ClientBufferBase,PVOID ProtocolSubmitBuffer,ULONG SubmitBufferLength,PVOID *ProtocolReturnBuffer,PULONG ReturnBufferLength,PNTSTATUS ProtocolStatus);
324 typedef NTSTATUS (NTAPI LSA_CALL_PACKAGE_PASSTHROUGH)(PUNICODE_STRING AuthenticationPackage,PVOID ClientBufferBase,PVOID ProtocolSubmitBuffer,ULONG SubmitBufferLength,PVOID *ProtocolReturnBuffer,PULONG ReturnBufferLength,PNTSTATUS ProtocolStatus);
325 typedef BOOLEAN (NTAPI LSA_GET_CALL_INFO)(PSECPKG_CALL_INFO Info);
326 typedef PVOID (NTAPI LSA_CREATE_SHARED_MEMORY)(ULONG MaxSize,ULONG InitialSize);
327 typedef PVOID (NTAPI LSA_ALLOCATE_SHARED_MEMORY)(PVOID SharedMem,ULONG Size);
328 typedef VOID (NTAPI LSA_FREE_SHARED_MEMORY)(PVOID SharedMem,PVOID Memory);
329 typedef BOOLEAN (NTAPI LSA_DELETE_SHARED_MEMORY)(PVOID SharedMem);
330
331 typedef enum _SECPKG_NAME_TYPE {
332 SecNameSamCompatible,
333 SecNameAlternateId,
334 SecNameFlat,
335 SecNameDN,
336 SecNameSPN
337 } SECPKG_NAME_TYPE;
338
339 typedef NTSTATUS (NTAPI LSA_OPEN_SAM_USER)(PSECURITY_STRING Name,SECPKG_NAME_TYPE NameType,PSECURITY_STRING Prefix,BOOLEAN AllowGuest,ULONG Reserved,PVOID *UserHandle);
340 typedef NTSTATUS (NTAPI LSA_GET_USER_CREDENTIALS)(PVOID UserHandle,PVOID *PrimaryCreds,PULONG PrimaryCredsSize,PVOID *SupplementalCreds,PULONG SupplementalCredsSize);
341 typedef NTSTATUS (NTAPI LSA_GET_USER_AUTH_DATA)(PVOID UserHandle,PUCHAR *UserAuthData,PULONG UserAuthDataSize);
342 typedef NTSTATUS (NTAPI LSA_CLOSE_SAM_USER)(PVOID UserHandle);
343 typedef NTSTATUS (NTAPI LSA_GET_AUTH_DATA_FOR_USER)(PSECURITY_STRING Name,SECPKG_NAME_TYPE NameType,PSECURITY_STRING Prefix,PUCHAR *UserAuthData,PULONG UserAuthDataSize,PUNICODE_STRING UserFlatName);
344 typedef NTSTATUS (NTAPI LSA_CONVERT_AUTH_DATA_TO_TOKEN)(PVOID UserAuthData,ULONG UserAuthDataSize,SECURITY_IMPERSONATION_LEVEL ImpersonationLevel,PTOKEN_SOURCE TokenSource,SECURITY_LOGON_TYPE LogonType,PUNICODE_STRING AuthorityName,PHANDLE Token,PLUID LogonId,PUNICODE_STRING AccountName,PNTSTATUS SubStatus);
345 typedef NTSTATUS (NTAPI LSA_CRACK_SINGLE_NAME)(ULONG FormatOffered,BOOLEAN PerformAtGC,PUNICODE_STRING NameInput,PUNICODE_STRING Prefix,ULONG RequestedFormat,PUNICODE_STRING CrackedName,PUNICODE_STRING DnsDomainName,PULONG SubStatus);
346 typedef NTSTATUS (NTAPI LSA_AUDIT_ACCOUNT_LOGON)(ULONG AuditId,BOOLEAN Success,PUNICODE_STRING Source,PUNICODE_STRING ClientName,PUNICODE_STRING MappedName,NTSTATUS Status);
347 typedef NTSTATUS (NTAPI LSA_CLIENT_CALLBACK)(PCHAR Callback,ULONG_PTR Argument1,ULONG_PTR Argument2,PSecBuffer Input,PSecBuffer Output);
348 typedef NTSTATUS (NTAPI LSA_REGISTER_CALLBACK)(ULONG CallbackId,PLSA_CALLBACK_FUNCTION Callback);
349
350#define NOTIFIER_FLAG_NEW_THREAD 0x00000001
351#define NOTIFIER_FLAG_ONE_SHOT 0x00000002
352#define NOTIFIER_FLAG_SECONDS 0x80000000
353
354#define NOTIFIER_TYPE_INTERVAL 1
355#define NOTIFIER_TYPE_HANDLE_WAIT 2
356#define NOTIFIER_TYPE_STATE_CHANGE 3
357#define NOTIFIER_TYPE_NOTIFY_EVENT 4
358#define NOTIFIER_TYPE_IMMEDIATE 16
359
360#define NOTIFY_CLASS_PACKAGE_CHANGE 1
361#define NOTIFY_CLASS_ROLE_CHANGE 2
362#define NOTIFY_CLASS_DOMAIN_CHANGE 3
363#define NOTIFY_CLASS_REGISTRY_CHANGE 4
364
365 typedef struct _SECPKG_EVENT_PACKAGE_CHANGE {
366 ULONG ChangeType;
367 LSA_SEC_HANDLE PackageId;
368 SECURITY_STRING PackageName;
369 } SECPKG_EVENT_PACKAGE_CHANGE,*PSECPKG_EVENT_PACKAGE_CHANGE;
370
371#define SECPKG_PACKAGE_CHANGE_LOAD 0
372#define SECPKG_PACKAGE_CHANGE_UNLOAD 1
373#define SECPKG_PACKAGE_CHANGE_SELECT 2
374
375 typedef struct _SECPKG_EVENT_ROLE_CHANGE {
376 ULONG PreviousRole;
377 ULONG NewRole;
378 } SECPKG_EVENT_ROLE_CHANGE,*PSECPKG_EVENT_ROLE_CHANGE;
379
380 typedef struct _SECPKG_PARAMETERS SECPKG_EVENT_DOMAIN_CHANGE;
381 typedef struct _SECPKG_PARAMETERS *PSECPKG_EVENT_DOMAIN_CHANGE;
382
383 typedef struct _SECPKG_EVENT_NOTIFY {
384 ULONG EventClass;
385 ULONG Reserved;
386 ULONG EventDataSize;
387 PVOID EventData;
388 PVOID PackageParameter;
389 } SECPKG_EVENT_NOTIFY,*PSECPKG_EVENT_NOTIFY;
390
391 typedef NTSTATUS (NTAPI LSA_UPDATE_PRIMARY_CREDENTIALS)(PSECPKG_PRIMARY_CRED PrimaryCredentials,PSECPKG_SUPPLEMENTAL_CRED_ARRAY Credentials);
392 typedef VOID (NTAPI LSA_PROTECT_MEMORY)(PVOID Buffer,ULONG BufferSize);
393 typedef NTSTATUS (NTAPI LSA_OPEN_TOKEN_BY_LOGON_ID)(PLUID LogonId,HANDLE *RetTokenHandle);
394 typedef NTSTATUS (NTAPI LSA_EXPAND_AUTH_DATA_FOR_DOMAIN)(PUCHAR UserAuthData,ULONG UserAuthDataSize,PVOID Reserved,PUCHAR *ExpandedAuthData,PULONG ExpandedAuthDataSize);
395
396 typedef LSA_IMPERSONATE_CLIENT *PLSA_IMPERSONATE_CLIENT;
397 typedef LSA_UNLOAD_PACKAGE *PLSA_UNLOAD_PACKAGE;
398 typedef LSA_DUPLICATE_HANDLE *PLSA_DUPLICATE_HANDLE;
399 typedef LSA_SAVE_SUPPLEMENTAL_CREDENTIALS *PLSA_SAVE_SUPPLEMENTAL_CREDENTIALS;
400 typedef LSA_CREATE_THREAD *PLSA_CREATE_THREAD;
401 typedef LSA_GET_CLIENT_INFO *PLSA_GET_CLIENT_INFO;
402 typedef LSA_REGISTER_NOTIFICATION *PLSA_REGISTER_NOTIFICATION;
403 typedef LSA_CANCEL_NOTIFICATION *PLSA_CANCEL_NOTIFICATION;
404 typedef LSA_MAP_BUFFER *PLSA_MAP_BUFFER;
405 typedef LSA_CREATE_TOKEN *PLSA_CREATE_TOKEN;
406 typedef LSA_AUDIT_LOGON *PLSA_AUDIT_LOGON;
407 typedef LSA_CALL_PACKAGE *PLSA_CALL_PACKAGE;
408 typedef LSA_CALL_PACKAGEEX *PLSA_CALL_PACKAGEEX;
409 typedef LSA_GET_CALL_INFO *PLSA_GET_CALL_INFO;
410 typedef LSA_CREATE_SHARED_MEMORY *PLSA_CREATE_SHARED_MEMORY;
411 typedef LSA_ALLOCATE_SHARED_MEMORY *PLSA_ALLOCATE_SHARED_MEMORY;
412 typedef LSA_FREE_SHARED_MEMORY *PLSA_FREE_SHARED_MEMORY;
413 typedef LSA_DELETE_SHARED_MEMORY *PLSA_DELETE_SHARED_MEMORY;
414 typedef LSA_OPEN_SAM_USER *PLSA_OPEN_SAM_USER;
415 typedef LSA_GET_USER_CREDENTIALS *PLSA_GET_USER_CREDENTIALS;
416 typedef LSA_GET_USER_AUTH_DATA *PLSA_GET_USER_AUTH_DATA;
417 typedef LSA_CLOSE_SAM_USER *PLSA_CLOSE_SAM_USER;
418 typedef LSA_CONVERT_AUTH_DATA_TO_TOKEN *PLSA_CONVERT_AUTH_DATA_TO_TOKEN;
419 typedef LSA_CLIENT_CALLBACK *PLSA_CLIENT_CALLBACK;
420 typedef LSA_REGISTER_CALLBACK *PLSA_REGISTER_CALLBACK;
421 typedef LSA_UPDATE_PRIMARY_CREDENTIALS *PLSA_UPDATE_PRIMARY_CREDENTIALS;
422 typedef LSA_GET_AUTH_DATA_FOR_USER *PLSA_GET_AUTH_DATA_FOR_USER;
423 typedef LSA_CRACK_SINGLE_NAME *PLSA_CRACK_SINGLE_NAME;
424 typedef LSA_AUDIT_ACCOUNT_LOGON *PLSA_AUDIT_ACCOUNT_LOGON;
425 typedef LSA_CALL_PACKAGE_PASSTHROUGH *PLSA_CALL_PACKAGE_PASSTHROUGH;
426 typedef LSA_PROTECT_MEMORY *PLSA_PROTECT_MEMORY;
427 typedef LSA_OPEN_TOKEN_BY_LOGON_ID *PLSA_OPEN_TOKEN_BY_LOGON_ID;
428 typedef LSA_EXPAND_AUTH_DATA_FOR_DOMAIN *PLSA_EXPAND_AUTH_DATA_FOR_DOMAIN;
429 typedef LSA_CREATE_TOKEN_EX *PLSA_CREATE_TOKEN_EX;
430
431#ifdef _WINCRED_H_
432
433#ifndef _ENCRYPTED_CREDENTIAL_DEFINED
434#define _ENCRYPTED_CREDENTIAL_DEFINED
435
436 typedef struct _ENCRYPTED_CREDENTIALW {
437 CREDENTIALW Cred;
438 ULONG ClearCredentialBlobSize;
439 } ENCRYPTED_CREDENTIALW,*PENCRYPTED_CREDENTIALW;
440#endif
441
442#define CREDP_FLAGS_IN_PROCESS 0x01
443#define CREDP_FLAGS_USE_MIDL_HEAP 0x02
444#define CREDP_FLAGS_DONT_CACHE_TI 0x04
445#define CREDP_FLAGS_CLEAR_PASSWORD 0x08
446#define CREDP_FLAGS_USER_ENCRYPTED_PASSWORD 0x10
447
448 typedef NTSTATUS (NTAPI CredReadFn)(PLUID LogonId,ULONG CredFlags,LPWSTR TargetName,ULONG Type,ULONG Flags,PENCRYPTED_CREDENTIALW *Credential);
449 typedef NTSTATUS (NTAPI CredReadDomainCredentialsFn)(PLUID LogonId,ULONG CredFlags,PCREDENTIAL_TARGET_INFORMATIONW TargetInfo,ULONG Flags,PULONG Count,PENCRYPTED_CREDENTIALW **Credential);
450 typedef VOID (NTAPI CredFreeCredentialsFn)(ULONG Count,PENCRYPTED_CREDENTIALW *Credentials);
451 typedef NTSTATUS (NTAPI CredWriteFn)(PLUID LogonId,ULONG CredFlags,PENCRYPTED_CREDENTIALW Credential,ULONG Flags);
452
453 NTSTATUS CredMarshalTargetInfo (PCREDENTIAL_TARGET_INFORMATIONW InTargetInfo,PUSHORT *Buffer,PULONG BufferSize);
454 NTSTATUS CredUnmarshalTargetInfo (PUSHORT Buffer,ULONG BufferSize,PCREDENTIAL_TARGET_INFORMATIONW *RetTargetInfo,PULONG RetActualSize);
455
456#define CRED_MARSHALED_TI_SIZE_SIZE 12
457#endif
458
459 typedef struct _SEC_WINNT_AUTH_IDENTITY32 {
460 ULONG User;
461 ULONG UserLength;
462 ULONG Domain;
463 ULONG DomainLength;
464 ULONG Password;
465 ULONG PasswordLength;
466 ULONG Flags;
467 } SEC_WINNT_AUTH_IDENTITY32,*PSEC_WINNT_AUTH_IDENTITY32;
468
469 typedef struct _SEC_WINNT_AUTH_IDENTITY_EX32 {
470 ULONG Version;
471 ULONG Length;
472 ULONG User;
473 ULONG UserLength;
474 ULONG Domain;
475 ULONG DomainLength;
476 ULONG Password;
477 ULONG PasswordLength;
478 ULONG Flags;
479 ULONG PackageList;
480 ULONG PackageListLength;
481 } SEC_WINNT_AUTH_IDENTITY_EX32,*PSEC_WINNT_AUTH_IDENTITY_EX32;
482
483 typedef struct _LSA_SECPKG_FUNCTION_TABLE {
484 PLSA_CREATE_LOGON_SESSION CreateLogonSession;
485 PLSA_DELETE_LOGON_SESSION DeleteLogonSession;
486 PLSA_ADD_CREDENTIAL AddCredential;
487 PLSA_GET_CREDENTIALS GetCredentials;
488 PLSA_DELETE_CREDENTIAL DeleteCredential;
489 PLSA_ALLOCATE_LSA_HEAP AllocateLsaHeap;
490 PLSA_FREE_LSA_HEAP FreeLsaHeap;
491 PLSA_ALLOCATE_CLIENT_BUFFER AllocateClientBuffer;
492 PLSA_FREE_CLIENT_BUFFER FreeClientBuffer;
493 PLSA_COPY_TO_CLIENT_BUFFER CopyToClientBuffer;
494 PLSA_COPY_FROM_CLIENT_BUFFER CopyFromClientBuffer;
495 PLSA_IMPERSONATE_CLIENT ImpersonateClient;
496 PLSA_UNLOAD_PACKAGE UnloadPackage;
497 PLSA_DUPLICATE_HANDLE DuplicateHandle;
498 PLSA_SAVE_SUPPLEMENTAL_CREDENTIALS SaveSupplementalCredentials;
499 PLSA_CREATE_THREAD CreateThread;
500 PLSA_GET_CLIENT_INFO GetClientInfo;
501 PLSA_REGISTER_NOTIFICATION RegisterNotification;
502 PLSA_CANCEL_NOTIFICATION CancelNotification;
503 PLSA_MAP_BUFFER MapBuffer;
504 PLSA_CREATE_TOKEN CreateToken;
505 PLSA_AUDIT_LOGON AuditLogon;
506 PLSA_CALL_PACKAGE CallPackage;
507 PLSA_FREE_LSA_HEAP FreeReturnBuffer;
508 PLSA_GET_CALL_INFO GetCallInfo;
509 PLSA_CALL_PACKAGEEX CallPackageEx;
510 PLSA_CREATE_SHARED_MEMORY CreateSharedMemory;
511 PLSA_ALLOCATE_SHARED_MEMORY AllocateSharedMemory;
512 PLSA_FREE_SHARED_MEMORY FreeSharedMemory;
513 PLSA_DELETE_SHARED_MEMORY DeleteSharedMemory;
514 PLSA_OPEN_SAM_USER OpenSamUser;
515 PLSA_GET_USER_CREDENTIALS GetUserCredentials;
516 PLSA_GET_USER_AUTH_DATA GetUserAuthData;
517 PLSA_CLOSE_SAM_USER CloseSamUser;
518 PLSA_CONVERT_AUTH_DATA_TO_TOKEN ConvertAuthDataToToken;
519 PLSA_CLIENT_CALLBACK ClientCallback;
520 PLSA_UPDATE_PRIMARY_CREDENTIALS UpdateCredentials;
521 PLSA_GET_AUTH_DATA_FOR_USER GetAuthDataForUser;
522 PLSA_CRACK_SINGLE_NAME CrackSingleName;
523 PLSA_AUDIT_ACCOUNT_LOGON AuditAccountLogon;
524 PLSA_CALL_PACKAGE_PASSTHROUGH CallPackagePassthrough;
525#ifdef _WINCRED_H_
526 CredReadFn *CrediRead;
527 CredReadDomainCredentialsFn *CrediReadDomainCredentials;
528 CredFreeCredentialsFn *CrediFreeCredentials;
529#else
530 PLSA_PROTECT_MEMORY DummyFunction1;
531 PLSA_PROTECT_MEMORY DummyFunction2;
532 PLSA_PROTECT_MEMORY DummyFunction3;
533#endif
534 PLSA_PROTECT_MEMORY LsaProtectMemory;
535 PLSA_PROTECT_MEMORY LsaUnprotectMemory;
536 PLSA_OPEN_TOKEN_BY_LOGON_ID OpenTokenByLogonId;
537 PLSA_EXPAND_AUTH_DATA_FOR_DOMAIN ExpandAuthDataForDomain;
538 PLSA_ALLOCATE_PRIVATE_HEAP AllocatePrivateHeap;
539 PLSA_FREE_PRIVATE_HEAP FreePrivateHeap;
540 PLSA_CREATE_TOKEN_EX CreateTokenEx;
541#ifdef _WINCRED_H_
542 CredWriteFn *CrediWrite;
543#else
544 PLSA_PROTECT_MEMORY DummyFunction4;
545#endif
546 } LSA_SECPKG_FUNCTION_TABLE,*PLSA_SECPKG_FUNCTION_TABLE;
547
548 typedef struct _SECPKG_DLL_FUNCTIONS {
549 PLSA_ALLOCATE_LSA_HEAP AllocateHeap;
550 PLSA_FREE_LSA_HEAP FreeHeap;
551 PLSA_REGISTER_CALLBACK RegisterCallback;
552 } SECPKG_DLL_FUNCTIONS,*PSECPKG_DLL_FUNCTIONS;
553
554 typedef NTSTATUS (NTAPI SpInitializeFn)(ULONG_PTR PackageId,PSECPKG_PARAMETERS Parameters,PLSA_SECPKG_FUNCTION_TABLE FunctionTable);
555 typedef NTSTATUS (NTAPI SpShutdownFn)(VOID);
556 typedef NTSTATUS (NTAPI SpGetInfoFn)(PSecPkgInfo PackageInfo);
557 typedef NTSTATUS (NTAPI SpGetExtendedInformationFn)(SECPKG_EXTENDED_INFORMATION_CLASS Class,PSECPKG_EXTENDED_INFORMATION *ppInformation);
558 typedef NTSTATUS (NTAPI SpSetExtendedInformationFn)(SECPKG_EXTENDED_INFORMATION_CLASS Class,PSECPKG_EXTENDED_INFORMATION Info);
559 typedef NTSTATUS (LSA_AP_LOGON_USER_EX2)(PLSA_CLIENT_REQUEST ClientRequest,SECURITY_LOGON_TYPE LogonType,PVOID AuthenticationInformation,PVOID ClientAuthenticationBase,ULONG AuthenticationInformationLength,PVOID *ProfileBuffer,PULONG ProfileBufferLength,PLUID LogonId,PNTSTATUS SubStatus,PLSA_TOKEN_INFORMATION_TYPE TokenInformationType,PVOID *TokenInformation,PUNICODE_STRING *AccountName,PUNICODE_STRING *AuthenticatingAuthority,PUNICODE_STRING *MachineName,PSECPKG_PRIMARY_CRED PrimaryCredentials,PSECPKG_SUPPLEMENTAL_CRED_ARRAY *CachedCredentials);
560
561 typedef LSA_AP_LOGON_USER_EX2 *PLSA_AP_LOGON_USER_EX2;
562
563#define LSA_AP_NAME_LOGON_USER_EX2 "LsaApLogonUserEx2\0"
564
565 typedef NTSTATUS (NTAPI SpAcceptCredentialsFn)(SECURITY_LOGON_TYPE LogonType,PUNICODE_STRING AccountName,PSECPKG_PRIMARY_CRED PrimaryCredentials,PSECPKG_SUPPLEMENTAL_CRED SupplementalCredentials);
566
567#define SP_ACCEPT_CREDENTIALS_NAME "SpAcceptCredentials\0"
568
569 typedef NTSTATUS (NTAPI SpAcquireCredentialsHandleFn)(PUNICODE_STRING PrincipalName,ULONG CredentialUseFlags,PLUID LogonId,PVOID AuthorizationData,PVOID GetKeyFunciton,PVOID GetKeyArgument,PLSA_SEC_HANDLE CredentialHandle,PTimeStamp ExpirationTime);
570 typedef NTSTATUS (NTAPI SpFreeCredentialsHandleFn)(LSA_SEC_HANDLE CredentialHandle);
571 typedef NTSTATUS (NTAPI SpQueryCredentialsAttributesFn)(LSA_SEC_HANDLE CredentialHandle,ULONG CredentialAttribute,PVOID Buffer);
572 typedef NTSTATUS (NTAPI SpSetCredentialsAttributesFn)(LSA_SEC_HANDLE CredentialHandle,ULONG CredentialAttribute,PVOID Buffer,ULONG BufferSize);
573 typedef NTSTATUS (NTAPI SpAddCredentialsFn)(LSA_SEC_HANDLE CredentialHandle,PUNICODE_STRING PrincipalName,PUNICODE_STRING Package,ULONG CredentialUseFlags,PVOID AuthorizationData,PVOID GetKeyFunciton,PVOID GetKeyArgument,PTimeStamp ExpirationTime);
574 typedef NTSTATUS (NTAPI SpSaveCredentialsFn)(LSA_SEC_HANDLE CredentialHandle,PSecBuffer Credentials);
575 typedef NTSTATUS (NTAPI SpGetCredentialsFn)(LSA_SEC_HANDLE CredentialHandle,PSecBuffer Credentials);
576 typedef NTSTATUS (NTAPI SpDeleteCredentialsFn)(LSA_SEC_HANDLE CredentialHandle,PSecBuffer Key);
577 typedef NTSTATUS (NTAPI SpInitLsaModeContextFn)(LSA_SEC_HANDLE CredentialHandle,LSA_SEC_HANDLE ContextHandle,PUNICODE_STRING TargetName,ULONG ContextRequirements,ULONG TargetDataRep,PSecBufferDesc InputBuffers,PLSA_SEC_HANDLE NewContextHandle,PSecBufferDesc OutputBuffers,PULONG ContextAttributes,PTimeStamp ExpirationTime,PBOOLEAN MappedContext,PSecBuffer ContextData);
578 typedef NTSTATUS (NTAPI SpDeleteContextFn)(LSA_SEC_HANDLE ContextHandle);
579 typedef NTSTATUS (NTAPI SpApplyControlTokenFn)(LSA_SEC_HANDLE ContextHandle,PSecBufferDesc ControlToken);
580 typedef NTSTATUS (NTAPI SpAcceptLsaModeContextFn)(LSA_SEC_HANDLE CredentialHandle,LSA_SEC_HANDLE ContextHandle,PSecBufferDesc InputBuffer,ULONG ContextRequirements,ULONG TargetDataRep,PLSA_SEC_HANDLE NewContextHandle,PSecBufferDesc OutputBuffer,PULONG ContextAttributes,PTimeStamp ExpirationTime,PBOOLEAN MappedContext,PSecBuffer ContextData);
581 typedef NTSTATUS (NTAPI SpGetUserInfoFn)(PLUID LogonId,ULONG Flags,PSecurityUserData *UserData);
582 typedef NTSTATUS (NTAPI SpQueryContextAttributesFn)(LSA_SEC_HANDLE ContextHandle,ULONG ContextAttribute,PVOID Buffer);
583 typedef NTSTATUS (NTAPI SpSetContextAttributesFn)(LSA_SEC_HANDLE ContextHandle,ULONG ContextAttribute,PVOID Buffer,ULONG BufferSize);
584
585 typedef struct _SECPKG_FUNCTION_TABLE {
586 PLSA_AP_INITIALIZE_PACKAGE InitializePackage;
587 PLSA_AP_LOGON_USER LogonUser;
588 PLSA_AP_CALL_PACKAGE CallPackage;
589 PLSA_AP_LOGON_TERMINATED LogonTerminated;
590 PLSA_AP_CALL_PACKAGE_UNTRUSTED CallPackageUntrusted;
591 PLSA_AP_CALL_PACKAGE_PASSTHROUGH CallPackagePassthrough;
592 PLSA_AP_LOGON_USER_EX LogonUserEx;
593 PLSA_AP_LOGON_USER_EX2 LogonUserEx2;
594 SpInitializeFn *Initialize;
595 SpShutdownFn *Shutdown;
596 SpGetInfoFn *GetInfo;
597 SpAcceptCredentialsFn *AcceptCredentials;
598 SpAcquireCredentialsHandleFn *AcquireCredentialsHandle;
599 SpQueryCredentialsAttributesFn *QueryCredentialsAttributes;
600 SpFreeCredentialsHandleFn *FreeCredentialsHandle;
601 SpSaveCredentialsFn *SaveCredentials;
602 SpGetCredentialsFn *GetCredentials;
603 SpDeleteCredentialsFn *DeleteCredentials;
604 SpInitLsaModeContextFn *InitLsaModeContext;
605 SpAcceptLsaModeContextFn *AcceptLsaModeContext;
606 SpDeleteContextFn *DeleteContext;
607 SpApplyControlTokenFn *ApplyControlToken;
608 SpGetUserInfoFn *GetUserInfo;
609 SpGetExtendedInformationFn *GetExtendedInformation;
610 SpQueryContextAttributesFn *QueryContextAttributes;
611 SpAddCredentialsFn *AddCredentials;
612 SpSetExtendedInformationFn *SetExtendedInformation;
613 SpSetContextAttributesFn *SetContextAttributes;
614 SpSetCredentialsAttributesFn *SetCredentialsAttributes;
615 } SECPKG_FUNCTION_TABLE,*PSECPKG_FUNCTION_TABLE;
616
617 typedef NTSTATUS (NTAPI SpInstanceInitFn)(ULONG Version,PSECPKG_DLL_FUNCTIONS FunctionTable,PVOID *UserFunctions);
618 typedef NTSTATUS (NTAPI SpInitUserModeContextFn)(LSA_SEC_HANDLE ContextHandle,PSecBuffer PackedContext);
619 typedef NTSTATUS (NTAPI SpMakeSignatureFn)(LSA_SEC_HANDLE ContextHandle,ULONG QualityOfProtection,PSecBufferDesc MessageBuffers,ULONG MessageSequenceNumber);
620 typedef NTSTATUS (NTAPI SpVerifySignatureFn)(LSA_SEC_HANDLE ContextHandle,PSecBufferDesc MessageBuffers,ULONG MessageSequenceNumber,PULONG QualityOfProtection);
621 typedef NTSTATUS (NTAPI SpSealMessageFn)(LSA_SEC_HANDLE ContextHandle,ULONG QualityOfProtection,PSecBufferDesc MessageBuffers,ULONG MessageSequenceNumber);
622 typedef NTSTATUS (NTAPI SpUnsealMessageFn)(LSA_SEC_HANDLE ContextHandle,PSecBufferDesc MessageBuffers,ULONG MessageSequenceNumber,PULONG QualityOfProtection);
623 typedef NTSTATUS (NTAPI SpGetContextTokenFn)(LSA_SEC_HANDLE ContextHandle,PHANDLE ImpersonationToken);
624 typedef NTSTATUS (NTAPI SpExportSecurityContextFn)(LSA_SEC_HANDLE phContext,ULONG fFlags,PSecBuffer pPackedContext,PHANDLE pToken);
625 typedef NTSTATUS (NTAPI SpImportSecurityContextFn)(PSecBuffer pPackedContext,HANDLE Token,PLSA_SEC_HANDLE phContext);
626 typedef NTSTATUS (NTAPI SpCompleteAuthTokenFn)(LSA_SEC_HANDLE ContextHandle,PSecBufferDesc InputBuffer);
627 typedef NTSTATUS (NTAPI SpFormatCredentialsFn)(PSecBuffer Credentials,PSecBuffer FormattedCredentials);
628 typedef NTSTATUS (NTAPI SpMarshallSupplementalCredsFn)(ULONG CredentialSize,PUCHAR Credentials,PULONG MarshalledCredSize,PVOID *MarshalledCreds);
629
630 typedef struct _SECPKG_USER_FUNCTION_TABLE {
631 SpInstanceInitFn *InstanceInit;
632 SpInitUserModeContextFn *InitUserModeContext;
633 SpMakeSignatureFn *MakeSignature;
634 SpVerifySignatureFn *VerifySignature;
635 SpSealMessageFn *SealMessage;
636 SpUnsealMessageFn *UnsealMessage;
637 SpGetContextTokenFn *GetContextToken;
638 SpQueryContextAttributesFn *QueryContextAttributes;
639 SpCompleteAuthTokenFn *CompleteAuthToken;
640 SpDeleteContextFn *DeleteUserModeContext;
641 SpFormatCredentialsFn *FormatCredentials;
642 SpMarshallSupplementalCredsFn *MarshallSupplementalCreds;
643 SpExportSecurityContextFn *ExportContext;
644 SpImportSecurityContextFn *ImportContext;
645 } SECPKG_USER_FUNCTION_TABLE,*PSECPKG_USER_FUNCTION_TABLE;
646
647 typedef NTSTATUS (SEC_ENTRY *SpLsaModeInitializeFn)(ULONG LsaVersion,PULONG PackageVersion,PSECPKG_FUNCTION_TABLE *ppTables,PULONG pcTables);
648 typedef NTSTATUS (SEC_ENTRY *SpUserModeInitializeFn)(ULONG LsaVersion,PULONG PackageVersion,PSECPKG_USER_FUNCTION_TABLE *ppTables,PULONG pcTables);
649
650#define SECPKG_LSAMODEINIT_NAME "SpLsaModeInitialize"
651#define SECPKG_USERMODEINIT_NAME "SpUserModeInitialize"
652
653#define SECPKG_INTERFACE_VERSION 0x00010000
654#define SECPKG_INTERFACE_VERSION_2 0x00020000
655#define SECPKG_INTERFACE_VERSION_3 0x00040000
656
657 typedef enum _KSEC_CONTEXT_TYPE {
658 KSecPaged,KSecNonPaged
659 } KSEC_CONTEXT_TYPE;
660
661 typedef struct _KSEC_LIST_ENTRY {
662 LIST_ENTRY List;
663 LONG RefCount;
664 ULONG Signature;
665 PVOID OwningList;
666 PVOID Reserved;
667 } KSEC_LIST_ENTRY,*PKSEC_LIST_ENTRY;
668
669#define KsecInitializeListEntry(Entry,SigValue) ((PKSEC_LIST_ENTRY) Entry)->List.Flink = ((PKSEC_LIST_ENTRY) Entry)->List.Blink = NULL; ((PKSEC_LIST_ENTRY) Entry)->RefCount = 1; ((PKSEC_LIST_ENTRY) Entry)->Signature = SigValue; ((PKSEC_LIST_ENTRY) Entry)->OwningList = NULL; ((PKSEC_LIST_ENTRY) Entry)->Reserved = NULL;
670
671 typedef PVOID (SEC_ENTRY KSEC_CREATE_CONTEXT_LIST)(KSEC_CONTEXT_TYPE Type);
672 typedef VOID (SEC_ENTRY KSEC_INSERT_LIST_ENTRY)(PVOID List,PKSEC_LIST_ENTRY Entry);
673 typedef NTSTATUS (SEC_ENTRY KSEC_REFERENCE_LIST_ENTRY)(PKSEC_LIST_ENTRY Entry,ULONG Signature,BOOLEAN RemoveNoRef);
674 typedef VOID (SEC_ENTRY KSEC_DEREFERENCE_LIST_ENTRY)(PKSEC_LIST_ENTRY Entry,BOOLEAN *Delete);
675 typedef NTSTATUS (SEC_ENTRY KSEC_SERIALIZE_WINNT_AUTH_DATA)(PVOID pvAuthData,PULONG Size,PVOID *SerializedData);
676 typedef NTSTATUS (SEC_ENTRY KSEC_SERIALIZE_SCHANNEL_AUTH_DATA)(PVOID pvAuthData,PULONG Size,PVOID *SerializedData);
677
678 KSEC_CREATE_CONTEXT_LIST KSecCreateContextList;
679 KSEC_INSERT_LIST_ENTRY KSecInsertListEntry;
680 KSEC_REFERENCE_LIST_ENTRY KSecReferenceListEntry;
681 KSEC_DEREFERENCE_LIST_ENTRY KSecDereferenceListEntry;
682 KSEC_SERIALIZE_WINNT_AUTH_DATA KSecSerializeWinntAuthData;
683 KSEC_SERIALIZE_SCHANNEL_AUTH_DATA KSecSerializeSchannelAuthData;
684
685 typedef KSEC_CREATE_CONTEXT_LIST *PKSEC_CREATE_CONTEXT_LIST;
686 typedef KSEC_INSERT_LIST_ENTRY *PKSEC_INSERT_LIST_ENTRY;
687 typedef KSEC_REFERENCE_LIST_ENTRY *PKSEC_REFERENCE_LIST_ENTRY;
688 typedef KSEC_DEREFERENCE_LIST_ENTRY *PKSEC_DEREFERENCE_LIST_ENTRY;
689 typedef KSEC_SERIALIZE_WINNT_AUTH_DATA *PKSEC_SERIALIZE_WINNT_AUTH_DATA;
690 typedef KSEC_SERIALIZE_SCHANNEL_AUTH_DATA *PKSEC_SERIALIZE_SCHANNEL_AUTH_DATA;
691
692 typedef struct _SECPKG_KERNEL_FUNCTIONS {
693 PLSA_ALLOCATE_LSA_HEAP AllocateHeap;
694 PLSA_FREE_LSA_HEAP FreeHeap;
695 PKSEC_CREATE_CONTEXT_LIST CreateContextList;
696 PKSEC_INSERT_LIST_ENTRY InsertListEntry;
697 PKSEC_REFERENCE_LIST_ENTRY ReferenceListEntry;
698 PKSEC_DEREFERENCE_LIST_ENTRY DereferenceListEntry;
699 PKSEC_SERIALIZE_WINNT_AUTH_DATA SerializeWinntAuthData;
700 PKSEC_SERIALIZE_SCHANNEL_AUTH_DATA SerializeSchannelAuthData;
701 } SECPKG_KERNEL_FUNCTIONS,*PSECPKG_KERNEL_FUNCTIONS;
702
703 typedef NTSTATUS (NTAPI KspInitPackageFn)(PSECPKG_KERNEL_FUNCTIONS FunctionTable);
704 typedef NTSTATUS (NTAPI KspDeleteContextFn)(LSA_SEC_HANDLE ContextId,PLSA_SEC_HANDLE LsaContextId);
705 typedef NTSTATUS (NTAPI KspInitContextFn)(LSA_SEC_HANDLE ContextId,PSecBuffer ContextData,PLSA_SEC_HANDLE NewContextId);
706 typedef NTSTATUS (NTAPI KspMakeSignatureFn)(LSA_SEC_HANDLE ContextId,ULONG fQOP,PSecBufferDesc Message,ULONG MessageSeqNo);
707 typedef NTSTATUS (NTAPI KspVerifySignatureFn)(LSA_SEC_HANDLE ContextId,PSecBufferDesc Message,ULONG MessageSeqNo,PULONG pfQOP);
708 typedef NTSTATUS (NTAPI KspSealMessageFn)(LSA_SEC_HANDLE ContextId,ULONG fQOP,PSecBufferDesc Message,ULONG MessageSeqNo);
709 typedef NTSTATUS (NTAPI KspUnsealMessageFn)(LSA_SEC_HANDLE ContextId,PSecBufferDesc Message,ULONG MessageSeqNo,PULONG pfQOP);
710 typedef NTSTATUS (NTAPI KspGetTokenFn)(LSA_SEC_HANDLE ContextId,PHANDLE ImpersonationToken,PACCESS_TOKEN *RawToken);
711 typedef NTSTATUS (NTAPI KspQueryAttributesFn)(LSA_SEC_HANDLE ContextId,ULONG Attribute,PVOID Buffer);
712 typedef NTSTATUS (NTAPI KspCompleteTokenFn)(LSA_SEC_HANDLE ContextId,PSecBufferDesc Token);
713 typedef NTSTATUS (NTAPI KspMapHandleFn)(LSA_SEC_HANDLE ContextId,PLSA_SEC_HANDLE LsaContextId);
714 typedef NTSTATUS (NTAPI KspSetPagingModeFn)(BOOLEAN PagingMode);
715 typedef NTSTATUS (NTAPI KspSerializeAuthDataFn)(PVOID pvAuthData,PULONG Size,PVOID *SerializedData);
716
717 typedef struct _SECPKG_KERNEL_FUNCTION_TABLE {
718 KspInitPackageFn *Initialize;
719 KspDeleteContextFn *DeleteContext;
720 KspInitContextFn *InitContext;
721 KspMapHandleFn *MapHandle;
722 KspMakeSignatureFn *Sign;
723 KspVerifySignatureFn *Verify;
724 KspSealMessageFn *Seal;
725 KspUnsealMessageFn *Unseal;
726 KspGetTokenFn *GetToken;
727 KspQueryAttributesFn *QueryAttributes;
728 KspCompleteTokenFn *CompleteToken;
729 SpExportSecurityContextFn *ExportContext;
730 SpImportSecurityContextFn *ImportContext;
731 KspSetPagingModeFn *SetPackagePagingMode;
732 KspSerializeAuthDataFn *SerializeAuthData;
733 } SECPKG_KERNEL_FUNCTION_TABLE,*PSECPKG_KERNEL_FUNCTION_TABLE;
734
735 SECURITY_STATUS SEC_ENTRY KSecRegisterSecurityProvider(PSECURITY_STRING ProviderName,PSECPKG_KERNEL_FUNCTION_TABLE Table);
736
737 extern SECPKG_KERNEL_FUNCTIONS KspKernelFunctions;
738
739#ifdef __cplusplus
740}
741#endif
742#endif
Note: See TracBrowser for help on using the repository browser.