1 /*
2 * Copyright (C) 2007 Yuval Fledel
3 *
4 * This library is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU Lesser General Public
6 * License as published by the Free Software Foundation; either
7 * version 2.1 of the License, or (at your option) any later version.
8 *
9 * This library is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * Lesser General Public License for more details.
13 *
14 * You should have received a copy of the GNU Lesser General Public
15 * License along with this library; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
17 */
18
19 #ifndef _NTSECPKG_H
20 #define _NTSECPKG_H
21
22 #ifdef __cplusplus
23 extern "C" {
24 #endif
25
26 /* Flags for the MachineState field in SECPKG_PARAMETERS */
27 #define SECPKG_STATE_ENCRYPTION_PERMITTED 0x01
28 #define SECPKG_STATE_STRONG_ENCRYPTION_PERMITTED 0x02
29 #define SECPKG_STATE_DOMAIN_CONTROLLER 0x04
30 #define SECPKG_STATE_WORKSTATION 0x08
31 #define SECPKG_STATE_STANDALONE 0x10
32
33 /* Version magics as passed to or returned from Sp[Lsa,Mode]ModeInitialize */
34 #define SECPKG_INTERFACE_VERSION 0x10000
35 #define SECPKG_INTERFACE_VERSION_2 0x20000
36 #define SECPKG_INTERFACE_VERSION_3 0x40000
37 #define SECPKG_INTERFACE_VERSION_4 0x80000
38 #define SECPKG_INTERFACE_VERSION_5 0x100000
39 #define SECPKG_INTERFACE_VERSION_6 0x200000
40
41 /* enum definitions for Secure Service Provider/Authentication Packages */
42 typedef enum _LSA_TOKEN_INFORMATION_TYPE {
43 LsaTokenInformationNull,
44 LsaTokenInformationV1
45 } LSA_TOKEN_INFORMATION_TYPE, *PLSA_TOKEN_INFORMATION_TYPE;
46
47 typedef enum _SECPKG_EXTENDED_INFORMATION_CLASS
48 {
49 SecpkgGssInfo = 1,
50 SecpkgContextThunks,
51 SecpkgMutualAuthLevel,
52 SecpkgMaxInfo
53 } SECPKG_EXTENDED_INFORMATION_CLASS;
54
55 typedef enum _SECPKG_NAME_TYPE {
56 SecNameSamCompatible,
57 SecNameAlternateId,
58 SecNameFlat,
59 SecNameDN
60 } SECPKG_NAME_TYPE;
61
62 /* struct definitions for SSP/AP */
63 typedef struct _SECPKG_PRIMARY_CRED {
64 LUID LogonId;
65 UNICODE_STRING DownlevelName;
66 UNICODE_STRING DomainName;
67 UNICODE_STRING Password;
68 UNICODE_STRING OldPassword;
69 PSID UserSid;
70 ULONG Flags;
71 UNICODE_STRING DnsDomainName;
72 UNICODE_STRING Upn;
73 UNICODE_STRING LogonServer;
74 UNICODE_STRING Spare1;
75 UNICODE_STRING Spare2;
76 UNICODE_STRING Spare3;
77 UNICODE_STRING Spare4;
78 } SECPKG_PRIMARY_CRED, *PSECPKG_PRIMARY_CRED;
79
80 typedef struct _SECPKG_SUPPLEMENTAL_CRED {
81 UNICODE_STRING PackageName;
82 ULONG CredentialSize;
83 PUCHAR Credentials;
84 } SECPKG_SUPPLEMENTAL_CRED, *PSECPKG_SUPPLEMENTAL_CRED;
85
86 typedef struct _SECPKG_SUPPLEMENTAL_CRED_ARRAY {
87 ULONG CredentialCount;
88 SECPKG_SUPPLEMENTAL_CRED Credentials[1];
89 } SECPKG_SUPPLEMENTAL_CRED_ARRAY, *PSECPKG_SUPPLEMENTAL_CRED_ARRAY;
90
91 typedef struct _SECPKG_PARAMETERS {
92 ULONG Version;
93 ULONG MachineState;
94 ULONG SetupMode;
95 PSID DomainSid;
96 UNICODE_STRING DomainName;
97 UNICODE_STRING DnsDomainName;
98 GUID DomainGuid;
99 } SECPKG_PARAMETERS, *PSECPKG_PARAMETERS,
100 SECPKG_EVENT_DOMAIN_CHANGE, *PSECPKG_EVENT_DOMAIN_CHANGE;
101
102 typedef struct _SECPKG_CLIENT_INFO {
103 LUID LogonId;
104 ULONG ProcessID;
105 ULONG ThreadID;
106 BOOLEAN HasTcbPrivilege;
107 BOOLEAN Impersonating;
108 BOOLEAN Restricted;
109 } SECPKG_CLIENT_INFO,
110 *PSECPKG_CLIENT_INFO;
111
112 typedef struct _SECURITY_USER_DATA {
113 UNICODE_STRING UserName;
114 UNICODE_STRING LogonDomainName;
115 UNICODE_STRING LogonServer;
116 PSID pSid;
117 } SECURITY_USER_DATA, *PSECURITY_USER_DATA,
118 SecurityUserData, *PSecurityUserData;
119
120 typedef struct _SECPKG_GSS_INFO {
121 ULONG EncodedIdLength;
122 UCHAR EncodedId[4];
123 } SECPKG_GSS_INFO, *PSECPKG_GSS_INFO;
124
125 typedef struct _SECPKG_CONTEXT_THUNKS {
126 ULONG InfoLevelCount;
127 ULONG Levels[1];
128 } SECPKG_CONTEXT_THUNKS, *PSECPKG_CONTEXT_THUNKS;
129
130 typedef struct _SECPKG_MUTUAL_AUTH_LEVEL {
131 ULONG MutualAuthLevel;
132 } SECPKG_MUTUAL_AUTH_LEVEL, *PSECPKG_MUTUAL_AUTH_LEVEL;
133
134 typedef struct _SECPKG_CALL_INFO {
135 ULONG ProcessId;
136 ULONG ThreadId;
137 ULONG Attributes;
138 ULONG CallCount;
139 } SECPKG_CALL_INFO, *PSECPKG_CALL_INFO;
140
141 typedef struct _SECPKG_EXTENDED_INFORMATION {
142 SECPKG_EXTENDED_INFORMATION_CLASS Class;
143 union {
144 SECPKG_GSS_INFO GssInfo;
145 SECPKG_CONTEXT_THUNKS ContextThunks;
146 SECPKG_MUTUAL_AUTH_LEVEL MutualAuthLevel;
147 } Info;
148 } SECPKG_EXTENDED_INFORMATION, *PSECPKG_EXTENDED_INFORMATION;
149
150 typedef struct _SECPKG_TARGETINFO {
151 PSID DomainSid;
152 PCWSTR ComputerName;
153 } SECPKG_TARGETINFO, *PSECPKG_TARGETINFO;
154
155 /* callbacks implemented by SSP/AP dlls and called by the LSA */
156 typedef VOID (NTAPI *PLSA_CALLBACK_FUNCTION)(ULONG_PTR, ULONG_PTR, PSecBuffer,
157 PSecBuffer);
158
159 /* misc typedefs used in the below prototypes */
160 typedef PVOID *PLSA_CLIENT_REQUEST;
161 typedef ULONG LSA_SEC_HANDLE, *PLSA_SEC_HANDLE;
162 typedef LPTHREAD_START_ROUTINE SEC_THREAD_START;
163 typedef PSECURITY_ATTRIBUTES SEC_ATTRS;
164
165 /* functions used by SSP/AP obtainable by dispatch tables */
166 typedef NTSTATUS (NTAPI *PLSA_REGISTER_CALLBACK)(ULONG, PLSA_CALLBACK_FUNCTION);
167 typedef NTSTATUS (NTAPI *PLSA_CREATE_LOGON_SESSION)(PLUID);
168 typedef NTSTATUS (NTAPI *PLSA_DELETE_LOGON_SESSION)(PLUID);
169 typedef NTSTATUS (NTAPI *PLSA_ADD_CREDENTIAL)(PLUID, ULONG, PLSA_STRING,
170 PLSA_STRING);
171 typedef NTSTATUS (NTAPI *PLSA_GET_CREDENTIALS)(PLUID, ULONG, PULONG, BOOLEAN,
172 PLSA_STRING, PULONG, PLSA_STRING);
173 typedef NTSTATUS (NTAPI *PLSA_DELETE_CREDENTIAL)(PLUID, ULONG, PLSA_STRING);
174 typedef PVOID (NTAPI *PLSA_ALLOCATE_LSA_HEAP)(ULONG);
175 typedef VOID (NTAPI *PLSA_FREE_LSA_HEAP)(PVOID);
176 typedef NTSTATUS (NTAPI *PLSA_ALLOCATE_CLIENT_BUFFER)(PLSA_CLIENT_REQUEST,
177 ULONG, PVOID*);
178 typedef NTSTATUS (NTAPI *PLSA_FREE_CLIENT_BUFFER)(PLSA_CLIENT_REQUEST, PVOID);
179 typedef NTSTATUS (NTAPI *PLSA_COPY_TO_CLIENT_BUFFER)(PLSA_CLIENT_REQUEST, ULONG,
180 PVOID, PVOID);
181 typedef NTSTATUS (NTAPI *PLSA_COPY_FROM_CLIENT_BUFFER)(PLSA_CLIENT_REQUEST,
182 ULONG, PVOID, PVOID);
183 typedef NTSTATUS (NTAPI *PLSA_IMPERSONATE_CLIENT)(void);
184 typedef NTSTATUS (NTAPI *PLSA_UNLOAD_PACKAGE)(void);
185 typedef NTSTATUS (NTAPI *PLSA_DUPLICATE_HANDLE)(HANDLE, PHANDLE);
186 typedef NTSTATUS (NTAPI *PLSA_SAVE_SUPPLEMENTAL_CREDENTIALS)(PLUID, ULONG,
187 PVOID, BOOLEAN);
188 typedef HANDLE (NTAPI *PLSA_CREATE_THREAD)(SEC_ATTRS, ULONG, SEC_THREAD_START,
189 PVOID, ULONG, PULONG);
190 typedef NTSTATUS (NTAPI *PLSA_GET_CLIENT_INFO)(PSECPKG_CLIENT_INFO);
191 typedef HANDLE (NTAPI *PLSA_REGISTER_NOTIFICATION)(SEC_THREAD_START, PVOID,
192 ULONG, ULONG, ULONG, ULONG, HANDLE);
193 typedef NTSTATUS (NTAPI *PLSA_CANCEL_NOTIFICATION)(HANDLE);
194 typedef NTSTATUS (NTAPI *PLSA_MAP_BUFFER)(PSecBuffer, PSecBuffer);
195 typedef NTSTATUS (NTAPI *PLSA_CREATE_TOKEN)(PLUID, PTOKEN_SOURCE,
196 SECURITY_LOGON_TYPE, SECURITY_IMPERSONATION_LEVEL, LSA_TOKEN_INFORMATION_TYPE,
197 PVOID, PTOKEN_GROUPS, PUNICODE_STRING, PUNICODE_STRING, PUNICODE_STRING,
198 PUNICODE_STRING, PHANDLE, PNTSTATUS);
199 typedef VOID (NTAPI *PLSA_AUDIT_LOGON)(NTSTATUS, NTSTATUS, PUNICODE_STRING,
200 PUNICODE_STRING, PUNICODE_STRING, OPTIONAL PSID, SECURITY_LOGON_TYPE,
201 PTOKEN_SOURCE, PLUID);
202 typedef NTSTATUS (NTAPI *PLSA_CALL_PACKAGE)(PUNICODE_STRING, PVOID, ULONG,
203 PVOID*, PULONG, PNTSTATUS);
204 typedef BOOLEAN (NTAPI *PLSA_GET_CALL_INFO)(PSECPKG_CALL_INFO);
205 typedef NTSTATUS (NTAPI *PLSA_CALL_PACKAGEEX)(PUNICODE_STRING, PVOID, PVOID,
206 ULONG, PVOID*, PULONG, PNTSTATUS);
207 typedef PVOID (NTAPI *PLSA_CREATE_SHARED_MEMORY)(ULONG, ULONG);
208 typedef PVOID (NTAPI *PLSA_ALLOCATE_SHARED_MEMORY)(PVOID, ULONG);
209 typedef VOID (NTAPI *PLSA_FREE_SHARED_MEMORY)(PVOID, PVOID);
210 typedef BOOLEAN (NTAPI *PLSA_DELETE_SHARED_MEMORY)(PVOID);
211 typedef NTSTATUS (NTAPI *PLSA_OPEN_SAM_USER)(PUNICODE_STRING, SECPKG_NAME_TYPE,
212 PUNICODE_STRING, BOOLEAN, ULONG, PVOID*);
213 typedef NTSTATUS (NTAPI *PLSA_GET_USER_CREDENTIALS)(PVOID, PVOID *, PULONG,
214 PVOID *, PULONG);
215 typedef NTSTATUS (NTAPI *PLSA_GET_USER_AUTH_DATA)(PVOID, PUCHAR *, PULONG);
216 typedef NTSTATUS (NTAPI *PLSA_CLOSE_SAM_USER)(PVOID);
217 typedef NTSTATUS (NTAPI *PLSA_CONVERT_AUTH_DATA_TO_TOKEN)(PVOID, ULONG,
218 SECURITY_IMPERSONATION_LEVEL, PTOKEN_SOURCE, SECURITY_LOGON_TYPE,
219 PUNICODE_STRING, PHANDLE, PLUID, PUNICODE_STRING, PNTSTATUS);
220 typedef NTSTATUS (NTAPI *PLSA_CLIENT_CALLBACK)(PCHAR, ULONG_PTR, ULONG_PTR,
221 PSecBuffer, PSecBuffer);
222 typedef NTSTATUS (NTAPI *PLSA_UPDATE_PRIMARY_CREDENTIALS)(PSECPKG_PRIMARY_CRED, PSECPKG_SUPPLEMENTAL_CRED_ARRAY);
223 typedef NTSTATUS (NTAPI *PLSA_GET_AUTH_DATA_FOR_USER)(PUNICODE_STRING,
224 SECPKG_NAME_TYPE, PUNICODE_STRING, PUCHAR *, PULONG, PUNICODE_STRING);
225 typedef NTSTATUS (NTAPI *PLSA_CRACK_SINGLE_NAME)(ULONG, BOOLEAN,
226 PUNICODE_STRING, PUNICODE_STRING, ULONG, PUNICODE_STRING, PUNICODE_STRING,
227 PULONG);
228 typedef NTSTATUS (NTAPI *PLSA_AUDIT_ACCOUNT_LOGON)(ULONG, BOOLEAN,
229 PUNICODE_STRING, PUNICODE_STRING, PUNICODE_STRING, NTSTATUS);
230 typedef NTSTATUS (NTAPI *PLSA_CALL_PACKAGE_PASSTHROUGH)(PUNICODE_STRING, PVOID,
231 PVOID, ULONG, PVOID*, PULONG, PNTSTATUS);
232
233 /* Dispatch tables of functions used by SSP/AP */
234 typedef struct SECPKG_DLL_FUNCTIONS {
235 PLSA_ALLOCATE_LSA_HEAP AllocateHeap;
236 PLSA_FREE_LSA_HEAP FreeHeap;
237 PLSA_REGISTER_CALLBACK RegisterCallback;
238 } SECPKG_DLL_FUNCTIONS,
239 *PSECPKG_DLL_FUNCTIONS;
240
241 typedef struct LSA_DISPATCH_TABLE {
242 PLSA_CREATE_LOGON_SESSION CreateLogonSession;
243 PLSA_DELETE_LOGON_SESSION DeleteLogonSession;
244 PLSA_ADD_CREDENTIAL AddCredential;
245 PLSA_GET_CREDENTIALS GetCredentials;
246 PLSA_DELETE_CREDENTIAL DeleteCredential;
247 PLSA_ALLOCATE_LSA_HEAP AllocateLsaHeap;
248 PLSA_FREE_LSA_HEAP FreeLsaHeap;
249 PLSA_ALLOCATE_CLIENT_BUFFER AllocateClientBuffer;
250 PLSA_FREE_CLIENT_BUFFER FreeClientBuffer;
251 PLSA_COPY_TO_CLIENT_BUFFER CopyToClientBuffer;
252 PLSA_COPY_FROM_CLIENT_BUFFER CopyFromClientBuffer;
253 } LSA_DISPATCH_TABLE,
254 *PLSA_DISPATCH_TABLE;
255
256 typedef struct _LSA_SECPKG_FUNCTION_TABLE {
257 PLSA_CREATE_LOGON_SESSION CreateLogonSession;
258 PLSA_DELETE_LOGON_SESSION DeleteLogonSession;
259 PLSA_ADD_CREDENTIAL AddCredential;
260 PLSA_GET_CREDENTIALS GetCredentials;
261 PLSA_DELETE_CREDENTIAL DeleteCredential;
262 PLSA_ALLOCATE_LSA_HEAP AllocateLsaHeap;
263 PLSA_FREE_LSA_HEAP FreeLsaHeap;
264 PLSA_ALLOCATE_CLIENT_BUFFER AllocateClientBuffer;
265 PLSA_FREE_CLIENT_BUFFER FreeClientBuffer;
266 PLSA_COPY_TO_CLIENT_BUFFER CopyToClientBuffer;
267 PLSA_COPY_FROM_CLIENT_BUFFER CopyFromClientBuffer;
268 PLSA_IMPERSONATE_CLIENT ImpersonateClient;
269 PLSA_UNLOAD_PACKAGE UnloadPackage;
270 PLSA_DUPLICATE_HANDLE DuplicateHandle;
271 PLSA_SAVE_SUPPLEMENTAL_CREDENTIALS SaveSupplementalCredentials;
272 PLSA_CREATE_THREAD CreateThread;
273 PLSA_GET_CLIENT_INFO GetClientInfo;
274 PLSA_REGISTER_NOTIFICATION RegisterNotification;
275 PLSA_CANCEL_NOTIFICATION CancelNotification;
276 PLSA_MAP_BUFFER MapBuffer;
277 PLSA_CREATE_TOKEN CreateToken;
278 PLSA_AUDIT_LOGON AuditLogon;
279 PLSA_CALL_PACKAGE CallPackage;
280 PLSA_FREE_LSA_HEAP FreeReturnBuffer;
281 PLSA_GET_CALL_INFO GetCallInfo;
282 PLSA_CALL_PACKAGEEX CallPackageEx;
283 PLSA_CREATE_SHARED_MEMORY CreateSharedMemory;
284 PLSA_ALLOCATE_SHARED_MEMORY AllocateSharedMemory;
285 PLSA_FREE_SHARED_MEMORY FreeSharedMemory;
286 PLSA_DELETE_SHARED_MEMORY DeleteSharedMemory;
287 PLSA_OPEN_SAM_USER OpenSamUser;
288 PLSA_GET_USER_CREDENTIALS GetUserCredentials;
289 PLSA_GET_USER_AUTH_DATA GetUserAuthData;
290 PLSA_CLOSE_SAM_USER CloseSamUser;
291 PLSA_CONVERT_AUTH_DATA_TO_TOKEN ConvertAuthDataToToken;
292 PLSA_CLIENT_CALLBACK ClientCallback;
293 PLSA_UPDATE_PRIMARY_CREDENTIALS UpdateCredentials;
294 PLSA_GET_AUTH_DATA_FOR_USER GetAuthDataForUser;
295 PLSA_CRACK_SINGLE_NAME CrackSingleName;
296 PLSA_AUDIT_ACCOUNT_LOGON AuditAccountLogon;
297 PLSA_CALL_PACKAGE_PASSTHROUGH CallPackagePassthrough;
298 } LSA_SECPKG_FUNCTION_TABLE,
299 *PLSA_SECPKG_FUNCTION_TABLE;
300
301 /* LSA-mode functions implemented by SSP/AP obtainable by a dispatch table */
302 typedef NTSTATUS (NTAPI *PLSA_AP_INITIALIZE_PACKAGE)(ULONG, PLSA_DISPATCH_TABLE,
303 PLSA_STRING, PLSA_STRING, PLSA_STRING *);
304 typedef NTSTATUS (NTAPI *PLSA_AP_LOGON_USER)(LPWSTR, LPWSTR, LPWSTR, LPWSTR,
305 DWORD, DWORD, PHANDLE);
306 typedef NTSTATUS (NTAPI *PLSA_AP_CALL_PACKAGE)(PUNICODE_STRING, PVOID, ULONG,
307 PVOID *, PULONG, PNTSTATUS);
308 typedef VOID (NTAPI *PLSA_AP_LOGON_TERMINATED)(PLUID);
309 typedef NTSTATUS (NTAPI *PLSA_AP_CALL_PACKAGE_UNTRUSTED)(PLSA_CLIENT_REQUEST,
310 PVOID, PVOID, ULONG, PVOID *, PULONG, PNTSTATUS);
311 typedef NTSTATUS (NTAPI *PLSA_AP_CALL_PACKAGE_PASSTHROUGH)(PUNICODE_STRING,
312 PVOID, PVOID, ULONG, PVOID *, PULONG, PNTSTATUS);
313 typedef NTSTATUS (NTAPI *PLSA_AP_LOGON_USER_EX)(PLSA_CLIENT_REQUEST,
314 SECURITY_LOGON_TYPE, PVOID, PVOID, ULONG, PVOID *, PULONG, PLUID, PNTSTATUS,
315 PLSA_TOKEN_INFORMATION_TYPE, PVOID *, PUNICODE_STRING *, PUNICODE_STRING *,
316 PUNICODE_STRING *);
317 typedef NTSTATUS (NTAPI *PLSA_AP_LOGON_USER_EX2)(PLSA_CLIENT_REQUEST,
318 SECURITY_LOGON_TYPE, PVOID, PVOID, ULONG, PVOID *, PULONG, PLUID, PNTSTATUS,
319 PLSA_TOKEN_INFORMATION_TYPE, PVOID *, PUNICODE_STRING *, PUNICODE_STRING *,
320 PUNICODE_STRING *, PSECPKG_PRIMARY_CRED, PSECPKG_SUPPLEMENTAL_CRED_ARRAY *);
321 typedef NTSTATUS (SpInitializeFn)(ULONG_PTR, PSECPKG_PARAMETERS,
322 PLSA_SECPKG_FUNCTION_TABLE);
323 typedef NTSTATUS (NTAPI SpShutDownFn)(void);
324 typedef NTSTATUS (NTAPI SpGetInfoFn)(PSecPkgInfoW);
325 typedef NTSTATUS (NTAPI SpAcceptCredentialsFn)(SECURITY_LOGON_TYPE,
326 PUNICODE_STRING, PSECPKG_PRIMARY_CRED, PSECPKG_SUPPLEMENTAL_CRED);
327 typedef NTSTATUS (NTAPI SpAcquireCredentialsHandleFn)(PUNICODE_STRING, ULONG,
328 PLUID, PVOID, PVOID, PVOID, PLSA_SEC_HANDLE, PTimeStamp);
329 typedef NTSTATUS (NTAPI SpQueryCredentialsAttributesFn)(LSA_SEC_HANDLE, ULONG,
330 PVOID);
331 typedef NTSTATUS (NTAPI SpFreeCredentialsHandleFn)(LSA_SEC_HANDLE);
332 typedef NTSTATUS (NTAPI SpSaveCredentialsFn)(LSA_SEC_HANDLE, PSecBuffer);
333 typedef NTSTATUS (NTAPI SpGetCredentialsFn)(LSA_SEC_HANDLE, PSecBuffer);
334 typedef NTSTATUS (NTAPI SpDeleteCredentialsFn)(LSA_SEC_HANDLE, PSecBuffer);
335 typedef NTSTATUS (NTAPI SpInitLsaModeContextFn)(LSA_SEC_HANDLE, LSA_SEC_HANDLE,
336 PUNICODE_STRING, ULONG, ULONG, PSecBufferDesc, PLSA_SEC_HANDLE, PSecBufferDesc,
337 PULONG, PTimeStamp, PBOOLEAN, PSecBuffer);
338 typedef NTSTATUS (NTAPI SpAcceptLsaModeContextFn)(LSA_SEC_HANDLE,
339 LSA_SEC_HANDLE, PSecBufferDesc, ULONG, ULONG, PLSA_SEC_HANDLE, PSecBufferDesc,
340 PULONG, PTimeStamp, PBOOLEAN, PSecBuffer);
341 typedef NTSTATUS (NTAPI SpDeleteContextFn)(LSA_SEC_HANDLE);
342 typedef NTSTATUS (NTAPI SpApplyControlTokenFn)(LSA_SEC_HANDLE, PSecBufferDesc);
343 typedef NTSTATUS (NTAPI SpGetUserInfoFn)(PLUID, ULONG, PSecurityUserData *);
344 typedef NTSTATUS (NTAPI SpGetExtendedInformationFn)(
345 SECPKG_EXTENDED_INFORMATION_CLASS, PSECPKG_EXTENDED_INFORMATION *);
346 typedef NTSTATUS (NTAPI SpQueryContextAttributesFn)(LSA_SEC_HANDLE, ULONG,
347 PVOID);
348 typedef NTSTATUS (NTAPI SpAddCredentialsFn)(LSA_SEC_HANDLE, PUNICODE_STRING,
349 PUNICODE_STRING, ULONG, PVOID, PVOID, PVOID, PTimeStamp);
350 typedef NTSTATUS (NTAPI SpSetExtendedInformationFn)(
351 SECPKG_EXTENDED_INFORMATION_CLASS, PSECPKG_EXTENDED_INFORMATION);
352 typedef NTSTATUS (NTAPI SpSetContextAttributesFn)(LSA_SEC_HANDLE, ULONG, PVOID,
353 ULONG);
354 typedef NTSTATUS (NTAPI SpSetCredentialsAttributesFn)(LSA_SEC_HANDLE, ULONG,
355 PVOID, ULONG);
356 typedef NTSTATUS (NTAPI SpChangeAccountPasswordFn)(PUNICODE_STRING,
357 PUNICODE_STRING, PUNICODE_STRING, PUNICODE_STRING, BOOLEAN, PSecBufferDesc);
358 typedef NTSTATUS (NTAPI SpQueryMetaDataFn)(LSA_SEC_HANDLE, PUNICODE_STRING,
359 ULONG, PULONG, PUCHAR *, PLSA_SEC_HANDLE);
360 typedef NTSTATUS (NTAPI SpExchangeMetaDataFn)(LSA_SEC_HANDLE, PUNICODE_STRING,
361 ULONG, ULONG, PUCHAR, PLSA_SEC_HANDLE);
362 typedef NTSTATUS (NTAPI SpGetCredUIContextFn)(LSA_SEC_HANDLE, GUID *, PULONG,
363 PUCHAR *);
364 typedef NTSTATUS (NTAPI SpUpdateCredentialsFn)(LSA_SEC_HANDLE, GUID *, ULONG,
365 PUCHAR);
366 typedef NTSTATUS (NTAPI SpValidateTargetInfoFn)(PLSA_CLIENT_REQUEST, PVOID,
367 PVOID, ULONG, PSECPKG_TARGETINFO);
368
369 /* User-mode functions implemented by SSP/AP obtainable by a dispatch table */
370 typedef NTSTATUS (NTAPI SpInstanceInitFn)(ULONG, PSECPKG_DLL_FUNCTIONS,
371 PVOID *);
372 typedef NTSTATUS (NTAPI SpInitUserModeContextFn)(LSA_SEC_HANDLE, PSecBuffer);
373 typedef NTSTATUS (NTAPI SpMakeSignatureFn)(LSA_SEC_HANDLE, ULONG,
374 PSecBufferDesc, ULONG);
375 typedef NTSTATUS (NTAPI SpVerifySignatureFn)(LSA_SEC_HANDLE, PSecBufferDesc,
376 ULONG, PULONG);
377 typedef NTSTATUS (NTAPI SpSealMessageFn)(LSA_SEC_HANDLE, ULONG, PSecBufferDesc,
378 ULONG);
379 typedef NTSTATUS (NTAPI SpUnsealMessageFn)(LSA_SEC_HANDLE, PSecBufferDesc,
380 ULONG, PULONG);
381 typedef NTSTATUS (NTAPI SpGetContextTokenFn)(LSA_SEC_HANDLE, PHANDLE);
382 typedef NTSTATUS (NTAPI SpCompleteAuthTokenFn)(LSA_SEC_HANDLE, PSecBufferDesc);
383 typedef NTSTATUS (NTAPI SpFormatCredentialsFn)(PSecBuffer, PSecBuffer);
384 typedef NTSTATUS (NTAPI SpMarshallSupplementalCredsFn)(ULONG, PUCHAR, PULONG,
385 PVOID *);
386 typedef NTSTATUS (NTAPI SpExportSecurityContextFn)(LSA_SEC_HANDLE, ULONG,
387 PSecBuffer, PHANDLE);
388 typedef NTSTATUS (NTAPI SpImportSecurityContextFn)(PSecBuffer, HANDLE,
389 PLSA_SEC_HANDLE);
390
391 #ifdef WINE_NO_UNICODE_MACROS
392 #undef SetContextAttributes
393 #endif
394
395 /* dispatch tables of LSA-mode functions implemented by SSP/AP */
396 typedef struct SECPKG_FUNCTION_TABLE {
397 PLSA_AP_INITIALIZE_PACKAGE InitializePackage;
398 PLSA_AP_LOGON_USER LsaLogonUser;
399 PLSA_AP_CALL_PACKAGE CallPackage;
400 PLSA_AP_LOGON_TERMINATED LogonTerminated;
401 PLSA_AP_CALL_PACKAGE_UNTRUSTED CallPackageUntrusted;
402 PLSA_AP_CALL_PACKAGE_PASSTHROUGH CallPackagePassthrough;
403 PLSA_AP_LOGON_USER_EX LogonUserEx;
404 PLSA_AP_LOGON_USER_EX2 LogonUserEx2;
405 SpInitializeFn *Initialize;
406 SpShutDownFn *Shutdown;
407 SpGetInfoFn *GetInfo;
408 SpAcceptCredentialsFn *AcceptCredentials;
409 SpAcquireCredentialsHandleFn *SpAcquireCredentialsHandle;
410 SpQueryCredentialsAttributesFn *SpQueryCredentialsAttributes;
411 SpFreeCredentialsHandleFn *FreeCredentialsHandle;
412 SpSaveCredentialsFn *SaveCredentials;
413 SpGetCredentialsFn *GetCredentials;
414 SpDeleteCredentialsFn *DeleteCredentials;
415 SpInitLsaModeContextFn *InitLsaModeContext;
416 SpAcceptLsaModeContextFn *AcceptLsaModeContext;
417 SpDeleteContextFn *DeleteContext;
418 SpApplyControlTokenFn *ApplyControlToken;
419 SpGetUserInfoFn *GetUserInfo;
420 SpGetExtendedInformationFn *GetExtendedInformation;
421 SpQueryContextAttributesFn *SpQueryContextAttributes;
422 SpAddCredentialsFn *SpAddCredentials;
423 SpSetExtendedInformationFn *SetExtendedInformation;
424 /* Packages with version SECPKG_INTERFACE_VERSION end here */
425 SpSetContextAttributesFn *SetContextAttributes;
426 /* Packages with version SECPKG_INTERFACE_VERSION_2 end here */
427 SpSetCredentialsAttributesFn *SetCredentialsAttributes;
428 /* Packages with version SECPKG_INTERFACE_VERSION_3 end here */
429 SpChangeAccountPasswordFn *ChangeAccountPassword;
430 /* Packages with version SECPKG_INTERFACE_VERSION_4 end here */
431 SpQueryMetaDataFn *QueryMetaData;
432 SpExchangeMetaDataFn *ExchangeMetaData;
433 SpGetCredUIContextFn *GetCredUIContext;
434 SpUpdateCredentialsFn *UpdateCredentials;
435 /* Packages with version SECPKG_INTERFACE_VERSION_5 end here */
436 SpValidateTargetInfoFn *ValidateTargetInfo;
437 /* Packages with version SECPKG_INTERFACE_VERSION_6 end here */
438 } SECPKG_FUNCTION_TABLE,
439 *PSECPKG_FUNCTION_TABLE;
440
441 /* dispatch tables of user-mode functions implemented by SSP/AP */
442 typedef struct SECPKG_USER_FUNCTION_TABLE {
443 SpInstanceInitFn *InstanceInit;
444 SpInitUserModeContextFn *InitUserModeContext;
445 SpMakeSignatureFn *MakeSignature;
446 SpVerifySignatureFn *VerifySignature;
447 SpSealMessageFn *SealMessage;
448 SpUnsealMessageFn *UnsealMessage;
449 SpGetContextTokenFn *GetContextToken;
450 SpQueryContextAttributesFn *SpQueryContextAttributes;
451 SpCompleteAuthTokenFn *CompleteAuthToken;
452 SpDeleteContextFn *DeleteUserModeContext;
453 SpFormatCredentialsFn *FormatCredentials;
454 SpMarshallSupplementalCredsFn *MarshallSupplementalCreds;
455 SpExportSecurityContextFn *ExportContext;
456 SpImportSecurityContextFn *ImportContext;
457 } SECPKG_USER_FUNCTION_TABLE,
458 *PSECPKG_USER_FUNCTION_TABLE;
459
460 /* LSA-mode entry point to SSP/APs */
461 typedef NTSTATUS (NTAPI *SpLsaModeInitializeFn)(ULONG, PULONG,
462 PSECPKG_FUNCTION_TABLE *, PULONG);
463
464 /* User-mode entry point to SSP/APs */
465 typedef NTSTATUS (WINAPI *SpUserModeInitializeFn)(ULONG, PULONG,
466 PSECPKG_USER_FUNCTION_TABLE *, PULONG);
467
468 #ifdef __cplusplus
469 }
470 #endif
471 #endif /* _NTSECPKG_H */
472
This page was automatically generated by the
LXR engine.
Visit the LXR main site for more
information.