2008-04-26 Yuval <uvman@users.sourceforge.net>

* include/ntsecpkg.h (SECPKG_STATE_ENCRYPTION_PERMITTED,
        SECPKG_STATE_STRONG_ENCRYPTION_PERMITTED, SECPKG_STATE_DOMAIN_CONTROLLER,
        SECPKG_STATE_WORKSTATION, SECPKG_STATE_STANDALONE,
        LSA_TOKEN_INFORMATION_TYPE, SECPKG_EXTENDED_INFORMATION_CLASS,
        SECPKG_NAME_TYPE, SECPKG_PRIMARY_CRED, SECPKG_SUPPLEMENTAL_CRED,
        SECPKG_SUPPLEMENTAL_CRED_ARRAY, SECPKG_PARAMETERS,
        SECPKG_EVENT_DOMAIN_CHANGE, SECPKG_CLIENT_INFO, SecurityUserData,
        SECPKG_GSS_INFO, SECPKG_CONTEXT_THUNKS, SECPKG_MUTUAL_AUTH_LEVEL,
        SECPKG_CALL_INFO, SECPKG_EXTENDED_INFORMATION, PLSA_CALLBACK_FUNCTION,
        *PLSA_CLIENT_REQUEST, LSA_SEC_HANDLE, SEC_THREAD_START, SEC_ATTRS,
        *PLSA_REGISTER_CALLBACK, *PLSA_CREATE_LOGON_SESSION,
        *PLSA_DELETE_LOGON_SESSION, *PLSA_ADD_CREDENTIAL, *PLSA_GET_CREDENTIALS,
        *PLSA_DELETE_CREDENTIAL, *PLSA_ALLOCATE_LSA_HEAP, *PLSA_FREE_LSA_HEAP,
        *PLSA_ALLOCATE_CLIENT_BUFFER, *PLSA_FREE_CLIENT_BUFFER,
        *PLSA_COPY_TO_CLIENT_BUFFER, *PLSA_COPY_FROM_CLIENT_BUFFER,
        *PLSA_IMPERSONATE_CLIENT, *PLSA_UNLOAD_PACKAGE, *PLSA_DUPLICATE_HANDLE,
        *PLSA_SAVE_SUPPLEMENTAL_CREDENTIALS, *PLSA_CREATE_THREAD,
        *PLSA_GET_CLIENT_INFO, *PLSA_REGISTER_NOTIFICATION,
        *PLSA_CANCEL_NOTIFICATION, *PLSA_MAP_BUFFER, *PLSA_CREATE_TOKEN,
        *PLSA_AUDIT_LOGON, *PLSA_CALL_PACKAGE, *PLSA_FREE_LSA_HEAP,
        *PLSA_GET_CALL_INFO, *PLSA_CALL_PACKAGEEX, *PLSA_CREATE_SHARED_MEMORY,
        *PLSA_ALLOCATE_SHARED_MEMORY, *PLSA_FREE_SHARED_MEMORY,
        *PLSA_DELETE_SHARED_MEMORY, *PLSA_OPEN_SAM_USER, *PLSA_GET_USER_CREDENTIALS,
        *PLSA_GET_USER_AUTH_DATA, *PLSA_CLOSE_SAM_USER,
        *PLSA_CONVERT_AUTH_DATA_TO_TOKEN, *PLSA_CLIENT_CALLBACK,
        *PLSA_UPDATE_PRIMARY_CREDENTIALS, *PLSA_GET_AUTH_DATA_FOR_USER,
        *PLSA_CRACK_SINGLE_NAME, *PLSA_AUDIT_ACCOUNT_LOGON,
        *PLSA_CALL_PACKAGE_PASSTHROUGH, SECPKG_DLL_FUNCTIONS, LSA_DISPATCH_TABLE,
        LSA_SECPKG_FUNCTION_TABLE, *PLSA_AP_INITIALIZE_PACKAGE, *PLSA_AP_LOGON_USER,
        *PLSA_AP_CALL_PACKAGE, *PLSA_AP_LOGON_TERMINATED,
        *PLSA_AP_CALL_PACKAGE_UNTRUSTED, *PLSA_AP_CALL_PACKAGE_PASSTHROUGH,
        *PLSA_AP_LOGON_USER_EX, *PLSA_AP_LOGON_USER_EX2, SpInitializeFn,
        SpShutDownFn, SpGetInfoFn, SpAcceptCredentialsFn,
        SpAcquireCredentialsHandleFn, SpQueryCredentialsAttributesFn,
        SpFreeCredentialsHandleFn, SpSaveCredentialsFn, SpGetCredentialsFn,
        SpDeleteCredentialsFn, SpInitLsaModeContextFn, SpAcceptLsaModeContextFn,
        SpDeleteContextFn, SpApplyControlTokenFn, SpGetUserInfoFn,
        SpGetExtendedInformationFn, SpQueryContextAttributesFn, SpAddCredentialsFn,
        SpSetExtendedInformationFn, SpInstanceInitFn, SpInitUserModeContextFn,
        SpMakeSignatureFn, SpVerifySignatureFn, SpSealMessageFn, SpUnsealMessageFn,
        SpGetContextTokenFn, SpCompleteAuthTokenFn, SpFormatCredentialsFn,
        SpMarshallSupplementalCredsFn, SpExportSecurityContextFn,
        SpImportSecurityContextFn, SECPKG_FUNCTION_TABLE,
        SECPKG_USER_FUNCTION_TABLE, *SpLsaModeInitializeFn,
        *SpUserModeInitializeFn): Define.
        * include/sspi.h (SECURITY_STRING): Define.
This commit is contained in:
Chris Sutcliffe 2008-04-27 00:06:44 +00:00
parent 346cdb434e
commit adfa3c85d0
3 changed files with 438 additions and 0 deletions

View File

@ -1,3 +1,52 @@
2008-04-26 Yuval <uvman@users.sourceforge.net>
* include/ntsecpkg.h (SECPKG_STATE_ENCRYPTION_PERMITTED,
SECPKG_STATE_STRONG_ENCRYPTION_PERMITTED, SECPKG_STATE_DOMAIN_CONTROLLER,
SECPKG_STATE_WORKSTATION, SECPKG_STATE_STANDALONE,
LSA_TOKEN_INFORMATION_TYPE, SECPKG_EXTENDED_INFORMATION_CLASS,
SECPKG_NAME_TYPE, SECPKG_PRIMARY_CRED, SECPKG_SUPPLEMENTAL_CRED,
SECPKG_SUPPLEMENTAL_CRED_ARRAY, SECPKG_PARAMETERS,
SECPKG_EVENT_DOMAIN_CHANGE, SECPKG_CLIENT_INFO, SecurityUserData,
SECPKG_GSS_INFO, SECPKG_CONTEXT_THUNKS, SECPKG_MUTUAL_AUTH_LEVEL,
SECPKG_CALL_INFO, SECPKG_EXTENDED_INFORMATION, PLSA_CALLBACK_FUNCTION,
*PLSA_CLIENT_REQUEST, LSA_SEC_HANDLE, SEC_THREAD_START, SEC_ATTRS,
*PLSA_REGISTER_CALLBACK, *PLSA_CREATE_LOGON_SESSION,
*PLSA_DELETE_LOGON_SESSION, *PLSA_ADD_CREDENTIAL, *PLSA_GET_CREDENTIALS,
*PLSA_DELETE_CREDENTIAL, *PLSA_ALLOCATE_LSA_HEAP, *PLSA_FREE_LSA_HEAP,
*PLSA_ALLOCATE_CLIENT_BUFFER, *PLSA_FREE_CLIENT_BUFFER,
*PLSA_COPY_TO_CLIENT_BUFFER, *PLSA_COPY_FROM_CLIENT_BUFFER,
*PLSA_IMPERSONATE_CLIENT, *PLSA_UNLOAD_PACKAGE, *PLSA_DUPLICATE_HANDLE,
*PLSA_SAVE_SUPPLEMENTAL_CREDENTIALS, *PLSA_CREATE_THREAD,
*PLSA_GET_CLIENT_INFO, *PLSA_REGISTER_NOTIFICATION,
*PLSA_CANCEL_NOTIFICATION, *PLSA_MAP_BUFFER, *PLSA_CREATE_TOKEN,
*PLSA_AUDIT_LOGON, *PLSA_CALL_PACKAGE, *PLSA_FREE_LSA_HEAP,
*PLSA_GET_CALL_INFO, *PLSA_CALL_PACKAGEEX, *PLSA_CREATE_SHARED_MEMORY,
*PLSA_ALLOCATE_SHARED_MEMORY, *PLSA_FREE_SHARED_MEMORY,
*PLSA_DELETE_SHARED_MEMORY, *PLSA_OPEN_SAM_USER, *PLSA_GET_USER_CREDENTIALS,
*PLSA_GET_USER_AUTH_DATA, *PLSA_CLOSE_SAM_USER,
*PLSA_CONVERT_AUTH_DATA_TO_TOKEN, *PLSA_CLIENT_CALLBACK,
*PLSA_UPDATE_PRIMARY_CREDENTIALS, *PLSA_GET_AUTH_DATA_FOR_USER,
*PLSA_CRACK_SINGLE_NAME, *PLSA_AUDIT_ACCOUNT_LOGON,
*PLSA_CALL_PACKAGE_PASSTHROUGH, SECPKG_DLL_FUNCTIONS, LSA_DISPATCH_TABLE,
LSA_SECPKG_FUNCTION_TABLE, *PLSA_AP_INITIALIZE_PACKAGE, *PLSA_AP_LOGON_USER,
*PLSA_AP_CALL_PACKAGE, *PLSA_AP_LOGON_TERMINATED,
*PLSA_AP_CALL_PACKAGE_UNTRUSTED, *PLSA_AP_CALL_PACKAGE_PASSTHROUGH,
*PLSA_AP_LOGON_USER_EX, *PLSA_AP_LOGON_USER_EX2, SpInitializeFn,
SpShutDownFn, SpGetInfoFn, SpAcceptCredentialsFn,
SpAcquireCredentialsHandleFn, SpQueryCredentialsAttributesFn,
SpFreeCredentialsHandleFn, SpSaveCredentialsFn, SpGetCredentialsFn,
SpDeleteCredentialsFn, SpInitLsaModeContextFn, SpAcceptLsaModeContextFn,
SpDeleteContextFn, SpApplyControlTokenFn, SpGetUserInfoFn,
SpGetExtendedInformationFn, SpQueryContextAttributesFn, SpAddCredentialsFn,
SpSetExtendedInformationFn, SpInstanceInitFn, SpInitUserModeContextFn,
SpMakeSignatureFn, SpVerifySignatureFn, SpSealMessageFn, SpUnsealMessageFn,
SpGetContextTokenFn, SpCompleteAuthTokenFn, SpFormatCredentialsFn,
SpMarshallSupplementalCredsFn, SpExportSecurityContextFn,
SpImportSecurityContextFn, SECPKG_FUNCTION_TABLE,
SECPKG_USER_FUNCTION_TABLE, *SpLsaModeInitializeFn,
*SpUserModeInitializeFn): Define.
* include/sspi.h (SECURITY_STRING): Define.
2008-04-26 Danny Smith <dannysmith@users.sourceforge.net> 2008-04-26 Danny Smith <dannysmith@users.sourceforge.net>
* include/specstrings.h: Add more dummy defines. * include/specstrings.h: Add more dummy defines.

View File

@ -4,6 +4,14 @@
#pragma GCC system_header #pragma GCC system_header
#endif #endif
#include "windef.h"
#include "ntsecapi.h"
#include "security.h"
#ifdef __cplusplus
extern "C" {
#endif
#define ISC_REQ_DELEGATE 1 #define ISC_REQ_DELEGATE 1
#define ISC_REQ_MUTUAL_AUTH 2 #define ISC_REQ_MUTUAL_AUTH 2
#define ISC_REQ_REPLAY_DETECT 4 #define ISC_REQ_REPLAY_DETECT 4
@ -41,4 +49,383 @@
#define SECURITY_NATIVE_DREP 16 #define SECURITY_NATIVE_DREP 16
#define SECURITY_NETWORK_DREP 0 #define SECURITY_NETWORK_DREP 0
#define SECPKG_STATE_ENCRYPTION_PERMITTED 0x01
#define SECPKG_STATE_STRONG_ENCRYPTION_PERMITTED 0x02
#define SECPKG_STATE_DOMAIN_CONTROLLER 0x04
#define SECPKG_STATE_WORKSTATION 0x08
#define SECPKG_STATE_STANDALONE 0x10
/* enum definitions for Secure Service Provider/Authentication Packages */
typedef enum _LSA_TOKEN_INFORMATION_TYPE {
LsaTokenInformationNull,
LsaTokenInformationV1
} LSA_TOKEN_INFORMATION_TYPE, *PLSA_TOKEN_INFORMATION_TYPE;
typedef enum _SECPKG_EXTENDED_INFORMATION_CLASS
{
SecpkgGssInfo = 1,
SecpkgContextThunks,
SecpkgMutualAuthLevel,
SecpkgMaxInfo
} SECPKG_EXTENDED_INFORMATION_CLASS;
typedef enum _SECPKG_NAME_TYPE {
SecNameSamCompatible,
SecNameAlternateId,
SecNameFlat,
SecNameDN
} SECPKG_NAME_TYPE;
/* struct definitions for SSP/AP */
typedef struct _SECPKG_PRIMARY_CRED {
LUID LogonId;
UNICODE_STRING DownlevelName;
UNICODE_STRING DomainName;
UNICODE_STRING Password;
UNICODE_STRING OldPassword;
PSID UserSid;
ULONG Flags;
UNICODE_STRING DnsDomainName;
UNICODE_STRING Upn;
UNICODE_STRING LogonServer;
UNICODE_STRING Spare1;
UNICODE_STRING Spare2;
UNICODE_STRING Spare3;
UNICODE_STRING Spare4;
} SECPKG_PRIMARY_CRED, *PSECPKG_PRIMARY_CRED;
typedef struct _SECPKG_SUPPLEMENTAL_CRED {
UNICODE_STRING PackageName;
ULONG CredentialSize;
PUCHAR Credentials;
} SECPKG_SUPPLEMENTAL_CRED, *PSECPKG_SUPPLEMENTAL_CRED;
typedef struct _SECPKG_SUPPLEMENTAL_CRED_ARRAY {
ULONG CredentialCount;
SECPKG_SUPPLEMENTAL_CRED Credentials[1];
} SECPKG_SUPPLEMENTAL_CRED_ARRAY, *PSECPKG_SUPPLEMENTAL_CRED_ARRAY;
typedef struct _SECPKG_PARAMETERS {
ULONG Version;
ULONG MachineState;
ULONG SetupMode;
PSID DomainSid;
UNICODE_STRING DomainName;
UNICODE_STRING DnsDomainName;
GUID DomainGuid;
} SECPKG_PARAMETERS, *PSECPKG_PARAMETERS,
SECPKG_EVENT_DOMAIN_CHANGE, *PSECPKG_EVENT_DOMAIN_CHANGE;
typedef struct _SECPKG_CLIENT_INFO {
LUID LogonId;
ULONG ProcessID;
ULONG ThreadID;
BOOLEAN HasTcbPrivilege;
BOOLEAN Impersonating;
BOOLEAN Restricted;
} SECPKG_CLIENT_INFO,
*PSECPKG_CLIENT_INFO;
typedef struct _SECURITY_USER_DATA {
SECURITY_STRING UserName;
SECURITY_STRING LogonDomainName;
SECURITY_STRING LogonServer;
PSID pSid;
} SECURITY_USER_DATA, *PSECURITY_USER_DATA,
SecurityUserData, *PSecurityUserData;
typedef struct _SECPKG_GSS_INFO {
ULONG EncodedIdLength;
UCHAR EncodedId[4];
} SECPKG_GSS_INFO, *PSECPKG_GSS_INFO;
typedef struct _SECPKG_CONTEXT_THUNKS {
ULONG InfoLevelCount;
ULONG Levels[1];
} SECPKG_CONTEXT_THUNKS, *PSECPKG_CONTEXT_THUNKS;
typedef struct _SECPKG_MUTUAL_AUTH_LEVEL {
ULONG MutualAuthLevel;
} SECPKG_MUTUAL_AUTH_LEVEL, *PSECPKG_MUTUAL_AUTH_LEVEL;
typedef struct _SECPKG_CALL_INFO {
ULONG ProcessId;
ULONG ThreadId;
ULONG Attributes;
ULONG CallCount;
} SECPKG_CALL_INFO, *PSECPKG_CALL_INFO;
typedef struct _SECPKG_EXTENDED_INFORMATION {
SECPKG_EXTENDED_INFORMATION_CLASS Class;
union {
SECPKG_GSS_INFO GssInfo;
SECPKG_CONTEXT_THUNKS ContextThunks;
SECPKG_MUTUAL_AUTH_LEVEL MutualAuthLevel;
} Info;
} SECPKG_EXTENDED_INFORMATION, *PSECPKG_EXTENDED_INFORMATION;
/* callbacks implemented by SSP/AP dlls and called by the LSA */
typedef VOID (NTAPI *PLSA_CALLBACK_FUNCTION)(ULONG_PTR, ULONG_PTR, PSecBuffer,
PSecBuffer);
/* misc typedefs used in the below prototypes */
typedef PVOID *PLSA_CLIENT_REQUEST;
typedef ULONG LSA_SEC_HANDLE, *PLSA_SEC_HANDLE;
typedef LPTHREAD_START_ROUTINE SEC_THREAD_START;
typedef PSECURITY_ATTRIBUTES SEC_ATTRS;
/* functions used by SSP/AP obtainable by dispatch tables */
typedef NTSTATUS (NTAPI *PLSA_REGISTER_CALLBACK)(ULONG, PLSA_CALLBACK_FUNCTION);
typedef NTSTATUS (NTAPI *PLSA_CREATE_LOGON_SESSION)(PLUID);
typedef NTSTATUS (NTAPI *PLSA_DELETE_LOGON_SESSION)(PLUID);
typedef NTSTATUS (NTAPI *PLSA_ADD_CREDENTIAL)(PLUID, ULONG, PLSA_STRING,
PLSA_STRING);
typedef NTSTATUS (NTAPI *PLSA_GET_CREDENTIALS)(PLUID, ULONG, PULONG, BOOLEAN,
PLSA_STRING, PULONG, PLSA_STRING);
typedef NTSTATUS (NTAPI *PLSA_DELETE_CREDENTIAL)(PLUID, ULONG, PLSA_STRING);
typedef PVOID (NTAPI *PLSA_ALLOCATE_LSA_HEAP)(ULONG);
typedef VOID (NTAPI *PLSA_FREE_LSA_HEAP)(PVOID);
typedef NTSTATUS (NTAPI *PLSA_ALLOCATE_CLIENT_BUFFER)(PLSA_CLIENT_REQUEST,
ULONG, PVOID*);
typedef NTSTATUS (NTAPI *PLSA_FREE_CLIENT_BUFFER)(PLSA_CLIENT_REQUEST, PVOID);
typedef NTSTATUS (NTAPI *PLSA_COPY_TO_CLIENT_BUFFER)(PLSA_CLIENT_REQUEST, ULONG,
PVOID, PVOID);
typedef NTSTATUS (NTAPI *PLSA_COPY_FROM_CLIENT_BUFFER)(PLSA_CLIENT_REQUEST,
ULONG, PVOID, PVOID);
typedef NTSTATUS (NTAPI *PLSA_IMPERSONATE_CLIENT)(void);
typedef NTSTATUS (NTAPI *PLSA_UNLOAD_PACKAGE)(void);
typedef NTSTATUS (NTAPI *PLSA_DUPLICATE_HANDLE)(HANDLE, PHANDLE);
typedef NTSTATUS (NTAPI *PLSA_SAVE_SUPPLEMENTAL_CREDENTIALS)(PLUID, ULONG,
PVOID, BOOLEAN);
typedef HANDLE (NTAPI *PLSA_CREATE_THREAD)(SEC_ATTRS, ULONG, SEC_THREAD_START,
PVOID, ULONG, PULONG);
typedef NTSTATUS (NTAPI *PLSA_GET_CLIENT_INFO)(PSECPKG_CLIENT_INFO);
typedef HANDLE (NTAPI *PLSA_REGISTER_NOTIFICATION)(SEC_THREAD_START, PVOID,
ULONG, ULONG, ULONG, ULONG, HANDLE);
typedef NTSTATUS (NTAPI *PLSA_CANCEL_NOTIFICATION)(HANDLE);
typedef NTSTATUS (NTAPI *PLSA_MAP_BUFFER)(PSecBuffer, PSecBuffer);
typedef NTSTATUS (NTAPI *PLSA_CREATE_TOKEN)(PLUID, PTOKEN_SOURCE,
SECURITY_LOGON_TYPE, SECURITY_IMPERSONATION_LEVEL, LSA_TOKEN_INFORMATION_TYPE,
PVOID, PTOKEN_GROUPS, PUNICODE_STRING, PUNICODE_STRING, PUNICODE_STRING,
PUNICODE_STRING, PHANDLE, PNTSTATUS);
typedef VOID (NTAPI *PLSA_AUDIT_LOGON)(NTSTATUS, NTSTATUS, PUNICODE_STRING,
PUNICODE_STRING, PUNICODE_STRING, OPTIONAL PSID, SECURITY_LOGON_TYPE,
PTOKEN_SOURCE, PLUID);
typedef NTSTATUS (NTAPI *PLSA_CALL_PACKAGE)(PUNICODE_STRING, PVOID, ULONG,
PVOID*, PULONG, PNTSTATUS);
typedef VOID (NTAPI *PLSA_FREE_LSA_HEAP)(PVOID);
typedef BOOLEAN (NTAPI *PLSA_GET_CALL_INFO)(PSECPKG_CALL_INFO);
typedef NTSTATUS (NTAPI *PLSA_CALL_PACKAGEEX)(PUNICODE_STRING, PVOID, PVOID,
ULONG, PVOID*, PULONG, PNTSTATUS);
typedef PVOID (NTAPI *PLSA_CREATE_SHARED_MEMORY)(ULONG, ULONG);
typedef PVOID (NTAPI *PLSA_ALLOCATE_SHARED_MEMORY)(PVOID, ULONG);
typedef VOID (NTAPI *PLSA_FREE_SHARED_MEMORY)(PVOID, PVOID);
typedef BOOLEAN (NTAPI *PLSA_DELETE_SHARED_MEMORY)(PVOID);
typedef NTSTATUS (NTAPI *PLSA_OPEN_SAM_USER)(PSECURITY_STRING, SECPKG_NAME_TYPE,
PSECURITY_STRING, BOOLEAN, ULONG, PVOID*);
typedef NTSTATUS (NTAPI *PLSA_GET_USER_CREDENTIALS)(PVOID, PVOID *, PULONG,
PVOID *, PULONG);
typedef NTSTATUS (NTAPI *PLSA_GET_USER_AUTH_DATA)(PVOID, PUCHAR *, PULONG);
typedef NTSTATUS (NTAPI *PLSA_CLOSE_SAM_USER)(PVOID);
typedef NTSTATUS (NTAPI *PLSA_CONVERT_AUTH_DATA_TO_TOKEN)(PVOID, ULONG,
SECURITY_IMPERSONATION_LEVEL, PTOKEN_SOURCE, SECURITY_LOGON_TYPE,
PUNICODE_STRING, PHANDLE, PLUID, PUNICODE_STRING, PNTSTATUS);
typedef NTSTATUS (NTAPI *PLSA_CLIENT_CALLBACK)(PCHAR, ULONG_PTR, ULONG_PTR,
PSecBuffer, PSecBuffer);
typedef NTSTATUS (NTAPI *PLSA_UPDATE_PRIMARY_CREDENTIALS)(PSECPKG_PRIMARY_CRED, PSECPKG_SUPPLEMENTAL_CRED_ARRAY);
typedef NTSTATUS (NTAPI *PLSA_GET_AUTH_DATA_FOR_USER)(PSECURITY_STRING,
SECPKG_NAME_TYPE, PSECURITY_STRING, PUCHAR *, PULONG, PUNICODE_STRING);
typedef NTSTATUS (NTAPI *PLSA_CRACK_SINGLE_NAME)(ULONG, BOOLEAN,
PUNICODE_STRING, PUNICODE_STRING, ULONG, PUNICODE_STRING, PUNICODE_STRING,
PULONG);
typedef NTSTATUS (NTAPI *PLSA_AUDIT_ACCOUNT_LOGON)(ULONG, BOOLEAN,
PUNICODE_STRING, PUNICODE_STRING, PUNICODE_STRING, NTSTATUS);
typedef NTSTATUS (NTAPI *PLSA_CALL_PACKAGE_PASSTHROUGH)(PUNICODE_STRING, PVOID,
PVOID, ULONG, PVOID*, PULONG, PNTSTATUS);
/* Dispatch tables of functions used by SSP/AP */
typedef struct SECPKG_DLL_FUNCTIONS {
PLSA_ALLOCATE_LSA_HEAP AllocateHeap;
PLSA_FREE_LSA_HEAP FreeHeap;
PLSA_REGISTER_CALLBACK RegisterCallback;
} SECPKG_DLL_FUNCTIONS,
*PSECPKG_DLL_FUNCTIONS;
typedef struct LSA_DISPATCH_TABLE {
PLSA_CREATE_LOGON_SESSION CreateLogonSession;
PLSA_DELETE_LOGON_SESSION DeleteLogonSession;
PLSA_ADD_CREDENTIAL AddCredential;
PLSA_GET_CREDENTIALS GetCredentials;
PLSA_DELETE_CREDENTIAL DeleteCredential;
PLSA_ALLOCATE_LSA_HEAP AllocateLsaHeap;
PLSA_FREE_LSA_HEAP FreeLsaHeap;
PLSA_ALLOCATE_CLIENT_BUFFER AllocateClientBuffer;
PLSA_FREE_CLIENT_BUFFER FreeClientBuffer;
PLSA_COPY_TO_CLIENT_BUFFER CopyToClientBuffer;
PLSA_COPY_FROM_CLIENT_BUFFER CopyFromClientBuffer;
} LSA_DISPATCH_TABLE,
*PLSA_DISPATCH_TABLE;
typedef struct _LSA_SECPKG_FUNCTION_TABLE {
PLSA_CREATE_LOGON_SESSION CreateLogonSession;
PLSA_DELETE_LOGON_SESSION DeleteLogonSession;
PLSA_ADD_CREDENTIAL AddCredential;
PLSA_GET_CREDENTIALS GetCredentials;
PLSA_DELETE_CREDENTIAL DeleteCredential;
PLSA_ALLOCATE_LSA_HEAP AllocateLsaHeap;
PLSA_FREE_LSA_HEAP FreeLsaHeap;
PLSA_ALLOCATE_CLIENT_BUFFER AllocateClientBuffer;
PLSA_FREE_CLIENT_BUFFER FreeClientBuffer;
PLSA_COPY_TO_CLIENT_BUFFER CopyToClientBuffer;
PLSA_COPY_FROM_CLIENT_BUFFER CopyFromClientBuffer;
PLSA_IMPERSONATE_CLIENT ImpersonateClient;
PLSA_UNLOAD_PACKAGE UnloadPackage;
PLSA_DUPLICATE_HANDLE DuplicateHandle;
PLSA_SAVE_SUPPLEMENTAL_CREDENTIALS SaveSupplementalCredentials;
PLSA_CREATE_THREAD CreateThread;
PLSA_GET_CLIENT_INFO GetClientInfo;
PLSA_REGISTER_NOTIFICATION RegisterNotification;
PLSA_CANCEL_NOTIFICATION CancelNotification;
PLSA_MAP_BUFFER MapBuffer;
PLSA_CREATE_TOKEN CreateToken;
PLSA_AUDIT_LOGON AuditLogon;
PLSA_CALL_PACKAGE CallPackage;
PLSA_FREE_LSA_HEAP FreeReturnBuffer;
PLSA_GET_CALL_INFO GetCallInfo;
PLSA_CALL_PACKAGEEX CallPackageEx;
PLSA_CREATE_SHARED_MEMORY CreateSharedMemory;
PLSA_ALLOCATE_SHARED_MEMORY AllocateSharedMemory;
PLSA_FREE_SHARED_MEMORY FreeSharedMemory;
PLSA_DELETE_SHARED_MEMORY DeleteSharedMemory;
PLSA_OPEN_SAM_USER OpenSamUser;
PLSA_GET_USER_CREDENTIALS GetUserCredentials;
PLSA_GET_USER_AUTH_DATA GetUserAuthData;
PLSA_CLOSE_SAM_USER CloseSamUser;
PLSA_CONVERT_AUTH_DATA_TO_TOKEN ConvertAuthDataToToken;
PLSA_CLIENT_CALLBACK ClientCallback;
PLSA_UPDATE_PRIMARY_CREDENTIALS UpdateCredentials;
PLSA_GET_AUTH_DATA_FOR_USER GetAuthDataForUser;
PLSA_CRACK_SINGLE_NAME CrackSingleName;
PLSA_AUDIT_ACCOUNT_LOGON AuditAccountLogon;
PLSA_CALL_PACKAGE_PASSTHROUGH CallPackagePassthrough;
} LSA_SECPKG_FUNCTION_TABLE,
*PLSA_SECPKG_FUNCTION_TABLE;
/* functions implemented by SSP/AP obtainable by dispatch tables */
typedef NTSTATUS (NTAPI *PLSA_AP_INITIALIZE_PACKAGE)(ULONG, PLSA_DISPATCH_TABLE,
PLSA_STRING, PLSA_STRING, PLSA_STRING *);
typedef NTSTATUS (NTAPI *PLSA_AP_LOGON_USER)(LPWSTR, LPWSTR, LPWSTR, LPWSTR,
DWORD, DWORD, PHANDLE);
typedef NTSTATUS (NTAPI *PLSA_AP_CALL_PACKAGE)(PUNICODE_STRING, PVOID, ULONG,
PVOID *, PULONG, PNTSTATUS);
typedef VOID (NTAPI *PLSA_AP_LOGON_TERMINATED)(PLUID);
typedef NTSTATUS (NTAPI *PLSA_AP_CALL_PACKAGE_UNTRUSTED)(PLSA_CLIENT_REQUEST,
PVOID, PVOID, ULONG, PVOID *, PULONG, PNTSTATUS);
typedef NTSTATUS (NTAPI *PLSA_AP_CALL_PACKAGE_PASSTHROUGH)(PUNICODE_STRING,
PVOID, PVOID, ULONG, PVOID *, PULONG, PNTSTATUS);
typedef NTSTATUS (NTAPI *PLSA_AP_LOGON_USER_EX)(PLSA_CLIENT_REQUEST,
SECURITY_LOGON_TYPE, PVOID, PVOID, ULONG, PVOID *, PULONG, PLUID, PNTSTATUS,
PLSA_TOKEN_INFORMATION_TYPE, PVOID *, PUNICODE_STRING *, PUNICODE_STRING *,
PUNICODE_STRING *);
typedef NTSTATUS (NTAPI *PLSA_AP_LOGON_USER_EX2)(PLSA_CLIENT_REQUEST,
SECURITY_LOGON_TYPE, PVOID, PVOID, ULONG, PVOID *, PULONG, PLUID, PNTSTATUS,
PLSA_TOKEN_INFORMATION_TYPE, PVOID *, PUNICODE_STRING *, PUNICODE_STRING *,
PUNICODE_STRING *, PSECPKG_PRIMARY_CRED, PSECPKG_SUPPLEMENTAL_CRED_ARRAY *);
typedef NTSTATUS (SpInitializeFn)(ULONG_PTR, PSECPKG_PARAMETERS,
PLSA_SECPKG_FUNCTION_TABLE);
typedef NTSTATUS (NTAPI SpShutDownFn)(void);
typedef NTSTATUS (NTAPI SpGetInfoFn)(PSecPkgInfoW);
typedef NTSTATUS (NTAPI SpAcceptCredentialsFn)(SECURITY_LOGON_TYPE,
PUNICODE_STRING, PSECPKG_PRIMARY_CRED, PSECPKG_SUPPLEMENTAL_CRED);
typedef NTSTATUS (NTAPI SpAcquireCredentialsHandleFn)(PUNICODE_STRING, ULONG,
PLUID, PVOID, PVOID, PVOID, PLSA_SEC_HANDLE, PTimeStamp);
typedef NTSTATUS (NTAPI SpQueryCredentialsAttributesFn)(LSA_SEC_HANDLE, ULONG,
PVOID);
typedef NTSTATUS (NTAPI SpFreeCredentialsHandleFn)(LSA_SEC_HANDLE);
typedef NTSTATUS (NTAPI SpSaveCredentialsFn)(LSA_SEC_HANDLE, PSecBuffer);
typedef NTSTATUS (NTAPI SpGetCredentialsFn)(LSA_SEC_HANDLE, PSecBuffer);
typedef NTSTATUS (NTAPI SpDeleteCredentialsFn)(LSA_SEC_HANDLE, PSecBuffer);
typedef NTSTATUS (NTAPI SpInitLsaModeContextFn)(LSA_SEC_HANDLE, LSA_SEC_HANDLE,
PUNICODE_STRING, ULONG, ULONG, PSecBufferDesc, PLSA_SEC_HANDLE, PSecBufferDesc,
PULONG, PTimeStamp, PBOOLEAN, PSecBuffer);
typedef NTSTATUS (NTAPI SpAcceptLsaModeContextFn)(LSA_SEC_HANDLE,
LSA_SEC_HANDLE, PSecBufferDesc, ULONG, ULONG, PLSA_SEC_HANDLE, PSecBufferDesc,
PULONG, PTimeStamp, PBOOLEAN, PSecBuffer);
typedef NTSTATUS (NTAPI SpDeleteContextFn)(LSA_SEC_HANDLE);
typedef NTSTATUS (NTAPI SpApplyControlTokenFn)(LSA_SEC_HANDLE, PSecBufferDesc);
typedef NTSTATUS (NTAPI SpGetUserInfoFn)(PLUID, ULONG, PSecurityUserData *);
typedef NTSTATUS (NTAPI SpGetExtendedInformationFn)(
SECPKG_EXTENDED_INFORMATION_CLASS, PSECPKG_EXTENDED_INFORMATION *);
typedef NTSTATUS (NTAPI SpQueryContextAttributesFn)(LSA_SEC_HANDLE, ULONG,
PVOID);
typedef NTSTATUS (NTAPI SpAddCredentialsFn)(LSA_SEC_HANDLE, PUNICODE_STRING,
PUNICODE_STRING, ULONG, PVOID, PVOID, PVOID, PTimeStamp);
typedef NTSTATUS (NTAPI SpSetExtendedInformationFn)(
SECPKG_EXTENDED_INFORMATION_CLASS, PSECPKG_EXTENDED_INFORMATION);
typedef NTSTATUS (NTAPI SpInstanceInitFn)(ULONG, PSECPKG_DLL_FUNCTIONS,
PVOID *);
typedef NTSTATUS (NTAPI SpInitUserModeContextFn)(LSA_SEC_HANDLE, PSecBuffer);
typedef NTSTATUS (NTAPI SpMakeSignatureFn)(LSA_SEC_HANDLE, ULONG,
PSecBufferDesc, ULONG);
typedef NTSTATUS (NTAPI SpVerifySignatureFn)(LSA_SEC_HANDLE, PSecBufferDesc,
ULONG, PULONG);
typedef NTSTATUS (NTAPI SpSealMessageFn)(LSA_SEC_HANDLE, ULONG, PSecBufferDesc,
ULONG);
typedef NTSTATUS (NTAPI SpUnsealMessageFn)(LSA_SEC_HANDLE, PSecBufferDesc,
ULONG, PULONG);
typedef NTSTATUS (NTAPI SpGetContextTokenFn)(LSA_SEC_HANDLE, PHANDLE);
typedef NTSTATUS (NTAPI SpCompleteAuthTokenFn)(LSA_SEC_HANDLE, PSecBufferDesc);
typedef NTSTATUS (NTAPI SpFormatCredentialsFn)(PSecBuffer, PSecBuffer);
typedef NTSTATUS (NTAPI SpMarshallSupplementalCredsFn)(ULONG, PUCHAR, PULONG,
PVOID *);
typedef NTSTATUS (NTAPI SpExportSecurityContextFn)(LSA_SEC_HANDLE, ULONG,
PSecBuffer, PHANDLE);
typedef NTSTATUS (NTAPI SpImportSecurityContextFn)(PSecBuffer, HANDLE,
PLSA_SEC_HANDLE);
/* Dispatch tables of functions implemented by SSP/AP */
typedef struct SECPKG_FUNCTION_TABLE {
PLSA_AP_INITIALIZE_PACKAGE InitializePackage;
PLSA_AP_LOGON_USER LogonUser;
PLSA_AP_CALL_PACKAGE CallPackage;
PLSA_AP_LOGON_TERMINATED LogonTerminated;
PLSA_AP_CALL_PACKAGE_UNTRUSTED CallPackageUntrusted;
PLSA_AP_CALL_PACKAGE_PASSTHROUGH CallPackagePassthrough;
PLSA_AP_LOGON_USER_EX LogonUserEx;
PLSA_AP_LOGON_USER_EX2 LogonUserEx2;
SpInitializeFn *Initialize;
SpShutDownFn *Shutdown;
SpGetInfoFn *GetInfo;
SpAcceptCredentialsFn *AcceptCredentials;
SpAcquireCredentialsHandleFn *AcquireCredentialsHandle;
SpQueryCredentialsAttributesFn *QueryCredentialsAttributes;
SpFreeCredentialsHandleFn *FreeCredentialsHandle;
SpSaveCredentialsFn *SaveCredentials;
SpGetCredentialsFn *GetCredentials;
SpDeleteCredentialsFn *DeleteCredentials;
SpInitLsaModeContextFn *InitLsaModeContext;
SpAcceptLsaModeContextFn *AcceptLsaModeContext;
SpDeleteContextFn *DeleteContext;
SpApplyControlTokenFn *ApplyControlToken;
SpGetUserInfoFn *GetUserInfo;
SpGetExtendedInformationFn *GetExtendedInformation;
SpQueryContextAttributesFn *QueryContextAttributes;
SpAddCredentialsFn *AddCredentials;
SpSetExtendedInformationFn *SetExtendedInformation;
} SECPKG_FUNCTION_TABLE,
*PSECPKG_FUNCTION_TABLE;
typedef struct SECPKG_USER_FUNCTION_TABLE {
SpInstanceInitFn *InstanceInit;
SpInitUserModeContextFn *InitUserModeContext;
SpMakeSignatureFn *MakeSignature;
SpVerifySignatureFn *VerifySignature;
SpSealMessageFn *SealMessage;
SpUnsealMessageFn *UnsealMessage;
SpGetContextTokenFn *GetContextToken;
SpQueryContextAttributesFn *QueryContextAttributes;
SpCompleteAuthTokenFn *CompleteAuthToken;
SpDeleteContextFn *DeleteUserModeContext;
SpFormatCredentialsFn *FormatCredentials;
SpMarshallSupplementalCredsFn *MarshallSupplementalCreds;
SpExportSecurityContextFn *ExportContext;
SpImportSecurityContextFn *ImportContext;
} SECPKG_USER_FUNCTION_TABLE,
*PSECPKG_USER_FUNCTION_TABLE;
/* Entry points to SSP/AP */
typedef NTSTATUS (NTAPI *SpLsaModeInitializeFn)(ULONG, PULONG,
PSECPKG_FUNCTION_TABLE *, PULONG);
typedef NTSTATUS (WINAPI *SpUserModeInitializeFn)(ULONG, PULONG,
PSECPKG_USER_FUNCTION_TABLE *, PULONG);
#ifdef __cplusplus
}
#endif
#endif /* _NTSECPKG_H */ #endif /* _NTSECPKG_H */

View File

@ -57,6 +57,8 @@ extern "C" {
#define UNISP_NAME_W L"Microsoft Unified Security Protocol Provider" #define UNISP_NAME_W L"Microsoft Unified Security Protocol Provider"
#define SECBUFFER_VERSION 0 #define SECBUFFER_VERSION 0
typedef UNICODE_STRING SECURITY_STRING, *PSECURITY_STRING;
typedef struct _SecHandle { typedef struct _SecHandle {
ULONG_PTR dwLower; ULONG_PTR dwLower;
ULONG_PTR dwUpper; ULONG_PTR dwUpper;