2 * Copyright (C) 2007 Yuval Fledel
4 * This library is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU Lesser General Public
6 * License as published by the Free Software Foundation; either
7 * version 2.1 of the License, or (at your option) any later version.
9 * This library is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * Lesser General Public License for more details.
14 * You should have received a copy of the GNU Lesser General Public
15 * License along with this library; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
22 /* Flags for the MachineState field in SECPKG_PARAMETERS */
23 #define SECPKG_STATE_ENCRYPTION_PERMITTED 0x01
24 #define SECPKG_STATE_STRONG_ENCRYPTION_PERMITTED 0x02
25 #define SECPKG_STATE_DOMAIN_CONTROLLER 0x04
26 #define SECPKG_STATE_WORKSTATION 0x08
27 #define SECPKG_STATE_STANDALONE 0x10
29 /* Version magics as passed to or returned from Sp[Lsa,Mode]ModeInitialize */
30 #define SECPKG_INTERFACE_VERSION 0x10000
31 #define SECPKG_INTERFACE_VERSION_2 0x20000
32 #define SECPKG_INTERFACE_VERSION_3 0x40000
34 /* enum definitions for Secure Service Provider/Authentication Packages */
35 typedef enum _LSA_TOKEN_INFORMATION_TYPE
{
36 LsaTokenInformationNull
,
38 } LSA_TOKEN_INFORMATION_TYPE
, *PLSA_TOKEN_INFORMATION_TYPE
;
40 typedef enum _SECPKG_EXTENDED_INFORMATION_CLASS
44 SecpkgMutualAuthLevel
,
46 } SECPKG_EXTENDED_INFORMATION_CLASS
;
48 typedef enum _SECPKG_NAME_TYPE
{
55 /* struct definitions for SSP/AP */
56 typedef struct _SECPKG_PRIMARY_CRED
{
58 UNICODE_STRING DownlevelName
;
59 UNICODE_STRING DomainName
;
60 UNICODE_STRING Password
;
61 UNICODE_STRING OldPassword
;
64 UNICODE_STRING DnsDomainName
;
66 UNICODE_STRING LogonServer
;
67 UNICODE_STRING Spare1
;
68 UNICODE_STRING Spare2
;
69 UNICODE_STRING Spare3
;
70 UNICODE_STRING Spare4
;
71 } SECPKG_PRIMARY_CRED
, *PSECPKG_PRIMARY_CRED
;
73 typedef struct _SECPKG_SUPPLEMENTAL_CRED
{
74 UNICODE_STRING PackageName
;
77 } SECPKG_SUPPLEMENTAL_CRED
, *PSECPKG_SUPPLEMENTAL_CRED
;
79 typedef struct _SECPKG_SUPPLEMENTAL_CRED_ARRAY
{
80 ULONG CredentialCount
;
81 SECPKG_SUPPLEMENTAL_CRED Credentials
[1];
82 } SECPKG_SUPPLEMENTAL_CRED_ARRAY
, *PSECPKG_SUPPLEMENTAL_CRED_ARRAY
;
84 typedef struct _SECPKG_PARAMETERS
{
89 UNICODE_STRING DomainName
;
90 UNICODE_STRING DnsDomainName
;
92 } SECPKG_PARAMETERS
, *PSECPKG_PARAMETERS
,
93 SECPKG_EVENT_DOMAIN_CHANGE
, *PSECPKG_EVENT_DOMAIN_CHANGE
;
95 typedef struct _SECPKG_CLIENT_INFO
{
99 BOOLEAN HasTcbPrivilege
;
100 BOOLEAN Impersonating
;
102 } SECPKG_CLIENT_INFO
,
103 *PSECPKG_CLIENT_INFO
;
105 typedef struct _SECURITY_USER_DATA
{
106 UNICODE_STRING UserName
;
107 UNICODE_STRING LogonDomainName
;
108 UNICODE_STRING LogonServer
;
110 } SECURITY_USER_DATA
, *PSECURITY_USER_DATA
,
111 SecurityUserData
, *PSecurityUserData
;
113 typedef struct _SECPKG_GSS_INFO
{
114 ULONG EncodedIdLength
;
116 } SECPKG_GSS_INFO
, *PSECPKG_GSS_INFO
;
118 typedef struct _SECPKG_CONTEXT_THUNKS
{
119 ULONG InfoLevelCount
;
121 } SECPKG_CONTEXT_THUNKS
, *PSECPKG_CONTEXT_THUNKS
;
123 typedef struct _SECPKG_MUTUAL_AUTH_LEVEL
{
124 ULONG MutualAuthLevel
;
125 } SECPKG_MUTUAL_AUTH_LEVEL
, *PSECPKG_MUTUAL_AUTH_LEVEL
;
127 typedef struct _SECPKG_CALL_INFO
{
132 } SECPKG_CALL_INFO
, *PSECPKG_CALL_INFO
;
134 typedef struct _SECPKG_EXTENDED_INFORMATION
{
135 SECPKG_EXTENDED_INFORMATION_CLASS Class
;
137 SECPKG_GSS_INFO GssInfo
;
138 SECPKG_CONTEXT_THUNKS ContextThunks
;
139 SECPKG_MUTUAL_AUTH_LEVEL MutualAuthLevel
;
141 } SECPKG_EXTENDED_INFORMATION
, *PSECPKG_EXTENDED_INFORMATION
;
143 /* callbacks implemented by SSP/AP dlls and called by the LSA */
144 typedef VOID (NTAPI
*PLSA_CALLBACK_FUNCTION
)(ULONG_PTR
, ULONG_PTR
, PSecBuffer
,
147 /* misc typedefs used in the below prototypes */
148 typedef PVOID
*PLSA_CLIENT_REQUEST
;
149 typedef ULONG LSA_SEC_HANDLE
, *PLSA_SEC_HANDLE
;
150 typedef LPTHREAD_START_ROUTINE SEC_THREAD_START
;
151 typedef PSECURITY_ATTRIBUTES SEC_ATTRS
;
153 /* functions used by SSP/AP obtainable by dispatch tables */
154 typedef NTSTATUS (NTAPI
*PLSA_REGISTER_CALLBACK
)(ULONG
, PLSA_CALLBACK_FUNCTION
);
155 typedef NTSTATUS (NTAPI
*PLSA_CREATE_LOGON_SESSION
)(PLUID
);
156 typedef NTSTATUS (NTAPI
*PLSA_DELETE_LOGON_SESSION
)(PLUID
);
157 typedef NTSTATUS (NTAPI
*PLSA_ADD_CREDENTIAL
)(PLUID
, ULONG
, PLSA_STRING
,
159 typedef NTSTATUS (NTAPI
*PLSA_GET_CREDENTIALS
)(PLUID
, ULONG
, PULONG
, BOOLEAN
,
160 PLSA_STRING
, PULONG
, PLSA_STRING
);
161 typedef NTSTATUS (NTAPI
*PLSA_DELETE_CREDENTIAL
)(PLUID
, ULONG
, PLSA_STRING
);
162 typedef PVOID (NTAPI
*PLSA_ALLOCATE_LSA_HEAP
)(ULONG
);
163 typedef VOID (NTAPI
*PLSA_FREE_LSA_HEAP
)(PVOID
);
164 typedef NTSTATUS (NTAPI
*PLSA_ALLOCATE_CLIENT_BUFFER
)(PLSA_CLIENT_REQUEST
,
166 typedef NTSTATUS (NTAPI
*PLSA_FREE_CLIENT_BUFFER
)(PLSA_CLIENT_REQUEST
, PVOID
);
167 typedef NTSTATUS (NTAPI
*PLSA_COPY_TO_CLIENT_BUFFER
)(PLSA_CLIENT_REQUEST
, ULONG
,
169 typedef NTSTATUS (NTAPI
*PLSA_COPY_FROM_CLIENT_BUFFER
)(PLSA_CLIENT_REQUEST
,
170 ULONG
, PVOID
, PVOID
);
171 typedef NTSTATUS (NTAPI
*PLSA_IMPERSONATE_CLIENT
)(void);
172 typedef NTSTATUS (NTAPI
*PLSA_UNLOAD_PACKAGE
)(void);
173 typedef NTSTATUS (NTAPI
*PLSA_DUPLICATE_HANDLE
)(HANDLE
, PHANDLE
);
174 typedef NTSTATUS (NTAPI
*PLSA_SAVE_SUPPLEMENTAL_CREDENTIALS
)(PLUID
, ULONG
,
176 typedef HANDLE (NTAPI
*PLSA_CREATE_THREAD
)(SEC_ATTRS
, ULONG
, SEC_THREAD_START
,
177 PVOID
, ULONG
, PULONG
);
178 typedef NTSTATUS (NTAPI
*PLSA_GET_CLIENT_INFO
)(PSECPKG_CLIENT_INFO
);
179 typedef HANDLE (NTAPI
*PLSA_REGISTER_NOTIFICATION
)(SEC_THREAD_START
, PVOID
,
180 ULONG
, ULONG
, ULONG
, ULONG
, HANDLE
);
181 typedef NTSTATUS (NTAPI
*PLSA_CANCEL_NOTIFICATION
)(HANDLE
);
182 typedef NTSTATUS (NTAPI
*PLSA_MAP_BUFFER
)(PSecBuffer
, PSecBuffer
);
183 typedef NTSTATUS (NTAPI
*PLSA_CREATE_TOKEN
)(PLUID
, PTOKEN_SOURCE
,
184 SECURITY_LOGON_TYPE
, SECURITY_IMPERSONATION_LEVEL
, LSA_TOKEN_INFORMATION_TYPE
,
185 PVOID
, PTOKEN_GROUPS
, PUNICODE_STRING
, PUNICODE_STRING
, PUNICODE_STRING
,
186 PUNICODE_STRING
, PHANDLE
, PNTSTATUS
);
187 typedef VOID (NTAPI
*PLSA_AUDIT_LOGON
)(NTSTATUS
, NTSTATUS
, PUNICODE_STRING
,
188 PUNICODE_STRING
, PUNICODE_STRING
, OPTIONAL PSID
, SECURITY_LOGON_TYPE
,
189 PTOKEN_SOURCE
, PLUID
);
190 typedef NTSTATUS (NTAPI
*PLSA_CALL_PACKAGE
)(PUNICODE_STRING
, PVOID
, ULONG
,
191 PVOID
*, PULONG
, PNTSTATUS
);
192 typedef BOOLEAN (NTAPI
*PLSA_GET_CALL_INFO
)(PSECPKG_CALL_INFO
);
193 typedef NTSTATUS (NTAPI
*PLSA_CALL_PACKAGEEX
)(PUNICODE_STRING
, PVOID
, PVOID
,
194 ULONG
, PVOID
*, PULONG
, PNTSTATUS
);
195 typedef PVOID (NTAPI
*PLSA_CREATE_SHARED_MEMORY
)(ULONG
, ULONG
);
196 typedef PVOID (NTAPI
*PLSA_ALLOCATE_SHARED_MEMORY
)(PVOID
, ULONG
);
197 typedef VOID (NTAPI
*PLSA_FREE_SHARED_MEMORY
)(PVOID
, PVOID
);
198 typedef BOOLEAN (NTAPI
*PLSA_DELETE_SHARED_MEMORY
)(PVOID
);
199 typedef NTSTATUS (NTAPI
*PLSA_OPEN_SAM_USER
)(PUNICODE_STRING
, SECPKG_NAME_TYPE
,
200 PUNICODE_STRING
, BOOLEAN
, ULONG
, PVOID
*);
201 typedef NTSTATUS (NTAPI
*PLSA_GET_USER_CREDENTIALS
)(PVOID
, PVOID
*, PULONG
,
203 typedef NTSTATUS (NTAPI
*PLSA_GET_USER_AUTH_DATA
)(PVOID
, PUCHAR
*, PULONG
);
204 typedef NTSTATUS (NTAPI
*PLSA_CLOSE_SAM_USER
)(PVOID
);
205 typedef NTSTATUS (NTAPI
*PLSA_CONVERT_AUTH_DATA_TO_TOKEN
)(PVOID
, ULONG
,
206 SECURITY_IMPERSONATION_LEVEL
, PTOKEN_SOURCE
, SECURITY_LOGON_TYPE
,
207 PUNICODE_STRING
, PHANDLE
, PLUID
, PUNICODE_STRING
, PNTSTATUS
);
208 typedef NTSTATUS (NTAPI
*PLSA_CLIENT_CALLBACK
)(PCHAR
, ULONG_PTR
, ULONG_PTR
,
209 PSecBuffer
, PSecBuffer
);
210 typedef NTSTATUS (NTAPI
*PLSA_UPDATE_PRIMARY_CREDENTIALS
)(PSECPKG_PRIMARY_CRED
, PSECPKG_SUPPLEMENTAL_CRED_ARRAY
);
211 typedef NTSTATUS (NTAPI
*PLSA_GET_AUTH_DATA_FOR_USER
)(PUNICODE_STRING
,
212 SECPKG_NAME_TYPE
, PUNICODE_STRING
, PUCHAR
*, PULONG
, PUNICODE_STRING
);
213 typedef NTSTATUS (NTAPI
*PLSA_CRACK_SINGLE_NAME
)(ULONG
, BOOLEAN
,
214 PUNICODE_STRING
, PUNICODE_STRING
, ULONG
, PUNICODE_STRING
, PUNICODE_STRING
,
216 typedef NTSTATUS (NTAPI
*PLSA_AUDIT_ACCOUNT_LOGON
)(ULONG
, BOOLEAN
,
217 PUNICODE_STRING
, PUNICODE_STRING
, PUNICODE_STRING
, NTSTATUS
);
218 typedef NTSTATUS (NTAPI
*PLSA_CALL_PACKAGE_PASSTHROUGH
)(PUNICODE_STRING
, PVOID
,
219 PVOID
, ULONG
, PVOID
*, PULONG
, PNTSTATUS
);
221 /* Dispatch tables of functions used by SSP/AP */
222 typedef struct SECPKG_DLL_FUNCTIONS
{
223 PLSA_ALLOCATE_LSA_HEAP AllocateHeap
;
224 PLSA_FREE_LSA_HEAP FreeHeap
;
225 PLSA_REGISTER_CALLBACK RegisterCallback
;
226 } SECPKG_DLL_FUNCTIONS
,
227 *PSECPKG_DLL_FUNCTIONS
;
229 typedef struct LSA_DISPATCH_TABLE
{
230 PLSA_CREATE_LOGON_SESSION CreateLogonSession
;
231 PLSA_DELETE_LOGON_SESSION DeleteLogonSession
;
232 PLSA_ADD_CREDENTIAL AddCredential
;
233 PLSA_GET_CREDENTIALS GetCredentials
;
234 PLSA_DELETE_CREDENTIAL DeleteCredential
;
235 PLSA_ALLOCATE_LSA_HEAP AllocateLsaHeap
;
236 PLSA_FREE_LSA_HEAP FreeLsaHeap
;
237 PLSA_ALLOCATE_CLIENT_BUFFER AllocateClientBuffer
;
238 PLSA_FREE_CLIENT_BUFFER FreeClientBuffer
;
239 PLSA_COPY_TO_CLIENT_BUFFER CopyToClientBuffer
;
240 PLSA_COPY_FROM_CLIENT_BUFFER CopyFromClientBuffer
;
241 } LSA_DISPATCH_TABLE
,
242 *PLSA_DISPATCH_TABLE
;
244 typedef struct _LSA_SECPKG_FUNCTION_TABLE
{
245 PLSA_CREATE_LOGON_SESSION CreateLogonSession
;
246 PLSA_DELETE_LOGON_SESSION DeleteLogonSession
;
247 PLSA_ADD_CREDENTIAL AddCredential
;
248 PLSA_GET_CREDENTIALS GetCredentials
;
249 PLSA_DELETE_CREDENTIAL DeleteCredential
;
250 PLSA_ALLOCATE_LSA_HEAP AllocateLsaHeap
;
251 PLSA_FREE_LSA_HEAP FreeLsaHeap
;
252 PLSA_ALLOCATE_CLIENT_BUFFER AllocateClientBuffer
;
253 PLSA_FREE_CLIENT_BUFFER FreeClientBuffer
;
254 PLSA_COPY_TO_CLIENT_BUFFER CopyToClientBuffer
;
255 PLSA_COPY_FROM_CLIENT_BUFFER CopyFromClientBuffer
;
256 PLSA_IMPERSONATE_CLIENT ImpersonateClient
;
257 PLSA_UNLOAD_PACKAGE UnloadPackage
;
258 PLSA_DUPLICATE_HANDLE DuplicateHandle
;
259 PLSA_SAVE_SUPPLEMENTAL_CREDENTIALS SaveSupplementalCredentials
;
260 PLSA_CREATE_THREAD CreateThread
;
261 PLSA_GET_CLIENT_INFO GetClientInfo
;
262 PLSA_REGISTER_NOTIFICATION RegisterNotification
;
263 PLSA_CANCEL_NOTIFICATION CancelNotification
;
264 PLSA_MAP_BUFFER MapBuffer
;
265 PLSA_CREATE_TOKEN CreateToken
;
266 PLSA_AUDIT_LOGON AuditLogon
;
267 PLSA_CALL_PACKAGE CallPackage
;
268 PLSA_FREE_LSA_HEAP FreeReturnBuffer
;
269 PLSA_GET_CALL_INFO GetCallInfo
;
270 PLSA_CALL_PACKAGEEX CallPackageEx
;
271 PLSA_CREATE_SHARED_MEMORY CreateSharedMemory
;
272 PLSA_ALLOCATE_SHARED_MEMORY AllocateSharedMemory
;
273 PLSA_FREE_SHARED_MEMORY FreeSharedMemory
;
274 PLSA_DELETE_SHARED_MEMORY DeleteSharedMemory
;
275 PLSA_OPEN_SAM_USER OpenSamUser
;
276 PLSA_GET_USER_CREDENTIALS GetUserCredentials
;
277 PLSA_GET_USER_AUTH_DATA GetUserAuthData
;
278 PLSA_CLOSE_SAM_USER CloseSamUser
;
279 PLSA_CONVERT_AUTH_DATA_TO_TOKEN ConvertAuthDataToToken
;
280 PLSA_CLIENT_CALLBACK ClientCallback
;
281 PLSA_UPDATE_PRIMARY_CREDENTIALS UpdateCredentials
;
282 PLSA_GET_AUTH_DATA_FOR_USER GetAuthDataForUser
;
283 PLSA_CRACK_SINGLE_NAME CrackSingleName
;
284 PLSA_AUDIT_ACCOUNT_LOGON AuditAccountLogon
;
285 PLSA_CALL_PACKAGE_PASSTHROUGH CallPackagePassthrough
;
286 } LSA_SECPKG_FUNCTION_TABLE
,
287 *PLSA_SECPKG_FUNCTION_TABLE
;
289 /* LSA-mode functions implemented by SSP/AP obtainable by a dispatch table */
290 typedef NTSTATUS (NTAPI
*PLSA_AP_INITIALIZE_PACKAGE
)(ULONG
, PLSA_DISPATCH_TABLE
,
291 PLSA_STRING
, PLSA_STRING
, PLSA_STRING
*);
292 typedef NTSTATUS (NTAPI
*PLSA_AP_LOGON_USER
)(LPWSTR
, LPWSTR
, LPWSTR
, LPWSTR
,
293 DWORD
, DWORD
, PHANDLE
);
294 typedef NTSTATUS (NTAPI
*PLSA_AP_CALL_PACKAGE
)(PUNICODE_STRING
, PVOID
, ULONG
,
295 PVOID
*, PULONG
, PNTSTATUS
);
296 typedef VOID (NTAPI
*PLSA_AP_LOGON_TERMINATED
)(PLUID
);
297 typedef NTSTATUS (NTAPI
*PLSA_AP_CALL_PACKAGE_UNTRUSTED
)(PLSA_CLIENT_REQUEST
,
298 PVOID
, PVOID
, ULONG
, PVOID
*, PULONG
, PNTSTATUS
);
299 typedef NTSTATUS (NTAPI
*PLSA_AP_CALL_PACKAGE_PASSTHROUGH
)(PUNICODE_STRING
,
300 PVOID
, PVOID
, ULONG
, PVOID
*, PULONG
, PNTSTATUS
);
301 typedef NTSTATUS (NTAPI
*PLSA_AP_LOGON_USER_EX
)(PLSA_CLIENT_REQUEST
,
302 SECURITY_LOGON_TYPE
, PVOID
, PVOID
, ULONG
, PVOID
*, PULONG
, PLUID
, PNTSTATUS
,
303 PLSA_TOKEN_INFORMATION_TYPE
, PVOID
*, PUNICODE_STRING
*, PUNICODE_STRING
*,
305 typedef NTSTATUS (NTAPI
*PLSA_AP_LOGON_USER_EX2
)(PLSA_CLIENT_REQUEST
,
306 SECURITY_LOGON_TYPE
, PVOID
, PVOID
, ULONG
, PVOID
*, PULONG
, PLUID
, PNTSTATUS
,
307 PLSA_TOKEN_INFORMATION_TYPE
, PVOID
*, PUNICODE_STRING
*, PUNICODE_STRING
*,
308 PUNICODE_STRING
*, PSECPKG_PRIMARY_CRED
, PSECPKG_SUPPLEMENTAL_CRED_ARRAY
*);
309 typedef NTSTATUS (SpInitializeFn
)(ULONG_PTR
, PSECPKG_PARAMETERS
,
310 PLSA_SECPKG_FUNCTION_TABLE
);
311 typedef NTSTATUS (NTAPI SpShutDownFn
)(void);
312 typedef NTSTATUS (NTAPI SpGetInfoFn
)(PSecPkgInfoW
);
313 typedef NTSTATUS (NTAPI SpAcceptCredentialsFn
)(SECURITY_LOGON_TYPE
,
314 PUNICODE_STRING
, PSECPKG_PRIMARY_CRED
, PSECPKG_SUPPLEMENTAL_CRED
);
315 typedef NTSTATUS (NTAPI SpAcquireCredentialsHandleFn
)(PUNICODE_STRING
, ULONG
,
316 PLUID
, PVOID
, PVOID
, PVOID
, PLSA_SEC_HANDLE
, PTimeStamp
);
317 typedef NTSTATUS (NTAPI SpQueryCredentialsAttributesFn
)(LSA_SEC_HANDLE
, ULONG
,
319 typedef NTSTATUS (NTAPI SpFreeCredentialsHandleFn
)(LSA_SEC_HANDLE
);
320 typedef NTSTATUS (NTAPI SpSaveCredentialsFn
)(LSA_SEC_HANDLE
, PSecBuffer
);
321 typedef NTSTATUS (NTAPI SpGetCredentialsFn
)(LSA_SEC_HANDLE
, PSecBuffer
);
322 typedef NTSTATUS (NTAPI SpDeleteCredentialsFn
)(LSA_SEC_HANDLE
, PSecBuffer
);
323 typedef NTSTATUS (NTAPI SpInitLsaModeContextFn
)(LSA_SEC_HANDLE
, LSA_SEC_HANDLE
,
324 PUNICODE_STRING
, ULONG
, ULONG
, PSecBufferDesc
, PLSA_SEC_HANDLE
, PSecBufferDesc
,
325 PULONG
, PTimeStamp
, PBOOLEAN
, PSecBuffer
);
326 typedef NTSTATUS (NTAPI SpAcceptLsaModeContextFn
)(LSA_SEC_HANDLE
,
327 LSA_SEC_HANDLE
, PSecBufferDesc
, ULONG
, ULONG
, PLSA_SEC_HANDLE
, PSecBufferDesc
,
328 PULONG
, PTimeStamp
, PBOOLEAN
, PSecBuffer
);
329 typedef NTSTATUS (NTAPI SpDeleteContextFn
)(LSA_SEC_HANDLE
);
330 typedef NTSTATUS (NTAPI SpApplyControlTokenFn
)(LSA_SEC_HANDLE
, PSecBufferDesc
);
331 typedef NTSTATUS (NTAPI SpGetUserInfoFn
)(PLUID
, ULONG
, PSecurityUserData
*);
332 typedef NTSTATUS (NTAPI SpGetExtendedInformationFn
)(
333 SECPKG_EXTENDED_INFORMATION_CLASS
, PSECPKG_EXTENDED_INFORMATION
*);
334 typedef NTSTATUS (NTAPI SpQueryContextAttributesFn
)(LSA_SEC_HANDLE
, ULONG
,
336 typedef NTSTATUS (NTAPI SpAddCredentialsFn
)(LSA_SEC_HANDLE
, PUNICODE_STRING
,
337 PUNICODE_STRING
, ULONG
, PVOID
, PVOID
, PVOID
, PTimeStamp
);
338 typedef NTSTATUS (NTAPI SpSetExtendedInformationFn
)(
339 SECPKG_EXTENDED_INFORMATION_CLASS
, PSECPKG_EXTENDED_INFORMATION
);
340 typedef NTSTATUS (NTAPI SpSetContextAttributesFn
)(LSA_SEC_HANDLE
, ULONG
, PVOID
,
342 typedef NTSTATUS (NTAPI SpSetCredentialsAttributesFn
)(LSA_SEC_HANDLE
, ULONG
,
345 /* User-mode functions implemented by SSP/AP obtainable by a dispatch table */
346 typedef NTSTATUS (NTAPI SpInstanceInitFn
)(ULONG
, PSECPKG_DLL_FUNCTIONS
,
348 typedef NTSTATUS (NTAPI SpInitUserModeContextFn
)(LSA_SEC_HANDLE
, PSecBuffer
);
349 typedef NTSTATUS (NTAPI SpMakeSignatureFn
)(LSA_SEC_HANDLE
, ULONG
,
350 PSecBufferDesc
, ULONG
);
351 typedef NTSTATUS (NTAPI SpVerifySignatureFn
)(LSA_SEC_HANDLE
, PSecBufferDesc
,
353 typedef NTSTATUS (NTAPI SpSealMessageFn
)(LSA_SEC_HANDLE
, ULONG
, PSecBufferDesc
,
355 typedef NTSTATUS (NTAPI SpUnsealMessageFn
)(LSA_SEC_HANDLE
, PSecBufferDesc
,
357 typedef NTSTATUS (NTAPI SpGetContextTokenFn
)(LSA_SEC_HANDLE
, PHANDLE
);
358 typedef NTSTATUS (NTAPI SpCompleteAuthTokenFn
)(LSA_SEC_HANDLE
, PSecBufferDesc
);
359 typedef NTSTATUS (NTAPI SpFormatCredentialsFn
)(PSecBuffer
, PSecBuffer
);
360 typedef NTSTATUS (NTAPI SpMarshallSupplementalCredsFn
)(ULONG
, PUCHAR
, PULONG
,
362 typedef NTSTATUS (NTAPI SpExportSecurityContextFn
)(LSA_SEC_HANDLE
, ULONG
,
363 PSecBuffer
, PHANDLE
);
364 typedef NTSTATUS (NTAPI SpImportSecurityContextFn
)(PSecBuffer
, HANDLE
,
367 #ifdef WINE_NO_UNICODE_MACROS
368 #undef SetContextAttributes
371 /* dispatch tables of LSA-mode functions implemented by SSP/AP */
372 typedef struct SECPKG_FUNCTION_TABLE
{
373 PLSA_AP_INITIALIZE_PACKAGE InitializePackage
;
374 PLSA_AP_LOGON_USER LsaLogonUser
;
375 PLSA_AP_CALL_PACKAGE CallPackage
;
376 PLSA_AP_LOGON_TERMINATED LogonTerminated
;
377 PLSA_AP_CALL_PACKAGE_UNTRUSTED CallPackageUntrusted
;
378 PLSA_AP_CALL_PACKAGE_PASSTHROUGH CallPackagePassthrough
;
379 PLSA_AP_LOGON_USER_EX LogonUserEx
;
380 PLSA_AP_LOGON_USER_EX2 LogonUserEx2
;
381 SpInitializeFn
*Initialize
;
382 SpShutDownFn
*Shutdown
;
383 SpGetInfoFn
*GetInfo
;
384 SpAcceptCredentialsFn
*AcceptCredentials
;
385 SpAcquireCredentialsHandleFn
*SpAcquireCredentialsHandle
;
386 SpQueryCredentialsAttributesFn
*SpQueryCredentialsAttributes
;
387 SpFreeCredentialsHandleFn
*FreeCredentialsHandle
;
388 SpSaveCredentialsFn
*SaveCredentials
;
389 SpGetCredentialsFn
*GetCredentials
;
390 SpDeleteCredentialsFn
*DeleteCredentials
;
391 SpInitLsaModeContextFn
*InitLsaModeContext
;
392 SpAcceptLsaModeContextFn
*AcceptLsaModeContext
;
393 SpDeleteContextFn
*DeleteContext
;
394 SpApplyControlTokenFn
*ApplyControlToken
;
395 SpGetUserInfoFn
*GetUserInfo
;
396 SpGetExtendedInformationFn
*GetExtendedInformation
;
397 SpQueryContextAttributesFn
*SpQueryContextAttributes
;
398 SpAddCredentialsFn
*SpAddCredentials
;
399 SpSetExtendedInformationFn
*SetExtendedInformation
;
400 /* Packages with version SECPKG_INTERFACE_VERSION end here */
401 SpSetContextAttributesFn
*SetContextAttributes
;
402 /* Packages with version SECPKG_INTERFACE_VERSION_2 end here */
403 SpSetCredentialsAttributesFn
*SetCredentialsAttributes
;
404 /* Packages with version SECPKG_INTERFACE_VERSION_3 end here */
405 } SECPKG_FUNCTION_TABLE
,
406 *PSECPKG_FUNCTION_TABLE
;
408 /* dispatch tables of user-mode functions implemented by SSP/AP */
409 typedef struct SECPKG_USER_FUNCTION_TABLE
{
410 SpInstanceInitFn
*InstanceInit
;
411 SpInitUserModeContextFn
*InitUserModeContext
;
412 SpMakeSignatureFn
*MakeSignature
;
413 SpVerifySignatureFn
*VerifySignature
;
414 SpSealMessageFn
*SealMessage
;
415 SpUnsealMessageFn
*UnsealMessage
;
416 SpGetContextTokenFn
*GetContextToken
;
417 SpQueryContextAttributesFn
*SpQueryContextAttributes
;
418 SpCompleteAuthTokenFn
*CompleteAuthToken
;
419 SpDeleteContextFn
*DeleteUserModeContext
;
420 SpFormatCredentialsFn
*FormatCredentials
;
421 SpMarshallSupplementalCredsFn
*MarshallSupplementalCreds
;
422 SpExportSecurityContextFn
*ExportContext
;
423 SpImportSecurityContextFn
*ImportContext
;
424 } SECPKG_USER_FUNCTION_TABLE
,
425 *PSECPKG_USER_FUNCTION_TABLE
;
427 /* LSA-mode entry point to SSP/APs */
428 typedef NTSTATUS (NTAPI
*SpLsaModeInitializeFn
)(ULONG
, PULONG
,
429 PSECPKG_FUNCTION_TABLE
*, PULONG
);
431 /* User-mode entry point to SSP/APs */
432 typedef NTSTATUS (WINAPI
*SpUserModeInitializeFn
)(ULONG
, PULONG
,
433 PSECPKG_USER_FUNCTION_TABLE
*, PULONG
);
435 #endif /* _NTSECPKG_H */