2 * Copyright (C) 2007 Yuval Fledel
4 * This library is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU Lesser General Public
6 * License as published by the Free Software Foundation; either
7 * version 2.1 of the License, or (at your option) any later version.
9 * This library is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * Lesser General Public License for more details.
14 * You should have received a copy of the GNU Lesser General Public
15 * License along with this library; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
26 /* Flags for the MachineState field in SECPKG_PARAMETERS */
27 #define SECPKG_STATE_ENCRYPTION_PERMITTED 0x01
28 #define SECPKG_STATE_STRONG_ENCRYPTION_PERMITTED 0x02
29 #define SECPKG_STATE_DOMAIN_CONTROLLER 0x04
30 #define SECPKG_STATE_WORKSTATION 0x08
31 #define SECPKG_STATE_STANDALONE 0x10
33 /* Version magics as passed to or returned from Sp[Lsa,Mode]ModeInitialize */
34 #define SECPKG_INTERFACE_VERSION 0x10000
35 #define SECPKG_INTERFACE_VERSION_2 0x20000
36 #define SECPKG_INTERFACE_VERSION_3 0x40000
37 #define SECPKG_INTERFACE_VERSION_4 0x80000
38 #define SECPKG_INTERFACE_VERSION_5 0x100000
39 #define SECPKG_INTERFACE_VERSION_6 0x200000
41 /* enum definitions for Secure Service Provider/Authentication Packages */
42 typedef enum _LSA_TOKEN_INFORMATION_TYPE
{
43 LsaTokenInformationNull
,
45 } LSA_TOKEN_INFORMATION_TYPE
, *PLSA_TOKEN_INFORMATION_TYPE
;
47 typedef enum _SECPKG_EXTENDED_INFORMATION_CLASS
51 SecpkgMutualAuthLevel
,
53 } SECPKG_EXTENDED_INFORMATION_CLASS
;
55 typedef enum _SECPKG_NAME_TYPE
{
62 /* struct definitions for SSP/AP */
63 typedef struct _LSA_TOKEN_INFORMATION_NULL
65 LARGE_INTEGER ExpirationTime
;
67 } LSA_TOKEN_INFORMATION_NULL
, *PLSA_TOKEN_INFORMATION_NULL
;
69 typedef struct _LSA_TOKEN_INFORMATION_V1
71 LARGE_INTEGER ExpirationTime
;
74 TOKEN_PRIMARY_GROUP PrimaryGroup
;
75 PTOKEN_PRIVILEGES Privileges
;
77 TOKEN_DEFAULT_DACL DefaultDacl
;
78 } LSA_TOKEN_INFORMATION_V1
, *PLSA_TOKEN_INFORMATION_V1
;
80 typedef struct _SECPKG_PRIMARY_CRED
{
82 UNICODE_STRING DownlevelName
;
83 UNICODE_STRING DomainName
;
84 UNICODE_STRING Password
;
85 UNICODE_STRING OldPassword
;
88 UNICODE_STRING DnsDomainName
;
90 UNICODE_STRING LogonServer
;
91 UNICODE_STRING Spare1
;
92 UNICODE_STRING Spare2
;
93 UNICODE_STRING Spare3
;
94 UNICODE_STRING Spare4
;
95 } SECPKG_PRIMARY_CRED
, *PSECPKG_PRIMARY_CRED
;
97 typedef struct _SECPKG_SUPPLEMENTAL_CRED
{
98 UNICODE_STRING PackageName
;
101 } SECPKG_SUPPLEMENTAL_CRED
, *PSECPKG_SUPPLEMENTAL_CRED
;
103 typedef struct _SECPKG_SUPPLEMENTAL_CRED_ARRAY
{
104 ULONG CredentialCount
;
105 SECPKG_SUPPLEMENTAL_CRED Credentials
[1];
106 } SECPKG_SUPPLEMENTAL_CRED_ARRAY
, *PSECPKG_SUPPLEMENTAL_CRED_ARRAY
;
108 typedef struct _SECPKG_PARAMETERS
{
113 UNICODE_STRING DomainName
;
114 UNICODE_STRING DnsDomainName
;
116 } SECPKG_PARAMETERS
, *PSECPKG_PARAMETERS
,
117 SECPKG_EVENT_DOMAIN_CHANGE
, *PSECPKG_EVENT_DOMAIN_CHANGE
;
119 typedef struct _SECPKG_CLIENT_INFO
{
123 BOOLEAN HasTcbPrivilege
;
124 BOOLEAN Impersonating
;
126 } SECPKG_CLIENT_INFO
,
127 *PSECPKG_CLIENT_INFO
;
129 typedef struct _SECURITY_USER_DATA
{
130 UNICODE_STRING UserName
;
131 UNICODE_STRING LogonDomainName
;
132 UNICODE_STRING LogonServer
;
134 } SECURITY_USER_DATA
, *PSECURITY_USER_DATA
,
135 SecurityUserData
, *PSecurityUserData
;
137 typedef struct _SECPKG_GSS_INFO
{
138 ULONG EncodedIdLength
;
140 } SECPKG_GSS_INFO
, *PSECPKG_GSS_INFO
;
142 typedef struct _SECPKG_CONTEXT_THUNKS
{
143 ULONG InfoLevelCount
;
145 } SECPKG_CONTEXT_THUNKS
, *PSECPKG_CONTEXT_THUNKS
;
147 typedef struct _SECPKG_MUTUAL_AUTH_LEVEL
{
148 ULONG MutualAuthLevel
;
149 } SECPKG_MUTUAL_AUTH_LEVEL
, *PSECPKG_MUTUAL_AUTH_LEVEL
;
151 typedef struct _SECPKG_CALL_INFO
{
156 } SECPKG_CALL_INFO
, *PSECPKG_CALL_INFO
;
158 typedef struct _SECPKG_EXTENDED_INFORMATION
{
159 SECPKG_EXTENDED_INFORMATION_CLASS Class
;
161 SECPKG_GSS_INFO GssInfo
;
162 SECPKG_CONTEXT_THUNKS ContextThunks
;
163 SECPKG_MUTUAL_AUTH_LEVEL MutualAuthLevel
;
165 } SECPKG_EXTENDED_INFORMATION
, *PSECPKG_EXTENDED_INFORMATION
;
167 typedef struct _SECPKG_TARGETINFO
{
170 } SECPKG_TARGETINFO
, *PSECPKG_TARGETINFO
;
172 /* callbacks implemented by SSP/AP dlls and called by the LSA */
173 typedef VOID (NTAPI
*PLSA_CALLBACK_FUNCTION
)(ULONG_PTR
, ULONG_PTR
, PSecBuffer
,
176 /* misc typedefs used in the below prototypes */
177 typedef PVOID
*PLSA_CLIENT_REQUEST
;
178 typedef ULONG LSA_SEC_HANDLE
, *PLSA_SEC_HANDLE
;
179 typedef LPTHREAD_START_ROUTINE SEC_THREAD_START
;
180 typedef PSECURITY_ATTRIBUTES SEC_ATTRS
;
182 /* functions used by SSP/AP obtainable by dispatch tables */
183 typedef NTSTATUS (NTAPI
*PLSA_REGISTER_CALLBACK
)(ULONG
, PLSA_CALLBACK_FUNCTION
);
184 typedef NTSTATUS (NTAPI
*PLSA_CREATE_LOGON_SESSION
)(PLUID
);
185 typedef NTSTATUS (NTAPI
*PLSA_DELETE_LOGON_SESSION
)(PLUID
);
186 typedef NTSTATUS (NTAPI
*PLSA_ADD_CREDENTIAL
)(PLUID
, ULONG
, PLSA_STRING
,
188 typedef NTSTATUS (NTAPI
*PLSA_GET_CREDENTIALS
)(PLUID
, ULONG
, PULONG
, BOOLEAN
,
189 PLSA_STRING
, PULONG
, PLSA_STRING
);
190 typedef NTSTATUS (NTAPI
*PLSA_DELETE_CREDENTIAL
)(PLUID
, ULONG
, PLSA_STRING
);
191 typedef PVOID (NTAPI
*PLSA_ALLOCATE_LSA_HEAP
)(ULONG
);
192 typedef VOID (NTAPI
*PLSA_FREE_LSA_HEAP
)(PVOID
);
193 typedef NTSTATUS (NTAPI
*PLSA_ALLOCATE_CLIENT_BUFFER
)(PLSA_CLIENT_REQUEST
,
195 typedef NTSTATUS (NTAPI
*PLSA_FREE_CLIENT_BUFFER
)(PLSA_CLIENT_REQUEST
, PVOID
);
196 typedef NTSTATUS (NTAPI
*PLSA_COPY_TO_CLIENT_BUFFER
)(PLSA_CLIENT_REQUEST
, ULONG
,
198 typedef NTSTATUS (NTAPI
*PLSA_COPY_FROM_CLIENT_BUFFER
)(PLSA_CLIENT_REQUEST
,
199 ULONG
, PVOID
, PVOID
);
200 typedef NTSTATUS (NTAPI
*PLSA_IMPERSONATE_CLIENT
)(void);
201 typedef NTSTATUS (NTAPI
*PLSA_UNLOAD_PACKAGE
)(void);
202 typedef NTSTATUS (NTAPI
*PLSA_DUPLICATE_HANDLE
)(HANDLE
, PHANDLE
);
203 typedef NTSTATUS (NTAPI
*PLSA_SAVE_SUPPLEMENTAL_CREDENTIALS
)(PLUID
, ULONG
,
205 typedef HANDLE (NTAPI
*PLSA_CREATE_THREAD
)(SEC_ATTRS
, ULONG
, SEC_THREAD_START
,
206 PVOID
, ULONG
, PULONG
);
207 typedef NTSTATUS (NTAPI
*PLSA_GET_CLIENT_INFO
)(PSECPKG_CLIENT_INFO
);
208 typedef HANDLE (NTAPI
*PLSA_REGISTER_NOTIFICATION
)(SEC_THREAD_START
, PVOID
,
209 ULONG
, ULONG
, ULONG
, ULONG
, HANDLE
);
210 typedef NTSTATUS (NTAPI
*PLSA_CANCEL_NOTIFICATION
)(HANDLE
);
211 typedef NTSTATUS (NTAPI
*PLSA_MAP_BUFFER
)(PSecBuffer
, PSecBuffer
);
212 typedef NTSTATUS (NTAPI
*PLSA_CREATE_TOKEN
)(PLUID
, PTOKEN_SOURCE
,
213 SECURITY_LOGON_TYPE
, SECURITY_IMPERSONATION_LEVEL
, LSA_TOKEN_INFORMATION_TYPE
,
214 PVOID
, PTOKEN_GROUPS
, PUNICODE_STRING
, PUNICODE_STRING
, PUNICODE_STRING
,
215 PUNICODE_STRING
, PHANDLE
, PNTSTATUS
);
216 typedef VOID (NTAPI
*PLSA_AUDIT_LOGON
)(NTSTATUS
, NTSTATUS
, PUNICODE_STRING
,
217 PUNICODE_STRING
, PUNICODE_STRING
, OPTIONAL PSID
, SECURITY_LOGON_TYPE
,
218 PTOKEN_SOURCE
, PLUID
);
219 typedef NTSTATUS (NTAPI
*PLSA_CALL_PACKAGE
)(PUNICODE_STRING
, PVOID
, ULONG
,
220 PVOID
*, PULONG
, PNTSTATUS
);
221 typedef BOOLEAN (NTAPI
*PLSA_GET_CALL_INFO
)(PSECPKG_CALL_INFO
);
222 typedef NTSTATUS (NTAPI
*PLSA_CALL_PACKAGEEX
)(PUNICODE_STRING
, PVOID
, PVOID
,
223 ULONG
, PVOID
*, PULONG
, PNTSTATUS
);
224 typedef PVOID (NTAPI
*PLSA_CREATE_SHARED_MEMORY
)(ULONG
, ULONG
);
225 typedef PVOID (NTAPI
*PLSA_ALLOCATE_SHARED_MEMORY
)(PVOID
, ULONG
);
226 typedef VOID (NTAPI
*PLSA_FREE_SHARED_MEMORY
)(PVOID
, PVOID
);
227 typedef BOOLEAN (NTAPI
*PLSA_DELETE_SHARED_MEMORY
)(PVOID
);
228 typedef NTSTATUS (NTAPI
*PLSA_OPEN_SAM_USER
)(PUNICODE_STRING
, SECPKG_NAME_TYPE
,
229 PUNICODE_STRING
, BOOLEAN
, ULONG
, PVOID
*);
230 typedef NTSTATUS (NTAPI
*PLSA_GET_USER_CREDENTIALS
)(PVOID
, PVOID
*, PULONG
,
232 typedef NTSTATUS (NTAPI
*PLSA_GET_USER_AUTH_DATA
)(PVOID
, PUCHAR
*, PULONG
);
233 typedef NTSTATUS (NTAPI
*PLSA_CLOSE_SAM_USER
)(PVOID
);
234 typedef NTSTATUS (NTAPI
*PLSA_CONVERT_AUTH_DATA_TO_TOKEN
)(PVOID
, ULONG
,
235 SECURITY_IMPERSONATION_LEVEL
, PTOKEN_SOURCE
, SECURITY_LOGON_TYPE
,
236 PUNICODE_STRING
, PHANDLE
, PLUID
, PUNICODE_STRING
, PNTSTATUS
);
237 typedef NTSTATUS (NTAPI
*PLSA_CLIENT_CALLBACK
)(PCHAR
, ULONG_PTR
, ULONG_PTR
,
238 PSecBuffer
, PSecBuffer
);
239 typedef NTSTATUS (NTAPI
*PLSA_UPDATE_PRIMARY_CREDENTIALS
)(PSECPKG_PRIMARY_CRED
, PSECPKG_SUPPLEMENTAL_CRED_ARRAY
);
240 typedef NTSTATUS (NTAPI
*PLSA_GET_AUTH_DATA_FOR_USER
)(PUNICODE_STRING
,
241 SECPKG_NAME_TYPE
, PUNICODE_STRING
, PUCHAR
*, PULONG
, PUNICODE_STRING
);
242 typedef NTSTATUS (NTAPI
*PLSA_CRACK_SINGLE_NAME
)(ULONG
, BOOLEAN
,
243 PUNICODE_STRING
, PUNICODE_STRING
, ULONG
, PUNICODE_STRING
, PUNICODE_STRING
,
245 typedef NTSTATUS (NTAPI
*PLSA_AUDIT_ACCOUNT_LOGON
)(ULONG
, BOOLEAN
,
246 PUNICODE_STRING
, PUNICODE_STRING
, PUNICODE_STRING
, NTSTATUS
);
247 typedef NTSTATUS (NTAPI
*PLSA_CALL_PACKAGE_PASSTHROUGH
)(PUNICODE_STRING
, PVOID
,
248 PVOID
, ULONG
, PVOID
*, PULONG
, PNTSTATUS
);
250 /* Dispatch tables of functions used by SSP/AP */
251 typedef struct SECPKG_DLL_FUNCTIONS
{
252 PLSA_ALLOCATE_LSA_HEAP AllocateHeap
;
253 PLSA_FREE_LSA_HEAP FreeHeap
;
254 PLSA_REGISTER_CALLBACK RegisterCallback
;
255 } SECPKG_DLL_FUNCTIONS
,
256 *PSECPKG_DLL_FUNCTIONS
;
258 typedef struct LSA_DISPATCH_TABLE
{
259 PLSA_CREATE_LOGON_SESSION CreateLogonSession
;
260 PLSA_DELETE_LOGON_SESSION DeleteLogonSession
;
261 PLSA_ADD_CREDENTIAL AddCredential
;
262 PLSA_GET_CREDENTIALS GetCredentials
;
263 PLSA_DELETE_CREDENTIAL DeleteCredential
;
264 PLSA_ALLOCATE_LSA_HEAP AllocateLsaHeap
;
265 PLSA_FREE_LSA_HEAP FreeLsaHeap
;
266 PLSA_ALLOCATE_CLIENT_BUFFER AllocateClientBuffer
;
267 PLSA_FREE_CLIENT_BUFFER FreeClientBuffer
;
268 PLSA_COPY_TO_CLIENT_BUFFER CopyToClientBuffer
;
269 PLSA_COPY_FROM_CLIENT_BUFFER CopyFromClientBuffer
;
270 } LSA_DISPATCH_TABLE
,
271 *PLSA_DISPATCH_TABLE
;
273 typedef struct _LSA_SECPKG_FUNCTION_TABLE
{
274 PLSA_CREATE_LOGON_SESSION CreateLogonSession
;
275 PLSA_DELETE_LOGON_SESSION DeleteLogonSession
;
276 PLSA_ADD_CREDENTIAL AddCredential
;
277 PLSA_GET_CREDENTIALS GetCredentials
;
278 PLSA_DELETE_CREDENTIAL DeleteCredential
;
279 PLSA_ALLOCATE_LSA_HEAP AllocateLsaHeap
;
280 PLSA_FREE_LSA_HEAP FreeLsaHeap
;
281 PLSA_ALLOCATE_CLIENT_BUFFER AllocateClientBuffer
;
282 PLSA_FREE_CLIENT_BUFFER FreeClientBuffer
;
283 PLSA_COPY_TO_CLIENT_BUFFER CopyToClientBuffer
;
284 PLSA_COPY_FROM_CLIENT_BUFFER CopyFromClientBuffer
;
285 PLSA_IMPERSONATE_CLIENT ImpersonateClient
;
286 PLSA_UNLOAD_PACKAGE UnloadPackage
;
287 PLSA_DUPLICATE_HANDLE DuplicateHandle
;
288 PLSA_SAVE_SUPPLEMENTAL_CREDENTIALS SaveSupplementalCredentials
;
289 PLSA_CREATE_THREAD CreateThread
;
290 PLSA_GET_CLIENT_INFO GetClientInfo
;
291 PLSA_REGISTER_NOTIFICATION RegisterNotification
;
292 PLSA_CANCEL_NOTIFICATION CancelNotification
;
293 PLSA_MAP_BUFFER MapBuffer
;
294 PLSA_CREATE_TOKEN CreateToken
;
295 PLSA_AUDIT_LOGON AuditLogon
;
296 PLSA_CALL_PACKAGE CallPackage
;
297 PLSA_FREE_LSA_HEAP FreeReturnBuffer
;
298 PLSA_GET_CALL_INFO GetCallInfo
;
299 PLSA_CALL_PACKAGEEX CallPackageEx
;
300 PLSA_CREATE_SHARED_MEMORY CreateSharedMemory
;
301 PLSA_ALLOCATE_SHARED_MEMORY AllocateSharedMemory
;
302 PLSA_FREE_SHARED_MEMORY FreeSharedMemory
;
303 PLSA_DELETE_SHARED_MEMORY DeleteSharedMemory
;
304 PLSA_OPEN_SAM_USER OpenSamUser
;
305 PLSA_GET_USER_CREDENTIALS GetUserCredentials
;
306 PLSA_GET_USER_AUTH_DATA GetUserAuthData
;
307 PLSA_CLOSE_SAM_USER CloseSamUser
;
308 PLSA_CONVERT_AUTH_DATA_TO_TOKEN ConvertAuthDataToToken
;
309 PLSA_CLIENT_CALLBACK ClientCallback
;
310 PLSA_UPDATE_PRIMARY_CREDENTIALS UpdateCredentials
;
311 PLSA_GET_AUTH_DATA_FOR_USER GetAuthDataForUser
;
312 PLSA_CRACK_SINGLE_NAME CrackSingleName
;
313 PLSA_AUDIT_ACCOUNT_LOGON AuditAccountLogon
;
314 PLSA_CALL_PACKAGE_PASSTHROUGH CallPackagePassthrough
;
315 } LSA_SECPKG_FUNCTION_TABLE
,
316 *PLSA_SECPKG_FUNCTION_TABLE
;
318 /* LSA-mode functions implemented by SSP/AP obtainable by a dispatch table */
319 typedef NTSTATUS (NTAPI
*PLSA_AP_INITIALIZE_PACKAGE
)(ULONG
, PLSA_DISPATCH_TABLE
,
320 PLSA_STRING
, PLSA_STRING
, PLSA_STRING
*);
321 typedef NTSTATUS (NTAPI
*PLSA_AP_LOGON_USER
)(LPWSTR
, LPWSTR
, LPWSTR
, LPWSTR
,
322 DWORD
, DWORD
, PHANDLE
);
323 typedef NTSTATUS (NTAPI
*PLSA_AP_CALL_PACKAGE
)(PUNICODE_STRING
, PVOID
, ULONG
,
324 PVOID
*, PULONG
, PNTSTATUS
);
325 typedef VOID (NTAPI
*PLSA_AP_LOGON_TERMINATED
)(PLUID
);
326 typedef NTSTATUS (NTAPI
*PLSA_AP_CALL_PACKAGE_UNTRUSTED
)(PLSA_CLIENT_REQUEST
,
327 PVOID
, PVOID
, ULONG
, PVOID
*, PULONG
, PNTSTATUS
);
328 typedef NTSTATUS (NTAPI
*PLSA_AP_CALL_PACKAGE_PASSTHROUGH
)(PUNICODE_STRING
,
329 PVOID
, PVOID
, ULONG
, PVOID
*, PULONG
, PNTSTATUS
);
330 typedef NTSTATUS (NTAPI
*PLSA_AP_LOGON_USER_EX
)(PLSA_CLIENT_REQUEST
,
331 SECURITY_LOGON_TYPE
, PVOID
, PVOID
, ULONG
, PVOID
*, PULONG
, PLUID
, PNTSTATUS
,
332 PLSA_TOKEN_INFORMATION_TYPE
, PVOID
*, PUNICODE_STRING
*, PUNICODE_STRING
*,
334 typedef NTSTATUS (NTAPI
*PLSA_AP_LOGON_USER_EX2
)(PLSA_CLIENT_REQUEST
,
335 SECURITY_LOGON_TYPE
, PVOID
, PVOID
, ULONG
, PVOID
*, PULONG
, PLUID
, PNTSTATUS
,
336 PLSA_TOKEN_INFORMATION_TYPE
, PVOID
*, PUNICODE_STRING
*, PUNICODE_STRING
*,
337 PUNICODE_STRING
*, PSECPKG_PRIMARY_CRED
, PSECPKG_SUPPLEMENTAL_CRED_ARRAY
*);
338 typedef NTSTATUS (SpInitializeFn
)(ULONG_PTR
, PSECPKG_PARAMETERS
,
339 PLSA_SECPKG_FUNCTION_TABLE
);
340 typedef NTSTATUS (NTAPI SpShutDownFn
)(void);
341 typedef NTSTATUS (NTAPI SpGetInfoFn
)(PSecPkgInfoW
);
342 typedef NTSTATUS (NTAPI SpAcceptCredentialsFn
)(SECURITY_LOGON_TYPE
,
343 PUNICODE_STRING
, PSECPKG_PRIMARY_CRED
, PSECPKG_SUPPLEMENTAL_CRED
);
344 typedef NTSTATUS (NTAPI SpAcquireCredentialsHandleFn
)(PUNICODE_STRING
, ULONG
,
345 PLUID
, PVOID
, PVOID
, PVOID
, PLSA_SEC_HANDLE
, PTimeStamp
);
346 typedef NTSTATUS (NTAPI SpQueryCredentialsAttributesFn
)(LSA_SEC_HANDLE
, ULONG
,
348 typedef NTSTATUS (NTAPI SpFreeCredentialsHandleFn
)(LSA_SEC_HANDLE
);
349 typedef NTSTATUS (NTAPI SpSaveCredentialsFn
)(LSA_SEC_HANDLE
, PSecBuffer
);
350 typedef NTSTATUS (NTAPI SpGetCredentialsFn
)(LSA_SEC_HANDLE
, PSecBuffer
);
351 typedef NTSTATUS (NTAPI SpDeleteCredentialsFn
)(LSA_SEC_HANDLE
, PSecBuffer
);
352 typedef NTSTATUS (NTAPI SpInitLsaModeContextFn
)(LSA_SEC_HANDLE
, LSA_SEC_HANDLE
,
353 PUNICODE_STRING
, ULONG
, ULONG
, PSecBufferDesc
, PLSA_SEC_HANDLE
, PSecBufferDesc
,
354 PULONG
, PTimeStamp
, PBOOLEAN
, PSecBuffer
);
355 typedef NTSTATUS (NTAPI SpAcceptLsaModeContextFn
)(LSA_SEC_HANDLE
,
356 LSA_SEC_HANDLE
, PSecBufferDesc
, ULONG
, ULONG
, PLSA_SEC_HANDLE
, PSecBufferDesc
,
357 PULONG
, PTimeStamp
, PBOOLEAN
, PSecBuffer
);
358 typedef NTSTATUS (NTAPI SpDeleteContextFn
)(LSA_SEC_HANDLE
);
359 typedef NTSTATUS (NTAPI SpApplyControlTokenFn
)(LSA_SEC_HANDLE
, PSecBufferDesc
);
360 typedef NTSTATUS (NTAPI SpGetUserInfoFn
)(PLUID
, ULONG
, PSecurityUserData
*);
361 typedef NTSTATUS (NTAPI SpGetExtendedInformationFn
)(
362 SECPKG_EXTENDED_INFORMATION_CLASS
, PSECPKG_EXTENDED_INFORMATION
*);
363 typedef NTSTATUS (NTAPI SpQueryContextAttributesFn
)(LSA_SEC_HANDLE
, ULONG
,
365 typedef NTSTATUS (NTAPI SpAddCredentialsFn
)(LSA_SEC_HANDLE
, PUNICODE_STRING
,
366 PUNICODE_STRING
, ULONG
, PVOID
, PVOID
, PVOID
, PTimeStamp
);
367 typedef NTSTATUS (NTAPI SpSetExtendedInformationFn
)(
368 SECPKG_EXTENDED_INFORMATION_CLASS
, PSECPKG_EXTENDED_INFORMATION
);
369 typedef NTSTATUS (NTAPI SpSetContextAttributesFn
)(LSA_SEC_HANDLE
, ULONG
, PVOID
,
371 typedef NTSTATUS (NTAPI SpSetCredentialsAttributesFn
)(LSA_SEC_HANDLE
, ULONG
,
373 typedef NTSTATUS (NTAPI SpChangeAccountPasswordFn
)(PUNICODE_STRING
,
374 PUNICODE_STRING
, PUNICODE_STRING
, PUNICODE_STRING
, BOOLEAN
, PSecBufferDesc
);
375 typedef NTSTATUS (NTAPI SpQueryMetaDataFn
)(LSA_SEC_HANDLE
, PUNICODE_STRING
,
376 ULONG
, PULONG
, PUCHAR
*, PLSA_SEC_HANDLE
);
377 typedef NTSTATUS (NTAPI SpExchangeMetaDataFn
)(LSA_SEC_HANDLE
, PUNICODE_STRING
,
378 ULONG
, ULONG
, PUCHAR
, PLSA_SEC_HANDLE
);
379 typedef NTSTATUS (NTAPI SpGetCredUIContextFn
)(LSA_SEC_HANDLE
, GUID
*, PULONG
,
381 typedef NTSTATUS (NTAPI SpUpdateCredentialsFn
)(LSA_SEC_HANDLE
, GUID
*, ULONG
,
383 typedef NTSTATUS (NTAPI SpValidateTargetInfoFn
)(PLSA_CLIENT_REQUEST
, PVOID
,
384 PVOID
, ULONG
, PSECPKG_TARGETINFO
);
386 /* User-mode functions implemented by SSP/AP obtainable by a dispatch table */
387 typedef NTSTATUS (NTAPI SpInstanceInitFn
)(ULONG
, PSECPKG_DLL_FUNCTIONS
,
389 typedef NTSTATUS (NTAPI SpInitUserModeContextFn
)(LSA_SEC_HANDLE
, PSecBuffer
);
390 typedef NTSTATUS (NTAPI SpMakeSignatureFn
)(LSA_SEC_HANDLE
, ULONG
,
391 PSecBufferDesc
, ULONG
);
392 typedef NTSTATUS (NTAPI SpVerifySignatureFn
)(LSA_SEC_HANDLE
, PSecBufferDesc
,
394 typedef NTSTATUS (NTAPI SpSealMessageFn
)(LSA_SEC_HANDLE
, ULONG
, PSecBufferDesc
,
396 typedef NTSTATUS (NTAPI SpUnsealMessageFn
)(LSA_SEC_HANDLE
, PSecBufferDesc
,
398 typedef NTSTATUS (NTAPI SpGetContextTokenFn
)(LSA_SEC_HANDLE
, PHANDLE
);
399 typedef NTSTATUS (NTAPI SpCompleteAuthTokenFn
)(LSA_SEC_HANDLE
, PSecBufferDesc
);
400 typedef NTSTATUS (NTAPI SpFormatCredentialsFn
)(PSecBuffer
, PSecBuffer
);
401 typedef NTSTATUS (NTAPI SpMarshallSupplementalCredsFn
)(ULONG
, PUCHAR
, PULONG
,
403 typedef NTSTATUS (NTAPI SpExportSecurityContextFn
)(LSA_SEC_HANDLE
, ULONG
,
404 PSecBuffer
, PHANDLE
);
405 typedef NTSTATUS (NTAPI SpImportSecurityContextFn
)(PSecBuffer
, HANDLE
,
408 #ifdef WINE_NO_UNICODE_MACROS
409 #undef SetContextAttributes
412 /* dispatch tables of LSA-mode functions implemented by SSP/AP */
413 typedef struct SECPKG_FUNCTION_TABLE
{
414 PLSA_AP_INITIALIZE_PACKAGE InitializePackage
;
415 PLSA_AP_LOGON_USER LsaLogonUser
;
416 PLSA_AP_CALL_PACKAGE CallPackage
;
417 PLSA_AP_LOGON_TERMINATED LogonTerminated
;
418 PLSA_AP_CALL_PACKAGE_UNTRUSTED CallPackageUntrusted
;
419 PLSA_AP_CALL_PACKAGE_PASSTHROUGH CallPackagePassthrough
;
420 PLSA_AP_LOGON_USER_EX LogonUserEx
;
421 PLSA_AP_LOGON_USER_EX2 LogonUserEx2
;
422 SpInitializeFn
*Initialize
;
423 SpShutDownFn
*Shutdown
;
424 SpGetInfoFn
*GetInfo
;
425 SpAcceptCredentialsFn
*AcceptCredentials
;
426 SpAcquireCredentialsHandleFn
*SpAcquireCredentialsHandle
;
427 SpQueryCredentialsAttributesFn
*SpQueryCredentialsAttributes
;
428 SpFreeCredentialsHandleFn
*FreeCredentialsHandle
;
429 SpSaveCredentialsFn
*SaveCredentials
;
430 SpGetCredentialsFn
*GetCredentials
;
431 SpDeleteCredentialsFn
*DeleteCredentials
;
432 SpInitLsaModeContextFn
*InitLsaModeContext
;
433 SpAcceptLsaModeContextFn
*AcceptLsaModeContext
;
434 SpDeleteContextFn
*DeleteContext
;
435 SpApplyControlTokenFn
*ApplyControlToken
;
436 SpGetUserInfoFn
*GetUserInfo
;
437 SpGetExtendedInformationFn
*GetExtendedInformation
;
438 SpQueryContextAttributesFn
*SpQueryContextAttributes
;
439 SpAddCredentialsFn
*SpAddCredentials
;
440 SpSetExtendedInformationFn
*SetExtendedInformation
;
441 /* Packages with version SECPKG_INTERFACE_VERSION end here */
442 SpSetContextAttributesFn
*SetContextAttributes
;
443 /* Packages with version SECPKG_INTERFACE_VERSION_2 end here */
444 SpSetCredentialsAttributesFn
*SetCredentialsAttributes
;
445 /* Packages with version SECPKG_INTERFACE_VERSION_3 end here */
446 SpChangeAccountPasswordFn
*ChangeAccountPassword
;
447 /* Packages with version SECPKG_INTERFACE_VERSION_4 end here */
448 SpQueryMetaDataFn
*QueryMetaData
;
449 SpExchangeMetaDataFn
*ExchangeMetaData
;
450 SpGetCredUIContextFn
*GetCredUIContext
;
451 SpUpdateCredentialsFn
*UpdateCredentials
;
452 /* Packages with version SECPKG_INTERFACE_VERSION_5 end here */
453 SpValidateTargetInfoFn
*ValidateTargetInfo
;
454 /* Packages with version SECPKG_INTERFACE_VERSION_6 end here */
455 } SECPKG_FUNCTION_TABLE
,
456 *PSECPKG_FUNCTION_TABLE
;
458 /* dispatch tables of user-mode functions implemented by SSP/AP */
459 typedef struct SECPKG_USER_FUNCTION_TABLE
{
460 SpInstanceInitFn
*InstanceInit
;
461 SpInitUserModeContextFn
*InitUserModeContext
;
462 SpMakeSignatureFn
*MakeSignature
;
463 SpVerifySignatureFn
*VerifySignature
;
464 SpSealMessageFn
*SealMessage
;
465 SpUnsealMessageFn
*UnsealMessage
;
466 SpGetContextTokenFn
*GetContextToken
;
467 SpQueryContextAttributesFn
*SpQueryContextAttributes
;
468 SpCompleteAuthTokenFn
*CompleteAuthToken
;
469 SpDeleteContextFn
*DeleteUserModeContext
;
470 SpFormatCredentialsFn
*FormatCredentials
;
471 SpMarshallSupplementalCredsFn
*MarshallSupplementalCreds
;
472 SpExportSecurityContextFn
*ExportContext
;
473 SpImportSecurityContextFn
*ImportContext
;
474 } SECPKG_USER_FUNCTION_TABLE
,
475 *PSECPKG_USER_FUNCTION_TABLE
;
477 /* LSA-mode entry point to SSP/APs */
478 typedef NTSTATUS (NTAPI
*SpLsaModeInitializeFn
)(ULONG
, PULONG
,
479 PSECPKG_FUNCTION_TABLE
*, PULONG
);
481 /* User-mode entry point to SSP/APs */
482 typedef NTSTATUS (WINAPI
*SpUserModeInitializeFn
)(ULONG
, PULONG
,
483 PSECPKG_USER_FUNCTION_TABLE
*, PULONG
);
488 #endif /* _NTSECPKG_H */