2 * Copyright (C) 2007 Yuval Fledel
4 * This library is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU Lesser General Public
6 * License as published by the Free Software Foundation; either
7 * version 2.1 of the License, or (at your option) any later version.
9 * This library is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * Lesser General Public License for more details.
14 * You should have received a copy of the GNU Lesser General Public
15 * License along with this library; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
26 /* Flags for the MachineState field in SECPKG_PARAMETERS */
27 #define SECPKG_STATE_ENCRYPTION_PERMITTED 0x01
28 #define SECPKG_STATE_STRONG_ENCRYPTION_PERMITTED 0x02
29 #define SECPKG_STATE_DOMAIN_CONTROLLER 0x04
30 #define SECPKG_STATE_WORKSTATION 0x08
31 #define SECPKG_STATE_STANDALONE 0x10
33 /* Version magics as passed to or returned from Sp[Lsa,Mode]ModeInitialize */
34 #define SECPKG_INTERFACE_VERSION 0x10000
35 #define SECPKG_INTERFACE_VERSION_2 0x20000
36 #define SECPKG_INTERFACE_VERSION_3 0x40000
37 #define SECPKG_INTERFACE_VERSION_4 0x80000
38 #define SECPKG_INTERFACE_VERSION_5 0x100000
39 #define SECPKG_INTERFACE_VERSION_6 0x200000
40 #define SECPKG_INTERFACE_VERSION_7 0x400000
42 /* enum definitions for Secure Service Provider/Authentication Packages */
43 typedef enum _LSA_TOKEN_INFORMATION_TYPE
{
44 LsaTokenInformationNull
,
46 } LSA_TOKEN_INFORMATION_TYPE
, *PLSA_TOKEN_INFORMATION_TYPE
;
48 typedef enum _SECPKG_EXTENDED_INFORMATION_CLASS
52 SecpkgMutualAuthLevel
,
54 } SECPKG_EXTENDED_INFORMATION_CLASS
;
56 typedef enum _SECPKG_NAME_TYPE
{
63 /* struct definitions for SSP/AP */
64 typedef struct _LSA_TOKEN_INFORMATION_NULL
66 LARGE_INTEGER ExpirationTime
;
68 } LSA_TOKEN_INFORMATION_NULL
, *PLSA_TOKEN_INFORMATION_NULL
;
70 typedef struct _LSA_TOKEN_INFORMATION_V1
72 LARGE_INTEGER ExpirationTime
;
75 TOKEN_PRIMARY_GROUP PrimaryGroup
;
76 PTOKEN_PRIVILEGES Privileges
;
78 TOKEN_DEFAULT_DACL DefaultDacl
;
79 } LSA_TOKEN_INFORMATION_V1
, *PLSA_TOKEN_INFORMATION_V1
;
81 typedef struct _SECPKG_PRIMARY_CRED
{
83 UNICODE_STRING DownlevelName
;
84 UNICODE_STRING DomainName
;
85 UNICODE_STRING Password
;
86 UNICODE_STRING OldPassword
;
89 UNICODE_STRING DnsDomainName
;
91 UNICODE_STRING LogonServer
;
92 UNICODE_STRING Spare1
;
93 UNICODE_STRING Spare2
;
94 UNICODE_STRING Spare3
;
95 UNICODE_STRING Spare4
;
96 } SECPKG_PRIMARY_CRED
, *PSECPKG_PRIMARY_CRED
;
98 typedef struct _SECPKG_SUPPLEMENTAL_CRED
{
99 UNICODE_STRING PackageName
;
100 ULONG CredentialSize
;
102 } SECPKG_SUPPLEMENTAL_CRED
, *PSECPKG_SUPPLEMENTAL_CRED
;
104 typedef struct _SECPKG_SUPPLEMENTAL_CRED_ARRAY
{
105 ULONG CredentialCount
;
106 SECPKG_SUPPLEMENTAL_CRED Credentials
[1];
107 } SECPKG_SUPPLEMENTAL_CRED_ARRAY
, *PSECPKG_SUPPLEMENTAL_CRED_ARRAY
;
109 typedef struct _SECPKG_PARAMETERS
{
114 UNICODE_STRING DomainName
;
115 UNICODE_STRING DnsDomainName
;
117 } SECPKG_PARAMETERS
, *PSECPKG_PARAMETERS
,
118 SECPKG_EVENT_DOMAIN_CHANGE
, *PSECPKG_EVENT_DOMAIN_CHANGE
;
120 typedef struct _SECPKG_CLIENT_INFO
{
124 BOOLEAN HasTcbPrivilege
;
125 BOOLEAN Impersonating
;
127 } SECPKG_CLIENT_INFO
,
128 *PSECPKG_CLIENT_INFO
;
130 typedef struct _SECURITY_USER_DATA
{
131 UNICODE_STRING UserName
;
132 UNICODE_STRING LogonDomainName
;
133 UNICODE_STRING LogonServer
;
135 } SECURITY_USER_DATA
, *PSECURITY_USER_DATA
,
136 SecurityUserData
, *PSecurityUserData
;
138 typedef struct _SECPKG_GSS_INFO
{
139 ULONG EncodedIdLength
;
141 } SECPKG_GSS_INFO
, *PSECPKG_GSS_INFO
;
143 typedef struct _SECPKG_CONTEXT_THUNKS
{
144 ULONG InfoLevelCount
;
146 } SECPKG_CONTEXT_THUNKS
, *PSECPKG_CONTEXT_THUNKS
;
148 typedef struct _SECPKG_MUTUAL_AUTH_LEVEL
{
149 ULONG MutualAuthLevel
;
150 } SECPKG_MUTUAL_AUTH_LEVEL
, *PSECPKG_MUTUAL_AUTH_LEVEL
;
152 typedef struct _SECPKG_CALL_INFO
{
157 } SECPKG_CALL_INFO
, *PSECPKG_CALL_INFO
;
159 typedef struct _SECPKG_EXTENDED_INFORMATION
{
160 SECPKG_EXTENDED_INFORMATION_CLASS Class
;
162 SECPKG_GSS_INFO GssInfo
;
163 SECPKG_CONTEXT_THUNKS ContextThunks
;
164 SECPKG_MUTUAL_AUTH_LEVEL MutualAuthLevel
;
166 } SECPKG_EXTENDED_INFORMATION
, *PSECPKG_EXTENDED_INFORMATION
;
168 typedef struct _SECPKG_TARGETINFO
{
171 } SECPKG_TARGETINFO
, *PSECPKG_TARGETINFO
;
173 typedef struct _SECPKG_POST_LOGON_USER_INFO
{
177 } SECPKG_POST_LOGON_USER_INFO
, *PSECPKG_POST_LOGON_USER_INFO
;
179 /* callbacks implemented by SSP/AP dlls and called by the LSA */
180 typedef VOID (NTAPI
*PLSA_CALLBACK_FUNCTION
)(ULONG_PTR
, ULONG_PTR
, PSecBuffer
,
183 /* misc typedefs used in the below prototypes */
184 typedef PVOID
*PLSA_CLIENT_REQUEST
;
185 typedef ULONG LSA_SEC_HANDLE
, *PLSA_SEC_HANDLE
;
186 typedef LPTHREAD_START_ROUTINE SEC_THREAD_START
;
187 typedef PSECURITY_ATTRIBUTES SEC_ATTRS
;
189 /* functions used by SSP/AP obtainable by dispatch tables */
190 typedef NTSTATUS (NTAPI
*PLSA_REGISTER_CALLBACK
)(ULONG
, PLSA_CALLBACK_FUNCTION
);
191 typedef NTSTATUS (NTAPI
*PLSA_CREATE_LOGON_SESSION
)(PLUID
);
192 typedef NTSTATUS (NTAPI
*PLSA_DELETE_LOGON_SESSION
)(PLUID
);
193 typedef NTSTATUS (NTAPI
*PLSA_ADD_CREDENTIAL
)(PLUID
, ULONG
, PLSA_STRING
,
195 typedef NTSTATUS (NTAPI
*PLSA_GET_CREDENTIALS
)(PLUID
, ULONG
, PULONG
, BOOLEAN
,
196 PLSA_STRING
, PULONG
, PLSA_STRING
);
197 typedef NTSTATUS (NTAPI
*PLSA_DELETE_CREDENTIAL
)(PLUID
, ULONG
, PLSA_STRING
);
198 typedef PVOID (NTAPI
*PLSA_ALLOCATE_LSA_HEAP
)(ULONG
);
199 typedef VOID (NTAPI
*PLSA_FREE_LSA_HEAP
)(PVOID
);
200 typedef NTSTATUS (NTAPI
*PLSA_ALLOCATE_CLIENT_BUFFER
)(PLSA_CLIENT_REQUEST
,
202 typedef NTSTATUS (NTAPI
*PLSA_FREE_CLIENT_BUFFER
)(PLSA_CLIENT_REQUEST
, PVOID
);
203 typedef NTSTATUS (NTAPI
*PLSA_COPY_TO_CLIENT_BUFFER
)(PLSA_CLIENT_REQUEST
, ULONG
,
205 typedef NTSTATUS (NTAPI
*PLSA_COPY_FROM_CLIENT_BUFFER
)(PLSA_CLIENT_REQUEST
,
206 ULONG
, PVOID
, PVOID
);
207 typedef NTSTATUS (NTAPI
*PLSA_IMPERSONATE_CLIENT
)(void);
208 typedef NTSTATUS (NTAPI
*PLSA_UNLOAD_PACKAGE
)(void);
209 typedef NTSTATUS (NTAPI
*PLSA_DUPLICATE_HANDLE
)(HANDLE
, PHANDLE
);
210 typedef NTSTATUS (NTAPI
*PLSA_SAVE_SUPPLEMENTAL_CREDENTIALS
)(PLUID
, ULONG
,
212 typedef HANDLE (NTAPI
*PLSA_CREATE_THREAD
)(SEC_ATTRS
, ULONG
, SEC_THREAD_START
,
213 PVOID
, ULONG
, PULONG
);
214 typedef NTSTATUS (NTAPI
*PLSA_GET_CLIENT_INFO
)(PSECPKG_CLIENT_INFO
);
215 typedef HANDLE (NTAPI
*PLSA_REGISTER_NOTIFICATION
)(SEC_THREAD_START
, PVOID
,
216 ULONG
, ULONG
, ULONG
, ULONG
, HANDLE
);
217 typedef NTSTATUS (NTAPI
*PLSA_CANCEL_NOTIFICATION
)(HANDLE
);
218 typedef NTSTATUS (NTAPI
*PLSA_MAP_BUFFER
)(PSecBuffer
, PSecBuffer
);
219 typedef NTSTATUS (NTAPI
*PLSA_CREATE_TOKEN
)(PLUID
, PTOKEN_SOURCE
,
220 SECURITY_LOGON_TYPE
, SECURITY_IMPERSONATION_LEVEL
, LSA_TOKEN_INFORMATION_TYPE
,
221 PVOID
, PTOKEN_GROUPS
, PUNICODE_STRING
, PUNICODE_STRING
, PUNICODE_STRING
,
222 PUNICODE_STRING
, PHANDLE
, PNTSTATUS
);
223 typedef VOID (NTAPI
*PLSA_AUDIT_LOGON
)(NTSTATUS
, NTSTATUS
, PUNICODE_STRING
,
224 PUNICODE_STRING
, PUNICODE_STRING
, OPTIONAL PSID
, SECURITY_LOGON_TYPE
,
225 PTOKEN_SOURCE
, PLUID
);
226 typedef NTSTATUS (NTAPI
*PLSA_CALL_PACKAGE
)(PUNICODE_STRING
, PVOID
, ULONG
,
227 PVOID
*, PULONG
, PNTSTATUS
);
228 typedef BOOLEAN (NTAPI
*PLSA_GET_CALL_INFO
)(PSECPKG_CALL_INFO
);
229 typedef NTSTATUS (NTAPI
*PLSA_CALL_PACKAGEEX
)(PUNICODE_STRING
, PVOID
, PVOID
,
230 ULONG
, PVOID
*, PULONG
, PNTSTATUS
);
231 typedef PVOID (NTAPI
*PLSA_CREATE_SHARED_MEMORY
)(ULONG
, ULONG
);
232 typedef PVOID (NTAPI
*PLSA_ALLOCATE_SHARED_MEMORY
)(PVOID
, ULONG
);
233 typedef VOID (NTAPI
*PLSA_FREE_SHARED_MEMORY
)(PVOID
, PVOID
);
234 typedef BOOLEAN (NTAPI
*PLSA_DELETE_SHARED_MEMORY
)(PVOID
);
235 typedef NTSTATUS (NTAPI
*PLSA_OPEN_SAM_USER
)(PUNICODE_STRING
, SECPKG_NAME_TYPE
,
236 PUNICODE_STRING
, BOOLEAN
, ULONG
, PVOID
*);
237 typedef NTSTATUS (NTAPI
*PLSA_GET_USER_CREDENTIALS
)(PVOID
, PVOID
*, PULONG
,
239 typedef NTSTATUS (NTAPI
*PLSA_GET_USER_AUTH_DATA
)(PVOID
, PUCHAR
*, PULONG
);
240 typedef NTSTATUS (NTAPI
*PLSA_CLOSE_SAM_USER
)(PVOID
);
241 typedef NTSTATUS (NTAPI
*PLSA_CONVERT_AUTH_DATA_TO_TOKEN
)(PVOID
, ULONG
,
242 SECURITY_IMPERSONATION_LEVEL
, PTOKEN_SOURCE
, SECURITY_LOGON_TYPE
,
243 PUNICODE_STRING
, PHANDLE
, PLUID
, PUNICODE_STRING
, PNTSTATUS
);
244 typedef NTSTATUS (NTAPI
*PLSA_CLIENT_CALLBACK
)(PCHAR
, ULONG_PTR
, ULONG_PTR
,
245 PSecBuffer
, PSecBuffer
);
246 typedef NTSTATUS (NTAPI
*PLSA_UPDATE_PRIMARY_CREDENTIALS
)(PSECPKG_PRIMARY_CRED
, PSECPKG_SUPPLEMENTAL_CRED_ARRAY
);
247 typedef NTSTATUS (NTAPI
*PLSA_GET_AUTH_DATA_FOR_USER
)(PUNICODE_STRING
,
248 SECPKG_NAME_TYPE
, PUNICODE_STRING
, PUCHAR
*, PULONG
, PUNICODE_STRING
);
249 typedef NTSTATUS (NTAPI
*PLSA_CRACK_SINGLE_NAME
)(ULONG
, BOOLEAN
,
250 PUNICODE_STRING
, PUNICODE_STRING
, ULONG
, PUNICODE_STRING
, PUNICODE_STRING
,
252 typedef NTSTATUS (NTAPI
*PLSA_AUDIT_ACCOUNT_LOGON
)(ULONG
, BOOLEAN
,
253 PUNICODE_STRING
, PUNICODE_STRING
, PUNICODE_STRING
, NTSTATUS
);
254 typedef NTSTATUS (NTAPI
*PLSA_CALL_PACKAGE_PASSTHROUGH
)(PUNICODE_STRING
, PVOID
,
255 PVOID
, ULONG
, PVOID
*, PULONG
, PNTSTATUS
);
257 /* Dispatch tables of functions used by SSP/AP */
258 typedef struct SECPKG_DLL_FUNCTIONS
{
259 PLSA_ALLOCATE_LSA_HEAP AllocateHeap
;
260 PLSA_FREE_LSA_HEAP FreeHeap
;
261 PLSA_REGISTER_CALLBACK RegisterCallback
;
262 } SECPKG_DLL_FUNCTIONS
,
263 *PSECPKG_DLL_FUNCTIONS
;
265 typedef struct LSA_DISPATCH_TABLE
{
266 PLSA_CREATE_LOGON_SESSION CreateLogonSession
;
267 PLSA_DELETE_LOGON_SESSION DeleteLogonSession
;
268 PLSA_ADD_CREDENTIAL AddCredential
;
269 PLSA_GET_CREDENTIALS GetCredentials
;
270 PLSA_DELETE_CREDENTIAL DeleteCredential
;
271 PLSA_ALLOCATE_LSA_HEAP AllocateLsaHeap
;
272 PLSA_FREE_LSA_HEAP FreeLsaHeap
;
273 PLSA_ALLOCATE_CLIENT_BUFFER AllocateClientBuffer
;
274 PLSA_FREE_CLIENT_BUFFER FreeClientBuffer
;
275 PLSA_COPY_TO_CLIENT_BUFFER CopyToClientBuffer
;
276 PLSA_COPY_FROM_CLIENT_BUFFER CopyFromClientBuffer
;
277 } LSA_DISPATCH_TABLE
,
278 *PLSA_DISPATCH_TABLE
;
280 typedef struct _LSA_SECPKG_FUNCTION_TABLE
{
281 PLSA_CREATE_LOGON_SESSION CreateLogonSession
;
282 PLSA_DELETE_LOGON_SESSION DeleteLogonSession
;
283 PLSA_ADD_CREDENTIAL AddCredential
;
284 PLSA_GET_CREDENTIALS GetCredentials
;
285 PLSA_DELETE_CREDENTIAL DeleteCredential
;
286 PLSA_ALLOCATE_LSA_HEAP AllocateLsaHeap
;
287 PLSA_FREE_LSA_HEAP FreeLsaHeap
;
288 PLSA_ALLOCATE_CLIENT_BUFFER AllocateClientBuffer
;
289 PLSA_FREE_CLIENT_BUFFER FreeClientBuffer
;
290 PLSA_COPY_TO_CLIENT_BUFFER CopyToClientBuffer
;
291 PLSA_COPY_FROM_CLIENT_BUFFER CopyFromClientBuffer
;
292 PLSA_IMPERSONATE_CLIENT ImpersonateClient
;
293 PLSA_UNLOAD_PACKAGE UnloadPackage
;
294 PLSA_DUPLICATE_HANDLE DuplicateHandle
;
295 PLSA_SAVE_SUPPLEMENTAL_CREDENTIALS SaveSupplementalCredentials
;
296 PLSA_CREATE_THREAD CreateThread
;
297 PLSA_GET_CLIENT_INFO GetClientInfo
;
298 PLSA_REGISTER_NOTIFICATION RegisterNotification
;
299 PLSA_CANCEL_NOTIFICATION CancelNotification
;
300 PLSA_MAP_BUFFER MapBuffer
;
301 PLSA_CREATE_TOKEN CreateToken
;
302 PLSA_AUDIT_LOGON AuditLogon
;
303 PLSA_CALL_PACKAGE CallPackage
;
304 PLSA_FREE_LSA_HEAP FreeReturnBuffer
;
305 PLSA_GET_CALL_INFO GetCallInfo
;
306 PLSA_CALL_PACKAGEEX CallPackageEx
;
307 PLSA_CREATE_SHARED_MEMORY CreateSharedMemory
;
308 PLSA_ALLOCATE_SHARED_MEMORY AllocateSharedMemory
;
309 PLSA_FREE_SHARED_MEMORY FreeSharedMemory
;
310 PLSA_DELETE_SHARED_MEMORY DeleteSharedMemory
;
311 PLSA_OPEN_SAM_USER OpenSamUser
;
312 PLSA_GET_USER_CREDENTIALS GetUserCredentials
;
313 PLSA_GET_USER_AUTH_DATA GetUserAuthData
;
314 PLSA_CLOSE_SAM_USER CloseSamUser
;
315 PLSA_CONVERT_AUTH_DATA_TO_TOKEN ConvertAuthDataToToken
;
316 PLSA_CLIENT_CALLBACK ClientCallback
;
317 PLSA_UPDATE_PRIMARY_CREDENTIALS UpdateCredentials
;
318 PLSA_GET_AUTH_DATA_FOR_USER GetAuthDataForUser
;
319 PLSA_CRACK_SINGLE_NAME CrackSingleName
;
320 PLSA_AUDIT_ACCOUNT_LOGON AuditAccountLogon
;
321 PLSA_CALL_PACKAGE_PASSTHROUGH CallPackagePassthrough
;
322 } LSA_SECPKG_FUNCTION_TABLE
,
323 *PLSA_SECPKG_FUNCTION_TABLE
;
325 /* LSA-mode functions implemented by SSP/AP obtainable by a dispatch table */
326 typedef NTSTATUS (NTAPI
*PLSA_AP_INITIALIZE_PACKAGE
)(ULONG
, PLSA_DISPATCH_TABLE
,
327 PLSA_STRING
, PLSA_STRING
, PLSA_STRING
*);
328 typedef NTSTATUS (NTAPI
*PLSA_AP_LOGON_USER
)(LPWSTR
, LPWSTR
, LPWSTR
, LPWSTR
,
329 DWORD
, DWORD
, PHANDLE
);
330 typedef NTSTATUS (NTAPI
*PLSA_AP_CALL_PACKAGE
)(PUNICODE_STRING
, PVOID
, ULONG
,
331 PVOID
*, PULONG
, PNTSTATUS
);
332 typedef VOID (NTAPI
*PLSA_AP_LOGON_TERMINATED
)(PLUID
);
333 typedef NTSTATUS (NTAPI
*PLSA_AP_CALL_PACKAGE_UNTRUSTED
)(PLSA_CLIENT_REQUEST
,
334 PVOID
, PVOID
, ULONG
, PVOID
*, PULONG
, PNTSTATUS
);
335 typedef NTSTATUS (NTAPI
*PLSA_AP_CALL_PACKAGE_PASSTHROUGH
)(PUNICODE_STRING
,
336 PVOID
, PVOID
, ULONG
, PVOID
*, PULONG
, PNTSTATUS
);
337 typedef NTSTATUS (NTAPI
*PLSA_AP_LOGON_USER_EX
)(PLSA_CLIENT_REQUEST
,
338 SECURITY_LOGON_TYPE
, PVOID
, PVOID
, ULONG
, PVOID
*, PULONG
, PLUID
, PNTSTATUS
,
339 PLSA_TOKEN_INFORMATION_TYPE
, PVOID
*, PUNICODE_STRING
*, PUNICODE_STRING
*,
341 typedef NTSTATUS (NTAPI
*PLSA_AP_LOGON_USER_EX2
)(PLSA_CLIENT_REQUEST
,
342 SECURITY_LOGON_TYPE
, PVOID
, PVOID
, ULONG
, PVOID
*, PULONG
, PLUID
, PNTSTATUS
,
343 PLSA_TOKEN_INFORMATION_TYPE
, PVOID
*, PUNICODE_STRING
*, PUNICODE_STRING
*,
344 PUNICODE_STRING
*, PSECPKG_PRIMARY_CRED
, PSECPKG_SUPPLEMENTAL_CRED_ARRAY
*);
345 typedef NTSTATUS (SpInitializeFn
)(ULONG_PTR
, PSECPKG_PARAMETERS
,
346 PLSA_SECPKG_FUNCTION_TABLE
);
347 typedef NTSTATUS (NTAPI SpShutDownFn
)(void);
348 typedef NTSTATUS (NTAPI SpGetInfoFn
)(PSecPkgInfoW
);
349 typedef NTSTATUS (NTAPI SpAcceptCredentialsFn
)(SECURITY_LOGON_TYPE
,
350 PUNICODE_STRING
, PSECPKG_PRIMARY_CRED
, PSECPKG_SUPPLEMENTAL_CRED
);
351 typedef NTSTATUS (NTAPI SpAcquireCredentialsHandleFn
)(PUNICODE_STRING
, ULONG
,
352 PLUID
, PVOID
, PVOID
, PVOID
, PLSA_SEC_HANDLE
, PTimeStamp
);
353 typedef NTSTATUS (NTAPI SpQueryCredentialsAttributesFn
)(LSA_SEC_HANDLE
, ULONG
,
355 typedef NTSTATUS (NTAPI SpFreeCredentialsHandleFn
)(LSA_SEC_HANDLE
);
356 typedef NTSTATUS (NTAPI SpSaveCredentialsFn
)(LSA_SEC_HANDLE
, PSecBuffer
);
357 typedef NTSTATUS (NTAPI SpGetCredentialsFn
)(LSA_SEC_HANDLE
, PSecBuffer
);
358 typedef NTSTATUS (NTAPI SpDeleteCredentialsFn
)(LSA_SEC_HANDLE
, PSecBuffer
);
359 typedef NTSTATUS (NTAPI SpInitLsaModeContextFn
)(LSA_SEC_HANDLE
, LSA_SEC_HANDLE
,
360 PUNICODE_STRING
, ULONG
, ULONG
, PSecBufferDesc
, PLSA_SEC_HANDLE
, PSecBufferDesc
,
361 PULONG
, PTimeStamp
, PBOOLEAN
, PSecBuffer
);
362 typedef NTSTATUS (NTAPI SpAcceptLsaModeContextFn
)(LSA_SEC_HANDLE
,
363 LSA_SEC_HANDLE
, PSecBufferDesc
, ULONG
, ULONG
, PLSA_SEC_HANDLE
, PSecBufferDesc
,
364 PULONG
, PTimeStamp
, PBOOLEAN
, PSecBuffer
);
365 typedef NTSTATUS (NTAPI SpDeleteContextFn
)(LSA_SEC_HANDLE
);
366 typedef NTSTATUS (NTAPI SpApplyControlTokenFn
)(LSA_SEC_HANDLE
, PSecBufferDesc
);
367 typedef NTSTATUS (NTAPI SpGetUserInfoFn
)(PLUID
, ULONG
, PSecurityUserData
*);
368 typedef NTSTATUS (NTAPI SpGetExtendedInformationFn
)(
369 SECPKG_EXTENDED_INFORMATION_CLASS
, PSECPKG_EXTENDED_INFORMATION
*);
370 typedef NTSTATUS (NTAPI SpQueryContextAttributesFn
)(LSA_SEC_HANDLE
, ULONG
,
372 typedef NTSTATUS (NTAPI SpAddCredentialsFn
)(LSA_SEC_HANDLE
, PUNICODE_STRING
,
373 PUNICODE_STRING
, ULONG
, PVOID
, PVOID
, PVOID
, PTimeStamp
);
374 typedef NTSTATUS (NTAPI SpSetExtendedInformationFn
)(
375 SECPKG_EXTENDED_INFORMATION_CLASS
, PSECPKG_EXTENDED_INFORMATION
);
376 typedef NTSTATUS (NTAPI SpSetContextAttributesFn
)(LSA_SEC_HANDLE
, ULONG
, PVOID
,
378 typedef NTSTATUS (NTAPI SpSetCredentialsAttributesFn
)(LSA_SEC_HANDLE
, ULONG
,
380 typedef NTSTATUS (NTAPI SpChangeAccountPasswordFn
)(PUNICODE_STRING
,
381 PUNICODE_STRING
, PUNICODE_STRING
, PUNICODE_STRING
, BOOLEAN
, PSecBufferDesc
);
382 typedef NTSTATUS (NTAPI SpQueryMetaDataFn
)(LSA_SEC_HANDLE
, PUNICODE_STRING
,
383 ULONG
, PULONG
, PUCHAR
*, PLSA_SEC_HANDLE
);
384 typedef NTSTATUS (NTAPI SpExchangeMetaDataFn
)(LSA_SEC_HANDLE
, PUNICODE_STRING
,
385 ULONG
, ULONG
, PUCHAR
, PLSA_SEC_HANDLE
);
386 typedef NTSTATUS (NTAPI SpGetCredUIContextFn
)(LSA_SEC_HANDLE
, GUID
*, PULONG
,
388 typedef NTSTATUS (NTAPI SpUpdateCredentialsFn
)(LSA_SEC_HANDLE
, GUID
*, ULONG
,
390 typedef NTSTATUS (NTAPI SpValidateTargetInfoFn
)(PLSA_CLIENT_REQUEST
, PVOID
,
391 PVOID
, ULONG
, PSECPKG_TARGETINFO
);
392 typedef NTSTATUS (NTAPI LSA_AP_POST_LOGON_USER
)(PSECPKG_POST_LOGON_USER_INFO
);
394 /* User-mode functions implemented by SSP/AP obtainable by a dispatch table */
395 typedef NTSTATUS (NTAPI SpInstanceInitFn
)(ULONG
, PSECPKG_DLL_FUNCTIONS
,
397 typedef NTSTATUS (NTAPI SpInitUserModeContextFn
)(LSA_SEC_HANDLE
, PSecBuffer
);
398 typedef NTSTATUS (NTAPI SpMakeSignatureFn
)(LSA_SEC_HANDLE
, ULONG
,
399 PSecBufferDesc
, ULONG
);
400 typedef NTSTATUS (NTAPI SpVerifySignatureFn
)(LSA_SEC_HANDLE
, PSecBufferDesc
,
402 typedef NTSTATUS (NTAPI SpSealMessageFn
)(LSA_SEC_HANDLE
, ULONG
, PSecBufferDesc
,
404 typedef NTSTATUS (NTAPI SpUnsealMessageFn
)(LSA_SEC_HANDLE
, PSecBufferDesc
,
406 typedef NTSTATUS (NTAPI SpGetContextTokenFn
)(LSA_SEC_HANDLE
, PHANDLE
);
407 typedef NTSTATUS (NTAPI SpCompleteAuthTokenFn
)(LSA_SEC_HANDLE
, PSecBufferDesc
);
408 typedef NTSTATUS (NTAPI SpFormatCredentialsFn
)(PSecBuffer
, PSecBuffer
);
409 typedef NTSTATUS (NTAPI SpMarshallSupplementalCredsFn
)(ULONG
, PUCHAR
, PULONG
,
411 typedef NTSTATUS (NTAPI SpExportSecurityContextFn
)(LSA_SEC_HANDLE
, ULONG
,
412 PSecBuffer
, PHANDLE
);
413 typedef NTSTATUS (NTAPI SpImportSecurityContextFn
)(PSecBuffer
, HANDLE
,
416 #ifdef WINE_NO_UNICODE_MACROS
417 #undef SetContextAttributes
420 /* dispatch tables of LSA-mode functions implemented by SSP/AP */
421 typedef struct SECPKG_FUNCTION_TABLE
{
422 PLSA_AP_INITIALIZE_PACKAGE InitializePackage
;
423 PLSA_AP_LOGON_USER LsaLogonUser
;
424 PLSA_AP_CALL_PACKAGE CallPackage
;
425 PLSA_AP_LOGON_TERMINATED LogonTerminated
;
426 PLSA_AP_CALL_PACKAGE_UNTRUSTED CallPackageUntrusted
;
427 PLSA_AP_CALL_PACKAGE_PASSTHROUGH CallPackagePassthrough
;
428 PLSA_AP_LOGON_USER_EX LogonUserEx
;
429 PLSA_AP_LOGON_USER_EX2 LogonUserEx2
;
430 SpInitializeFn
*Initialize
;
431 SpShutDownFn
*Shutdown
;
432 SpGetInfoFn
*GetInfo
;
433 SpAcceptCredentialsFn
*AcceptCredentials
;
434 SpAcquireCredentialsHandleFn
*SpAcquireCredentialsHandle
;
435 SpQueryCredentialsAttributesFn
*SpQueryCredentialsAttributes
;
436 SpFreeCredentialsHandleFn
*FreeCredentialsHandle
;
437 SpSaveCredentialsFn
*SaveCredentials
;
438 SpGetCredentialsFn
*GetCredentials
;
439 SpDeleteCredentialsFn
*DeleteCredentials
;
440 SpInitLsaModeContextFn
*InitLsaModeContext
;
441 SpAcceptLsaModeContextFn
*AcceptLsaModeContext
;
442 SpDeleteContextFn
*DeleteContext
;
443 SpApplyControlTokenFn
*ApplyControlToken
;
444 SpGetUserInfoFn
*GetUserInfo
;
445 SpGetExtendedInformationFn
*GetExtendedInformation
;
446 SpQueryContextAttributesFn
*SpQueryContextAttributes
;
447 SpAddCredentialsFn
*SpAddCredentials
;
448 SpSetExtendedInformationFn
*SetExtendedInformation
;
449 /* Packages with version SECPKG_INTERFACE_VERSION end here */
450 SpSetContextAttributesFn
*SetContextAttributes
;
451 /* Packages with version SECPKG_INTERFACE_VERSION_2 end here */
452 SpSetCredentialsAttributesFn
*SetCredentialsAttributes
;
453 /* Packages with version SECPKG_INTERFACE_VERSION_3 end here */
454 SpChangeAccountPasswordFn
*ChangeAccountPassword
;
455 /* Packages with version SECPKG_INTERFACE_VERSION_4 end here */
456 SpQueryMetaDataFn
*QueryMetaData
;
457 SpExchangeMetaDataFn
*ExchangeMetaData
;
458 SpGetCredUIContextFn
*GetCredUIContext
;
459 SpUpdateCredentialsFn
*UpdateCredentials
;
460 /* Packages with version SECPKG_INTERFACE_VERSION_5 end here */
461 SpValidateTargetInfoFn
*ValidateTargetInfo
;
462 /* Packages with version SECPKG_INTERFACE_VERSION_6 end here */
463 LSA_AP_POST_LOGON_USER
* PostLogonUser
;
464 /* Packages with version SECPKG_INTERFACE_VERSION_7 end here */
465 } SECPKG_FUNCTION_TABLE
,
466 *PSECPKG_FUNCTION_TABLE
;
468 /* dispatch tables of user-mode functions implemented by SSP/AP */
469 typedef struct SECPKG_USER_FUNCTION_TABLE
{
470 SpInstanceInitFn
*InstanceInit
;
471 SpInitUserModeContextFn
*InitUserModeContext
;
472 SpMakeSignatureFn
*MakeSignature
;
473 SpVerifySignatureFn
*VerifySignature
;
474 SpSealMessageFn
*SealMessage
;
475 SpUnsealMessageFn
*UnsealMessage
;
476 SpGetContextTokenFn
*GetContextToken
;
477 SpQueryContextAttributesFn
*SpQueryContextAttributes
;
478 SpCompleteAuthTokenFn
*CompleteAuthToken
;
479 SpDeleteContextFn
*DeleteUserModeContext
;
480 SpFormatCredentialsFn
*FormatCredentials
;
481 SpMarshallSupplementalCredsFn
*MarshallSupplementalCreds
;
482 SpExportSecurityContextFn
*ExportContext
;
483 SpImportSecurityContextFn
*ImportContext
;
484 } SECPKG_USER_FUNCTION_TABLE
,
485 *PSECPKG_USER_FUNCTION_TABLE
;
487 /* LSA-mode entry point to SSP/APs */
488 typedef NTSTATUS (NTAPI
*SpLsaModeInitializeFn
)(ULONG
, PULONG
,
489 PSECPKG_FUNCTION_TABLE
*, PULONG
);
491 /* User-mode entry point to SSP/APs */
492 typedef NTSTATUS (WINAPI
*SpUserModeInitializeFn
)(ULONG
, PULONG
,
493 PSECPKG_USER_FUNCTION_TABLE
*, PULONG
);
498 #endif /* _NTSECPKG_H */