Mercurial > games > semicongine

comparison fuhtark_test/include/winapi/ntsecapi.h @ 1500:91c8c3b7cbf0

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
add: futhark tests for generating vulkan api
author sam <sam@basx.dev>
date Wed, 26 Nov 2025 21:36:48 +0700
parents
children
comparison
equal deleted inserted replaced
1499:1f58458b7ef7 1500:91c8c3b7cbf0
1 /**
2 * This file has no copyright assigned and is placed in the Public Domain.
3 * This file is part of the w64 mingw-runtime package.
4 * No warranty is given; refer to the file DISCLAIMER within this package.
5 */
6 #ifndef _NTSECAPI_
7 #define _NTSECAPI_
8
9 #ifdef __cplusplus
10 extern "C" {
11 #endif
12
13 #ifndef _NTDEF_
14 typedef LONG NTSTATUS,*PNTSTATUS;
15 #endif
16
17 #ifndef _NTLSA_IFS_
18 typedef ULONG LSA_OPERATIONAL_MODE,*PLSA_OPERATIONAL_MODE;
19 #endif
20
21 #define LSA_MODE_PASSWORD_PROTECTED (0x00000001L)
22 #define LSA_MODE_INDIVIDUAL_ACCOUNTS (0x00000002L)
23 #define LSA_MODE_MANDATORY_ACCESS (0x00000004L)
24 #define LSA_MODE_LOG_FULL (0x00000008L)
25
26 #ifndef _NTLSA_IFS_
27 typedef enum _SECURITY_LOGON_TYPE {
28 Interactive = 2,Network,Batch,Service,Proxy,Unlock,NetworkCleartext,NewCredentials,RemoteInteractive,CachedInteractive,
29 CachedRemoteInteractive,CachedUnlock
30 } SECURITY_LOGON_TYPE,*PSECURITY_LOGON_TYPE;
31 #endif
32
33 #ifndef _NTLSA_IFS_
34
35 #ifndef _NTLSA_AUDIT_
36 #define _NTLSA_AUDIT_
37
38 typedef enum _SE_ADT_PARAMETER_TYPE {
39 SeAdtParmTypeNone = 0,SeAdtParmTypeString,SeAdtParmTypeFileSpec,SeAdtParmTypeUlong,SeAdtParmTypeSid,SeAdtParmTypeLogonId,
40 SeAdtParmTypeNoLogonId,SeAdtParmTypeAccessMask,SeAdtParmTypePrivs,SeAdtParmTypeObjectTypes,SeAdtParmTypeHexUlong,SeAdtParmTypePtr,
41 SeAdtParmTypeTime,SeAdtParmTypeGuid,SeAdtParmTypeLuid,SeAdtParmTypeHexInt64,SeAdtParmTypeStringList,SeAdtParmTypeSidList,
42 SeAdtParmTypeDuration,SeAdtParmTypeUserAccountControl,SeAdtParmTypeNoUac,SeAdtParmTypeMessage,SeAdtParmTypeDateTime,SeAdtParmTypeSockAddr
43 } SE_ADT_PARAMETER_TYPE,*PSE_ADT_PARAMETER_TYPE;
44
45 #include <guiddef.h>
46
47 #define SE_ADT_OBJECT_ONLY 0x1
48
49 typedef struct _SE_ADT_OBJECT_TYPE {
50 GUID ObjectType;
51 USHORT Flags;
52 USHORT Level;
53 ACCESS_MASK AccessMask;
54 } SE_ADT_OBJECT_TYPE,*PSE_ADT_OBJECT_TYPE;
55
56 typedef struct _SE_ADT_PARAMETER_ARRAY_ENTRY {
57 SE_ADT_PARAMETER_TYPE Type;
58 ULONG Length;
59 ULONG_PTR Data[2];
60 PVOID Address;
61 } SE_ADT_PARAMETER_ARRAY_ENTRY,*PSE_ADT_PARAMETER_ARRAY_ENTRY;
62
63 #define SE_MAX_AUDIT_PARAMETERS 32
64 #define SE_MAX_GENERIC_AUDIT_PARAMETERS 28
65
66 typedef struct _SE_ADT_PARAMETER_ARRAY {
67 ULONG CategoryId;
68 ULONG AuditId;
69 ULONG ParameterCount;
70 ULONG Length;
71 USHORT Type;
72 ULONG Flags;
73 SE_ADT_PARAMETER_ARRAY_ENTRY Parameters[SE_MAX_AUDIT_PARAMETERS ];
74 } SE_ADT_PARAMETER_ARRAY,*PSE_ADT_PARAMETER_ARRAY;
75
76 #define SE_ADT_PARAMETERS_SELF_RELATIVE 0x00000001
77 #endif
78 #endif
79
80 typedef enum _POLICY_AUDIT_EVENT_TYPE {
81 AuditCategorySystem,AuditCategoryLogon,AuditCategoryObjectAccess,AuditCategoryPrivilegeUse,AuditCategoryDetailedTracking,
82 AuditCategoryPolicyChange,AuditCategoryAccountManagement,AuditCategoryDirectoryServiceAccess,AuditCategoryAccountLogon
83 } POLICY_AUDIT_EVENT_TYPE,*PPOLICY_AUDIT_EVENT_TYPE;
84
85 #define POLICY_AUDIT_EVENT_UNCHANGED (0x00000000L)
86 #define POLICY_AUDIT_EVENT_SUCCESS (0x00000001L)
87 #define POLICY_AUDIT_EVENT_FAILURE (0x00000002L)
88 #define POLICY_AUDIT_EVENT_NONE (0x00000004L)
89 #define POLICY_AUDIT_EVENT_MASK (POLICY_AUDIT_EVENT_SUCCESS | POLICY_AUDIT_EVENT_FAILURE | POLICY_AUDIT_EVENT_UNCHANGED | POLICY_AUDIT_EVENT_NONE)
90
91 #ifdef _NTDEF_
92 typedef UNICODE_STRING LSA_UNICODE_STRING,*PLSA_UNICODE_STRING;
93 typedef STRING LSA_STRING,*PLSA_STRING;
94 typedef OBJECT_ATTRIBUTES LSA_OBJECT_ATTRIBUTES,*PLSA_OBJECT_ATTRIBUTES;
95 #else
96
97 #ifndef _NO_W32_PSEUDO_MODIFIERS
98 #ifndef IN
99 #define IN
100 #endif
101 #ifndef OUT
102 #define OUT
103 #endif
104 #ifndef OPTIONAL
105 #define OPTIONAL
106 #endif
107 #endif
108
109 typedef struct _LSA_UNICODE_STRING {
110 USHORT Length;
111 USHORT MaximumLength;
112 PWSTR Buffer;
113 } LSA_UNICODE_STRING,*PLSA_UNICODE_STRING;
114
115 typedef struct _LSA_STRING {
116 USHORT Length;
117 USHORT MaximumLength;
118 PCHAR Buffer;
119 } LSA_STRING,*PLSA_STRING;
120
121 typedef struct _LSA_OBJECT_ATTRIBUTES {
122 ULONG Length;
123 HANDLE RootDirectory;
124 PLSA_UNICODE_STRING ObjectName;
125 ULONG Attributes;
126 PVOID SecurityDescriptor;
127 PVOID SecurityQualityOfService;
128 } LSA_OBJECT_ATTRIBUTES,*PLSA_OBJECT_ATTRIBUTES;
129 #endif
130
131 #define LSA_SUCCESS(Error) ((LONG)(Error) >= 0)
132
133 #ifndef _NTLSA_IFS_
134 NTSTATUS NTAPI LsaRegisterLogonProcess(PLSA_STRING LogonProcessName,PHANDLE LsaHandle,PLSA_OPERATIONAL_MODE SecurityMode);
135 NTSTATUS NTAPI LsaLogonUser(HANDLE LsaHandle,PLSA_STRING OriginName,SECURITY_LOGON_TYPE LogonType,ULONG AuthenticationPackage,PVOID AuthenticationInformation,ULONG AuthenticationInformationLength,PTOKEN_GROUPS LocalGroups,PTOKEN_SOURCE SourceContext,PVOID *ProfileBuffer,PULONG ProfileBufferLength,PLUID LogonId,PHANDLE Token,PQUOTA_LIMITS Quotas,PNTSTATUS SubStatus);
136 NTSTATUS NTAPI LsaLookupAuthenticationPackage(HANDLE LsaHandle,PLSA_STRING PackageName,PULONG AuthenticationPackage);
137 NTSTATUS NTAPI LsaFreeReturnBuffer (PVOID Buffer);
138 NTSTATUS NTAPI LsaCallAuthenticationPackage(HANDLE LsaHandle,ULONG AuthenticationPackage,PVOID ProtocolSubmitBuffer,ULONG SubmitBufferLength,PVOID *ProtocolReturnBuffer,PULONG ReturnBufferLength,PNTSTATUS ProtocolStatus);
139 NTSTATUS NTAPI LsaDeregisterLogonProcess(HANDLE LsaHandle);
140 NTSTATUS NTAPI LsaConnectUntrusted(PHANDLE LsaHandle);
141 #endif
142
143 #define POLICY_VIEW_LOCAL_INFORMATION 0x00000001L
144 #define POLICY_VIEW_AUDIT_INFORMATION 0x00000002L
145 #define POLICY_GET_PRIVATE_INFORMATION 0x00000004L
146 #define POLICY_TRUST_ADMIN 0x00000008L
147 #define POLICY_CREATE_ACCOUNT 0x00000010L
148 #define POLICY_CREATE_SECRET 0x00000020L
149 #define POLICY_CREATE_PRIVILEGE 0x00000040L
150 #define POLICY_SET_DEFAULT_QUOTA_LIMITS 0x00000080L
151 #define POLICY_SET_AUDIT_REQUIREMENTS 0x00000100L
152 #define POLICY_AUDIT_LOG_ADMIN 0x00000200L
153 #define POLICY_SERVER_ADMIN 0x00000400L
154 #define POLICY_LOOKUP_NAMES 0x00000800L
155 #define POLICY_NOTIFICATION 0x00001000L
156
157 #define POLICY_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | POLICY_VIEW_LOCAL_INFORMATION | POLICY_VIEW_AUDIT_INFORMATION | POLICY_GET_PRIVATE_INFORMATION | POLICY_TRUST_ADMIN | POLICY_CREATE_ACCOUNT | POLICY_CREATE_SECRET | POLICY_CREATE_PRIVILEGE | POLICY_SET_DEFAULT_QUOTA_LIMITS | POLICY_SET_AUDIT_REQUIREMENTS | POLICY_AUDIT_LOG_ADMIN | POLICY_SERVER_ADMIN | POLICY_LOOKUP_NAMES)
158 #define POLICY_READ (STANDARD_RIGHTS_READ | POLICY_VIEW_AUDIT_INFORMATION | POLICY_GET_PRIVATE_INFORMATION)
159 #define POLICY_WRITE (STANDARD_RIGHTS_WRITE | POLICY_TRUST_ADMIN | POLICY_CREATE_ACCOUNT | POLICY_CREATE_SECRET | POLICY_CREATE_PRIVILEGE | POLICY_SET_DEFAULT_QUOTA_LIMITS | POLICY_SET_AUDIT_REQUIREMENTS | POLICY_AUDIT_LOG_ADMIN | POLICY_SERVER_ADMIN)
160 #define POLICY_EXECUTE (STANDARD_RIGHTS_EXECUTE | POLICY_VIEW_LOCAL_INFORMATION | POLICY_LOOKUP_NAMES)
161
162 typedef struct _LSA_TRUST_INFORMATION {
163 LSA_UNICODE_STRING Name;
164 PSID Sid;
165 } LSA_TRUST_INFORMATION,*PLSA_TRUST_INFORMATION;
166
167 typedef struct _LSA_REFERENCED_DOMAIN_LIST {
168 ULONG Entries;
169 PLSA_TRUST_INFORMATION Domains;
170 } LSA_REFERENCED_DOMAIN_LIST,*PLSA_REFERENCED_DOMAIN_LIST;
171
172 typedef struct _LSA_TRANSLATED_SID {
173 SID_NAME_USE Use;
174 ULONG RelativeId;
175 LONG DomainIndex;
176 } LSA_TRANSLATED_SID,*PLSA_TRANSLATED_SID;
177
178 typedef struct _LSA_TRANSLATED_SID2 {
179 SID_NAME_USE Use;
180 PSID Sid;
181 LONG DomainIndex;
182 ULONG Flags;
183 } LSA_TRANSLATED_SID2,*PLSA_TRANSLATED_SID2;
184
185 typedef struct _LSA_TRANSLATED_NAME {
186 SID_NAME_USE Use;
187 LSA_UNICODE_STRING Name;
188 LONG DomainIndex;
189 } LSA_TRANSLATED_NAME,*PLSA_TRANSLATED_NAME;
190
191 typedef enum _POLICY_LSA_SERVER_ROLE {
192 PolicyServerRoleBackup = 2,PolicyServerRolePrimary
193 } POLICY_LSA_SERVER_ROLE,*PPOLICY_LSA_SERVER_ROLE;
194
195 typedef ULONG POLICY_AUDIT_EVENT_OPTIONS,*PPOLICY_AUDIT_EVENT_OPTIONS;
196
197 typedef enum _POLICY_INFORMATION_CLASS {
198 PolicyAuditLogInformation = 1,PolicyAuditEventsInformation,PolicyPrimaryDomainInformation,PolicyPdAccountInformation,
199 PolicyAccountDomainInformation,PolicyLsaServerRoleInformation,PolicyReplicaSourceInformation,PolicyDefaultQuotaInformation,
200 PolicyModificationInformation,PolicyAuditFullSetInformation,PolicyAuditFullQueryInformation,PolicyDnsDomainInformation,
201 PolicyDnsDomainInformationInt
202 } POLICY_INFORMATION_CLASS,*PPOLICY_INFORMATION_CLASS;
203
204 typedef struct _POLICY_AUDIT_LOG_INFO {
205 ULONG AuditLogPercentFull;
206 ULONG MaximumLogSize;
207 LARGE_INTEGER AuditRetentionPeriod;
208 BOOLEAN AuditLogFullShutdownInProgress;
209 LARGE_INTEGER TimeToShutdown;
210 ULONG NextAuditRecordId;
211 } POLICY_AUDIT_LOG_INFO,*PPOLICY_AUDIT_LOG_INFO;
212
213 typedef struct _POLICY_AUDIT_EVENTS_INFO {
214 BOOLEAN AuditingMode;
215 PPOLICY_AUDIT_EVENT_OPTIONS EventAuditingOptions;
216 ULONG MaximumAuditEventCount;
217 } POLICY_AUDIT_EVENTS_INFO,*PPOLICY_AUDIT_EVENTS_INFO;
218
219 typedef struct _POLICY_ACCOUNT_DOMAIN_INFO {
220 LSA_UNICODE_STRING DomainName;
221 PSID DomainSid;
222 } POLICY_ACCOUNT_DOMAIN_INFO,*PPOLICY_ACCOUNT_DOMAIN_INFO;
223
224 typedef struct _POLICY_PRIMARY_DOMAIN_INFO {
225 LSA_UNICODE_STRING Name;
226 PSID Sid;
227 } POLICY_PRIMARY_DOMAIN_INFO,*PPOLICY_PRIMARY_DOMAIN_INFO;
228
229 typedef struct _POLICY_DNS_DOMAIN_INFO {
230 LSA_UNICODE_STRING Name;
231 LSA_UNICODE_STRING DnsDomainName;
232 LSA_UNICODE_STRING DnsForestName;
233 GUID DomainGuid;
234 PSID Sid;
235 } POLICY_DNS_DOMAIN_INFO,*PPOLICY_DNS_DOMAIN_INFO;
236
237 typedef struct _POLICY_PD_ACCOUNT_INFO {
238 LSA_UNICODE_STRING Name;
239 } POLICY_PD_ACCOUNT_INFO,*PPOLICY_PD_ACCOUNT_INFO;
240
241 typedef struct _POLICY_LSA_SERVER_ROLE_INFO {
242 POLICY_LSA_SERVER_ROLE LsaServerRole;
243 } POLICY_LSA_SERVER_ROLE_INFO,*PPOLICY_LSA_SERVER_ROLE_INFO;
244
245 typedef struct _POLICY_REPLICA_SOURCE_INFO {
246 LSA_UNICODE_STRING ReplicaSource;
247 LSA_UNICODE_STRING ReplicaAccountName;
248 } POLICY_REPLICA_SOURCE_INFO,*PPOLICY_REPLICA_SOURCE_INFO;
249
250 typedef struct _POLICY_DEFAULT_QUOTA_INFO {
251 QUOTA_LIMITS QuotaLimits;
252 } POLICY_DEFAULT_QUOTA_INFO,*PPOLICY_DEFAULT_QUOTA_INFO;
253
254 typedef struct _POLICY_MODIFICATION_INFO {
255 LARGE_INTEGER ModifiedId;
256 LARGE_INTEGER DatabaseCreationTime;
257 } POLICY_MODIFICATION_INFO,*PPOLICY_MODIFICATION_INFO;
258
259 typedef struct _POLICY_AUDIT_FULL_SET_INFO {
260 BOOLEAN ShutDownOnFull;
261 } POLICY_AUDIT_FULL_SET_INFO,*PPOLICY_AUDIT_FULL_SET_INFO;
262
263 typedef struct _POLICY_AUDIT_FULL_QUERY_INFO {
264 BOOLEAN ShutDownOnFull;
265 BOOLEAN LogIsFull;
266 } POLICY_AUDIT_FULL_QUERY_INFO,*PPOLICY_AUDIT_FULL_QUERY_INFO;
267
268 typedef enum _POLICY_DOMAIN_INFORMATION_CLASS {
269 PolicyDomainEfsInformation = 2,PolicyDomainKerberosTicketInformation
270 } POLICY_DOMAIN_INFORMATION_CLASS,*PPOLICY_DOMAIN_INFORMATION_CLASS;
271
272 typedef struct _POLICY_DOMAIN_EFS_INFO {
273 ULONG InfoLength;
274 PUCHAR EfsBlob;
275 } POLICY_DOMAIN_EFS_INFO,*PPOLICY_DOMAIN_EFS_INFO;
276
277 #define POLICY_KERBEROS_VALIDATE_CLIENT 0x00000080
278
279 typedef struct _POLICY_DOMAIN_KERBEROS_TICKET_INFO {
280 ULONG AuthenticationOptions;
281 LARGE_INTEGER MaxServiceTicketAge;
282 LARGE_INTEGER MaxTicketAge;
283 LARGE_INTEGER MaxRenewAge;
284 LARGE_INTEGER MaxClockSkew;
285 LARGE_INTEGER Reserved;
286 } POLICY_DOMAIN_KERBEROS_TICKET_INFO,*PPOLICY_DOMAIN_KERBEROS_TICKET_INFO;
287
288 typedef enum _POLICY_NOTIFICATION_INFORMATION_CLASS {
289 PolicyNotifyAuditEventsInformation = 1,PolicyNotifyAccountDomainInformation,PolicyNotifyServerRoleInformation,PolicyNotifyDnsDomainInformation,
290 PolicyNotifyDomainEfsInformation,PolicyNotifyDomainKerberosTicketInformation,PolicyNotifyMachineAccountPasswordInformation
291 } POLICY_NOTIFICATION_INFORMATION_CLASS,*PPOLICY_NOTIFICATION_INFORMATION_CLASS;
292
293 typedef PVOID LSA_HANDLE,*PLSA_HANDLE;
294
295 typedef enum _TRUSTED_INFORMATION_CLASS {
296 TrustedDomainNameInformation = 1,TrustedControllersInformation,TrustedPosixOffsetInformation,TrustedPasswordInformation,
297 TrustedDomainInformationBasic,TrustedDomainInformationEx,TrustedDomainAuthInformation,TrustedDomainFullInformation,
298 TrustedDomainAuthInformationInternal,TrustedDomainFullInformationInternal,TrustedDomainInformationEx2Internal,TrustedDomainFullInformation2Internal
299 } TRUSTED_INFORMATION_CLASS,*PTRUSTED_INFORMATION_CLASS;
300
301 typedef struct _TRUSTED_DOMAIN_NAME_INFO {
302 LSA_UNICODE_STRING Name;
303 } TRUSTED_DOMAIN_NAME_INFO,*PTRUSTED_DOMAIN_NAME_INFO;
304
305 typedef struct _TRUSTED_CONTROLLERS_INFO {
306 ULONG Entries;
307 PLSA_UNICODE_STRING Names;
308 } TRUSTED_CONTROLLERS_INFO,*PTRUSTED_CONTROLLERS_INFO;
309
310 typedef struct _TRUSTED_POSIX_OFFSET_INFO {
311 ULONG Offset;
312 } TRUSTED_POSIX_OFFSET_INFO,*PTRUSTED_POSIX_OFFSET_INFO;
313
314 typedef struct _TRUSTED_PASSWORD_INFO {
315 LSA_UNICODE_STRING Password;
316 LSA_UNICODE_STRING OldPassword;
317 } TRUSTED_PASSWORD_INFO,*PTRUSTED_PASSWORD_INFO;
318
319 typedef LSA_TRUST_INFORMATION TRUSTED_DOMAIN_INFORMATION_BASIC;
320 typedef PLSA_TRUST_INFORMATION PTRUSTED_DOMAIN_INFORMATION_BASIC;
321
322 #define TRUST_DIRECTION_DISABLED 0x00000000
323 #define TRUST_DIRECTION_INBOUND 0x00000001
324 #define TRUST_DIRECTION_OUTBOUND 0x00000002
325 #define TRUST_DIRECTION_BIDIRECTIONAL (TRUST_DIRECTION_INBOUND | TRUST_DIRECTION_OUTBOUND)
326
327 #define TRUST_TYPE_DOWNLEVEL 0x00000001
328 #define TRUST_TYPE_UPLEVEL 0x00000002
329 #define TRUST_TYPE_MIT 0x00000003
330
331 #define TRUST_ATTRIBUTE_NON_TRANSITIVE 0x00000001
332 #define TRUST_ATTRIBUTE_UPLEVEL_ONLY 0x00000002
333 #define TRUST_ATTRIBUTE_QUARANTINED_DOMAIN 0x00000004
334 #define TRUST_ATTRIBUTE_FOREST_TRANSITIVE 0x00000008
335 #define TRUST_ATTRIBUTE_CROSS_ORGANIZATION 0x00000010
336 #define TRUST_ATTRIBUTE_WITHIN_FOREST 0x00000020
337 #define TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL 0x00000040
338 #define TRUST_ATTRIBUTE_TRUST_USES_RC4_ENCRYPTION 0x00000080
339
340 #define TRUST_ATTRIBUTES_VALID 0xFF03FFFF
341 #define TRUST_ATTRIBUTES_USER 0xFF000000
342
343 typedef struct _TRUSTED_DOMAIN_INFORMATION_EX {
344 LSA_UNICODE_STRING Name;
345 LSA_UNICODE_STRING FlatName;
346 PSID Sid;
347 ULONG TrustDirection;
348 ULONG TrustType;
349 ULONG TrustAttributes;
350 } TRUSTED_DOMAIN_INFORMATION_EX,*PTRUSTED_DOMAIN_INFORMATION_EX;
351
352 typedef struct _TRUSTED_DOMAIN_INFORMATION_EX2 {
353 LSA_UNICODE_STRING Name;
354 LSA_UNICODE_STRING FlatName;
355 PSID Sid;
356 ULONG TrustDirection;
357 ULONG TrustType;
358 ULONG TrustAttributes;
359 ULONG ForestTrustLength;
360 PUCHAR ForestTrustInfo;
361 } TRUSTED_DOMAIN_INFORMATION_EX2,*PTRUSTED_DOMAIN_INFORMATION_EX2;
362
363 #define TRUST_AUTH_TYPE_NONE 0
364 #define TRUST_AUTH_TYPE_NT4OWF 1
365 #define TRUST_AUTH_TYPE_CLEAR 2
366 #define TRUST_AUTH_TYPE_VERSION 3
367
368 typedef struct _LSA_AUTH_INFORMATION {
369 LARGE_INTEGER LastUpdateTime;
370 ULONG AuthType;
371 ULONG AuthInfoLength;
372 PUCHAR AuthInfo;
373 } LSA_AUTH_INFORMATION,*PLSA_AUTH_INFORMATION;
374
375 typedef struct _TRUSTED_DOMAIN_AUTH_INFORMATION {
376 ULONG IncomingAuthInfos;
377 PLSA_AUTH_INFORMATION IncomingAuthenticationInformation;
378 PLSA_AUTH_INFORMATION IncomingPreviousAuthenticationInformation;
379 ULONG OutgoingAuthInfos;
380 PLSA_AUTH_INFORMATION OutgoingAuthenticationInformation;
381 PLSA_AUTH_INFORMATION OutgoingPreviousAuthenticationInformation;
382 } TRUSTED_DOMAIN_AUTH_INFORMATION,*PTRUSTED_DOMAIN_AUTH_INFORMATION;
383
384 typedef struct _TRUSTED_DOMAIN_FULL_INFORMATION {
385 TRUSTED_DOMAIN_INFORMATION_EX Information;
386 TRUSTED_POSIX_OFFSET_INFO PosixOffset;
387 TRUSTED_DOMAIN_AUTH_INFORMATION AuthInformation;
388 } TRUSTED_DOMAIN_FULL_INFORMATION,*PTRUSTED_DOMAIN_FULL_INFORMATION;
389
390 typedef struct _TRUSTED_DOMAIN_FULL_INFORMATION2 {
391 TRUSTED_DOMAIN_INFORMATION_EX2 Information;
392 TRUSTED_POSIX_OFFSET_INFO PosixOffset;
393 TRUSTED_DOMAIN_AUTH_INFORMATION AuthInformation;
394 } TRUSTED_DOMAIN_FULL_INFORMATION2,*PTRUSTED_DOMAIN_FULL_INFORMATION2;
395
396 typedef enum {
397 ForestTrustTopLevelName,ForestTrustTopLevelNameEx,ForestTrustDomainInfo,ForestTrustRecordTypeLast = ForestTrustDomainInfo
398 } LSA_FOREST_TRUST_RECORD_TYPE;
399
400 #define LSA_FTRECORD_DISABLED_REASONS (0x0000FFFFL)
401
402 #define LSA_TLN_DISABLED_NEW (0x00000001L)
403 #define LSA_TLN_DISABLED_ADMIN (0x00000002L)
404 #define LSA_TLN_DISABLED_CONFLICT (0x00000004L)
405
406 #define LSA_SID_DISABLED_ADMIN (0x00000001L)
407 #define LSA_SID_DISABLED_CONFLICT (0x00000002L)
408 #define LSA_NB_DISABLED_ADMIN (0x00000004L)
409 #define LSA_NB_DISABLED_CONFLICT (0x00000008L)
410
411 typedef struct _LSA_FOREST_TRUST_DOMAIN_INFO {
412 PSID Sid;
413 LSA_UNICODE_STRING DnsName;
414 LSA_UNICODE_STRING NetbiosName;
415 } LSA_FOREST_TRUST_DOMAIN_INFO,*PLSA_FOREST_TRUST_DOMAIN_INFO;
416
417 #define MAX_FOREST_TRUST_BINARY_DATA_SIZE (128*1024)
418
419 typedef struct _LSA_FOREST_TRUST_BINARY_DATA {
420 ULONG Length;
421 PUCHAR Buffer;
422 } LSA_FOREST_TRUST_BINARY_DATA,*PLSA_FOREST_TRUST_BINARY_DATA;
423
424 typedef struct _LSA_FOREST_TRUST_RECORD {
425 ULONG Flags;
426 LSA_FOREST_TRUST_RECORD_TYPE ForestTrustType;
427 LARGE_INTEGER Time;
428 union {
429 LSA_UNICODE_STRING TopLevelName;
430 LSA_FOREST_TRUST_DOMAIN_INFO DomainInfo;
431 LSA_FOREST_TRUST_BINARY_DATA Data;
432 } ForestTrustData;
433 } LSA_FOREST_TRUST_RECORD,*PLSA_FOREST_TRUST_RECORD;
434
435 #define MAX_RECORDS_IN_FOREST_TRUST_INFO 4000
436
437 typedef struct _LSA_FOREST_TRUST_INFORMATION {
438 ULONG RecordCount;
439 PLSA_FOREST_TRUST_RECORD *Entries;
440 } LSA_FOREST_TRUST_INFORMATION,*PLSA_FOREST_TRUST_INFORMATION;
441
442 typedef enum {
443 CollisionTdo,CollisionXref,CollisionOther
444 } LSA_FOREST_TRUST_COLLISION_RECORD_TYPE;
445
446 typedef struct _LSA_FOREST_TRUST_COLLISION_RECORD {
447 ULONG Index;
448 LSA_FOREST_TRUST_COLLISION_RECORD_TYPE Type;
449 ULONG Flags;
450 LSA_UNICODE_STRING Name;
451 } LSA_FOREST_TRUST_COLLISION_RECORD,*PLSA_FOREST_TRUST_COLLISION_RECORD;
452
453 typedef struct _LSA_FOREST_TRUST_COLLISION_INFORMATION {
454 ULONG RecordCount;
455 PLSA_FOREST_TRUST_COLLISION_RECORD *Entries;
456 } LSA_FOREST_TRUST_COLLISION_INFORMATION,*PLSA_FOREST_TRUST_COLLISION_INFORMATION;
457
458 typedef ULONG LSA_ENUMERATION_HANDLE,*PLSA_ENUMERATION_HANDLE;
459
460 typedef struct _LSA_ENUMERATION_INFORMATION {
461 PSID Sid;
462 } LSA_ENUMERATION_INFORMATION,*PLSA_ENUMERATION_INFORMATION;
463
464 NTSTATUS NTAPI LsaFreeMemory(PVOID Buffer);
465 NTSTATUS NTAPI LsaClose(LSA_HANDLE ObjectHandle);
466
467 typedef struct _SECURITY_LOGON_SESSION_DATA {
468 ULONG Size;
469 LUID LogonId;
470 LSA_UNICODE_STRING UserName;
471 LSA_UNICODE_STRING LogonDomain;
472 LSA_UNICODE_STRING AuthenticationPackage;
473 ULONG LogonType;
474 ULONG Session;
475 PSID Sid;
476 LARGE_INTEGER LogonTime;
477 LSA_UNICODE_STRING LogonServer;
478 LSA_UNICODE_STRING DnsDomainName;
479 LSA_UNICODE_STRING Upn;
480 } SECURITY_LOGON_SESSION_DATA,*PSECURITY_LOGON_SESSION_DATA;
481
482 NTSTATUS NTAPI LsaEnumerateLogonSessions(PULONG LogonSessionCount,PLUID *LogonSessionList);
483 NTSTATUS NTAPI LsaGetLogonSessionData(PLUID LogonId,PSECURITY_LOGON_SESSION_DATA *ppLogonSessionData);
484 NTSTATUS NTAPI LsaOpenPolicy(PLSA_UNICODE_STRING SystemName,PLSA_OBJECT_ATTRIBUTES ObjectAttributes,ACCESS_MASK DesiredAccess,PLSA_HANDLE PolicyHandle);
485 NTSTATUS NTAPI LsaQueryInformationPolicy(LSA_HANDLE PolicyHandle,POLICY_INFORMATION_CLASS InformationClass,PVOID *Buffer);
486 NTSTATUS NTAPI LsaSetInformationPolicy(LSA_HANDLE PolicyHandle,POLICY_INFORMATION_CLASS InformationClass,PVOID Buffer);
487 NTSTATUS NTAPI LsaQueryDomainInformationPolicy(LSA_HANDLE PolicyHandle,POLICY_DOMAIN_INFORMATION_CLASS InformationClass,PVOID *Buffer);
488 NTSTATUS NTAPI LsaSetDomainInformationPolicy(LSA_HANDLE PolicyHandle,POLICY_DOMAIN_INFORMATION_CLASS InformationClass,PVOID Buffer);
489 NTSTATUS NTAPI LsaRegisterPolicyChangeNotification(POLICY_NOTIFICATION_INFORMATION_CLASS InformationClass,HANDLE NotificationEventHandle);
490 NTSTATUS NTAPI LsaUnregisterPolicyChangeNotification(POLICY_NOTIFICATION_INFORMATION_CLASS InformationClass,HANDLE NotificationEventHandle);
491 NTSTATUS NTAPI LsaEnumerateTrustedDomains(LSA_HANDLE PolicyHandle,PLSA_ENUMERATION_HANDLE EnumerationContext,PVOID *Buffer,ULONG PreferedMaximumLength,PULONG CountReturned);
492 NTSTATUS NTAPI LsaLookupNames(LSA_HANDLE PolicyHandle,ULONG Count,PLSA_UNICODE_STRING Names,PLSA_REFERENCED_DOMAIN_LIST *ReferencedDomains,PLSA_TRANSLATED_SID *Sids);
493 NTSTATUS NTAPI LsaLookupNames2(LSA_HANDLE PolicyHandle,ULONG Flags,ULONG Count,PLSA_UNICODE_STRING Names,PLSA_REFERENCED_DOMAIN_LIST *ReferencedDomains,PLSA_TRANSLATED_SID2 *Sids);
494 NTSTATUS NTAPI LsaLookupSids(LSA_HANDLE PolicyHandle,ULONG Count,PSID *Sids,PLSA_REFERENCED_DOMAIN_LIST *ReferencedDomains,PLSA_TRANSLATED_NAME *Names);
495
496 #define SE_INTERACTIVE_LOGON_NAME TEXT("SeInteractiveLogonRight")
497 #define SE_NETWORK_LOGON_NAME TEXT("SeNetworkLogonRight")
498 #define SE_BATCH_LOGON_NAME TEXT("SeBatchLogonRight")
499 #define SE_SERVICE_LOGON_NAME TEXT("SeServiceLogonRight")
500 #define SE_DENY_INTERACTIVE_LOGON_NAME TEXT("SeDenyInteractiveLogonRight")
501 #define SE_DENY_NETWORK_LOGON_NAME TEXT("SeDenyNetworkLogonRight")
502 #define SE_DENY_BATCH_LOGON_NAME TEXT("SeDenyBatchLogonRight")
503 #define SE_DENY_SERVICE_LOGON_NAME TEXT("SeDenyServiceLogonRight")
504 #define SE_REMOTE_INTERACTIVE_LOGON_NAME TEXT("SeRemoteInteractiveLogonRight")
505 #define SE_DENY_REMOTE_INTERACTIVE_LOGON_NAME TEXT("SeDenyRemoteInteractiveLogonRight")
506
507 NTSTATUS NTAPI LsaEnumerateAccountsWithUserRight(LSA_HANDLE PolicyHandle,PLSA_UNICODE_STRING UserRight,PVOID *Buffer,PULONG CountReturned);
508 NTSTATUS NTAPI LsaEnumerateAccountRights(LSA_HANDLE PolicyHandle,PSID AccountSid,PLSA_UNICODE_STRING *UserRights,PULONG CountOfRights);
509 NTSTATUS NTAPI LsaAddAccountRights(LSA_HANDLE PolicyHandle,PSID AccountSid,PLSA_UNICODE_STRING UserRights,ULONG CountOfRights);
510 NTSTATUS NTAPI LsaRemoveAccountRights(LSA_HANDLE PolicyHandle,PSID AccountSid,BOOLEAN AllRights,PLSA_UNICODE_STRING UserRights,ULONG CountOfRights);
511 NTSTATUS NTAPI LsaOpenTrustedDomainByName(LSA_HANDLE PolicyHandle,PLSA_UNICODE_STRING TrustedDomainName,ACCESS_MASK DesiredAccess,PLSA_HANDLE TrustedDomainHandle);
512 NTSTATUS NTAPI LsaQueryTrustedDomainInfo(LSA_HANDLE PolicyHandle,PSID TrustedDomainSid,TRUSTED_INFORMATION_CLASS InformationClass,PVOID *Buffer);
513 NTSTATUS NTAPI LsaSetTrustedDomainInformation(LSA_HANDLE PolicyHandle,PSID TrustedDomainSid,TRUSTED_INFORMATION_CLASS InformationClass,PVOID Buffer);
514 NTSTATUS NTAPI LsaDeleteTrustedDomain(LSA_HANDLE PolicyHandle,PSID TrustedDomainSid);
515 NTSTATUS NTAPI LsaQueryTrustedDomainInfoByName(LSA_HANDLE PolicyHandle,PLSA_UNICODE_STRING TrustedDomainName,TRUSTED_INFORMATION_CLASS InformationClass,PVOID *Buffer);
516 NTSTATUS NTAPI LsaSetTrustedDomainInfoByName(LSA_HANDLE PolicyHandle,PLSA_UNICODE_STRING TrustedDomainName,TRUSTED_INFORMATION_CLASS InformationClass,PVOID Buffer);
517 NTSTATUS NTAPI LsaEnumerateTrustedDomainsEx(LSA_HANDLE PolicyHandle,PLSA_ENUMERATION_HANDLE EnumerationContext,PVOID *Buffer,ULONG PreferedMaximumLength,PULONG CountReturned);
518 NTSTATUS NTAPI LsaCreateTrustedDomainEx(LSA_HANDLE PolicyHandle,PTRUSTED_DOMAIN_INFORMATION_EX TrustedDomainInformation,PTRUSTED_DOMAIN_AUTH_INFORMATION AuthenticationInformation,ACCESS_MASK DesiredAccess,PLSA_HANDLE TrustedDomainHandle);
519 NTSTATUS NTAPI LsaQueryForestTrustInformation(LSA_HANDLE PolicyHandle,PLSA_UNICODE_STRING TrustedDomainName,PLSA_FOREST_TRUST_INFORMATION *ForestTrustInfo);
520 NTSTATUS NTAPI LsaSetForestTrustInformation(LSA_HANDLE PolicyHandle,PLSA_UNICODE_STRING TrustedDomainName,PLSA_FOREST_TRUST_INFORMATION ForestTrustInfo,BOOLEAN CheckOnly,PLSA_FOREST_TRUST_COLLISION_INFORMATION *CollisionInfo);
521
522 #ifdef TESTING_MATCHING_ROUTINE
523 NTSTATUS NTAPI LsaForestTrustFindMatch(LSA_HANDLE PolicyHandle,ULONG Type,PLSA_UNICODE_STRING Name,PLSA_UNICODE_STRING *Match);
524 #endif
525
526 NTSTATUS NTAPI LsaStorePrivateData(LSA_HANDLE PolicyHandle,PLSA_UNICODE_STRING KeyName,PLSA_UNICODE_STRING PrivateData);
527 NTSTATUS NTAPI LsaRetrievePrivateData(LSA_HANDLE PolicyHandle,PLSA_UNICODE_STRING KeyName,PLSA_UNICODE_STRING *PrivateData);
528 ULONG NTAPI LsaNtStatusToWinError(NTSTATUS Status);
529
530 #ifndef _NTLSA_IFS_
531 #define _NTLSA_IFS_
532 #endif
533
534 enum NEGOTIATE_MESSAGES {
535 NegEnumPackagePrefixes = 0,NegGetCallerName = 1,NegCallPackageMax
536 };
537
538 #define NEGOTIATE_MAX_PREFIX 32
539
540 typedef struct _NEGOTIATE_PACKAGE_PREFIX {
541 ULONG_PTR PackageId;
542 PVOID PackageDataA;
543 PVOID PackageDataW;
544 ULONG_PTR PrefixLen;
545 UCHAR Prefix[NEGOTIATE_MAX_PREFIX ];
546 } NEGOTIATE_PACKAGE_PREFIX,*PNEGOTIATE_PACKAGE_PREFIX;
547
548 typedef struct _NEGOTIATE_PACKAGE_PREFIXES {
549 ULONG MessageType;
550 ULONG PrefixCount;
551 ULONG Offset;
552 ULONG Pad;
553 } NEGOTIATE_PACKAGE_PREFIXES,*PNEGOTIATE_PACKAGE_PREFIXES;
554
555 typedef struct _NEGOTIATE_CALLER_NAME_REQUEST {
556 ULONG MessageType;
557 LUID LogonId;
558 } NEGOTIATE_CALLER_NAME_REQUEST,*PNEGOTIATE_CALLER_NAME_REQUEST;
559
560 typedef struct _NEGOTIATE_CALLER_NAME_RESPONSE {
561 ULONG MessageType;
562 PWSTR CallerName;
563 } NEGOTIATE_CALLER_NAME_RESPONSE,*PNEGOTIATE_CALLER_NAME_RESPONSE;
564
565 #ifndef _NTDEF_
566 #ifndef __UNICODE_STRING_DEFINED
567 #define __UNICODE_STRING_DEFINED
568 typedef LSA_UNICODE_STRING UNICODE_STRING,*PUNICODE_STRING;
569 #endif
570 #ifndef __STRING_DEFINED
571 #define __STRING_DEFINED
572 typedef LSA_STRING STRING,*PSTRING;
573 #endif
574 #endif
575
576 #ifndef _DOMAIN_PASSWORD_INFORMATION_DEFINED
577 #define _DOMAIN_PASSWORD_INFORMATION_DEFINED
578 typedef struct _DOMAIN_PASSWORD_INFORMATION {
579 USHORT MinPasswordLength;
580 USHORT PasswordHistoryLength;
581 ULONG PasswordProperties;
582 LARGE_INTEGER MaxPasswordAge;
583 LARGE_INTEGER MinPasswordAge;
584 } DOMAIN_PASSWORD_INFORMATION,*PDOMAIN_PASSWORD_INFORMATION;
585 #endif
586
587 #define DOMAIN_PASSWORD_COMPLEX 0x00000001L
588 #define DOMAIN_PASSWORD_NO_ANON_CHANGE 0x00000002L
589 #define DOMAIN_PASSWORD_NO_CLEAR_CHANGE 0x00000004L
590 #define DOMAIN_LOCKOUT_ADMINS 0x00000008L
591 #define DOMAIN_PASSWORD_STORE_CLEARTEXT 0x00000010L
592 #define DOMAIN_REFUSE_PASSWORD_CHANGE 0x00000020L
593
594 #ifndef _PASSWORD_NOTIFICATION_DEFINED
595 #define _PASSWORD_NOTIFICATION_DEFINED
596 typedef NTSTATUS (*PSAM_PASSWORD_NOTIFICATION_ROUTINE)(PUNICODE_STRING UserName,ULONG RelativeId,PUNICODE_STRING NewPassword);
597
598 #define SAM_PASSWORD_CHANGE_NOTIFY_ROUTINE "PasswordChangeNotify"
599
600 typedef BOOLEAN (*PSAM_INIT_NOTIFICATION_ROUTINE)();
601
602 #define SAM_INIT_NOTIFICATION_ROUTINE "InitializeChangeNotify"
603 #define SAM_PASSWORD_FILTER_ROUTINE "PasswordFilter"
604
605 typedef BOOLEAN (*PSAM_PASSWORD_FILTER_ROUTINE)(PUNICODE_STRING AccountName,PUNICODE_STRING FullName,PUNICODE_STRING Password,BOOLEAN SetOperation);
606 #endif
607
608 #define MSV1_0_PACKAGE_NAME "MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"
609 #define MSV1_0_PACKAGE_NAMEW L"MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"
610 #define MSV1_0_PACKAGE_NAMEW_LENGTH sizeof(MSV1_0_PACKAGE_NAMEW) - sizeof(WCHAR)
611
612 #define MSV1_0_SUBAUTHENTICATION_KEY "SYSTEM\\CurrentControlSet\\Control\\Lsa\\MSV1_0"
613 #define MSV1_0_SUBAUTHENTICATION_VALUE "Auth"
614
615 typedef enum _MSV1_0_LOGON_SUBMIT_TYPE {
616 MsV1_0InteractiveLogon = 2,MsV1_0Lm20Logon,MsV1_0NetworkLogon,MsV1_0SubAuthLogon,MsV1_0WorkstationUnlockLogon = 7
617 } MSV1_0_LOGON_SUBMIT_TYPE,*PMSV1_0_LOGON_SUBMIT_TYPE;
618
619 typedef enum _MSV1_0_PROFILE_BUFFER_TYPE {
620 MsV1_0InteractiveProfile = 2,MsV1_0Lm20LogonProfile,MsV1_0SmartCardProfile
621 } MSV1_0_PROFILE_BUFFER_TYPE,*PMSV1_0_PROFILE_BUFFER_TYPE;
622
623 typedef struct _MSV1_0_INTERACTIVE_LOGON {
624 MSV1_0_LOGON_SUBMIT_TYPE MessageType;
625 UNICODE_STRING LogonDomainName;
626 UNICODE_STRING UserName;
627 UNICODE_STRING Password;
628 } MSV1_0_INTERACTIVE_LOGON,*PMSV1_0_INTERACTIVE_LOGON;
629
630 typedef struct _MSV1_0_INTERACTIVE_PROFILE {
631 MSV1_0_PROFILE_BUFFER_TYPE MessageType;
632 USHORT LogonCount;
633 USHORT BadPasswordCount;
634 LARGE_INTEGER LogonTime;
635 LARGE_INTEGER LogoffTime;
636 LARGE_INTEGER KickOffTime;
637 LARGE_INTEGER PasswordLastSet;
638 LARGE_INTEGER PasswordCanChange;
639 LARGE_INTEGER PasswordMustChange;
640 UNICODE_STRING LogonScript;
641 UNICODE_STRING HomeDirectory;
642 UNICODE_STRING FullName;
643 UNICODE_STRING ProfilePath;
644 UNICODE_STRING HomeDirectoryDrive;
645 UNICODE_STRING LogonServer;
646 ULONG UserFlags;
647 } MSV1_0_INTERACTIVE_PROFILE,*PMSV1_0_INTERACTIVE_PROFILE;
648
649 #define MSV1_0_CHALLENGE_LENGTH 8
650 #define MSV1_0_USER_SESSION_KEY_LENGTH 16
651 #define MSV1_0_LANMAN_SESSION_KEY_LENGTH 8
652
653 #define MSV1_0_CLEARTEXT_PASSWORD_ALLOWED 0x02
654 #define MSV1_0_UPDATE_LOGON_STATISTICS 0x04
655 #define MSV1_0_RETURN_USER_PARAMETERS 0x08
656 #define MSV1_0_DONT_TRY_GUEST_ACCOUNT 0x10
657 #define MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT 0x20
658 #define MSV1_0_RETURN_PASSWORD_EXPIRY 0x40
659
660 #define MSV1_0_USE_CLIENT_CHALLENGE 0x80
661 #define MSV1_0_TRY_GUEST_ACCOUNT_ONLY 0x100
662 #define MSV1_0_RETURN_PROFILE_PATH 0x200
663 #define MSV1_0_TRY_SPECIFIED_DOMAIN_ONLY 0x400
664 #define MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT 0x800
665 #define MSV1_0_DISABLE_PERSONAL_FALLBACK 0x00001000
666 #define MSV1_0_ALLOW_FORCE_GUEST 0x00002000
667 #define MSV1_0_CLEARTEXT_PASSWORD_SUPPLIED 0x00004000
668 #define MSV1_0_USE_DOMAIN_FOR_ROUTING_ONLY 0x00008000
669 #define MSV1_0_SUBAUTHENTICATION_DLL_EX 0x00100000
670 #define MSV1_0_ALLOW_MSVCHAPV2 0x00010000
671
672 #define MSV1_0_SUBAUTHENTICATION_DLL 0xFF000000
673 #define MSV1_0_SUBAUTHENTICATION_DLL_SHIFT 24
674 #define MSV1_0_MNS_LOGON 0x01000000
675
676 #define MSV1_0_SUBAUTHENTICATION_DLL_RAS 2
677 #define MSV1_0_SUBAUTHENTICATION_DLL_IIS 132
678
679 typedef struct _MSV1_0_LM20_LOGON {
680 MSV1_0_LOGON_SUBMIT_TYPE MessageType;
681 UNICODE_STRING LogonDomainName;
682 UNICODE_STRING UserName;
683 UNICODE_STRING Workstation;
684 UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
685 STRING CaseSensitiveChallengeResponse;
686 STRING CaseInsensitiveChallengeResponse;
687 ULONG ParameterControl;
688 } MSV1_0_LM20_LOGON,*PMSV1_0_LM20_LOGON;
689
690 typedef struct _MSV1_0_SUBAUTH_LOGON{
691 MSV1_0_LOGON_SUBMIT_TYPE MessageType;
692 UNICODE_STRING LogonDomainName;
693 UNICODE_STRING UserName;
694 UNICODE_STRING Workstation;
695 UCHAR ChallengeToClient[MSV1_0_CHALLENGE_LENGTH];
696 STRING AuthenticationInfo1;
697 STRING AuthenticationInfo2;
698 ULONG ParameterControl;
699 ULONG SubAuthPackageId;
700 } MSV1_0_SUBAUTH_LOGON,*PMSV1_0_SUBAUTH_LOGON;
701
702 #define LOGON_GUEST 0x01
703 #define LOGON_NOENCRYPTION 0x02
704 #define LOGON_CACHED_ACCOUNT 0x04
705 #define LOGON_USED_LM_PASSWORD 0x08
706 #define LOGON_EXTRA_SIDS 0x20
707 #define LOGON_SUBAUTH_SESSION_KEY 0x40
708 #define LOGON_SERVER_TRUST_ACCOUNT 0x80
709 #define LOGON_NTLMV2_ENABLED 0x100
710 #define LOGON_RESOURCE_GROUPS 0x200
711 #define LOGON_PROFILE_PATH_RETURNED 0x400
712
713 #define MSV1_0_SUBAUTHENTICATION_FLAGS 0xFF000000
714
715 #define LOGON_GRACE_LOGON 0x01000000
716
717 typedef struct _MSV1_0_LM20_LOGON_PROFILE {
718 MSV1_0_PROFILE_BUFFER_TYPE MessageType;
719 LARGE_INTEGER KickOffTime;
720 LARGE_INTEGER LogoffTime;
721 ULONG UserFlags;
722 UCHAR UserSessionKey[MSV1_0_USER_SESSION_KEY_LENGTH];
723 UNICODE_STRING LogonDomainName;
724 UCHAR LanmanSessionKey[MSV1_0_LANMAN_SESSION_KEY_LENGTH];
725 UNICODE_STRING LogonServer;
726 UNICODE_STRING UserParameters;
727 } MSV1_0_LM20_LOGON_PROFILE,*PMSV1_0_LM20_LOGON_PROFILE;
728
729 #define MSV1_0_OWF_PASSWORD_LENGTH 16
730 #define MSV1_0_CRED_LM_PRESENT 0x1
731 #define MSV1_0_CRED_NT_PRESENT 0x2
732 #define MSV1_0_CRED_VERSION 0
733
734 typedef struct _MSV1_0_SUPPLEMENTAL_CREDENTIAL {
735 ULONG Version;
736 ULONG Flags;
737 UCHAR LmPassword[MSV1_0_OWF_PASSWORD_LENGTH];
738 UCHAR NtPassword[MSV1_0_OWF_PASSWORD_LENGTH];
739 } MSV1_0_SUPPLEMENTAL_CREDENTIAL,*PMSV1_0_SUPPLEMENTAL_CREDENTIAL;
740
741 #define MSV1_0_NTLM3_RESPONSE_LENGTH 16
742 #define MSV1_0_NTLM3_OWF_LENGTH 16
743
744 #define MSV1_0_MAX_NTLM3_LIFE 129600
745 #define MSV1_0_MAX_AVL_SIZE 64000
746
747 #define MSV1_0_AV_FLAG_FORCE_GUEST 0x00000001
748
749 typedef struct _MSV1_0_NTLM3_RESPONSE {
750 UCHAR Response[MSV1_0_NTLM3_RESPONSE_LENGTH];
751 UCHAR RespType;
752 UCHAR HiRespType;
753 USHORT Flags;
754 ULONG MsgWord;
755 ULONGLONG TimeStamp;
756 UCHAR ChallengeFromClient[MSV1_0_CHALLENGE_LENGTH];
757 ULONG AvPairsOff;
758 UCHAR Buffer[1];
759 } MSV1_0_NTLM3_RESPONSE,*PMSV1_0_NTLM3_RESPONSE;
760
761 #define MSV1_0_NTLM3_INPUT_LENGTH (sizeof(MSV1_0_NTLM3_RESPONSE) - MSV1_0_NTLM3_RESPONSE_LENGTH)
762 #define MSV1_0_NTLM3_MIN_NT_RESPONSE_LENGTH RTL_SIZEOF_THROUGH_FIELD(MSV1_0_NTLM3_RESPONSE,AvPairsOff)
763
764 typedef enum {
765 MsvAvEOL,MsvAvNbComputerName,MsvAvNbDomainName,MsvAvDnsComputerName,MsvAvDnsDomainName,MsvAvDnsTreeName,MsvAvFlags
766 } MSV1_0_AVID;
767
768 typedef struct _MSV1_0_AV_PAIR {
769 USHORT AvId;
770 USHORT AvLen;
771
772 } MSV1_0_AV_PAIR,*PMSV1_0_AV_PAIR;
773
774 typedef enum _MSV1_0_PROTOCOL_MESSAGE_TYPE {
775 MsV1_0Lm20ChallengeRequest = 0,MsV1_0Lm20GetChallengeResponse,MsV1_0EnumerateUsers,MsV1_0GetUserInfo,MsV1_0ReLogonUsers,MsV1_0ChangePassword,
776 MsV1_0ChangeCachedPassword,MsV1_0GenericPassthrough,MsV1_0CacheLogon,MsV1_0SubAuth,MsV1_0DeriveCredential,MsV1_0CacheLookup,
777 MsV1_0SetProcessOption
778 } MSV1_0_PROTOCOL_MESSAGE_TYPE,*PMSV1_0_PROTOCOL_MESSAGE_TYPE;
779
780 typedef struct _MSV1_0_CHANGEPASSWORD_REQUEST {
781 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
782 UNICODE_STRING DomainName;
783 UNICODE_STRING AccountName;
784 UNICODE_STRING OldPassword;
785 UNICODE_STRING NewPassword;
786 BOOLEAN Impersonating;
787 } MSV1_0_CHANGEPASSWORD_REQUEST,*PMSV1_0_CHANGEPASSWORD_REQUEST;
788
789 typedef struct _MSV1_0_CHANGEPASSWORD_RESPONSE {
790 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
791 BOOLEAN PasswordInfoValid;
792 DOMAIN_PASSWORD_INFORMATION DomainPasswordInfo;
793 } MSV1_0_CHANGEPASSWORD_RESPONSE,*PMSV1_0_CHANGEPASSWORD_RESPONSE;
794
795 typedef struct _MSV1_0_PASSTHROUGH_REQUEST {
796 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
797 UNICODE_STRING DomainName;
798 UNICODE_STRING PackageName;
799 ULONG DataLength;
800 PUCHAR LogonData;
801 ULONG Pad;
802 } MSV1_0_PASSTHROUGH_REQUEST,*PMSV1_0_PASSTHROUGH_REQUEST;
803
804 typedef struct _MSV1_0_PASSTHROUGH_RESPONSE {
805 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
806 ULONG Pad;
807 ULONG DataLength;
808 PUCHAR ValidationData;
809 } MSV1_0_PASSTHROUGH_RESPONSE,*PMSV1_0_PASSTHROUGH_RESPONSE;
810
811 typedef struct _MSV1_0_SUBAUTH_REQUEST{
812 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
813 ULONG SubAuthPackageId;
814 ULONG SubAuthInfoLength;
815 PUCHAR SubAuthSubmitBuffer;
816 } MSV1_0_SUBAUTH_REQUEST,*PMSV1_0_SUBAUTH_REQUEST;
817
818 typedef struct _MSV1_0_SUBAUTH_RESPONSE{
819 MSV1_0_PROTOCOL_MESSAGE_TYPE MessageType;
820 ULONG SubAuthInfoLength;
821 PUCHAR SubAuthReturnBuffer;
822 } MSV1_0_SUBAUTH_RESPONSE,*PMSV1_0_SUBAUTH_RESPONSE;
823
824 #define RtlGenRandom SystemFunction036
825 #define RtlEncryptMemory SystemFunction040
826 #define RtlDecryptMemory SystemFunction041
827
828 BOOLEAN RtlGenRandom(PVOID RandomBuffer,ULONG RandomBufferLength);
829
830 #define RTL_ENCRYPT_MEMORY_SIZE 8
831 #define RTL_ENCRYPT_OPTION_CROSS_PROCESS 0x01
832 #define RTL_ENCRYPT_OPTION_SAME_LOGON 0x02
833
834 NTSTATUS RtlEncryptMemory(PVOID Memory,ULONG MemorySize,ULONG OptionFlags);
835 NTSTATUS RtlDecryptMemory(PVOID Memory,ULONG MemorySize,ULONG OptionFlags);
836
837 #define KERBEROS_VERSION 5
838 #define KERBEROS_REVISION 6
839
840 #define KERB_ETYPE_NULL 0
841 #define KERB_ETYPE_DES_CBC_CRC 1
842 #define KERB_ETYPE_DES_CBC_MD4 2
843 #define KERB_ETYPE_DES_CBC_MD5 3
844
845 #define KERB_ETYPE_RC4_MD4 -128
846 #define KERB_ETYPE_RC4_PLAIN2 -129
847 #define KERB_ETYPE_RC4_LM -130
848 #define KERB_ETYPE_RC4_SHA -131
849 #define KERB_ETYPE_DES_PLAIN -132
850 #define KERB_ETYPE_RC4_HMAC_OLD -133
851 #define KERB_ETYPE_RC4_PLAIN_OLD -134
852 #define KERB_ETYPE_RC4_HMAC_OLD_EXP -135
853 #define KERB_ETYPE_RC4_PLAIN_OLD_EXP -136
854 #define KERB_ETYPE_RC4_PLAIN -140
855 #define KERB_ETYPE_RC4_PLAIN_EXP -141
856
857 #define KERB_ETYPE_DSA_SHA1_CMS 9
858 #define KERB_ETYPE_RSA_MD5_CMS 10
859 #define KERB_ETYPE_RSA_SHA1_CMS 11
860 #define KERB_ETYPE_RC2_CBC_ENV 12
861 #define KERB_ETYPE_RSA_ENV 13
862 #define KERB_ETYPE_RSA_ES_OEAP_ENV 14
863 #define KERB_ETYPE_DES_EDE3_CBC_ENV 15
864
865 #define KERB_ETYPE_DSA_SIGN 8
866 #define KERB_ETYPE_RSA_PRIV 9
867 #define KERB_ETYPE_RSA_PUB 10
868 #define KERB_ETYPE_RSA_PUB_MD5 11
869 #define KERB_ETYPE_RSA_PUB_SHA1 12
870 #define KERB_ETYPE_PKCS7_PUB 13
871
872 #define KERB_ETYPE_DES3_CBC_MD5 5
873 #define KERB_ETYPE_DES3_CBC_SHA1 7
874 #define KERB_ETYPE_DES3_CBC_SHA1_KD 16
875
876 #define KERB_ETYPE_DES_CBC_MD5_NT 20
877 #define KERB_ETYPE_RC4_HMAC_NT 23
878 #define KERB_ETYPE_RC4_HMAC_NT_EXP 24
879
880 #define KERB_CHECKSUM_NONE 0
881 #define KERB_CHECKSUM_CRC32 1
882 #define KERB_CHECKSUM_MD4 2
883 #define KERB_CHECKSUM_KRB_DES_MAC 4
884 #define KERB_CHECKSUM_KRB_DES_MAC_K 5
885 #define KERB_CHECKSUM_MD5 7
886 #define KERB_CHECKSUM_MD5_DES 8
887
888 #define KERB_CHECKSUM_LM -130
889 #define KERB_CHECKSUM_SHA1 -131
890 #define KERB_CHECKSUM_REAL_CRC32 -132
891 #define KERB_CHECKSUM_DES_MAC -133
892 #define KERB_CHECKSUM_DES_MAC_MD5 -134
893 #define KERB_CHECKSUM_MD25 -135
894 #define KERB_CHECKSUM_RC4_MD5 -136
895 #define KERB_CHECKSUM_MD5_HMAC -137
896 #define KERB_CHECKSUM_HMAC_MD5 -138
897
898 #define AUTH_REQ_ALLOW_FORWARDABLE 0x00000001
899 #define AUTH_REQ_ALLOW_PROXIABLE 0x00000002
900 #define AUTH_REQ_ALLOW_POSTDATE 0x00000004
901 #define AUTH_REQ_ALLOW_RENEWABLE 0x00000008
902 #define AUTH_REQ_ALLOW_NOADDRESS 0x00000010
903 #define AUTH_REQ_ALLOW_ENC_TKT_IN_SKEY 0x00000020
904 #define AUTH_REQ_ALLOW_VALIDATE 0x00000040
905 #define AUTH_REQ_VALIDATE_CLIENT 0x00000080
906 #define AUTH_REQ_OK_AS_DELEGATE 0x00000100
907 #define AUTH_REQ_PREAUTH_REQUIRED 0x00000200
908 #define AUTH_REQ_TRANSITIVE_TRUST 0x00000400
909 #define AUTH_REQ_ALLOW_S4U_DELEGATE 0x00000800
910
911 #define AUTH_REQ_PER_USER_FLAGS (AUTH_REQ_ALLOW_FORWARDABLE | AUTH_REQ_ALLOW_PROXIABLE | AUTH_REQ_ALLOW_POSTDATE | AUTH_REQ_ALLOW_RENEWABLE | AUTH_REQ_ALLOW_VALIDATE)
912
913 #define KERB_TICKET_FLAGS_reserved 0x80000000
914 #define KERB_TICKET_FLAGS_forwardable 0x40000000
915 #define KERB_TICKET_FLAGS_forwarded 0x20000000
916 #define KERB_TICKET_FLAGS_proxiable 0x10000000
917 #define KERB_TICKET_FLAGS_proxy 0x08000000
918 #define KERB_TICKET_FLAGS_may_postdate 0x04000000
919 #define KERB_TICKET_FLAGS_postdated 0x02000000
920 #define KERB_TICKET_FLAGS_invalid 0x01000000
921 #define KERB_TICKET_FLAGS_renewable 0x00800000
922 #define KERB_TICKET_FLAGS_initial 0x00400000
923 #define KERB_TICKET_FLAGS_pre_authent 0x00200000
924 #define KERB_TICKET_FLAGS_hw_authent 0x00100000
925 #define KERB_TICKET_FLAGS_ok_as_delegate 0x00040000
926 #define KERB_TICKET_FLAGS_name_canonicalize 0x00010000
927 #define KERB_TICKET_FLAGS_reserved1 0x00000001
928
929 #define KRB_NT_UNKNOWN 0
930 #define KRB_NT_PRINCIPAL 1
931 #define KRB_NT_PRINCIPAL_AND_ID -131
932 #define KRB_NT_SRV_INST 2
933 #define KRB_NT_SRV_INST_AND_ID -132
934 #define KRB_NT_SRV_HST 3
935 #define KRB_NT_SRV_XHST 4
936 #define KRB_NT_UID 5
937 #define KRB_NT_ENTERPRISE_PRINCIPAL 10
938 #define KRB_NT_ENT_PRINCIPAL_AND_ID -130
939 #define KRB_NT_MS_PRINCIPAL -128
940 #define KRB_NT_MS_PRINCIPAL_AND_ID -129
941
942 #define KERB_IS_MS_PRINCIPAL(_x_) (((_x_) <= KRB_NT_MS_PRINCIPAL) || ((_x_) >= KRB_NT_ENTERPRISE_PRINCIPAL))
943
944 #ifndef MICROSOFT_KERBEROS_NAME_A
945
946 #define MICROSOFT_KERBEROS_NAME_A "Kerberos"
947 #define MICROSOFT_KERBEROS_NAME_W L"Kerberos"
948 #ifdef WIN32_CHICAGO
949 #define MICROSOFT_KERBEROS_NAME MICROSOFT_KERBEROS_NAME_A
950 #else
951 #define MICROSOFT_KERBEROS_NAME MICROSOFT_KERBEROS_NAME_W
952 #endif
953 #endif
954
955 #define KERB_WRAP_NO_ENCRYPT 0x80000001
956
957 typedef enum _KERB_LOGON_SUBMIT_TYPE {
958 KerbInteractiveLogon = 2,KerbSmartCardLogon = 6,KerbWorkstationUnlockLogon = 7,KerbSmartCardUnlockLogon = 8,KerbProxyLogon = 9,
959 KerbTicketLogon = 10,KerbTicketUnlockLogon = 11,KerbS4ULogon = 12
960 } KERB_LOGON_SUBMIT_TYPE,*PKERB_LOGON_SUBMIT_TYPE;
961
962 typedef struct _KERB_INTERACTIVE_LOGON {
963 KERB_LOGON_SUBMIT_TYPE MessageType;
964 UNICODE_STRING LogonDomainName;
965 UNICODE_STRING UserName;
966 UNICODE_STRING Password;
967 } KERB_INTERACTIVE_LOGON,*PKERB_INTERACTIVE_LOGON;
968
969 typedef struct _KERB_INTERACTIVE_UNLOCK_LOGON {
970 KERB_INTERACTIVE_LOGON Logon;
971 LUID LogonId;
972 } KERB_INTERACTIVE_UNLOCK_LOGON,*PKERB_INTERACTIVE_UNLOCK_LOGON;
973
974 typedef struct _KERB_SMART_CARD_LOGON {
975 KERB_LOGON_SUBMIT_TYPE MessageType;
976 UNICODE_STRING Pin;
977 ULONG CspDataLength;
978 PUCHAR CspData;
979 } KERB_SMART_CARD_LOGON,*PKERB_SMART_CARD_LOGON;
980
981 typedef struct _KERB_SMART_CARD_UNLOCK_LOGON {
982 KERB_SMART_CARD_LOGON Logon;
983 LUID LogonId;
984 } KERB_SMART_CARD_UNLOCK_LOGON,*PKERB_SMART_CARD_UNLOCK_LOGON;
985
986 typedef struct _KERB_TICKET_LOGON {
987 KERB_LOGON_SUBMIT_TYPE MessageType;
988 ULONG Flags;
989 ULONG ServiceTicketLength;
990 ULONG TicketGrantingTicketLength;
991 PUCHAR ServiceTicket;
992 PUCHAR TicketGrantingTicket;
993 } KERB_TICKET_LOGON,*PKERB_TICKET_LOGON;
994
995 #define KERB_LOGON_FLAG_ALLOW_EXPIRED_TICKET 0x1
996
997 typedef struct _KERB_TICKET_UNLOCK_LOGON {
998 KERB_TICKET_LOGON Logon;
999 LUID LogonId;
1000 } KERB_TICKET_UNLOCK_LOGON,*PKERB_TICKET_UNLOCK_LOGON;
1001
1002 typedef struct _KERB_S4U_LOGON {
1003 KERB_LOGON_SUBMIT_TYPE MessageType;
1004 ULONG Flags;
1005 UNICODE_STRING ClientUpn;
1006 UNICODE_STRING ClientRealm;
1007 } KERB_S4U_LOGON,*PKERB_S4U_LOGON;
1008
1009 typedef enum _KERB_PROFILE_BUFFER_TYPE {
1010 KerbInteractiveProfile = 2,KerbSmartCardProfile = 4,KerbTicketProfile = 6
1011 } KERB_PROFILE_BUFFER_TYPE,*PKERB_PROFILE_BUFFER_TYPE;
1012
1013 typedef struct _KERB_INTERACTIVE_PROFILE {
1014 KERB_PROFILE_BUFFER_TYPE MessageType;
1015 USHORT LogonCount;
1016 USHORT BadPasswordCount;
1017 LARGE_INTEGER LogonTime;
1018 LARGE_INTEGER LogoffTime;
1019 LARGE_INTEGER KickOffTime;
1020 LARGE_INTEGER PasswordLastSet;
1021 LARGE_INTEGER PasswordCanChange;
1022 LARGE_INTEGER PasswordMustChange;
1023 UNICODE_STRING LogonScript;
1024 UNICODE_STRING HomeDirectory;
1025 UNICODE_STRING FullName;
1026 UNICODE_STRING ProfilePath;
1027 UNICODE_STRING HomeDirectoryDrive;
1028 UNICODE_STRING LogonServer;
1029 ULONG UserFlags;
1030 } KERB_INTERACTIVE_PROFILE,*PKERB_INTERACTIVE_PROFILE;
1031
1032 typedef struct _KERB_SMART_CARD_PROFILE {
1033 KERB_INTERACTIVE_PROFILE Profile;
1034 ULONG CertificateSize;
1035 PUCHAR CertificateData;
1036 } KERB_SMART_CARD_PROFILE,*PKERB_SMART_CARD_PROFILE;
1037
1038 typedef struct KERB_CRYPTO_KEY {
1039 LONG KeyType;
1040 ULONG Length;
1041 PUCHAR Value;
1042 } KERB_CRYPTO_KEY,*PKERB_CRYPTO_KEY;
1043
1044 typedef struct _KERB_TICKET_PROFILE {
1045 KERB_INTERACTIVE_PROFILE Profile;
1046 KERB_CRYPTO_KEY SessionKey;
1047 } KERB_TICKET_PROFILE,*PKERB_TICKET_PROFILE;
1048
1049 typedef enum _KERB_PROTOCOL_MESSAGE_TYPE {
1050 KerbDebugRequestMessage = 0,KerbQueryTicketCacheMessage,KerbChangeMachinePasswordMessage,KerbVerifyPacMessage,KerbRetrieveTicketMessage,
1051 KerbUpdateAddressesMessage,KerbPurgeTicketCacheMessage,KerbChangePasswordMessage,KerbRetrieveEncodedTicketMessage,KerbDecryptDataMessage,
1052 KerbAddBindingCacheEntryMessage,KerbSetPasswordMessage,KerbSetPasswordExMessage,KerbVerifyCredentialsMessage,KerbQueryTicketCacheExMessage,
1053 KerbPurgeTicketCacheExMessage,KerbRefreshSmartcardCredentialsMessage,KerbAddExtraCredentialsMessage,KerbQuerySupplementalCredentialsMessage,
1054 KerbTransferCredentialsMessage,KerbQueryTicketCacheEx2Message
1055 } KERB_PROTOCOL_MESSAGE_TYPE,*PKERB_PROTOCOL_MESSAGE_TYPE;
1056
1057 typedef struct _KERB_QUERY_TKT_CACHE_REQUEST {
1058 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
1059 LUID LogonId;
1060 } KERB_QUERY_TKT_CACHE_REQUEST,*PKERB_QUERY_TKT_CACHE_REQUEST;
1061
1062 typedef struct _KERB_TICKET_CACHE_INFO {
1063 UNICODE_STRING ServerName;
1064 UNICODE_STRING RealmName;
1065 LARGE_INTEGER StartTime;
1066 LARGE_INTEGER EndTime;
1067 LARGE_INTEGER RenewTime;
1068 LONG EncryptionType;
1069 ULONG TicketFlags;
1070 } KERB_TICKET_CACHE_INFO,*PKERB_TICKET_CACHE_INFO;
1071
1072 typedef struct _KERB_TICKET_CACHE_INFO_EX {
1073 UNICODE_STRING ClientName;
1074 UNICODE_STRING ClientRealm;
1075 UNICODE_STRING ServerName;
1076 UNICODE_STRING ServerRealm;
1077 LARGE_INTEGER StartTime;
1078 LARGE_INTEGER EndTime;
1079 LARGE_INTEGER RenewTime;
1080 LONG EncryptionType;
1081 ULONG TicketFlags;
1082 } KERB_TICKET_CACHE_INFO_EX,*PKERB_TICKET_CACHE_INFO_EX;
1083
1084 typedef struct _KERB_TICKET_CACHE_INFO_EX2 {
1085 UNICODE_STRING ClientName;
1086 UNICODE_STRING ClientRealm;
1087 UNICODE_STRING ServerName;
1088 UNICODE_STRING ServerRealm;
1089 LARGE_INTEGER StartTime;
1090 LARGE_INTEGER EndTime;
1091 LARGE_INTEGER RenewTime;
1092 LONG EncryptionType;
1093 ULONG TicketFlags;
1094 ULONG SessionKeyType;
1095 } KERB_TICKET_CACHE_INFO_EX2,*PKERB_TICKET_CACHE_INFO_EX2;
1096
1097 typedef struct _KERB_QUERY_TKT_CACHE_RESPONSE {
1098 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
1099 ULONG CountOfTickets;
1100 KERB_TICKET_CACHE_INFO Tickets[ANYSIZE_ARRAY];
1101 } KERB_QUERY_TKT_CACHE_RESPONSE,*PKERB_QUERY_TKT_CACHE_RESPONSE;
1102
1103 typedef struct _KERB_QUERY_TKT_CACHE_EX_RESPONSE {
1104 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
1105 ULONG CountOfTickets;
1106 KERB_TICKET_CACHE_INFO_EX Tickets[ANYSIZE_ARRAY];
1107 } KERB_QUERY_TKT_CACHE_EX_RESPONSE,*PKERB_QUERY_TKT_CACHE_EX_RESPONSE;
1108
1109 typedef struct _KERB_QUERY_TKT_CACHE_EX2_RESPONSE {
1110 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
1111 ULONG CountOfTickets;
1112 KERB_TICKET_CACHE_INFO_EX2 Tickets[ANYSIZE_ARRAY];
1113 } KERB_QUERY_TKT_CACHE_EX2_RESPONSE,*PKERB_QUERY_TKT_CACHE_EX2_RESPONSE;
1114
1115 #ifndef __SECHANDLE_DEFINED__
1116 typedef struct _SecHandle {
1117 ULONG_PTR dwLower;
1118 ULONG_PTR dwUpper;
1119 } SecHandle,*PSecHandle;
1120
1121 #define __SECHANDLE_DEFINED__
1122 #endif
1123
1124 #define KERB_USE_DEFAULT_TICKET_FLAGS 0x0
1125
1126 #define KERB_RETRIEVE_TICKET_DEFAULT 0x0
1127 #define KERB_RETRIEVE_TICKET_DONT_USE_CACHE 0x1
1128 #define KERB_RETRIEVE_TICKET_USE_CACHE_ONLY 0x2
1129 #define KERB_RETRIEVE_TICKET_USE_CREDHANDLE 0x4
1130 #define KERB_RETRIEVE_TICKET_AS_KERB_CRED 0x8
1131 #define KERB_RETRIEVE_TICKET_WITH_SEC_CRED 0x10
1132 #define KERB_RETRIEVE_TICKET_CACHE_TICKET 0x20
1133
1134 #define KERB_ETYPE_DEFAULT 0x0
1135
1136 typedef struct _KERB_AUTH_DATA {
1137 ULONG Type;
1138 ULONG Length;
1139 PUCHAR Data;
1140 } KERB_AUTH_DATA,*PKERB_AUTH_DATA;
1141
1142 typedef struct _KERB_NET_ADDRESS {
1143 ULONG Family;
1144 ULONG Length;
1145 PCHAR Address;
1146 } KERB_NET_ADDRESS,*PKERB_NET_ADDRESS;
1147
1148 typedef struct _KERB_NET_ADDRESSES {
1149 ULONG Number;
1150 KERB_NET_ADDRESS Addresses[ANYSIZE_ARRAY];
1151 } KERB_NET_ADDRESSES,*PKERB_NET_ADDRESSES;
1152
1153 typedef struct _KERB_EXTERNAL_NAME {
1154 SHORT NameType;
1155 USHORT NameCount;
1156 UNICODE_STRING Names[ANYSIZE_ARRAY];
1157 } KERB_EXTERNAL_NAME,*PKERB_EXTERNAL_NAME;
1158
1159 typedef struct _KERB_EXTERNAL_TICKET {
1160 PKERB_EXTERNAL_NAME ServiceName;
1161 PKERB_EXTERNAL_NAME TargetName;
1162 PKERB_EXTERNAL_NAME ClientName;
1163 UNICODE_STRING DomainName;
1164 UNICODE_STRING TargetDomainName;
1165 UNICODE_STRING AltTargetDomainName;
1166 KERB_CRYPTO_KEY SessionKey;
1167 ULONG TicketFlags;
1168 ULONG Flags;
1169 LARGE_INTEGER KeyExpirationTime;
1170 LARGE_INTEGER StartTime;
1171 LARGE_INTEGER EndTime;
1172 LARGE_INTEGER RenewUntil;
1173 LARGE_INTEGER TimeSkew;
1174 ULONG EncodedTicketSize;
1175 PUCHAR EncodedTicket;
1176 } KERB_EXTERNAL_TICKET,*PKERB_EXTERNAL_TICKET;
1177
1178 typedef struct _KERB_RETRIEVE_TKT_REQUEST {
1179 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
1180 LUID LogonId;
1181 UNICODE_STRING TargetName;
1182 ULONG TicketFlags;
1183 ULONG CacheOptions;
1184 LONG EncryptionType;
1185 SecHandle CredentialsHandle;
1186 } KERB_RETRIEVE_TKT_REQUEST,*PKERB_RETRIEVE_TKT_REQUEST;
1187
1188 typedef struct _KERB_RETRIEVE_TKT_RESPONSE {
1189 KERB_EXTERNAL_TICKET Ticket;
1190 } KERB_RETRIEVE_TKT_RESPONSE,*PKERB_RETRIEVE_TKT_RESPONSE;
1191
1192 typedef struct _KERB_PURGE_TKT_CACHE_REQUEST {
1193 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
1194 LUID LogonId;
1195 UNICODE_STRING ServerName;
1196 UNICODE_STRING RealmName;
1197 } KERB_PURGE_TKT_CACHE_REQUEST,*PKERB_PURGE_TKT_CACHE_REQUEST;
1198
1199 #define KERB_PURGE_ALL_TICKETS 1
1200
1201 typedef struct _KERB_PURGE_TKT_CACHE_EX_REQUEST {
1202 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
1203 LUID LogonId;
1204 ULONG Flags;
1205 KERB_TICKET_CACHE_INFO_EX TicketTemplate;
1206 } KERB_PURGE_TKT_CACHE_EX_REQUEST,*PKERB_PURGE_TKT_CACHE_EX_REQUEST;
1207
1208 typedef struct _KERB_CHANGEPASSWORD_REQUEST {
1209 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
1210 UNICODE_STRING DomainName;
1211 UNICODE_STRING AccountName;
1212 UNICODE_STRING OldPassword;
1213 UNICODE_STRING NewPassword;
1214 BOOLEAN Impersonating;
1215 } KERB_CHANGEPASSWORD_REQUEST,*PKERB_CHANGEPASSWORD_REQUEST;
1216
1217 typedef struct _KERB_SETPASSWORD_REQUEST {
1218 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
1219 LUID LogonId;
1220 SecHandle CredentialsHandle;
1221 ULONG Flags;
1222 UNICODE_STRING DomainName;
1223 UNICODE_STRING AccountName;
1224 UNICODE_STRING Password;
1225 } KERB_SETPASSWORD_REQUEST,*PKERB_SETPASSWORD_REQUEST;
1226
1227 typedef struct _KERB_SETPASSWORD_EX_REQUEST {
1228 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
1229 LUID LogonId;
1230 SecHandle CredentialsHandle;
1231 ULONG Flags;
1232 UNICODE_STRING AccountRealm;
1233 UNICODE_STRING AccountName;
1234 UNICODE_STRING Password;
1235 UNICODE_STRING ClientRealm;
1236 UNICODE_STRING ClientName;
1237 BOOLEAN Impersonating;
1238 UNICODE_STRING KdcAddress;
1239 ULONG KdcAddressType;
1240 } KERB_SETPASSWORD_EX_REQUEST,*PKERB_SETPASSWORD_EX_REQUEST;
1241
1242 #define DS_UNKNOWN_ADDRESS_TYPE 0
1243 #define KERB_SETPASS_USE_LOGONID 1
1244 #define KERB_SETPASS_USE_CREDHANDLE 2
1245
1246 typedef struct _KERB_DECRYPT_REQUEST {
1247 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
1248 LUID LogonId;
1249 ULONG Flags;
1250 LONG CryptoType;
1251 LONG KeyUsage;
1252 KERB_CRYPTO_KEY Key;
1253 ULONG EncryptedDataSize;
1254 ULONG InitialVectorSize;
1255 PUCHAR InitialVector;
1256 PUCHAR EncryptedData;
1257 } KERB_DECRYPT_REQUEST,*PKERB_DECRYPT_REQUEST;
1258
1259 #define KERB_DECRYPT_FLAG_DEFAULT_KEY 0x00000001
1260
1261 typedef struct _KERB_DECRYPT_RESPONSE {
1262 UCHAR DecryptedData[ANYSIZE_ARRAY];
1263 } KERB_DECRYPT_RESPONSE,*PKERB_DECRYPT_RESPONSE;
1264
1265 typedef struct _KERB_ADD_BINDING_CACHE_ENTRY_REQUEST {
1266 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
1267 UNICODE_STRING RealmName;
1268 UNICODE_STRING KdcAddress;
1269 ULONG AddressType;
1270 } KERB_ADD_BINDING_CACHE_ENTRY_REQUEST,*PKERB_ADD_BINDING_CACHE_ENTRY_REQUEST;
1271
1272 typedef struct _KERB_REFRESH_SCCRED_REQUEST {
1273 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
1274 UNICODE_STRING CredentialBlob;
1275 LUID LogonId;
1276 ULONG Flags;
1277 } KERB_REFRESH_SCCRED_REQUEST,*PKERB_REFRESH_SCCRED_REQUEST;
1278
1279 #define KERB_REFRESH_SCCRED_RELEASE 0x0
1280 #define KERB_REFRESH_SCCRED_GETTGT 0x1
1281
1282 typedef struct _KERB_ADD_CREDENTIALS_REQUEST {
1283 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
1284 UNICODE_STRING UserName;
1285 UNICODE_STRING DomainName;
1286 UNICODE_STRING Password;
1287 LUID LogonId;
1288 ULONG Flags;
1289 } KERB_ADD_CREDENTIALS_REQUEST,*PKERB_ADD_CREDENTIALS_REQUEST;
1290
1291 #define KERB_REQUEST_ADD_CREDENTIAL 1
1292 #define KERB_REQUEST_REPLACE_CREDENTIAL 2
1293 #define KERB_REQUEST_REMOVE_CREDENTIAL 4
1294
1295 typedef struct _KERB_TRANSFER_CRED_REQUEST {
1296 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
1297 LUID OriginLogonId;
1298 LUID DestinationLogonId;
1299 ULONG Flags;
1300 } KERB_TRANSFER_CRED_REQUEST,*PKERB_TRANSFER_CRED_REQUEST;
1301
1302 #ifdef __cplusplus
1303 }
1304 #endif
1305 #endif