search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
user32/tests: Improve timer measurement method.
[wine.git] / include / ntsecapi.h
blobd01c04c68674a767559c519392470fdd5511b2b2
1 /*
2 * Copyright (C) 1999 Juergen Schmied
3 *
4 * This library is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU Lesser General Public
6 * License as published by the Free Software Foundation; either
7 * version 2.1 of the License, or (at your option) any later version.
8 *
9 * This library is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * Lesser General Public License for more details.
13 *
14 * You should have received a copy of the GNU Lesser General Public
15 * License along with this library; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
17 */
18
19 #ifndef _NTSECAPI_
20 #define _NTSECAPI_
21
22 #ifndef GUID_DEFINED
23 # include <guiddef.h>
24 #endif
25
26 #ifdef __cplusplus
27 extern "C" {
28 #endif /* defined(__cplusplus) */
29
30 /* Policy access rights */
31 #define POLICY_VIEW_LOCAL_INFORMATION __MSABI_LONG(0x00000001)
32 #define POLICY_VIEW_AUDIT_INFORMATION __MSABI_LONG(0x00000002)
33 #define POLICY_GET_PRIVATE_INFORMATION __MSABI_LONG(0x00000004)
34 #define POLICY_TRUST_ADMIN __MSABI_LONG(0x00000008)
35 #define POLICY_CREATE_ACCOUNT __MSABI_LONG(0x00000010)
36 #define POLICY_CREATE_SECRET __MSABI_LONG(0x00000020)
37 #define POLICY_CREATE_PRIVILEGE __MSABI_LONG(0x00000040)
38 #define POLICY_SET_DEFAULT_QUOTA_LIMITS __MSABI_LONG(0x00000080)
39 #define POLICY_SET_AUDIT_REQUIREMENTS __MSABI_LONG(0x00000100)
40 #define POLICY_AUDIT_LOG_ADMIN __MSABI_LONG(0x00000200)
41 #define POLICY_SERVER_ADMIN __MSABI_LONG(0x00000400)
42 #define POLICY_LOOKUP_NAMES __MSABI_LONG(0x00000800)
43 #define POLICY_NOTIFICATION __MSABI_LONG(0x00001000)
44
45 #define POLICY_ALL_ACCESS ( \
46 STANDARD_RIGHTS_REQUIRED | \
47 POLICY_VIEW_LOCAL_INFORMATION | \
48 POLICY_VIEW_AUDIT_INFORMATION | \
49 POLICY_GET_PRIVATE_INFORMATION | \
50 POLICY_TRUST_ADMIN | \
51 POLICY_CREATE_ACCOUNT | \
52 POLICY_CREATE_SECRET | \
53 POLICY_CREATE_PRIVILEGE | \
54 POLICY_SET_DEFAULT_QUOTA_LIMITS | \
55 POLICY_SET_AUDIT_REQUIREMENTS | \
56 POLICY_AUDIT_LOG_ADMIN | \
57 POLICY_SERVER_ADMIN | \
58 POLICY_LOOKUP_NAMES)
59
60
61 #define POLICY_READ ( \
62 STANDARD_RIGHTS_READ | \
63 POLICY_VIEW_AUDIT_INFORMATION | \
64 POLICY_GET_PRIVATE_INFORMATION)
65
66 #define POLICY_WRITE ( \
67 STANDARD_RIGHTS_WRITE | \
68 POLICY_TRUST_ADMIN | \
69 POLICY_CREATE_ACCOUNT | \
70 POLICY_CREATE_SECRET | \
71 POLICY_CREATE_PRIVILEGE | \
72 POLICY_SET_DEFAULT_QUOTA_LIMITS | \
73 POLICY_SET_AUDIT_REQUIREMENTS | \
74 POLICY_AUDIT_LOG_ADMIN | \
75 POLICY_SERVER_ADMIN)
76
77 #define POLICY_EXECUTE ( \
78 STANDARD_RIGHTS_EXECUTE | \
79 POLICY_VIEW_LOCAL_INFORMATION | \
80 POLICY_LOOKUP_NAMES)
81
82 #define POLICY_AUDIT_EVENT_UNCHANGED __MSABI_LONG(0x00000000)
83 #define POLICY_AUDIT_EVENT_SUCCESS __MSABI_LONG(0x00000001)
84 #define POLICY_AUDIT_EVENT_FAILURE __MSABI_LONG(0x00000002)
85 #define POLICY_AUDIT_EVENT_NONE __MSABI_LONG(0x00000004)
86
87 #define POLICY_AUDIT_EVENT_MASK (POLICY_AUDIT_EVENT_SUCCESS | \
88 POLICY_AUDIT_EVENT_FAILURE | \
89 POLICY_AUDIT_EVENT_NONE)
90
91 /* logon rights names */
92 #define SE_BATCH_LOGON_NAME \
93 TEXT("SeBatchLogonRight")
94 #define SE_INTERACTIVE_LOGON_NAME \
95 TEXT("SeInteractiveLogonRight")
96 #define SE_NETWORK_LOGON_NAME \
97 TEXT("SeNetworkLogonRight")
98 #define SE_REMOTE_INTERACTIVE_LOGON_NAME \
99 TEXT("SeRemoteInteractiveLogonRight")
100 #define SE_SERVICE_LOGON_NAME \
101 TEXT("SeServiceLogonRight")
102 #define SE_DENY_BATCH_LOGON_NAME \
103 TEXT("SeDenyBatchLogonRight")
104 #define SE_DENY_INTERACTIVE_LOGON_NAME \
105 TEXT("SeDenyInteractiveLogonRight")
106 #define SE_DENY_NETWORK_LOGON_NAME \
107 TEXT("SeDenyNetworkLogonRight")
108 #define SE_DENY_REMOTE_INTERACTIVE_LOGON_NAME \
109 TEXT("SeDenyRemoteInteractiveLogonRight")
110 #define SE_DENY_SERVICE_LOGON_NAME \
111 TEXT("SeDenyServiceLogonRight")
112
113 #ifndef WINE_NTSTATUS_DECLARED
114 #define WINE_NTSTATUS_DECLARED
115 typedef LONG NTSTATUS;
116 #endif
117 #ifndef WINE_PNTSTATUS_DECLARED
118 #define WINE_PNTSTATUS_DECLARED
119 typedef NTSTATUS *PNTSTATUS;
120 #endif
121
122 typedef enum _SECURITY_LOGON_TYPE
123 {
124 UndefinedLogonType = 0,
125 Interactive = 2,
126 Network,
127 Batch,
128 Service,
129 Proxy,
130 Unlock,
131 NetworkCleartext,
132 NewCredentials,
133 RemoteInteractive,
134 CachedInteractive,
135 CachedRemoteInteractive,
136 CachedUnlock
137 } SECURITY_LOGON_TYPE, *PSECURITY_LOGON_TYPE;
138
139 typedef enum _POLICY_AUDIT_EVENT_TYPE
140 {
141 AuditCategorySystem,
142 AuditCategoryLogon,
143 AuditCategoryObjectAccess,
144 AuditCategoryPrivilegeUse,
145 AuditCategoryDetailedTracking,
146 AuditCategoryPolicyChange,
147 AuditCategoryAccountManagement
148 } POLICY_AUDIT_EVENT_TYPE, *PPOLICY_AUDIT_EVENT_TYPE;
149
150 #ifndef __STRING_DEFINED__
151 #define __STRING_DEFINED__
152 typedef struct _STRING {
153 USHORT Length;
154 USHORT MaximumLength;
155 PCHAR Buffer;
156 } STRING, *PSTRING;
157 #endif
158
159 #ifndef __UNICODE_STRING_DEFINED__
160 #define __UNICODE_STRING_DEFINED__
161 typedef struct _UNICODE_STRING {
162 USHORT Length; /* bytes */
163 USHORT MaximumLength; /* bytes */
164 PWSTR Buffer;
165 } UNICODE_STRING, *PUNICODE_STRING;
166 #endif
167
168 #ifndef __OBJECT_ATTRIBUTES_DEFINED__
169 #define __OBJECT_ATTRIBUTES_DEFINED__
170 typedef struct _OBJECT_ATTRIBUTES {
171 ULONG Length;
172 HANDLE RootDirectory;
173 PUNICODE_STRING ObjectName;
174 ULONG Attributes;
175 PVOID SecurityDescriptor; /* type SECURITY_DESCRIPTOR */
176 PVOID SecurityQualityOfService; /* type SECURITY_QUALITY_OF_SERVICE */
177 } OBJECT_ATTRIBUTES, *POBJECT_ATTRIBUTES;
178 #endif
179
180 #ifndef __SECHANDLE_DEFINED__
181 #define __SECHANDLE_DEFINED__
182 typedef struct _SecHandle
183 {
184 ULONG_PTR dwLower;
185 ULONG_PTR dwUpper;
186 } SecHandle, *PSecHandle;
187 #endif
188
189 typedef UNICODE_STRING LSA_UNICODE_STRING, *PLSA_UNICODE_STRING;
190 typedef STRING LSA_STRING, *PLSA_STRING;
191
192 #ifdef _NTDEF_
193 typedef OBJECT_ATTRIBUTES LSA_OBJECT_ATTRIBUTES, *PLSA_OBJECT_ATTRIBUTES;
194 #else
195 typedef struct _LSA_OBJECT_ATTRIBUTES
196 {
197 ULONG Length;
198 HANDLE RootDirectory;
199 PLSA_UNICODE_STRING ObjectName;
200 ULONG Attributes;
201 PVOID SecurityDescriptor;
202 PVOID SecurityQualityOfService;
203 } LSA_OBJECT_ATTRIBUTES, *PLSA_OBJECT_ATTRIBUTES;
204 #endif
205
206
207 typedef PVOID LSA_HANDLE, *PLSA_HANDLE;
208 typedef ULONG LSA_ENUMERATION_HANDLE, *PLSA_ENUMERATION_HANDLE;
209 typedef ULONG LSA_OPERATIONAL_MODE, *PLSA_OPERATIONAL_MODE;
210
211 typedef enum
212 {
213 PolicyAuditLogInformation = 1,
214 PolicyAuditEventsInformation,
215 PolicyPrimaryDomainInformation,
216 PolicyPdAccountInformation,
217 PolicyAccountDomainInformation,
218 PolicyLsaServerRoleInformation,
219 PolicyReplicaSourceInformation,
220 PolicyDefaultQuotaInformation,
221 PolicyModificationInformation,
222 PolicyAuditFullSetInformation,
223 PolicyAuditFullQueryInformation,
224 PolicyDnsDomainInformation
225 } POLICY_INFORMATION_CLASS, *PPOLICY_INFORMATION_CLASS;
226
227 typedef ULONG POLICY_AUDIT_EVENT_OPTIONS, *PPOLICY_AUDIT_EVENT_OPTIONS;
228
229 typedef struct _POLICY_AUDIT_EVENTS_INFO
230 {
231 BOOLEAN AuditingMode;
232 PPOLICY_AUDIT_EVENT_OPTIONS EventAuditingOptions;
233 ULONG MaximumAuditEventCount;
234 } POLICY_AUDIT_EVENTS_INFO, *PPOLICY_AUDIT_EVENTS_INFO;
235
236 typedef struct _POLICY_PRIMARY_DOMAIN_INFO
237 {
238 LSA_UNICODE_STRING Name;
239 PSID Sid;
240 } POLICY_PRIMARY_DOMAIN_INFO, *PPOLICY_PRIMARY_DOMAIN_INFO;
241
242 typedef struct _POLICY_ACCOUNT_DOMAIN_INFO
243 {
244 LSA_UNICODE_STRING DomainName;
245 PSID DomainSid;
246 } POLICY_ACCOUNT_DOMAIN_INFO, *PPOLICY_ACCOUNT_DOMAIN_INFO;
247
248 typedef struct _POLICY_DNS_DOMAIN_INFO
249 {
250 LSA_UNICODE_STRING Name;
251 LSA_UNICODE_STRING DnsDomainName;
252 LSA_UNICODE_STRING DnsForestName;
253 GUID DomainGuid;
254 PSID Sid;
255 } POLICY_DNS_DOMAIN_INFO, *PPOLICY_DNS_DOMAIN_INFO;
256
257 typedef enum _POLICY_LSA_SERVER_ROLE
258 {
259 PolicyServerRoleBackup = 2,
260 PolicyServerRolePrimary
261 } POLICY_LSA_SERVER_ROLE, *PPOLICY_LSA_SERVER_ROLE;
262
263 typedef struct _POLICY_LSA_SERVER_ROLE_INFO
264 {
265 POLICY_LSA_SERVER_ROLE LsaServerRole;
266 } POLICY_LSA_SERVER_ROLE_INFO, *PPOLICY_LSA_SERVER_ROLE_INFO;
267
268 typedef struct _POLICY_MODIFICATION_INFO
269 {
270 LARGE_INTEGER ModifiedId;
271 LARGE_INTEGER DatabaseCreationTime;
272 } POLICY_MODIFICATION_INFO, *PPOLICY_MODIFICATION_INFO;
273
274 typedef struct _LSA_LAST_INTER_LOGON_INFO {
275 LARGE_INTEGER LastSuccessfulLogon;
276 LARGE_INTEGER LastFailedLogon;
277 ULONG FailedAttemptCountSinceLastSuccessfulLogon;
278 } LSA_LAST_INTER_LOGON_INFO, *PLSA_LAST_INTER_LOGON_INFO;
279
280 typedef struct _SECURITY_LOGON_SESSION_DATA {
281 ULONG Size;
282 LUID LogonId;
283 LSA_UNICODE_STRING UserName;
284 LSA_UNICODE_STRING LogonDomain;
285 LSA_UNICODE_STRING AuthenticationPackage;
286 ULONG LogonType;
287 ULONG Session;
288 PSID Sid;
289 LARGE_INTEGER LogonTime;
290 LSA_UNICODE_STRING LogonServer;
291 LSA_UNICODE_STRING DnsDomainName;
292 LSA_UNICODE_STRING Upn;
293 ULONG UserFlags;
294 LSA_LAST_INTER_LOGON_INFO LastLogonInfo;
295 LSA_UNICODE_STRING LogonScript;
296 LSA_UNICODE_STRING ProfilePath;
297 LSA_UNICODE_STRING HomeDirectory;
298 LSA_UNICODE_STRING HomeDirectoryDrive;
299 LARGE_INTEGER LogoffTime;
300 LARGE_INTEGER KickOffTime;
301 LARGE_INTEGER PasswordLastSet;
302 LARGE_INTEGER PasswordCanChange;
303 LARGE_INTEGER PasswordMustChange;
304 } SECURITY_LOGON_SESSION_DATA, *PSECURITY_LOGON_SESSION_DATA;
305
306 typedef struct
307 {
308 SID_NAME_USE Use;
309 LSA_UNICODE_STRING Name;
310 LONG DomainIndex;
311 } LSA_TRANSLATED_NAME, *PLSA_TRANSLATED_NAME;
312
313 typedef struct
314 {
315 LSA_UNICODE_STRING Name;
316 PSID Sid;
317 } LSA_TRUST_INFORMATION, *PLSA_TRUST_INFORMATION;
318
319 typedef struct
320 {
321 ULONG Entries;
322 PLSA_TRUST_INFORMATION Domains;
323 } LSA_REFERENCED_DOMAIN_LIST, *PLSA_REFERENCED_DOMAIN_LIST;
324
325 typedef struct _LSA_TRANSLATED_SID
326 {
327 SID_NAME_USE Use;
328 ULONG RelativeId;
329 LONG DomainIndex;
330 } LSA_TRANSLATED_SID, *PLSA_TRANSLATED_SID;
331
332 typedef struct _TRUSTED_DOMAIN_INFORMATION_EX
333 {
334 LSA_UNICODE_STRING Name;
335 LSA_UNICODE_STRING FlatName;
336 PSID Sid;
337 ULONG TrustDirection;
338 ULONG TrustType;
339 ULONG TrustAttributes;
340 } TRUSTED_DOMAIN_INFORMATION_EX, *PTRUSTED_DOMAIN_INFORMATION_EX;
341
342 typedef struct _LSA_AUTH_INFORMATION
343 {
344 LARGE_INTEGER LastUpdateTime;
345 ULONG AuthType;
346 ULONG AuthInfoLength;
347 PUCHAR AuthInfo;
348 } LSA_AUTH_INFORMATION, *PLSA_AUTH_INFORMATION;
349
350 typedef struct _TRUSTED_DOMAIN_AUTH_INFORMATION
351 {
352 ULONG IncomingAuthInfos;
353 PLSA_AUTH_INFORMATION IncomingAuthenticationInformation;
354 PLSA_AUTH_INFORMATION IncomingPreviousAuthenticationInformation;
355 ULONG OutgoingAuthInfos;
356 PLSA_AUTH_INFORMATION OutgoingAuthenticationInformation;
357 PLSA_AUTH_INFORMATION OutgoingPreviousAuthenticationInformation;
358 } TRUSTED_DOMAIN_AUTH_INFORMATION, *PTRUSTED_DOMAIN_AUTH_INFORMATION;
359
360 typedef struct _LSA_TRANSLATED_SID2
361 {
362 SID_NAME_USE Use;
363 PSID Sid;
364 LONG DomainIndex;
365 ULONG Flags;
366 } LSA_TRANSLATED_SID2, *PLSA_TRANSLATED_SID2;
367
368 typedef enum _TRUSTED_INFORMATION_CLASS
369 {
370 TrustedDomainNameInformation = 1,
371 TrustedControllersInformation,
372 TrustedPosixOffsetInformation,
373 TrustedPasswordInformation,
374 TrustedDomainInformationBasic,
375 TrustedDomainInformationEx,
376 TrustedDomainAuthInformation,
377 TrustedDomainFullInformation
378 } TRUSTED_INFORMATION_CLASS, *PTRUSTED_INFORMATION_CLASS;
379
380 typedef enum _POLICY_NOTIFICATION_INFORMATION_CLASS
381 {
382 PolicyNotifyAuditEventsInformation = 1,
383 PolicyNotifyAccountDomainInformation,
384 PolicyNotifyServerRoleInformation,
385 PolicyNotifyDnsDomainInformation,
386 PolicyNotifyDomainEfsInformation,
387 PolicyNotifyDomainKerberosTicketInformation,
388 PolicyNotifyMachineAccountPasswordInformation
389 } POLICY_NOTIFICATION_INFORMATION_CLASS, *PPOLICY_NOTIFICATION_INFORMATION_CLASS;
390
391 typedef struct _AUDIT_POLICY_INFORMATION
392 {
393 GUID AuditSubCategoryGuid;
394 ULONG AuditingInformation;
395 GUID AuditCategoryGuid;
396 } AUDIT_POLICY_INFORMATION, *PAUDIT_POLICY_INFORMATION;
397
398 enum NEGOTIATE_MESSAGES
399 {
400 NegEnumPackagePrefixes,
401 NegGetCallerName,
402 NegTransferCredentials,
403 NegMsgReserved1,
404 NegCallPackageMax
405 };
406
407 typedef struct _NEGOTIATE_CALLER_NAME_REQUEST
408 {
409 ULONG MessageType;
410 LUID LogonId;
411 } NEGOTIATE_CALLER_NAME_REQUEST, *PNEGOTIATE_CALLER_NAME_REQUEST;
412
413 typedef struct _NEGOTIATE_CALLER_NAME_RESPONSE
414 {
415 ULONG MessageType;
416 PWSTR CallerName;
417 } NEGOTIATE_CALLER_NAME_RESPONSE, *PNEGOTIATE_CALLER_NAME_RESPONSE;
418
419 #define MICROSOFT_KERBEROS_NAME_A "Kerberos"
420 #if defined(_MSC_VER) || defined(__MINGW32__)
421 #define MICROSOFT_KERBEROS_NAME_W L"Kerberos"
422 #else /* _MSC_VER/__MINGW32__ */
423 static const WCHAR MICROSOFT_KERBEROS_NAME_W[] = { 'K','e','r','b','e','r','o','s',0 };
424 #endif
425
426 #define KERB_TICKET_FLAGS_reserved 0x80000000
427 #define KERB_TICKET_FLAGS_forwardable 0x40000000
428 #define KERB_TICKET_FLAGS_forwarded 0x20000000
429 #define KERB_TICKET_FLAGS_proxiable 0x10000000
430 #define KERB_TICKET_FLAGS_proxy 0x08000000
431 #define KERB_TICKET_FLAGS_may_postdate 0x04000000
432 #define KERB_TICKET_FLAGS_postdated 0x02000000
433 #define KERB_TICKET_FLAGS_invalid 0x01000000
434 #define KERB_TICKET_FLAGS_renewable 0x00800000
435 #define KERB_TICKET_FLAGS_initial 0x00400000
436 #define KERB_TICKET_FLAGS_pre_authent 0x00200000
437 #define KERB_TICKET_FLAGS_hw_authent 0x00100000
438 #define KERB_TICKET_FLAGS_ok_as_delegate 0x00040000
439 #define KERB_TICKET_FLAGS_name_canonicalize 0x00010000
440 #define KERB_TICKET_FLAGS_cname_in_pa_data 0x00040000
441 #define KERB_TICKET_FLAGS_reserved1 0x00000001
442
443 typedef enum _KERB_PROTOCOL_MESSAGE_TYPE
444 {
445 KerbDebugRequestMessage = 0,
446 KerbQueryTicketCacheMessage,
447 KerbChangeMachinePasswordMessage,
448 KerbVerifyPacMessage,
449 KerbRetrieveTicketMessage,
450 KerbUpdateAddressesMessage,
451 KerbPurgeTicketCacheMessage,
452 KerbChangePasswordMessage,
453 KerbRetrieveEncodedTicketMessage,
454 KerbDecryptDataMessage,
455 KerbAddBindingCacheEntryMessage,
456 KerbSetPasswordMessage,
457 KerbSetPasswordExMessage,
458 KerbVerifyCredentialsMessage,
459 KerbQueryTicketCacheExMessage,
460 KerbPurgeTicketCacheExMessage,
461 KerbRefreshSmartcardCredentialsMessage,
462 KerbAddExtraCredentialsMessage,
463 KerbQuerySupplementalCredentialsMessage,
464 KerbTransferCredentialsMessage,
465 KerbQueryTicketCacheEx2Message,
466 KerbSubmitTicketMessage,
467 KerbAddExtraCredentialsExMessage,
468 KerbQueryKdcProxyCacheMessage,
469 KerbPurgeKdcProxyCacheMessage,
470 KerbQueryTicketCacheEx3Message,
471 KerbCleanupMachinePkinitCredsMessage,
472 KerbAddBindingCacheEntryExMessage,
473 KerbQueryBindingCacheMessage,
474 KerbPurgeBindingCacheMessage,
475 KerbQueryDomainExtendedPoliciesMessage,
476 KerbQueryS4U2ProxyCacheMessage
477 } KERB_PROTOCOL_MESSAGE_TYPE, *PKERB_PROTOCOL_MESSAGE_TYPE;
478
479 typedef struct _KERB_TICKET_CACHE_INFO
480 {
481 UNICODE_STRING ServerName;
482 UNICODE_STRING RealmName;
483 LARGE_INTEGER StartTime;
484 LARGE_INTEGER EndTime;
485 LARGE_INTEGER RenewTime;
486 LONG EncryptionType;
487 ULONG TicketFlags;
488 } KERB_TICKET_CACHE_INFO, *PKERB_TICKET_CACHE_INFO;
489
490 typedef struct _KERB_TICKET_CACHE_INFO_EX
491 {
492 UNICODE_STRING ClientName;
493 UNICODE_STRING ClientRealm;
494
495 UNICODE_STRING ServerName;
496 UNICODE_STRING ServerRealm;
497 LARGE_INTEGER StartTime;
498 LARGE_INTEGER EndTime;
499 LARGE_INTEGER RenewTime;
500 LONG EncryptionType;
501 ULONG TicketFlags;
502 } KERB_TICKET_CACHE_INFO_EX, *PKERB_TICKET_CACHE_INFO_EX;
503
504 typedef struct _KERB_TICKET_CACHE_INFO_EX2
505 {
506 UNICODE_STRING ClientName;
507 UNICODE_STRING ClientRealm;
508 UNICODE_STRING ServerName;
509 UNICODE_STRING ServerRealm;
510 LARGE_INTEGER StartTime;
511 LARGE_INTEGER EndTime;
512 LARGE_INTEGER RenewTime;
513 LONG EncryptionType;
514 ULONG TicketFlags;
515
516 ULONG SessionKeyType;
517 ULONG BranchId;
518 } KERB_TICKET_CACHE_INFO_EX2, *PKERB_TICKET_CACHE_INFO_EX2;
519
520 typedef struct _KERB_TICKET_CACHE_INFO_EX3
521 {
522 UNICODE_STRING ClientName;
523 UNICODE_STRING ClientRealm;
524 UNICODE_STRING ServerName;
525 UNICODE_STRING ServerRealm;
526 LARGE_INTEGER StartTime;
527 LARGE_INTEGER EndTime;
528 LARGE_INTEGER RenewTime;
529 LONG EncryptionType;
530 ULONG TicketFlags;
531 ULONG SessionKeyType;
532 ULONG BranchId;
533
534 ULONG CacheFlags;
535 UNICODE_STRING KdcCalled;
536 } KERB_TICKET_CACHE_INFO_EX3, *PKERB_TICKET_CACHE_INFO_EX3;
537
538 typedef struct _KERB_CRYPTO_KEY
539 {
540 LONG KeyType;
541 ULONG Length;
542 PUCHAR Value;
543 } KERB_CRYPTO_KEY, *PKERB_CRYPTO_KEY;
544
545 typedef struct _KERB_EXTERNAL_NAME
546 {
547 SHORT NameType;
548 USHORT NameCount;
549 UNICODE_STRING Names[ANYSIZE_ARRAY];
550 } KERB_EXTERNAL_NAME, *PKERB_EXTERNAL_NAME;
551
552 typedef struct _KERB_EXTERNAL_TICKET
553 {
554 PKERB_EXTERNAL_NAME ServiceName;
555 PKERB_EXTERNAL_NAME TargetName;
556 PKERB_EXTERNAL_NAME ClientName;
557 UNICODE_STRING DomainName;
558 UNICODE_STRING TargetDomainName;
559 UNICODE_STRING AltTargetDomainName;
560 KERB_CRYPTO_KEY SessionKey;
561 ULONG TicketFlags;
562 ULONG Flags;
563 LARGE_INTEGER KeyExpirationTime;
564 LARGE_INTEGER StartTime;
565 LARGE_INTEGER EndTime;
566 LARGE_INTEGER RenewUntil;
567 LARGE_INTEGER TimeSkew;
568 ULONG EncodedTicketSize;
569 PUCHAR EncodedTicket;
570 } KERB_EXTERNAL_TICKET, *PKERB_EXTERNAL_TICKET;
571
572 typedef struct _KERB_QUERY_TKT_CACHE_REQUEST
573 {
574 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
575 LUID LogonId;
576 } KERB_QUERY_TKT_CACHE_REQUEST, *PKERB_QUERY_TKT_CACHE_REQUEST;
577
578 typedef struct _KERB_QUERY_TKT_CACHE_RESPONSE
579 {
580 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
581 ULONG CountOfTickets;
582 KERB_TICKET_CACHE_INFO Tickets[ANYSIZE_ARRAY];
583 } KERB_QUERY_TKT_CACHE_RESPONSE, *PKERB_QUERY_TKT_CACHE_RESPONSE;
584
585 typedef struct _KERB_QUERY_TKT_CACHE_EX_RESPONSE
586 {
587 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
588 ULONG CountOfTickets;
589 KERB_TICKET_CACHE_INFO_EX Tickets[ANYSIZE_ARRAY];
590 } KERB_QUERY_TKT_CACHE_EX_RESPONSE, *PKERB_QUERY_TKT_CACHE_EX_RESPONSE;
591
592 typedef struct _KERB_QUERY_TKT_CACHE_EX2_RESPONSE
593 {
594 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
595 ULONG CountOfTickets;
596 KERB_TICKET_CACHE_INFO_EX2 Tickets[ANYSIZE_ARRAY];
597 } KERB_QUERY_TKT_CACHE_EX2_RESPONSE, *PKERB_QUERY_TKT_CACHE_EX2_RESPONSE;
598
599 typedef struct _KERB_QUERY_TKT_CACHE_EX3_RESPONSE
600 {
601 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
602 ULONG CountOfTickets;
603 KERB_TICKET_CACHE_INFO_EX3 Tickets[ANYSIZE_ARRAY];
604 } KERB_QUERY_TKT_CACHE_EX3_RESPONSE, *PKERB_QUERY_TKT_CACHE_EX3_RESPONSE;
605
606 typedef struct _KERB_RETRIEVE_TKT_REQUEST
607 {
608 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
609 LUID LogonId;
610 UNICODE_STRING TargetName;
611 ULONG TicketFlags;
612 ULONG CacheOptions;
613 LONG EncryptionType;
614 SecHandle CredentialsHandle;
615 } KERB_RETRIEVE_TKT_REQUEST, *PKERB_RETRIEVE_TKT_REQUEST;
616
617 typedef struct _KERB_RETRIEVE_TKT_RESPONSE
618 {
619 KERB_EXTERNAL_TICKET Ticket;
620 } KERB_RETRIEVE_TKT_RESPONSE,*PKERB_RETRIEVE_TKT_RESPONSE;
621
622 typedef struct _KERB_PURGE_TKT_CACHE_REQUEST
623 {
624 KERB_PROTOCOL_MESSAGE_TYPE MessageType;
625 LUID LogonId;
626 UNICODE_STRING ServerName;
627 UNICODE_STRING RealmName;
628 } KERB_PURGE_TKT_CACHE_REQUEST, *PKERB_PURGE_TKT_CACHE_REQUEST;
629
630 #define KERB_ETYPE_NULL 0
631 #define KERB_ETYPE_DES_CBC_CRC 1
632 #define KERB_ETYPE_DES_CBC_MD4 2
633 #define KERB_ETYPE_DES_CBC_MD5 3
634 #define KERB_ETYPE_AES128_CTS_HMAC_SHA1_96 17
635 #define KERB_ETYPE_AES256_CTS_HMAC_SHA1_96 18
636
637 #define KERB_ETYPE_RC4_MD4 -128
638 #define KERB_ETYPE_RC4_PLAIN2 -129
639 #define KERB_ETYPE_RC4_LM -130
640 #define KERB_ETYPE_RC4_SHA -131
641 #define KERB_ETYPE_DES_PLAIN -132
642 #define KERB_ETYPE_RC4_HMAC_OLD -133
643 #define KERB_ETYPE_RC4_PLAIN_OLD -134
644 #define KERB_ETYPE_RC4_HMAC_OLD_EXP -135
645 #define KERB_ETYPE_RC4_PLAIN_OLD_EXP -136
646 #define KERB_ETYPE_RC4_PLAIN -140
647 #define KERB_ETYPE_RC4_PLAIN_EXP -141
648 #define KERB_ETYPE_AES128_CTS_HMAC_SHA1_96_PLAIN -148
649 #define KERB_ETYPE_AES256_CTS_HMAC_SHA1_96_PLAIN -149
650
651 #define KERB_ETYPE_DSA_SHA1_CMS 9
652 #define KERB_ETYPE_RSA_MD5_CMS 10
653 #define KERB_ETYPE_RSA_SHA1_CMS 11
654 #define KERB_ETYPE_RC2_CBC_ENV 12
655 #define KERB_ETYPE_RSA_ENV 13
656 #define KERB_ETYPE_RSA_ES_OEAP_ENV 14
657 #define KERB_ETYPE_DES_EDE3_CBC_ENV 15
658
659 #define KERB_ETYPE_DSA_SIGN 8
660 #define KERB_ETYPE_RSA_PRIV 9
661 #define KERB_ETYPE_RSA_PUB 10
662 #define KERB_ETYPE_RSA_PUB_MD5 11
663 #define KERB_ETYPE_RSA_PUB_SHA1 12
664 #define KERB_ETYPE_PKCS7_PUB 13
665
666 #define KERB_ETYPE_DES3_CBC_MD5 5
667 #define KERB_ETYPE_DES3_CBC_SHA1 7
668 #define KERB_ETYPE_DES3_CBC_SHA1_KD 16
669
670 #define KERB_ETYPE_DES_CBC_MD5_NT 20
671 #define KERB_ETYPE_RC4_HMAC_NT 23
672 #define KERB_ETYPE_RC4_HMAC_NT_EXP 24
673
674 #define RtlGenRandom SystemFunction036
675 #define RtlEncryptMemory SystemFunction040
676 #define RtlDecryptMemory SystemFunction041
677
678 #define LSA_SUCCESS(Error) ((LONG)(Error) >= 0)
679
680 WINADVAPI BOOLEAN WINAPI AuditQuerySystemPolicy(const GUID*,ULONG,AUDIT_POLICY_INFORMATION**);
681 WINADVAPI BOOLEAN WINAPI RtlGenRandom(PVOID,ULONG);
682 WINADVAPI NTSTATUS WINAPI RtlEncryptMemory(PVOID,ULONG,ULONG);
683 WINADVAPI NTSTATUS WINAPI RtlDecryptMemory(PVOID,ULONG,ULONG);
684
685 WINADVAPI NTSTATUS WINAPI LsaAddAccountRights(LSA_HANDLE,PSID,PLSA_UNICODE_STRING,ULONG);
686 WINADVAPI NTSTATUS WINAPI LsaClose(LSA_HANDLE);
687 WINADVAPI NTSTATUS WINAPI LsaCreateTrustedDomainEx(LSA_HANDLE,PTRUSTED_DOMAIN_INFORMATION_EX,
688 PTRUSTED_DOMAIN_AUTH_INFORMATION,ACCESS_MASK,PLSA_HANDLE);
689 WINADVAPI NTSTATUS WINAPI LsaDeleteTrustedDomain(LSA_HANDLE,PSID);
690 WINADVAPI NTSTATUS WINAPI LsaEnumerateAccountRights(LSA_HANDLE,PSID,PLSA_UNICODE_STRING*,PULONG);
691 WINADVAPI NTSTATUS WINAPI LsaEnumerateAccountsWithUserRight(LSA_HANDLE,PLSA_UNICODE_STRING,PVOID*,PULONG);
692 WINADVAPI NTSTATUS WINAPI LsaEnumerateTrustedDomains(LSA_HANDLE,PLSA_ENUMERATION_HANDLE,PVOID*,ULONG,PULONG);
693 WINADVAPI NTSTATUS WINAPI LsaEnumerateTrustedDomainsEx(LSA_HANDLE,PLSA_ENUMERATION_HANDLE,PVOID*,ULONG,PULONG);
694 WINADVAPI NTSTATUS WINAPI LsaFreeMemory(PVOID);
695 WINADVAPI NTSTATUS WINAPI LsaLookupNames(LSA_HANDLE,ULONG,PLSA_UNICODE_STRING,PLSA_REFERENCED_DOMAIN_LIST*,
696 PLSA_TRANSLATED_SID*);
697 WINADVAPI NTSTATUS WINAPI LsaLookupNames2(LSA_HANDLE,ULONG,ULONG,PLSA_UNICODE_STRING,PLSA_REFERENCED_DOMAIN_LIST*,
698 PLSA_TRANSLATED_SID2*);
699 WINADVAPI NTSTATUS WINAPI LsaLookupSids(LSA_HANDLE,ULONG,PSID *,PLSA_REFERENCED_DOMAIN_LIST *,PLSA_TRANSLATED_NAME *);
700 WINADVAPI ULONG WINAPI LsaNtStatusToWinError(NTSTATUS);
701 WINADVAPI NTSTATUS WINAPI LsaOpenPolicy(PLSA_UNICODE_STRING,PLSA_OBJECT_ATTRIBUTES,ACCESS_MASK,PLSA_HANDLE);
702 WINADVAPI NTSTATUS WINAPI LsaOpenTrustedDomainByName(LSA_HANDLE,PLSA_UNICODE_STRING,ACCESS_MASK,PLSA_HANDLE);
703 WINADVAPI NTSTATUS WINAPI LsaQueryInformationPolicy(LSA_HANDLE,POLICY_INFORMATION_CLASS,PVOID*);
704 WINADVAPI NTSTATUS WINAPI LsaQueryTrustedDomainInfo(LSA_HANDLE,PSID,TRUSTED_INFORMATION_CLASS,PVOID*);
705 WINADVAPI NTSTATUS WINAPI LsaQueryTrustedDomainInfoByName(LSA_HANDLE,PLSA_UNICODE_STRING,TRUSTED_INFORMATION_CLASS,PVOID*);
706 WINADVAPI NTSTATUS WINAPI LsaRegisterPolicyChangeNotification(POLICY_NOTIFICATION_INFORMATION_CLASS,HANDLE);
707 WINADVAPI NTSTATUS WINAPI LsaRemoveAccountRights(LSA_HANDLE,PSID,BOOLEAN,PLSA_UNICODE_STRING,ULONG);
708 WINADVAPI NTSTATUS WINAPI LsaRetrievePrivateData(LSA_HANDLE,PLSA_UNICODE_STRING,PLSA_UNICODE_STRING*);
709 WINADVAPI NTSTATUS WINAPI LsaSetInformationPolicy(LSA_HANDLE,POLICY_INFORMATION_CLASS,PVOID);
710 WINADVAPI NTSTATUS WINAPI LsaSetTrustedDomainInfoByName(LSA_HANDLE,PLSA_UNICODE_STRING,TRUSTED_INFORMATION_CLASS,PVOID);
711 WINADVAPI NTSTATUS WINAPI LsaSetTrustedDomainInformation(LSA_HANDLE,PSID,TRUSTED_INFORMATION_CLASS,PVOID);
712 WINADVAPI NTSTATUS WINAPI LsaStorePrivateData(LSA_HANDLE,PLSA_UNICODE_STRING,PLSA_UNICODE_STRING);
713 WINADVAPI NTSTATUS WINAPI LsaUnregisterPolicyChangeNotification(POLICY_NOTIFICATION_INFORMATION_CLASS,HANDLE);
714
715 NTSTATUS WINAPI LsaCallAuthenticationPackage(HANDLE,ULONG,PVOID,ULONG,PVOID*,PULONG,PNTSTATUS);
716 NTSTATUS WINAPI LsaConnectUntrusted(PHANDLE);
717 NTSTATUS WINAPI LsaDeregisterLogonProcess(HANDLE);
718 NTSTATUS WINAPI LsaEnumerateLogonSessions(PULONG,PLUID*);
719 NTSTATUS WINAPI LsaFreeReturnBuffer(PVOID);
720 NTSTATUS WINAPI LsaGetLogonSessionData(PLUID,PSECURITY_LOGON_SESSION_DATA*);
721 NTSTATUS WINAPI LsaLogonUser(HANDLE,PLSA_STRING,SECURITY_LOGON_TYPE,ULONG,PVOID,ULONG,PTOKEN_GROUPS,PTOKEN_SOURCE,PVOID*,PULONG,PLUID,PHANDLE,PQUOTA_LIMITS,PNTSTATUS);
722 NTSTATUS WINAPI LsaLookupAuthenticationPackage(HANDLE,PLSA_STRING,PULONG);
723 NTSTATUS WINAPI LsaRegisterLogonProcess(PLSA_STRING,PHANDLE,PLSA_OPERATIONAL_MODE);
724
725 #ifdef __cplusplus
726 } /* extern "C" */
727 #endif /* defined(__cplusplus) */
728
729 #endif /* !defined(_NTSECAPI_) */
Windows API implementation