[ros-diffs] [tkreuzer] 54825: [XDK/DDK] - Add sspi.h to xdk and and include it in ntifs.h. Dedicated to Alex

Author: tkreuzer Date: Tue Jan 3 19:42:58 2012 New Revision: 54825 URL: http://svn.reactos.org/svn/reactos?rev=54825&view=rev Log: [XDK/DDK] - Add sspi.h to xdk and and include it in ntifs.h. Dedicated to Alex Added: trunk/reactos/include/xdk/sspi.h (with props) Modified: trunk/reactos/include/ddk/ntifs.h trunk/reactos/include/xdk/ntifs.template.h trunk/reactos/include/xdk/rtlfuncs.h Modified: trunk/reactos/include/ddk/ntifs.h URL: http://svn.reactos.org/svn/reactos/trunk/reactos/include/ddk/ntifs.h?rev=54… ============================================================================== --- trunk/reactos/include/ddk/ntifs.h [iso-8859-1] (original) +++ trunk/reactos/include/ddk/ntifs.h [iso-8859-1] Tue Jan 3 19:42:58 2012 @@ -8785,20 +8785,1325 @@ IN ULONG TokenInformationLength); #endif /* (NTDDI_VERSION >= NTDDI_WIN7) */ +#ifndef __SSPI_H__ +#define __SSPI_H__ + +// for ntifs.h: +#define ISSP_LEVEL 32 +#define ISSP_MODE 0 + +#ifdef MIDL_PASS +#define MIDL_PROP(x) x +#else +#define MIDL_PROP(x) +#endif + +#define SEC_TEXT TEXT +#define SEC_FAR +#define SEC_ENTRY __stdcall + +#if defined(_NO_KSECDD_IMPORT_) +#define KSECDDDECLSPEC +#else +#define KSECDDDECLSPEC __declspec(dllimport) +#endif + +#define SECQOP_WRAP_NO_ENCRYPT 0x80000001 +#define SECQOP_WRAP_OOB_DATA 0x40000000 + +#define SECURITY_ENTRYPOINTW SEC_TEXT("InitSecurityInterfaceW") +#define SECURITY_ENTRYPOINT SECURITY_ENTRYPOINTW + +#define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION 1 +#define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION_2 2 +#define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION_3 3 +#define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION_4 4 + +#define SECURITY_NATIVE_DREP 0x00000010 +#define SECURITY_NETWORK_DREP 0x00000000 + +#define SECPKG_ID_NONE 0xFFFF + +#define SECPKG_CRED_ATTR_NAMES 1 +#define SECPKG_CRED_ATTR_SSI_PROVIDER 2 + +#define SECPKG_ATTR_SIZES 0 +#define SECPKG_ATTR_NAMES 1 +#define SECPKG_ATTR_LIFESPAN 2 +#define SECPKG_ATTR_DCE_INFO 3 +#define SECPKG_ATTR_STREAM_SIZES 4 +#define SECPKG_ATTR_KEY_INFO 5 +#define SECPKG_ATTR_AUTHORITY 6 +#define SECPKG_ATTR_PROTO_INFO 7 +#define SECPKG_ATTR_PASSWORD_EXPIRY 8 +#define SECPKG_ATTR_SESSION_KEY 9 +#define SECPKG_ATTR_PACKAGE_INFO 10 +#define SECPKG_ATTR_USER_FLAGS 11 +#define SECPKG_ATTR_NEGOTIATION_INFO 12 +#define SECPKG_ATTR_NATIVE_NAMES 13 +#define SECPKG_ATTR_FLAGS 14 +#define SECPKG_ATTR_USE_VALIDATED 15 +#define SECPKG_ATTR_CREDENTIAL_NAME 16 +#define SECPKG_ATTR_TARGET_INFORMATION 17 +#define SECPKG_ATTR_ACCESS_TOKEN 18 +#define SECPKG_ATTR_TARGET 19 +#define SECPKG_ATTR_AUTHENTICATION_ID 20 +#define SECPKG_ATTR_LOGOFF_TIME 21 +#define SECPKG_ATTR_NEGO_KEYS 22 +#define SECPKG_ATTR_PROMPTING_NEEDED 24 +#define SECPKG_ATTR_UNIQUE_BINDINGS 25 +#define SECPKG_ATTR_ENDPOINT_BINDINGS 26 +#define SECPKG_ATTR_CLIENT_SPECIFIED_TARGET 27 +#define SECPKG_ATTR_LAST_CLIENT_TOKEN_STATUS 30 +#define SECPKG_ATTR_NEGO_PKG_INFO 31 +#define SECPKG_ATTR_NEGO_STATUS 32 +#define SECPKG_ATTR_CONTEXT_DELETED 33 + +#define SECPKG_FLAG_INTEGRITY 0x00000001 +#define SECPKG_FLAG_PRIVACY 0x00000002 +#define SECPKG_FLAG_TOKEN_ONLY 0x00000004 +#define SECPKG_FLAG_DATAGRAM 0x00000008 +#define SECPKG_FLAG_CONNECTION 0x00000010 +#define SECPKG_FLAG_MULTI_REQUIRED 0x00000020 +#define SECPKG_FLAG_CLIENT_ONLY 0x00000040 +#define SECPKG_FLAG_EXTENDED_ERROR 0x00000080 +#define SECPKG_FLAG_IMPERSONATION 0x00000100 +#define SECPKG_FLAG_ACCEPT_WIN32_NAME 0x00000200 +#define SECPKG_FLAG_STREAM 0x00000400 +#define SECPKG_FLAG_NEGOTIABLE 0x00000800 +#define SECPKG_FLAG_GSS_COMPATIBLE 0x00001000 +#define SECPKG_FLAG_LOGON 0x00002000 +#define SECPKG_FLAG_ASCII_BUFFERS 0x00004000 +#define SECPKG_FLAG_FRAGMENT 0x00008000 +#define SECPKG_FLAG_MUTUAL_AUTH 0x00010000 +#define SECPKG_FLAG_DELEGATION 0x00020000 +#define SECPKG_FLAG_READONLY_WITH_CHECKSUM 0x00040000 +#define SECPKG_FLAG_RESTRICTED_TOKENS 0x00080000 +#define SECPKG_FLAG_NEGO_EXTENDER 0x00100000 +#define SECPKG_FLAG_NEGOTIABLE2 0x00200000 + +#define SECPKG_CRED_INBOUND 0x00000001 +#define SECPKG_CRED_OUTBOUND 0x00000002 +#define SECPKG_CRED_BOTH 0x00000003 +#define SECPKG_CRED_DEFAULT 0x00000004 +#define SECPKG_CRED_RESERVED 0xF0000000 +#define SECPKG_CRED_AUTOLOGON_RESTRICTED 0x00000010 +#define SECPKG_CRED_PROCESS_POLICY_ONLY 0x00000020 + +#define SECPKG_CONTEXT_EXPORT_RESET_NEW 0x00000001 +#define SECPKG_CONTEXT_EXPORT_DELETE_OLD 0x00000002 +#define SECPKG_CONTEXT_EXPORT_TO_KERNEL 0x00000004 + +#define SECPKG_ATTR_SUBJECT_SECURITY_ATTRIBUTES 128 +#define SECPKG_ATTR_NEGO_INFO_FLAG_NO_KERBEROS 0x1 +#define SECPKG_ATTR_NEGO_INFO_FLAG_NO_NTLM 0x2 + +#define SecPkgContext_NativeNames SecPkgContext_NativeNamesW +#define PSecPkgContext_NativeNames PSecPkgContext_NativeNamesW + +#define SECBUFFER_VERSION 0 + +#define SECBUFFER_EMPTY 0 +#define SECBUFFER_DATA 1 +#define SECBUFFER_TOKEN 2 +#define SECBUFFER_PKG_PARAMS 3 +#define SECBUFFER_MISSING 4 +#define SECBUFFER_EXTRA 5 +#define SECBUFFER_STREAM_TRAILER 6 +#define SECBUFFER_STREAM_HEADER 7 +#define SECBUFFER_NEGOTIATION_INFO 8 +#define SECBUFFER_PADDING 9 +#define SECBUFFER_STREAM 10 +#define SECBUFFER_MECHLIST 11 +#define SECBUFFER_MECHLIST_SIGNATURE 12 +#define SECBUFFER_TARGET 13 +#define SECBUFFER_CHANNEL_BINDINGS 14 +#define SECBUFFER_CHANGE_PASS_RESPONSE 15 +#define SECBUFFER_TARGET_HOST 16 +#define SECBUFFER_ALERT 17 + +#define SECBUFFER_ATTRMASK 0xF0000000 +#define SECBUFFER_READONLY 0x80000000 +#define SECBUFFER_READONLY_WITH_CHECKSUM 0x10000000 +#define SECBUFFER_RESERVED 0x60000000 + +#define ISC_REQ_DELEGATE 0x00000001 +#define ISC_REQ_MUTUAL_AUTH 0x00000002 +#define ISC_REQ_REPLAY_DETECT 0x00000004 +#define ISC_REQ_SEQUENCE_DETECT 0x00000008 +#define ISC_REQ_CONFIDENTIALITY 0x00000010 +#define ISC_REQ_USE_SESSION_KEY 0x00000020 +#define ISC_REQ_PROMPT_FOR_CREDS 0x00000040 +#define ISC_REQ_USE_SUPPLIED_CREDS 0x00000080 +#define ISC_REQ_ALLOCATE_MEMORY 0x00000100 +#define ISC_REQ_USE_DCE_STYLE 0x00000200 +#define ISC_REQ_DATAGRAM 0x00000400 +#define ISC_REQ_CONNECTION 0x00000800 +#define ISC_REQ_CALL_LEVEL 0x00001000 +#define ISC_REQ_FRAGMENT_SUPPLIED 0x00002000 +#define ISC_REQ_EXTENDED_ERROR 0x00004000 +#define ISC_REQ_STREAM 0x00008000 +#define ISC_REQ_INTEGRITY 0x00010000 +#define ISC_REQ_IDENTIFY 0x00020000 +#define ISC_REQ_NULL_SESSION 0x00040000 +#define ISC_REQ_MANUAL_CRED_VALIDATION 0x00080000 +#define ISC_REQ_RESERVED1 0x00100000 +#define ISC_REQ_FRAGMENT_TO_FIT 0x00200000 +#define ISC_REQ_FORWARD_CREDENTIALS 0x00400000 +#define ISC_REQ_NO_INTEGRITY 0x00800000 +#define ISC_REQ_USE_HTTP_STYLE 0x01000000 + +#define ISC_RET_DELEGATE 0x00000001 +#define ISC_RET_MUTUAL_AUTH 0x00000002 +#define ISC_RET_REPLAY_DETECT 0x00000004 +#define ISC_RET_SEQUENCE_DETECT 0x00000008 +#define ISC_RET_CONFIDENTIALITY 0x00000010 +#define ISC_RET_USE_SESSION_KEY 0x00000020 +#define ISC_RET_USED_COLLECTED_CREDS 0x00000040 +#define ISC_RET_USED_SUPPLIED_CREDS 0x00000080 +#define ISC_RET_ALLOCATED_MEMORY 0x00000100 +#define ISC_RET_USED_DCE_STYLE 0x00000200 +#define ISC_RET_DATAGRAM 0x00000400 +#define ISC_RET_CONNECTION 0x00000800 +#define ISC_RET_INTERMEDIATE_RETURN 0x00001000 +#define ISC_RET_CALL_LEVEL 0x00002000 +#define ISC_RET_EXTENDED_ERROR 0x00004000 +#define ISC_RET_STREAM 0x00008000 +#define ISC_RET_INTEGRITY 0x00010000 +#define ISC_RET_IDENTIFY 0x00020000 +#define ISC_RET_NULL_SESSION 0x00040000 +#define ISC_RET_MANUAL_CRED_VALIDATION 0x00080000 +#define ISC_RET_RESERVED1 0x00100000 +#define ISC_RET_FRAGMENT_ONLY 0x00200000 +#define ISC_RET_FORWARD_CREDENTIALS 0x00400000 +#define ISC_RET_USED_HTTP_STYLE 0x01000000 +#define ISC_RET_NO_ADDITIONAL_TOKEN 0x02000000 +#define ISC_RET_REAUTHENTICATION 0x08000000 + +#define ASC_REQ_DELEGATE 0x00000001 +#define ASC_REQ_MUTUAL_AUTH 0x00000002 +#define ASC_REQ_REPLAY_DETECT 0x00000004 +#define ASC_REQ_SEQUENCE_DETECT 0x00000008 +#define ASC_REQ_CONFIDENTIALITY 0x00000010 +#define ASC_REQ_USE_SESSION_KEY 0x00000020 +#define ASC_REQ_ALLOCATE_MEMORY 0x00000100 +#define ASC_REQ_USE_DCE_STYLE 0x00000200 +#define ASC_REQ_DATAGRAM 0x00000400 +#define ASC_REQ_CONNECTION 0x00000800 +#define ASC_REQ_CALL_LEVEL 0x00001000 +#define ASC_REQ_EXTENDED_ERROR 0x00008000 +#define ASC_REQ_STREAM 0x00010000 +#define ASC_REQ_INTEGRITY 0x00020000 +#define ASC_REQ_LICENSING 0x00040000 +#define ASC_REQ_IDENTIFY 0x00080000 +#define ASC_REQ_ALLOW_NULL_SESSION 0x00100000 +#define ASC_REQ_ALLOW_NON_USER_LOGONS 0x00200000 +#define ASC_REQ_ALLOW_CONTEXT_REPLAY 0x00400000 +#define ASC_REQ_FRAGMENT_TO_FIT 0x00800000 +#define ASC_REQ_FRAGMENT_SUPPLIED 0x00002000 +#define ASC_REQ_NO_TOKEN 0x01000000 +#define ASC_REQ_PROXY_BINDINGS 0x04000000 +//#define SSP_RET_REAUTHENTICATION 0x08000000 // internal + +#define ASC_REQ_ALLOW_MISSING_BINDINGS 0x10000000 +#define ASC_RET_DELEGATE 0x00000001 +#define ASC_RET_MUTUAL_AUTH 0x00000002 +#define ASC_RET_REPLAY_DETECT 0x00000004 +#define ASC_RET_SEQUENCE_DETECT 0x00000008 +#define ASC_RET_CONFIDENTIALITY 0x00000010 +#define ASC_RET_USE_SESSION_KEY 0x00000020 +#define ASC_RET_ALLOCATED_MEMORY 0x00000100 +#define ASC_RET_USED_DCE_STYLE 0x00000200 +#define ASC_RET_DATAGRAM 0x00000400 +#define ASC_RET_CONNECTION 0x00000800 +#define ASC_RET_CALL_LEVEL 0x00002000 +#define ASC_RET_THIRD_LEG_FAILED 0x00004000 +#define ASC_RET_EXTENDED_ERROR 0x00008000 +#define ASC_RET_STREAM 0x00010000 +#define ASC_RET_INTEGRITY 0x00020000 +#define ASC_RET_LICENSING 0x00040000 +#define ASC_RET_IDENTIFY 0x00080000 +#define ASC_RET_NULL_SESSION 0x00100000 +#define ASC_RET_ALLOW_NON_USER_LOGONS 0x00200000 +#define ASC_RET_ALLOW_CONTEXT_REPLAY 0x00400000 +#define ASC_RET_FRAGMENT_ONLY 0x00800000 +#define ASC_RET_NO_TOKEN 0x01000000 +#define ASC_RET_NO_ADDITIONAL_TOKEN 0x02000000 +#define ASC_RET_NO_PROXY_BINDINGS 0x04000000 +//#define SSP_RET_REAUTHENTICATION 0x08000000 // internal +#define ASC_RET_MISSING_BINDINGS 0x10000000 + +#define SEC_DELETED_HANDLE ((ULONG_PTR)(-2)) + +#define SecInvalidateHandle(x) \ + ((PSecHandle)(x))->dwLower = ((PSecHandle)(x))->dwUpper = ((ULONG_PTR)((INT_PTR)-1)); + +#define SecIsValidHandle(x) \ + ( ( ((PSecHandle)(x))->dwLower != (ULONG_PTR)(INT_PTR)-1 ) && \ + ( ((PSecHandle)(x))->dwUpper != (ULONG_PTR)(INT_PTR)-1 ) ) + +typedef WCHAR SEC_WCHAR; +typedef CHAR SEC_CHAR; +typedef LARGE_INTEGER _SECURITY_INTEGER, SECURITY_INTEGER, *PSECURITY_INTEGER; +typedef SECURITY_INTEGER TimeStamp, *PTimeStamp; +typedef UNICODE_STRING SECURITY_STRING, *PSECURITY_STRING; +#if ISSP_MODE == 0 +#define PSSPI_SEC_STRING PSECURITY_STRING +#else +#define PSSPI_SEC_STRING SEC_WCHAR* +#endif + +typedef PVOID PSEC_WINNT_AUTH_IDENTITY_OPAQUE; + +#ifndef __SECSTATUS_DEFINED__ +typedef LONG SECURITY_STATUS; +#define __SECSTATUS_DEFINED__ +#endif + +typedef enum _SECPKG_CRED_CLASS +{ + SecPkgCredClass_None = 0, + SecPkgCredClass_Ephemeral = 10, + SecPkgCredClass_PersistedGeneric = 20, + SecPkgCredClass_PersistedSpecific = 30, + SecPkgCredClass_Explicit = 40, +} SECPKG_CRED_CLASS, *PSECPKG_CRED_CLASS; + +typedef struct _SEC_NEGOTIATION_INFO +{ + ULONG Size; + ULONG NameLength; + SEC_WCHAR * Name; + PVOID Reserved; +} SEC_NEGOTIATION_INFO, *PSEC_NEGOTIATION_INFO; + +typedef struct _SEC_CHANNEL_BINDINGS +{ + ULONG dwInitiatorAddrType; + ULONG cbInitiatorLength; + ULONG dwInitiatorOffset; + ULONG dwAcceptorAddrType; + ULONG cbAcceptorLength; + ULONG dwAcceptorOffset; + ULONG cbApplicationDataLength; + ULONG dwApplicationDataOffset; +} SEC_CHANNEL_BINDINGS, *PSEC_CHANNEL_BINDINGS; + +#ifndef _AUTH_IDENTITY_EX2_DEFINED +#define _AUTH_IDENTITY_EX2_DEFINED +typedef struct _SEC_WINNT_AUTH_IDENTITY_EX2 { + ULONG Version; + USHORT cbHeaderLength; + ULONG cbStructureLength; + ULONG UserOffset; + USHORT UserLength; + ULONG DomainOffset; + USHORT DomainLength; + ULONG PackedCredentialsOffset; + USHORT PackedCredentialsLength; + ULONG Flags; + ULONG PackageListOffset; + USHORT PackageListLength; +} SEC_WINNT_AUTH_IDENTITY_EX2, *PSEC_WINNT_AUTH_IDENTITY_EX2; +#define SEC_WINNT_AUTH_IDENTITY_VERSION_2 0x201 +#endif + +#ifndef _AUTH_IDENTITY_DEFINED +#define _AUTH_IDENTITY_DEFINED +typedef struct _SEC_WINNT_AUTH_IDENTITY_W { + PUSHORT User; + ULONG UserLength; + PUSHORT Domain; + ULONG DomainLength; + PUSHORT Password; + ULONG PasswordLength; + ULONG Flags; +} SEC_WINNT_AUTH_IDENTITY_W, *PSEC_WINNT_AUTH_IDENTITY_W; +#define SEC_WINNT_AUTH_IDENTITY_ANSI 0x1 +#define SEC_WINNT_AUTH_IDENTITY_UNICODE 0x2 +#define SEC_WINNT_AUTH_IDENTITY SEC_WINNT_AUTH_IDENTITY_W +#define PSEC_WINNT_AUTH_IDENTITY PSEC_WINNT_AUTH_IDENTITY_W +#define _SEC_WINNT_AUTH_IDENTITY _SEC_WINNT_AUTH_IDENTITY_W +#endif + +#ifndef SEC_WINNT_AUTH_IDENTITY_VERSION +#define SEC_WINNT_AUTH_IDENTITY_VERSION 0x200 +typedef struct _SEC_WINNT_AUTH_IDENTITY_EXW { + ULONG Version; + ULONG Length; + PUSHORT User; // Non-NULL terminated string. + ULONG UserLength; // # of characters (NOT bytes), not including NULL. + PUSHORT Domain; // Non-NULL terminated string. + ULONG DomainLength; // # of characters (NOT bytes), not including NULL. + PUSHORT Password; // Non-NULL terminated string. + ULONG PasswordLength; // # of characters (NOT bytes), not including NULL. + ULONG Flags; + PUSHORT PackageList; + ULONG PackageListLength; +} SEC_WINNT_AUTH_IDENTITY_EXW, *PSEC_WINNT_AUTH_IDENTITY_EXW; +#define SEC_WINNT_AUTH_IDENTITY_EX SEC_WINNT_AUTH_IDENTITY_EXW +#define PSEC_WINNT_AUTH_IDENTITY_EX PSEC_WINNT_AUTH_IDENTITY_EXW +#endif + +#ifndef __SECHANDLE_DEFINED__ +typedef struct _SecHandle +{ + ULONG_PTR dwLower; + ULONG_PTR dwUpper; +} SecHandle, *PSecHandle; +#define __SECHANDLE_DEFINED__ +#endif + +typedef SecHandle CredHandle, *PCredHandle, CtxtHandle, *PCtxtHandle; + +typedef struct _SecBuffer +{ + ULONG cbBuffer; + ULONG BufferType; +#ifdef MIDL_PASS + MIDL_PROP([size_is(cbBuffer)]) PCHAR pvBuffer; +#else + __field_bcount(cbBuffer) void SEC_FAR *pvBuffer; +#endif +} SecBuffer, * PSecBuffer; + +typedef struct _SecBufferDesc +{ + ULONG ulVersion; + ULONG cBuffers; + MIDL_PROP([size_is(cBuffers)]) __field_ecount(cBuffers) PSecBuffer pBuffers; +} SecBufferDesc, SEC_FAR * PSecBufferDesc; + +typedef struct _SecPkgInfoW +{ + ULONG fCapabilities; + USHORT wVersion; + USHORT wRPCID; + ULONG cbMaxToken; + MIDL_PROP([string]) SEC_WCHAR *Name; + MIDL_PROP([string]) SEC_WCHAR *Comment; +} SecPkgInfoW, *PSecPkgInfoW; +#define SecPkgInfo SecPkgInfoW +#define PSecPkgInfo PSecPkgInfoW + +typedef struct _SecPkgCredentials_NamesW +{ + MIDL_PROP([string]) SEC_WCHAR * sUserName; +} SecPkgCredentials_NamesW, * PSecPkgCredentials_NamesW; +#define SecPkgCredentials_Names SecPkgCredentials_NamesW +#define PSecPkgCredentials_Names PSecPkgCredentials_NamesW + +typedef struct _SecPkgContext_NamesW +{ + SEC_WCHAR *sUserName; +} SecPkgContext_NamesW, *PSecPkgContext_NamesW; +#define SecPkgContext_Names SecPkgContext_NamesW +#define PSecPkgContext_Names PSecPkgContext_NamesW + +#if OSVER(NTDDI_VERSION) > NTDDI_WIN2K +typedef struct _SecPkgContext_CredentialNameW +{ + ULONG CredentialType; + SEC_WCHAR *sCredentialName; +} SecPkgContext_CredentialNameW, *PSecPkgContext_CredentialNameW; +#endif +#define SecPkgContext_CredentialName SecPkgContext_CredentialNameW +#define PSecPkgContext_CredentialName PSecPkgContext_CredentialNameW + +typedef struct _SecPkgContext_SubjectAttributes { + PVOID AttributeInfo; +} SecPkgContext_SubjectAttributes, *PSecPkgContext_SubjectAttributes; + +typedef struct _SecPkgContext_CredInfo { + SECPKG_CRED_CLASS CredClass; + ULONG IsPromptingNeeded; +} SecPkgContext_CredInfo, *PSecPkgContext_CredInfo; + +typedef struct _SecPkgContext_NegoPackageInfo +{ + ULONG PackageMask; +} SecPkgContext_NegoPackageInfo, * PSecPkgContext_NegoPackageInfo; + +typedef struct _SecPkgContext_NegoStatus +{ + ULONG LastStatus; +} SecPkgContext_NegoStatus, *PSecPkgContext_NegoStatus; + +typedef struct _SecPkgContext_Sizes +{ + ULONG cbMaxToken; + ULONG cbMaxSignature; + ULONG cbBlockSize; + ULONG cbSecurityTrailer; +} SecPkgContext_Sizes, *PSecPkgContext_Sizes; + +typedef struct _SecPkgContext_StreamSizes +{ + ULONG cbHeader; + ULONG cbTrailer; + ULONG cbMaximumMessage; + ULONG cBuffers; + ULONG cbBlockSize; +} SecPkgContext_StreamSizes, *PSecPkgContext_StreamSizes; + +typedef struct _SecPkgContext_Lifespan +{ + TimeStamp tsStart; + TimeStamp tsExpiry; +} SecPkgContext_Lifespan, *PSecPkgContext_Lifespan; + +typedef struct _SecPkgContext_PasswordExpiry +{ + TimeStamp tsPasswordExpires; +} SecPkgContext_PasswordExpiry, * PSecPkgContext_PasswordExpiry; + +typedef struct _SecPkgContext_ProtoInfoW +{ + SEC_WCHAR *sProtocolName; + ULONG majorVersion; + ULONG minorVersion; +} SecPkgContext_ProtoInfoW, *PSecPkgContext_ProtoInfoW; +#define SecPkgContext_ProtoInfo SecPkgContext_ProtoInfoW +#define PSecPkgContext_ProtoInfo PSecPkgContext_ProtoInfoW + +typedef struct _SecPkgContext_KeyInfoW +{ + SEC_WCHAR *sSignatureAlgorithmName; + SEC_WCHAR *sEncryptAlgorithmName; + ULONG KeySize; + ULONG SignatureAlgorithm; + ULONG EncryptAlgorithm; +} SecPkgContext_KeyInfoW, *PSecPkgContext_KeyInfoW; +#define SecPkgContext_KeyInfo SecPkgContext_KeyInfoW +#define PSecPkgContext_KeyInfo PSecPkgContext_KeyInfoW + +typedef struct _SecPkgContext_SessionKey +{ + ULONG SessionKeyLength; + __field_bcount(SessionKeyLength) PUCHAR SessionKey; +} SecPkgContext_SessionKey, *PSecPkgContext_SessionKey; + +typedef struct _SecPkgContext_NegoKeys +{ + ULONG KeyType; + USHORT KeyLength; + __field_bcount(KeyLength) PUCHAR KeyValue; + ULONG VerifyKeyType; + USHORT VerifyKeyLength; + __field_bcount(VerifyKeyLength) PUCHAR VerifyKeyValue; +} SecPkgContext_NegoKeys, *PSecPkgContext_NegoKeys; + +typedef struct _SecPkgContext_DceInfo +{ + ULONG AuthzSvc; + PVOID pPac; +} SecPkgContext_DceInfo, *PSecPkgContext_DceInfo; + +typedef struct _SecPkgContext_PackageInfoW +{ + PSecPkgInfoW PackageInfo; +} SecPkgContext_PackageInfoW, *PSecPkgContext_PackageInfoW; +#define SecPkgContext_PackageInfo SecPkgContext_PackageInfoW +#define PSecPkgContext_PackageInfo PSecPkgContext_PackageInfoW + +typedef struct _SecPkgContext_UserFlags +{ + ULONG UserFlags; +} SecPkgContext_UserFlags, *PSecPkgContext_UserFlags; + +typedef struct _SecPkgContext_Flags +{ + ULONG Flags; +} SecPkgContext_Flags, *PSecPkgContext_Flags; + +typedef struct _SecPkgContext_NegotiationInfoW +{ + PSecPkgInfoW PackageInfo ; + ULONG NegotiationState ; +} SecPkgContext_NegotiationInfoW, *PSecPkgContext_NegotiationInfoW ; + +typedef struct _SecPkgContext_AuthorityW +{ + SEC_WCHAR *sAuthorityName; +} SecPkgContext_AuthorityW, *PSecPkgContext_AuthorityW; +#define SecPkgContext_Authority SecPkgContext_AuthorityW +#define PSecPkgContext_Authority PSecPkgContext_AuthorityW + + +#if NTDDI_VERSION > NTDDI_WS03 +typedef struct _SecPkgCredentials_SSIProviderW +{ + SEC_WCHAR *sProviderName; + ULONG ProviderInfoLength; + PCHAR ProviderInfo; +} SecPkgCredentials_SSIProviderW, * PSecPkgCredentials_SSIProviderW; +#define SecPkgCredentials_SSIProvider SecPkgCredentials_SSIProviderW +#define PSecPkgCredentials_SSIProvider PSecPkgCredentials_SSIProviderW + +typedef struct _SecPkgContext_LogoffTime +{ + TimeStamp tsLogoffTime; +} SecPkgContext_LogoffTime, *PSecPkgContext_LogoffTime; +#endif + +/* forward declaration */ +typedef struct _SECURITY_FUNCTION_TABLE_W SecurityFunctionTableW, * PSecurityFunctionTableW; +#define SecurityFunctionTable SecurityFunctionTableW +#define PSecurityFunctionTable PSecurityFunctionTableW + +typedef +VOID +(SEC_ENTRY * SEC_GET_KEY_FN)( + PVOID Arg, + PVOID Principal, + ULONG KeyVer, + PVOID *Key, + SECURITY_STATUS *Status); + +KSECDDDECLSPEC +SECURITY_STATUS +SEC_ENTRY +AcceptSecurityContext( + __in_opt PCredHandle phCredential, + __in_opt PCtxtHandle phContext, + __in_opt PSecBufferDesc pInput, + __in ULONG fContextReq, + __in ULONG TargetDataRep, + __in_opt PCtxtHandle phNewContext, + __in_opt PSecBufferDesc pOutput, + __out PULONG pfContextAttr, + __out_opt PTimeStamp ptsExpiry); + +typedef +SECURITY_STATUS +(SEC_ENTRY * ACCEPT_SECURITY_CONTEXT_FN)( + PCredHandle, + PCtxtHandle, + PSecBufferDesc, + ULONG, + ULONG, + PCtxtHandle, + PSecBufferDesc, + PULONG, + PTimeStamp); + +KSECDDDECLSPEC +SECURITY_STATUS +SEC_ENTRY +AcquireCredentialsHandleW( + __in_opt PSSPI_SEC_STRING pPrincipal, + __in PSSPI_SEC_STRING pPackage, + __in ULONG fCredentialUse, + __in_opt PVOID pvLogonId, + __in_opt PVOID pAuthData, + __in_opt SEC_GET_KEY_FN pGetKeyFn, + __in_opt PVOID pvGetKeyArgument, + __out PCredHandle phCredential, + __out_opt PTimeStamp ptsExpiry); +#define AcquireCredentialsHandle AcquireCredentialsHandleW + +typedef +SECURITY_STATUS +(SEC_ENTRY * ACQUIRE_CREDENTIALS_HANDLE_FN_W)( + PSSPI_SEC_STRING, + PSSPI_SEC_STRING, + ULONG, + PVOID, + PVOID, + SEC_GET_KEY_FN, + PVOID, + PCredHandle, + PTimeStamp); +#define ACQUIRE_CREDENTIALS_HANDLE_FN ACQUIRE_CREDENTIALS_HANDLE_FN_W + +SECURITY_STATUS +SEC_ENTRY +AddCredentialsA( + __in PCredHandle hCredentials, + __in_opt LPSTR pszPrincipal, + __in LPSTR pszPackage, + __in ULONG fCredentialUse, + __in_opt PVOID pAuthData, + __in_opt SEC_GET_KEY_FN pGetKeyFn, + __in_opt PVOID pvGetKeyArgument, + __out_opt PTimeStamp ptsExpiry); + +typedef +SECURITY_STATUS +(SEC_ENTRY * ADD_CREDENTIALS_FN_A)( + PCredHandle, + SEC_CHAR *, + SEC_CHAR *, + ULONG, + PVOID, + SEC_GET_KEY_FN, + PVOID, + PTimeStamp); + +KSECDDDECLSPEC +SECURITY_STATUS +SEC_ENTRY +AddCredentialsW( + __in PCredHandle hCredentials, + __in_opt PSSPI_SEC_STRING pPrincipal, + __in PSSPI_SEC_STRING pPackage, + __in ULONG fCredentialUse, + __in_opt PVOID pAuthData, + __in_opt SEC_GET_KEY_FN pGetKeyFn, + __in_opt PVOID pvGetKeyArgument, + __out_opt PTimeStamp ptsExpiry); + +typedef +SECURITY_STATUS +(SEC_ENTRY * ADD_CREDENTIALS_FN_W)( + PCredHandle, + PSSPI_SEC_STRING, + PSSPI_SEC_STRING, + ULONG, + PVOID, + SEC_GET_KEY_FN, + PVOID, + PTimeStamp); + +#ifdef UNICODE +#define AddCredentials AddCredentialsW +#define ADD_CREDENTIALS_FN ADD_CREDENTIALS_FN_W +#else +#define AddCredentials AddCredentialsA +#define ADD_CREDENTIALS_FN ADD_CREDENTIALS_FN_A +#endif + +KSECDDDECLSPEC +SECURITY_STATUS +SEC_ENTRY +ApplyControlToken( + __in PCtxtHandle phContext, + __in PSecBufferDesc pInput); + +typedef +SECURITY_STATUS +(SEC_ENTRY * APPLY_CONTROL_TOKEN_FN)( + PCtxtHandle, PSecBufferDesc); + +#if (ISSP_MODE != 0) + +SECURITY_STATUS +SEC_ENTRY +ChangeAccountPasswordA( + __in SEC_CHAR* pszPackageName, + __in SEC_CHAR* pszDomainName, + __in SEC_CHAR* pszAccountName, + __in SEC_CHAR* pszOldPassword, + __in SEC_CHAR* pszNewPassword, + __in BOOLEAN bImpersonating, + __in ULONG dwReserved, + __inout PSecBufferDesc pOutput); + +typedef +SECURITY_STATUS +(SEC_ENTRY * CHANGE_PASSWORD_FN_A)( + SEC_CHAR *, + SEC_CHAR *, + SEC_CHAR *, + SEC_CHAR *, + SEC_CHAR *, + BOOLEAN, + ULONG, + PSecBufferDesc); + +SECURITY_STATUS +SEC_ENTRY +ChangeAccountPasswordW( + __in SEC_WCHAR* pszPackageName, + __in SEC_WCHAR* pszDomainName, + __in SEC_WCHAR* pszAccountName, + __in SEC_WCHAR* pszOldPassword, + __in SEC_WCHAR* pszNewPassword, + __in BOOLEAN bImpersonating, + __in ULONG dwReserved, + __inout PSecBufferDesc pOutput); + +typedef +SECURITY_STATUS +(SEC_ENTRY * CHANGE_PASSWORD_FN_W)( + SEC_WCHAR *, + SEC_WCHAR *, + SEC_WCHAR *, + SEC_WCHAR *, + SEC_WCHAR *, + BOOLEAN, + ULONG, + PSecBufferDesc); + +#ifdef UNICODE +#define ChangeAccountPassword ChangeAccountPasswordW +#define CHANGE_PASSWORD_FN CHANGE_PASSWORD_FN_W +#else +#define ChangeAccountPassword ChangeAccountPasswordA +#define CHANGE_PASSWORD_FN CHANGE_PASSWORD_FN_A +#endif + +#endif /* ISSP_MODE != 0 */ + +SECURITY_STATUS +SEC_ENTRY +CompleteAuthToken( + __in PCtxtHandle phContext, + __in PSecBufferDesc pToken); + +typedef +SECURITY_STATUS +(SEC_ENTRY * COMPLETE_AUTH_TOKEN_FN)( + PCtxtHandle, + PSecBufferDesc); + +SECURITY_STATUS +SEC_ENTRY +DecryptMessage( + __in PCtxtHandle phContext, + __inout PSecBufferDesc pMessage, + __in ULONG MessageSeqNo, + __out_opt PULONG pfQOP); + +typedef +SECURITY_STATUS +(SEC_ENTRY * DECRYPT_MESSAGE_FN)( + PCtxtHandle, + PSecBufferDesc, + ULONG, + PULONG); + +KSECDDDECLSPEC +SECURITY_STATUS +SEC_ENTRY +DeleteSecurityContext( + __in PCtxtHandle phContext); + +typedef +SECURITY_STATUS +(SEC_ENTRY * DELETE_SECURITY_CONTEXT_FN)( + PCtxtHandle); + +SECURITY_STATUS +SEC_ENTRY +EncryptMessage( + __in PCtxtHandle phContext, + __in ULONG fQOP, + __inout PSecBufferDesc pMessage, + __in ULONG MessageSeqNo); + +typedef +SECURITY_STATUS +(SEC_ENTRY * ENCRYPT_MESSAGE_FN)( + PCtxtHandle, + ULONG, + PSecBufferDesc, + ULONG); + +KSECDDDECLSPEC +SECURITY_STATUS +SEC_ENTRY +EnumerateSecurityPackagesW( + __out PULONG pcPackages, + __deref_out PSecPkgInfoW * ppPackageInfo); +#define EnumerateSecurityPackages EnumerateSecurityPackagesW + +typedef +SECURITY_STATUS +(SEC_ENTRY * ENUMERATE_SECURITY_PACKAGES_FN_W)( + PULONG, + PSecPkgInfoW*); +#define ENUMERATE_SECURITY_PACKAGES_FN ENUMERATE_SECURITY_PACKAGES_FN_W + +KSECDDDECLSPEC +SECURITY_STATUS +SEC_ENTRY +ExportSecurityContext( + __in PCtxtHandle phContext, + __in ULONG fFlags, + __out PSecBuffer pPackedContext, + __out PVOID* pToken); + +typedef +SECURITY_STATUS +(SEC_ENTRY * EXPORT_SECURITY_CONTEXT_FN)( + PCtxtHandle, + ULONG, + PSecBuffer, + PVOID*); + +SECURITY_STATUS +SEC_ENTRY +FreeContextBuffer( + __inout PVOID pvContextBuffer); + +typedef +SECURITY_STATUS +(SEC_ENTRY * FREE_CONTEXT_BUFFER_FN)( + __inout PVOID); + +KSECDDDECLSPEC +SECURITY_STATUS +SEC_ENTRY +FreeCredentialsHandle( + __in PCredHandle phCredential); + +typedef +SECURITY_STATUS +(SEC_ENTRY * FREE_CREDENTIALS_HANDLE_FN)( + PCredHandle); + +KSECDDDECLSPEC +SECURITY_STATUS +SEC_ENTRY +ImpersonateSecurityContext( + __in PCtxtHandle phContext); + +typedef +SECURITY_STATUS +(SEC_ENTRY * IMPERSONATE_SECURITY_CONTEXT_FN)( + PCtxtHandle); + +KSECDDDECLSPEC +SECURITY_STATUS +SEC_ENTRY +ImportSecurityContextW( + __in PSSPI_SEC_STRING pszPackage, + __in PSecBuffer pPackedContext, + __in PVOID Token, + __out PCtxtHandle phContext); +#define ImportSecurityContext ImportSecurityContextW + +typedef +SECURITY_STATUS +(SEC_ENTRY * IMPORT_SECURITY_CONTEXT_FN_W)( + PSSPI_SEC_STRING, + PSecBuffer, + PVOID, + PCtxtHandle); +#define IMPORT_SECURITY_CONTEXT_FN IMPORT_SECURITY_CONTEXT_FN_W + +KSECDDDECLSPEC +SECURITY_STATUS +SEC_ENTRY +InitializeSecurityContextW( + __in_opt PCredHandle phCredential, + __in_opt PCtxtHandle phContext, + __in_opt PSSPI_SEC_STRING pTargetName, + __in ULONG fContextReq, + __in ULONG Reserved1, + __in ULONG TargetDataRep, + __in_opt PSecBufferDesc pInput, + __in ULONG Reserved2, + __inout_opt PCtxtHandle phNewContext, + __inout_opt PSecBufferDesc pOutput, + __out PULONG pfContextAttr, + __out_opt PTimeStamp ptsExpiry); +#define InitializeSecurityContext InitializeSecurityContextW + +typedef +SECURITY_STATUS +(SEC_ENTRY * INITIALIZE_SECURITY_CONTEXT_FN_W)( + PCredHandle, + PCtxtHandle, + PSSPI_SEC_STRING, + ULONG, + ULONG, + ULONG, + PSecBufferDesc, + ULONG, + PCtxtHandle, + PSecBufferDesc, + PULONG, + PTimeStamp); +#define INITIALIZE_SECURITY_CONTEXT_FN INITIALIZE_SECURITY_CONTEXT_FN_W + +KSECDDDECLSPEC +PSecurityFunctionTableW +SEC_ENTRY +InitSecurityInterfaceW(VOID); +#define InitSecurityInterface InitSecurityInterfaceW + +typedef +PSecurityFunctionTableW +(SEC_ENTRY * INIT_SECURITY_INTERFACE_W)(VOID); +#define INIT_SECURITY_INTERFACE INIT_SECURITY_INTERFACE_W + +KSECDDDECLSPEC +SECURITY_STATUS +SEC_ENTRY +MakeSignature( + __in PCtxtHandle phContext, + __in ULONG fQOP, + __in PSecBufferDesc pMessage, + __in ULONG MessageSeqNo); + +typedef +SECURITY_STATUS +(SEC_ENTRY * MAKE_SIGNATURE_FN)( + PCtxtHandle, + ULONG, + PSecBufferDesc, + ULONG); + +KSECDDDECLSPEC +SECURITY_STATUS +SEC_ENTRY +QueryContextAttributesW( + __in PCtxtHandle phContext, + __in ULONG ulAttribute, + __out PVOID pBuffer); +#define QueryContextAttributes QueryContextAttributesW + +typedef +SECURITY_STATUS +(SEC_ENTRY * QUERY_CONTEXT_ATTRIBUTES_FN_W)( + PCtxtHandle, + ULONG, + PVOID); +#define QUERY_CONTEXT_ATTRIBUTES_FN QUERY_CONTEXT_ATTRIBUTES_FN_W + +KSECDDDECLSPEC +SECURITY_STATUS +SEC_ENTRY +QueryCredentialsAttributesW( + __in PCredHandle phCredential, + __in ULONG ulAttribute, + __inout PVOID pBuffer); +#define QueryCredentialsAttributes QueryCredentialsAttributesW + +typedef +SECURITY_STATUS +(SEC_ENTRY * QUERY_CREDENTIALS_ATTRIBUTES_FN_W)( + PCredHandle, + ULONG, + PVOID); +#define QUERY_CREDENTIALS_ATTRIBUTES_FN QUERY_CREDENTIALS_ATTRIBUTES_FN_W + +KSECDDDECLSPEC +SECURITY_STATUS +SEC_ENTRY +QuerySecurityContextToken( + __in PCtxtHandle phContext, + __out PVOID * Token); + +typedef +SECURITY_STATUS +(SEC_ENTRY * QUERY_SECURITY_CONTEXT_TOKEN_FN)( + PCtxtHandle, PVOID *); + +KSECDDDECLSPEC +SECURITY_STATUS +SEC_ENTRY +QuerySecurityPackageInfoW( + __in PSSPI_SEC_STRING pPackageName, + __deref_out PSecPkgInfoW *ppPackageInfo); +#define QuerySecurityPackageInfo QuerySecurityPackageInfoW + +typedef +SECURITY_STATUS +(SEC_ENTRY * QUERY_SECURITY_PACKAGE_INFO_FN_W)( + PSSPI_SEC_STRING, + PSecPkgInfoW *); +#define QUERY_SECURITY_PACKAGE_INFO_FN QUERY_SECURITY_PACKAGE_INFO_FN_W + +KSECDDDECLSPEC +SECURITY_STATUS +SEC_ENTRY +RevertSecurityContext( + __in PCtxtHandle phContext); + +typedef +SECURITY_STATUS +(SEC_ENTRY * REVERT_SECURITY_CONTEXT_FN)( + PCtxtHandle); + +#if (OSVER(NTDDI_VERSION) > NTDDI_WIN2K) +SECURITY_STATUS +SEC_ENTRY +SetContextAttributesW( + __in PCtxtHandle phContext, + __in ULONG ulAttribute, + __in_bcount(cbBuffer) PVOID pBuffer, + __in ULONG cbBuffer); +#define SetContextAttributes SetContextAttributesW + +typedef +SECURITY_STATUS +(SEC_ENTRY * SET_CONTEXT_ATTRIBUTES_FN_W)( + PCtxtHandle, + ULONG, + PVOID, + ULONG); +#define SET_CONTEXT_ATTRIBUTES_FN SET_CONTEXT_ATTRIBUTES_FN_W +#endif + +#if (NTDDI_VERSION > NTDDI_WS03) +KSECDDDECLSPEC +SECURITY_STATUS +SEC_ENTRY +SetCredentialsAttributesW( + __in PCredHandle phCredential, + __in ULONG ulAttribute, + __in_bcount(cbBuffer) PVOID pBuffer, + __in ULONG cbBuffer); +#define SetCredentialsAttributes SetCredentialsAttributesW + +typedef +SECURITY_STATUS +(SEC_ENTRY * SET_CREDENTIALS_ATTRIBUTES_FN_W)( + PCredHandle, + ULONG, + PVOID, + ULONG); +#define SET_CREDENTIALS_ATTRIBUTES_FN SET_CREDENTIALS_ATTRIBUTES_FN_W +#endif /* NTDDI_VERSION > NTDDI_WS03 */ + +KSECDDDECLSPEC +SECURITY_STATUS +SEC_ENTRY +VerifySignature( + __in PCtxtHandle phContext, + __in PSecBufferDesc pMessage, + __in ULONG MessageSeqNo, + __out PULONG pfQOP); + +typedef +SECURITY_STATUS +(SEC_ENTRY * VERIFY_SIGNATURE_FN)( + PCtxtHandle, + PSecBufferDesc, + ULONG, + PULONG); + + +#if (ISSP_MODE == 0) + +KSECDDDECLSPEC +NTSTATUS +NTAPI +SecMakeSPN( + __in PUNICODE_STRING ServiceClass, + __in PUNICODE_STRING ServiceName, + __in_opt PUNICODE_STRING InstanceName, + __in_opt USHORT InstancePort, + __in_opt PUNICODE_STRING Referrer, + __inout PUNICODE_STRING Spn, + __out_opt PULONG Length, + __in BOOLEAN Allocate); + +#if (NTDDI_VERSION >= NTDDI_WINXP) +KSECDDDECLSPEC +NTSTATUS +NTAPI +SecMakeSPNEx( + __in PUNICODE_STRING ServiceClass, + __in PUNICODE_STRING ServiceName, + __in_opt PUNICODE_STRING InstanceName, + __in_opt USHORT InstancePort, + __in_opt PUNICODE_STRING Referrer, + __in_opt PUNICODE_STRING TargetInfo, + __inout PUNICODE_STRING Spn, + __out PULONG Length OPTIONAL, + __in BOOLEAN Allocate); + +KSECDDDECLSPEC +NTSTATUS +SEC_ENTRY +SecLookupAccountSid( + __in PSID Sid, + __out PULONG NameSize, + __inout PUNICODE_STRING NameBuffer, + __out PULONG DomainSize OPTIONAL, + __out_opt PUNICODE_STRING DomainBuffer, + __out PSID_NAME_USE NameUse + ); + +KSECDDDECLSPEC +NTSTATUS +SEC_ENTRY +SecLookupAccountName( + __in PUNICODE_STRING Name, + __inout PULONG SidSize, + __out PSID Sid, + __out PSID_NAME_USE NameUse, + __out_opt PULONG DomainSize, // WDK says __out only + ... OPTIONAL + __inout_opt PUNICODE_STRING ReferencedDomain); +#endif + +#if (NTDDI_VERSION >= NTDDI_WS03) +KSECDDDECLSPEC +NTSTATUS +SEC_ENTRY +SecLookupWellKnownSid( + __in WELL_KNOWN_SID_TYPE SidType, + __out PSID Sid, + __in ULONG SidBufferSize, + __inout_opt PULONG SidSize); +#endif + +#if (NTDDI_VERSION >= NTDDI_VISTA) +KSECDDDECLSPEC +NTSTATUS +NTAPI +SecMakeSPNEx2( + __in PUNICODE_STRING ServiceClass, + __in PUNICODE_STRING ServiceName, + __in_opt PUNICODE_STRING InstanceName, + __in_opt USHORT InstancePort, + __in_opt PUNICODE_STRING Referrer, + __in_opt PUNICODE_STRING InTargetInfo, + __inout PUNICODE_STRING Spn, + __out_opt PULONG TotalSize, + __in BOOLEAN Allocate, + __in BOOLEAN IsTargetInfoMarshaled); +#endif + +#endif /* ISSP_MODE == 0 */ + +#if (NTDDI_VERSION >= NTDDI_WIN7) + +SECURITY_STATUS +SEC_ENTRY +SspiEncodeAuthIdentityAsStrings( + __in PSEC_WINNT_AUTH_IDENTITY_OPAQUE pAuthIdentity, + __deref_out_opt PCWSTR* ppszUserName, + __deref_out_opt PCWSTR* ppszDomainName, + __deref_opt_out_opt PCWSTR* ppszPackedCredentialsString); + +SECURITY_STATUS +SEC_ENTRY +SspiValidateAuthIdentity( + __in PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthData); + +SECURITY_STATUS +SEC_ENTRY +SspiCopyAuthIdentity( + __in PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthData, + __deref_out PSEC_WINNT_AUTH_IDENTITY_OPAQUE* AuthDataCopy); + +VOID +SEC_ENTRY +SspiFreeAuthIdentity( + __in_opt PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthData); + +VOID +SEC_ENTRY +SspiZeroAuthIdentity( + __in_opt PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthData); + +VOID +SEC_ENTRY +SspiLocalFree( + __in_opt PVOID DataBuffer); + +SECURITY_STATUS +SEC_ENTRY +SspiEncodeStringsAsAuthIdentity( + __in_opt PCWSTR pszUserName, + __in_opt PCWSTR pszDomainName, + __in_opt PCWSTR pszPackedCredentialsString, + __deref_out PSEC_WINNT_AUTH_IDENTITY_OPAQUE* ppAuthIdentity); + +SECURITY_STATUS +SEC_ENTRY +SspiCompareAuthIdentities( + __in_opt PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthIdentity1, + __in_opt PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthIdentity2, + __out_opt PBOOLEAN SameSuppliedUser, + __out_opt PBOOLEAN SameSuppliedIdentity); + +SECURITY_STATUS +SEC_ENTRY +SspiMarshalAuthIdentity( + __in PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthIdentity, + __out PULONG AuthIdentityLength, + __deref_out_bcount(*AuthIdentityLength) PCHAR* AuthIdentityByteArray); + +SECURITY_STATUS +SEC_ENTRY +SspiUnmarshalAuthIdentity( + __in PULONG AuthIdentityLength, + __in_bcount(AuthIdentityLength) PCHAR AuthIdentityByteArray, + __deref_out PSEC_WINNT_AUTH_IDENTITY_OPAQUE* ppAuthIdentity); + +BOOLEAN +SEC_ENTRY +SspiIsPromptingNeeded( + __in PULONG ErrorOrNtStatus); + +SECURITY_STATUS +SEC_ENTRY +SspiGetTargetHostName( + __in PCWSTR pszTargetName, + __deref_out PWSTR* pszHostName); + +SECURITY_STATUS +SEC_ENTRY +SspiExcludePackage( + __in_opt PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthIdentity, + __in PCWSTR pszPackageName, + __deref_out PSEC_WINNT_AUTH_IDENTITY_OPAQUE* ppNewAuthIdentity); + +#define SEC_WINNT_AUTH_IDENTITY_MARSHALLED 0x04 +#define SEC_WINNT_AUTH_IDENTITY_ONLY 0x08 + +#endif /* NTDDI_VERSION >= NTDDI_WIN7 */ + +#define FreeCredentialHandle FreeCredentialsHandle +struct _SECURITY_FUNCTION_TABLE_W +{ + ULONG dwVersion; + ENUMERATE_SECURITY_PACKAGES_FN_W EnumerateSecurityPackagesW; + QUERY_CREDENTIALS_ATTRIBUTES_FN_W QueryCredentialsAttributesW; + ACQUIRE_CREDENTIALS_HANDLE_FN_W AcquireCredentialsHandleW; + FREE_CREDENTIALS_HANDLE_FN FreeCredentialsHandle; + PVOID Reserved2; + INITIALIZE_SECURITY_CONTEXT_FN_W InitializeSecurityContextW; + ACCEPT_SECURITY_CONTEXT_FN AcceptSecurityContext; + COMPLETE_AUTH_TOKEN_FN CompleteAuthToken; + DELETE_SECURITY_CONTEXT_FN DeleteSecurityContext; + APPLY_CONTROL_TOKEN_FN ApplyControlToken; + QUERY_CONTEXT_ATTRIBUTES_FN_W QueryContextAttributesW; + IMPERSONATE_SECURITY_CONTEXT_FN ImpersonateSecurityContext; + REVERT_SECURITY_CONTEXT_FN RevertSecurityContext; + MAKE_SIGNATURE_FN MakeSignature; + VERIFY_SIGNATURE_FN VerifySignature; + FREE_CONTEXT_BUFFER_FN FreeContextBuffer; + QUERY_SECURITY_PACKAGE_INFO_FN_W QuerySecurityPackageInfoW; + PVOID Reserved3; + PVOID Reserved4; + EXPORT_SECURITY_CONTEXT_FN ExportSecurityContext; + IMPORT_SECURITY_CONTEXT_FN_W ImportSecurityContextW; + ADD_CREDENTIALS_FN_W AddCredentialsW ; + PVOID Reserved8; + QUERY_SECURITY_CONTEXT_TOKEN_FN QuerySecurityContextToken; + ENCRYPT_MESSAGE_FN EncryptMessage; + DECRYPT_MESSAGE_FN DecryptMessage; +#if OSVER(NTDDI_VERSION) > NTDDI_WIN2K + SET_CONTEXT_ATTRIBUTES_FN_W SetContextAttributesW; +#endif +#if NTDDI_VERSION > NTDDI_WS03SP1 + SET_CREDENTIALS_ATTRIBUTES_FN_W SetCredentialsAttributesW; +#endif +#if ISSP_MODE != 0 + CHANGE_PASSWORD_FN_W ChangeAccountPasswordW; +#else + PVOID Reserved9; +#endif +}; + +#endif /* !__SSPI_H__ */ /* #if !defined(_X86AMD64_) FIXME : WHAT ?! */ #if defined(_WIN64) - C_ASSERT(sizeof(ERESOURCE) == 0x68); C_ASSERT(FIELD_OFFSET(ERESOURCE,ActiveCount) == 0x18); C_ASSERT(FIELD_OFFSET(ERESOURCE,Flag) == 0x1a); - #else - C_ASSERT(sizeof(ERESOURCE) == 0x38); C_ASSERT(FIELD_OFFSET(ERESOURCE,ActiveCount) == 0x0c); C_ASSERT(FIELD_OFFSET(ERESOURCE,Flag) == 0x0e); - #endif /* #endif */ Modified: trunk/reactos/include/xdk/ntifs.template.h URL: http://svn.reactos.org/svn/reactos/trunk/reactos/include/xdk/ntifs.template… ============================================================================== --- trunk/reactos/include/xdk/ntifs.template.h [iso-8859-1] (original) +++ trunk/reactos/include/xdk/ntifs.template.h [iso-8859-1] Tue Jan 3 19:42:58 2012 @@ -1079,20 +1079,17 @@ $include (cctypes.h) $include (ccfuncs.h) $include (zwfuncs.h) +$include (sspi.h) /* #if !defined(_X86AMD64_) FIXME : WHAT ?! */ #if defined(_WIN64) - C_ASSERT(sizeof(ERESOURCE) == 0x68); C_ASSERT(FIELD_OFFSET(ERESOURCE,ActiveCount) == 0x18); C_ASSERT(FIELD_OFFSET(ERESOURCE,Flag) == 0x1a); - #else - C_ASSERT(sizeof(ERESOURCE) == 0x38); C_ASSERT(FIELD_OFFSET(ERESOURCE,ActiveCount) == 0x0c); C_ASSERT(FIELD_OFFSET(ERESOURCE,Flag) == 0x0e); - #endif /* #endif */ @@ -1271,9 +1268,6 @@ #endif #include "csq.h" - -extern PACL SePublicDefaultDacl; -extern PACL SeSystemDefaultDacl; #define FS_LFN_APIS 0x00004000 Modified: trunk/reactos/include/xdk/rtlfuncs.h URL: http://svn.reactos.org/svn/reactos/trunk/reactos/include/xdk/rtlfuncs.h?rev… ============================================================================== --- trunk/reactos/include/xdk/rtlfuncs.h [iso-8859-1] (original) +++ trunk/reactos/include/xdk/rtlfuncs.h [iso-8859-1] Tue Jan 3 19:42:58 2012 @@ -1953,7 +1953,7 @@ if ((Length -= 1) == 0) { return; } - Address += 1; + Address += 1; } __stosq((PULONG64)(Address), Pattern | ((ULONG64)Pattern << 32), Length / 2); if ((Length & 1) != 0) Address[Length - 1] = Pattern; Added: trunk/reactos/include/xdk/sspi.h URL: http://svn.reactos.org/svn/reactos/trunk/reactos/include/xdk/sspi.h?rev=548… ============================================================================== --- trunk/reactos/include/xdk/sspi.h (added) +++ trunk/reactos/include/xdk/sspi.h [iso-8859-1] Tue Jan 3 19:42:58 2012 @@ -1,0 +1,1309 @@ +#ifndef __SSPI_H__ +#define __SSPI_H__ + +// for ntifs.h: +#define ISSP_LEVEL 32 +#define ISSP_MODE 0 + +#ifdef MIDL_PASS +#define MIDL_PROP(x) x +#else +#define MIDL_PROP(x) +#endif + +#define SEC_TEXT TEXT +#define SEC_FAR +#define SEC_ENTRY __stdcall + +#if defined(_NO_KSECDD_IMPORT_) +#define KSECDDDECLSPEC +#else +#define KSECDDDECLSPEC __declspec(dllimport) +#endif + +#define SECQOP_WRAP_NO_ENCRYPT 0x80000001 +#define SECQOP_WRAP_OOB_DATA 0x40000000 + +#define SECURITY_ENTRYPOINTW SEC_TEXT("InitSecurityInterfaceW") +#define SECURITY_ENTRYPOINT SECURITY_ENTRYPOINTW + +#define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION 1 +#define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION_2 2 +#define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION_3 3 +#define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION_4 4 + +#define SECURITY_NATIVE_DREP 0x00000010 +#define SECURITY_NETWORK_DREP 0x00000000 + +#define SECPKG_ID_NONE 0xFFFF + +#define SECPKG_CRED_ATTR_NAMES 1 +#define SECPKG_CRED_ATTR_SSI_PROVIDER 2 + +#define SECPKG_ATTR_SIZES 0 +#define SECPKG_ATTR_NAMES 1 +#define SECPKG_ATTR_LIFESPAN 2 +#define SECPKG_ATTR_DCE_INFO 3 +#define SECPKG_ATTR_STREAM_SIZES 4 +#define SECPKG_ATTR_KEY_INFO 5 +#define SECPKG_ATTR_AUTHORITY 6 +#define SECPKG_ATTR_PROTO_INFO 7 +#define SECPKG_ATTR_PASSWORD_EXPIRY 8 +#define SECPKG_ATTR_SESSION_KEY 9 +#define SECPKG_ATTR_PACKAGE_INFO 10 +#define SECPKG_ATTR_USER_FLAGS 11 +#define SECPKG_ATTR_NEGOTIATION_INFO 12 +#define SECPKG_ATTR_NATIVE_NAMES 13 +#define SECPKG_ATTR_FLAGS 14 +#define SECPKG_ATTR_USE_VALIDATED 15 +#define SECPKG_ATTR_CREDENTIAL_NAME 16 +#define SECPKG_ATTR_TARGET_INFORMATION 17 +#define SECPKG_ATTR_ACCESS_TOKEN 18 +#define SECPKG_ATTR_TARGET 19 +#define SECPKG_ATTR_AUTHENTICATION_ID 20 +#define SECPKG_ATTR_LOGOFF_TIME 21 +#define SECPKG_ATTR_NEGO_KEYS 22 +#define SECPKG_ATTR_PROMPTING_NEEDED 24 +#define SECPKG_ATTR_UNIQUE_BINDINGS 25 +#define SECPKG_ATTR_ENDPOINT_BINDINGS 26 +#define SECPKG_ATTR_CLIENT_SPECIFIED_TARGET 27 +#define SECPKG_ATTR_LAST_CLIENT_TOKEN_STATUS 30 +#define SECPKG_ATTR_NEGO_PKG_INFO 31 +#define SECPKG_ATTR_NEGO_STATUS 32 +#define SECPKG_ATTR_CONTEXT_DELETED 33 + +#define SECPKG_FLAG_INTEGRITY 0x00000001 +#define SECPKG_FLAG_PRIVACY 0x00000002 +#define SECPKG_FLAG_TOKEN_ONLY 0x00000004 +#define SECPKG_FLAG_DATAGRAM 0x00000008 +#define SECPKG_FLAG_CONNECTION 0x00000010 +#define SECPKG_FLAG_MULTI_REQUIRED 0x00000020 +#define SECPKG_FLAG_CLIENT_ONLY 0x00000040 +#define SECPKG_FLAG_EXTENDED_ERROR 0x00000080 +#define SECPKG_FLAG_IMPERSONATION 0x00000100 +#define SECPKG_FLAG_ACCEPT_WIN32_NAME 0x00000200 +#define SECPKG_FLAG_STREAM 0x00000400 +#define SECPKG_FLAG_NEGOTIABLE 0x00000800 +#define SECPKG_FLAG_GSS_COMPATIBLE 0x00001000 +#define SECPKG_FLAG_LOGON 0x00002000 +#define SECPKG_FLAG_ASCII_BUFFERS 0x00004000 +#define SECPKG_FLAG_FRAGMENT 0x00008000 +#define SECPKG_FLAG_MUTUAL_AUTH 0x00010000 +#define SECPKG_FLAG_DELEGATION 0x00020000 +#define SECPKG_FLAG_READONLY_WITH_CHECKSUM 0x00040000 +#define SECPKG_FLAG_RESTRICTED_TOKENS 0x00080000 +#define SECPKG_FLAG_NEGO_EXTENDER 0x00100000 +#define SECPKG_FLAG_NEGOTIABLE2 0x00200000 + +#define SECPKG_CRED_INBOUND 0x00000001 +#define SECPKG_CRED_OUTBOUND 0x00000002 +#define SECPKG_CRED_BOTH 0x00000003 +#define SECPKG_CRED_DEFAULT 0x00000004 +#define SECPKG_CRED_RESERVED 0xF0000000 +#define SECPKG_CRED_AUTOLOGON_RESTRICTED 0x00000010 +#define SECPKG_CRED_PROCESS_POLICY_ONLY 0x00000020 + +#define SECPKG_CONTEXT_EXPORT_RESET_NEW 0x00000001 +#define SECPKG_CONTEXT_EXPORT_DELETE_OLD 0x00000002 +#define SECPKG_CONTEXT_EXPORT_TO_KERNEL 0x00000004 + +#define SECPKG_ATTR_SUBJECT_SECURITY_ATTRIBUTES 128 +#define SECPKG_ATTR_NEGO_INFO_FLAG_NO_KERBEROS 0x1 +#define SECPKG_ATTR_NEGO_INFO_FLAG_NO_NTLM 0x2 + +#define SecPkgContext_NativeNames SecPkgContext_NativeNamesW +#define PSecPkgContext_NativeNames PSecPkgContext_NativeNamesW + +#define SECBUFFER_VERSION 0 + +#define SECBUFFER_EMPTY 0 +#define SECBUFFER_DATA 1 +#define SECBUFFER_TOKEN 2 +#define SECBUFFER_PKG_PARAMS 3 +#define SECBUFFER_MISSING 4 +#define SECBUFFER_EXTRA 5 +#define SECBUFFER_STREAM_TRAILER 6 +#define SECBUFFER_STREAM_HEADER 7 +#define SECBUFFER_NEGOTIATION_INFO 8 +#define SECBUFFER_PADDING 9 +#define SECBUFFER_STREAM 10 +#define SECBUFFER_MECHLIST 11 +#define SECBUFFER_MECHLIST_SIGNATURE 12 +#define SECBUFFER_TARGET 13 +#define SECBUFFER_CHANNEL_BINDINGS 14 +#define SECBUFFER_CHANGE_PASS_RESPONSE 15 +#define SECBUFFER_TARGET_HOST 16 +#define SECBUFFER_ALERT 17 + +#define SECBUFFER_ATTRMASK 0xF0000000 +#define SECBUFFER_READONLY 0x80000000 +#define SECBUFFER_READONLY_WITH_CHECKSUM 0x10000000 +#define SECBUFFER_RESERVED 0x60000000 + +#define ISC_REQ_DELEGATE 0x00000001 +#define ISC_REQ_MUTUAL_AUTH 0x00000002 +#define ISC_REQ_REPLAY_DETECT 0x00000004 +#define ISC_REQ_SEQUENCE_DETECT 0x00000008 +#define ISC_REQ_CONFIDENTIALITY 0x00000010 +#define ISC_REQ_USE_SESSION_KEY 0x00000020 +#define ISC_REQ_PROMPT_FOR_CREDS 0x00000040 +#define ISC_REQ_USE_SUPPLIED_CREDS 0x00000080 +#define ISC_REQ_ALLOCATE_MEMORY 0x00000100 +#define ISC_REQ_USE_DCE_STYLE 0x00000200 +#define ISC_REQ_DATAGRAM 0x00000400 +#define ISC_REQ_CONNECTION 0x00000800 +#define ISC_REQ_CALL_LEVEL 0x00001000 +#define ISC_REQ_FRAGMENT_SUPPLIED 0x00002000 +#define ISC_REQ_EXTENDED_ERROR 0x00004000 +#define ISC_REQ_STREAM 0x00008000 +#define ISC_REQ_INTEGRITY 0x00010000 +#define ISC_REQ_IDENTIFY 0x00020000 +#define ISC_REQ_NULL_SESSION 0x00040000 +#define ISC_REQ_MANUAL_CRED_VALIDATION 0x00080000 +#define ISC_REQ_RESERVED1 0x00100000 +#define ISC_REQ_FRAGMENT_TO_FIT 0x00200000 +#define ISC_REQ_FORWARD_CREDENTIALS 0x00400000 +#define ISC_REQ_NO_INTEGRITY 0x00800000 +#define ISC_REQ_USE_HTTP_STYLE 0x01000000 + +#define ISC_RET_DELEGATE 0x00000001 +#define ISC_RET_MUTUAL_AUTH 0x00000002 +#define ISC_RET_REPLAY_DETECT 0x00000004 +#define ISC_RET_SEQUENCE_DETECT 0x00000008 +#define ISC_RET_CONFIDENTIALITY 0x00000010 +#define ISC_RET_USE_SESSION_KEY 0x00000020 +#define ISC_RET_USED_COLLECTED_CREDS 0x00000040 +#define ISC_RET_USED_SUPPLIED_CREDS 0x00000080 +#define ISC_RET_ALLOCATED_MEMORY 0x00000100 +#define ISC_RET_USED_DCE_STYLE 0x00000200 +#define ISC_RET_DATAGRAM 0x00000400 +#define ISC_RET_CONNECTION 0x00000800 +#define ISC_RET_INTERMEDIATE_RETURN 0x00001000 +#define ISC_RET_CALL_LEVEL 0x00002000 +#define ISC_RET_EXTENDED_ERROR 0x00004000 +#define ISC_RET_STREAM 0x00008000 +#define ISC_RET_INTEGRITY 0x00010000 +#define ISC_RET_IDENTIFY 0x00020000 +#define ISC_RET_NULL_SESSION 0x00040000 +#define ISC_RET_MANUAL_CRED_VALIDATION 0x00080000 +#define ISC_RET_RESERVED1 0x00100000 +#define ISC_RET_FRAGMENT_ONLY 0x00200000 +#define ISC_RET_FORWARD_CREDENTIALS 0x00400000 +#define ISC_RET_USED_HTTP_STYLE 0x01000000 +#define ISC_RET_NO_ADDITIONAL_TOKEN 0x02000000 +#define ISC_RET_REAUTHENTICATION 0x08000000 + +#define ASC_REQ_DELEGATE 0x00000001 +#define ASC_REQ_MUTUAL_AUTH 0x00000002 +#define ASC_REQ_REPLAY_DETECT 0x00000004 +#define ASC_REQ_SEQUENCE_DETECT 0x00000008 +#define ASC_REQ_CONFIDENTIALITY 0x00000010 +#define ASC_REQ_USE_SESSION_KEY 0x00000020 +#define ASC_REQ_ALLOCATE_MEMORY 0x00000100 +#define ASC_REQ_USE_DCE_STYLE 0x00000200 +#define ASC_REQ_DATAGRAM 0x00000400 +#define ASC_REQ_CONNECTION 0x00000800 +#define ASC_REQ_CALL_LEVEL 0x00001000 +#define ASC_REQ_EXTENDED_ERROR 0x00008000 +#define ASC_REQ_STREAM 0x00010000 +#define ASC_REQ_INTEGRITY 0x00020000 +#define ASC_REQ_LICENSING 0x00040000 +#define ASC_REQ_IDENTIFY 0x00080000 +#define ASC_REQ_ALLOW_NULL_SESSION 0x00100000 +#define ASC_REQ_ALLOW_NON_USER_LOGONS 0x00200000 +#define ASC_REQ_ALLOW_CONTEXT_REPLAY 0x00400000 +#define ASC_REQ_FRAGMENT_TO_FIT 0x00800000 +#define ASC_REQ_FRAGMENT_SUPPLIED 0x00002000 +#define ASC_REQ_NO_TOKEN 0x01000000 +#define ASC_REQ_PROXY_BINDINGS 0x04000000 +//#define SSP_RET_REAUTHENTICATION 0x08000000 // internal + +#define ASC_REQ_ALLOW_MISSING_BINDINGS 0x10000000 +#define ASC_RET_DELEGATE 0x00000001 +#define ASC_RET_MUTUAL_AUTH 0x00000002 +#define ASC_RET_REPLAY_DETECT 0x00000004 +#define ASC_RET_SEQUENCE_DETECT 0x00000008 +#define ASC_RET_CONFIDENTIALITY 0x00000010 +#define ASC_RET_USE_SESSION_KEY 0x00000020 +#define ASC_RET_ALLOCATED_MEMORY 0x00000100 +#define ASC_RET_USED_DCE_STYLE 0x00000200 +#define ASC_RET_DATAGRAM 0x00000400 +#define ASC_RET_CONNECTION 0x00000800 +#define ASC_RET_CALL_LEVEL 0x00002000 +#define ASC_RET_THIRD_LEG_FAILED 0x00004000 +#define ASC_RET_EXTENDED_ERROR 0x00008000 +#define ASC_RET_STREAM 0x00010000 +#define ASC_RET_INTEGRITY 0x00020000 +#define ASC_RET_LICENSING 0x00040000 +#define ASC_RET_IDENTIFY 0x00080000 +#define ASC_RET_NULL_SESSION 0x00100000 +#define ASC_RET_ALLOW_NON_USER_LOGONS 0x00200000 +#define ASC_RET_ALLOW_CONTEXT_REPLAY 0x00400000 +#define ASC_RET_FRAGMENT_ONLY 0x00800000 +#define ASC_RET_NO_TOKEN 0x01000000 +#define ASC_RET_NO_ADDITIONAL_TOKEN 0x02000000 +#define ASC_RET_NO_PROXY_BINDINGS 0x04000000 +//#define SSP_RET_REAUTHENTICATION 0x08000000 // internal +#define ASC_RET_MISSING_BINDINGS 0x10000000 + +#define SEC_DELETED_HANDLE ((ULONG_PTR)(-2)) + +#define SecInvalidateHandle(x) \ + ((PSecHandle)(x))->dwLower = ((PSecHandle)(x))->dwUpper = ((ULONG_PTR)((INT_PTR)-1)); + +#define SecIsValidHandle(x) \ + ( ( ((PSecHandle)(x))->dwLower != (ULONG_PTR)(INT_PTR)-1 ) && \ + ( ((PSecHandle)(x))->dwUpper != (ULONG_PTR)(INT_PTR)-1 ) ) + +typedef WCHAR SEC_WCHAR; +typedef CHAR SEC_CHAR; +typedef LARGE_INTEGER _SECURITY_INTEGER, SECURITY_INTEGER, *PSECURITY_INTEGER; +typedef SECURITY_INTEGER TimeStamp, *PTimeStamp; +typedef UNICODE_STRING SECURITY_STRING, *PSECURITY_STRING; +#if ISSP_MODE == 0 +#define PSSPI_SEC_STRING PSECURITY_STRING +#else +#define PSSPI_SEC_STRING SEC_WCHAR* +#endif + +typedef PVOID PSEC_WINNT_AUTH_IDENTITY_OPAQUE; + +#ifndef __SECSTATUS_DEFINED__ +typedef LONG SECURITY_STATUS; +#define __SECSTATUS_DEFINED__ +#endif + +typedef enum _SECPKG_CRED_CLASS +{ + SecPkgCredClass_None = 0, + SecPkgCredClass_Ephemeral = 10, + SecPkgCredClass_PersistedGeneric = 20, + SecPkgCredClass_PersistedSpecific = 30, + SecPkgCredClass_Explicit = 40, +} SECPKG_CRED_CLASS, *PSECPKG_CRED_CLASS; + +typedef struct _SEC_NEGOTIATION_INFO +{ + ULONG Size; + ULONG NameLength; + SEC_WCHAR * Name; + PVOID Reserved; +} SEC_NEGOTIATION_INFO, *PSEC_NEGOTIATION_INFO; + +typedef struct _SEC_CHANNEL_BINDINGS +{ + ULONG dwInitiatorAddrType; + ULONG cbInitiatorLength; + ULONG dwInitiatorOffset; + ULONG dwAcceptorAddrType; + ULONG cbAcceptorLength; + ULONG dwAcceptorOffset; + ULONG cbApplicationDataLength; + ULONG dwApplicationDataOffset; +} SEC_CHANNEL_BINDINGS, *PSEC_CHANNEL_BINDINGS; + +#ifndef _AUTH_IDENTITY_EX2_DEFINED +#define _AUTH_IDENTITY_EX2_DEFINED +typedef struct _SEC_WINNT_AUTH_IDENTITY_EX2 { + ULONG Version; + USHORT cbHeaderLength; + ULONG cbStructureLength; + ULONG UserOffset; + USHORT UserLength; + ULONG DomainOffset; + USHORT DomainLength; + ULONG PackedCredentialsOffset; + USHORT PackedCredentialsLength; + ULONG Flags; + ULONG PackageListOffset; + USHORT PackageListLength; +} SEC_WINNT_AUTH_IDENTITY_EX2, *PSEC_WINNT_AUTH_IDENTITY_EX2; +#define SEC_WINNT_AUTH_IDENTITY_VERSION_2 0x201 +#endif + +#ifndef _AUTH_IDENTITY_DEFINED +#define _AUTH_IDENTITY_DEFINED +typedef struct _SEC_WINNT_AUTH_IDENTITY_W { + PUSHORT User; + ULONG UserLength; + PUSHORT Domain; + ULONG DomainLength; + PUSHORT Password; + ULONG PasswordLength; + ULONG Flags; +} SEC_WINNT_AUTH_IDENTITY_W, *PSEC_WINNT_AUTH_IDENTITY_W; +#define SEC_WINNT_AUTH_IDENTITY_ANSI 0x1 +#define SEC_WINNT_AUTH_IDENTITY_UNICODE 0x2 +#define SEC_WINNT_AUTH_IDENTITY SEC_WINNT_AUTH_IDENTITY_W +#define PSEC_WINNT_AUTH_IDENTITY PSEC_WINNT_AUTH_IDENTITY_W +#define _SEC_WINNT_AUTH_IDENTITY _SEC_WINNT_AUTH_IDENTITY_W +#endif + +#ifndef SEC_WINNT_AUTH_IDENTITY_VERSION +#define SEC_WINNT_AUTH_IDENTITY_VERSION 0x200 +typedef struct _SEC_WINNT_AUTH_IDENTITY_EXW { + ULONG Version; + ULONG Length; + PUSHORT User; // Non-NULL terminated string. + ULONG UserLength; // # of characters (NOT bytes), not including NULL. + PUSHORT Domain; // Non-NULL terminated string. + ULONG DomainLength; // # of characters (NOT bytes), not including NULL. + PUSHORT Password; // Non-NULL terminated string. + ULONG PasswordLength; // # of characters (NOT bytes), not including NULL. + ULONG Flags; + PUSHORT PackageList; + ULONG PackageListLength; +} SEC_WINNT_AUTH_IDENTITY_EXW, *PSEC_WINNT_AUTH_IDENTITY_EXW; +#define SEC_WINNT_AUTH_IDENTITY_EX SEC_WINNT_AUTH_IDENTITY_EXW +#define PSEC_WINNT_AUTH_IDENTITY_EX PSEC_WINNT_AUTH_IDENTITY_EXW +#endif + +#ifndef __SECHANDLE_DEFINED__ +typedef struct _SecHandle +{ + ULONG_PTR dwLower; + ULONG_PTR dwUpper; +} SecHandle, *PSecHandle; +#define __SECHANDLE_DEFINED__ +#endif + +typedef SecHandle CredHandle, *PCredHandle, CtxtHandle, *PCtxtHandle; + +typedef struct _SecBuffer +{ + ULONG cbBuffer; + ULONG BufferType; +#ifdef MIDL_PASS + MIDL_PROP([size_is(cbBuffer)]) PCHAR pvBuffer; +#else + __field_bcount(cbBuffer) void SEC_FAR *pvBuffer; +#endif +} SecBuffer, * PSecBuffer; + +typedef struct _SecBufferDesc +{ + ULONG ulVersion; + ULONG cBuffers; + MIDL_PROP([size_is(cBuffers)]) __field_ecount(cBuffers) PSecBuffer pBuffers; +} SecBufferDesc, SEC_FAR * PSecBufferDesc; + +typedef struct _SecPkgInfoW +{ + ULONG fCapabilities; + USHORT wVersion; + USHORT wRPCID; + ULONG cbMaxToken; + MIDL_PROP([string]) SEC_WCHAR *Name; + MIDL_PROP([string]) SEC_WCHAR *Comment; +} SecPkgInfoW, *PSecPkgInfoW; +#define SecPkgInfo SecPkgInfoW +#define PSecPkgInfo PSecPkgInfoW + +typedef struct _SecPkgCredentials_NamesW +{ + MIDL_PROP([string]) SEC_WCHAR * sUserName; +} SecPkgCredentials_NamesW, * PSecPkgCredentials_NamesW; +#define SecPkgCredentials_Names SecPkgCredentials_NamesW +#define PSecPkgCredentials_Names PSecPkgCredentials_NamesW + +typedef struct _SecPkgContext_NamesW +{ + SEC_WCHAR *sUserName; +} SecPkgContext_NamesW, *PSecPkgContext_NamesW; +#define SecPkgContext_Names SecPkgContext_NamesW +#define PSecPkgContext_Names PSecPkgContext_NamesW + +#if OSVER(NTDDI_VERSION) > NTDDI_WIN2K +typedef struct _SecPkgContext_CredentialNameW +{ + ULONG CredentialType; + SEC_WCHAR *sCredentialName; +} SecPkgContext_CredentialNameW, *PSecPkgContext_CredentialNameW; +#endif +#define SecPkgContext_CredentialName SecPkgContext_CredentialNameW +#define PSecPkgContext_CredentialName PSecPkgContext_CredentialNameW + +typedef struct _SecPkgContext_SubjectAttributes { + PVOID AttributeInfo; +} SecPkgContext_SubjectAttributes, *PSecPkgContext_SubjectAttributes; + +typedef struct _SecPkgContext_CredInfo { + SECPKG_CRED_CLASS CredClass; + ULONG IsPromptingNeeded; +} SecPkgContext_CredInfo, *PSecPkgContext_CredInfo; + +typedef struct _SecPkgContext_NegoPackageInfo +{ + ULONG PackageMask; +} SecPkgContext_NegoPackageInfo, * PSecPkgContext_NegoPackageInfo; + +typedef struct _SecPkgContext_NegoStatus +{ + ULONG LastStatus; +} SecPkgContext_NegoStatus, *PSecPkgContext_NegoStatus; + +typedef struct _SecPkgContext_Sizes +{ + ULONG cbMaxToken; + ULONG cbMaxSignature; + ULONG cbBlockSize; + ULONG cbSecurityTrailer; +} SecPkgContext_Sizes, *PSecPkgContext_Sizes; + +typedef struct _SecPkgContext_StreamSizes +{ + ULONG cbHeader; + ULONG cbTrailer; + ULONG cbMaximumMessage; + ULONG cBuffers; + ULONG cbBlockSize; +} SecPkgContext_StreamSizes, *PSecPkgContext_StreamSizes; + +typedef struct _SecPkgContext_Lifespan +{ + TimeStamp tsStart; + TimeStamp tsExpiry; +} SecPkgContext_Lifespan, *PSecPkgContext_Lifespan; + +typedef struct _SecPkgContext_PasswordExpiry +{ + TimeStamp tsPasswordExpires; +} SecPkgContext_PasswordExpiry, * PSecPkgContext_PasswordExpiry; + +typedef struct _SecPkgContext_ProtoInfoW +{ + SEC_WCHAR *sProtocolName; + ULONG majorVersion; + ULONG minorVersion; +} SecPkgContext_ProtoInfoW, *PSecPkgContext_ProtoInfoW; +#define SecPkgContext_ProtoInfo SecPkgContext_ProtoInfoW +#define PSecPkgContext_ProtoInfo PSecPkgContext_ProtoInfoW + +typedef struct _SecPkgContext_KeyInfoW +{ + SEC_WCHAR *sSignatureAlgorithmName; + SEC_WCHAR *sEncryptAlgorithmName; + ULONG KeySize; + ULONG SignatureAlgorithm; + ULONG EncryptAlgorithm; +} SecPkgContext_KeyInfoW, *PSecPkgContext_KeyInfoW; +#define SecPkgContext_KeyInfo SecPkgContext_KeyInfoW +#define PSecPkgContext_KeyInfo PSecPkgContext_KeyInfoW + +typedef struct _SecPkgContext_SessionKey +{ + ULONG SessionKeyLength; + __field_bcount(SessionKeyLength) PUCHAR SessionKey; +} SecPkgContext_SessionKey, *PSecPkgContext_SessionKey; + +typedef struct _SecPkgContext_NegoKeys +{ + ULONG KeyType; + USHORT KeyLength; + __field_bcount(KeyLength) PUCHAR KeyValue; + ULONG VerifyKeyType; + USHORT VerifyKeyLength; + __field_bcount(VerifyKeyLength) PUCHAR VerifyKeyValue; +} SecPkgContext_NegoKeys, *PSecPkgContext_NegoKeys; + +typedef struct _SecPkgContext_DceInfo +{ + ULONG AuthzSvc; + PVOID pPac; +} SecPkgContext_DceInfo, *PSecPkgContext_DceInfo; + +typedef struct _SecPkgContext_PackageInfoW +{ + PSecPkgInfoW PackageInfo; +} SecPkgContext_PackageInfoW, *PSecPkgContext_PackageInfoW; +#define SecPkgContext_PackageInfo SecPkgContext_PackageInfoW +#define PSecPkgContext_PackageInfo PSecPkgContext_PackageInfoW + +typedef struct _SecPkgContext_UserFlags +{ + ULONG UserFlags; +} SecPkgContext_UserFlags, *PSecPkgContext_UserFlags; + +typedef struct _SecPkgContext_Flags +{ + ULONG Flags; +} SecPkgContext_Flags, *PSecPkgContext_Flags; + +typedef struct _SecPkgContext_NegotiationInfoW +{ + PSecPkgInfoW PackageInfo ; + ULONG NegotiationState ; +} SecPkgContext_NegotiationInfoW, *PSecPkgContext_NegotiationInfoW ; + +typedef struct _SecPkgContext_AuthorityW +{ + SEC_WCHAR *sAuthorityName; +} SecPkgContext_AuthorityW, *PSecPkgContext_AuthorityW; +#define SecPkgContext_Authority SecPkgContext_AuthorityW +#define PSecPkgContext_Authority PSecPkgContext_AuthorityW + + +#if NTDDI_VERSION > NTDDI_WS03 +typedef struct _SecPkgCredentials_SSIProviderW +{ + SEC_WCHAR *sProviderName; + ULONG ProviderInfoLength; + PCHAR ProviderInfo; +} SecPkgCredentials_SSIProviderW, * PSecPkgCredentials_SSIProviderW; +#define SecPkgCredentials_SSIProvider SecPkgCredentials_SSIProviderW +#define PSecPkgCredentials_SSIProvider PSecPkgCredentials_SSIProviderW + +typedef struct _SecPkgContext_LogoffTime +{ + TimeStamp tsLogoffTime; +} SecPkgContext_LogoffTime, *PSecPkgContext_LogoffTime; +#endif + +/* forward declaration */ +typedef struct _SECURITY_FUNCTION_TABLE_W SecurityFunctionTableW, * PSecurityFunctionTableW; +#define SecurityFunctionTable SecurityFunctionTableW +#define PSecurityFunctionTable PSecurityFunctionTableW + +typedef +VOID +(SEC_ENTRY * SEC_GET_KEY_FN)( + PVOID Arg, + PVOID Principal, + ULONG KeyVer, + PVOID *Key, + SECURITY_STATUS *Status); + +KSECDDDECLSPEC +SECURITY_STATUS +SEC_ENTRY +AcceptSecurityContext( + __in_opt PCredHandle phCredential, + __in_opt PCtxtHandle phContext, + __in_opt PSecBufferDesc pInput, + __in ULONG fContextReq, + __in ULONG TargetDataRep, + __in_opt PCtxtHandle phNewContext, + __in_opt PSecBufferDesc pOutput, + __out PULONG pfContextAttr, + __out_opt PTimeStamp ptsExpiry); + +typedef +SECURITY_STATUS +(SEC_ENTRY * ACCEPT_SECURITY_CONTEXT_FN)( + PCredHandle, + PCtxtHandle, + PSecBufferDesc, + ULONG, + ULONG, + PCtxtHandle, + PSecBufferDesc, + PULONG, + PTimeStamp); + +KSECDDDECLSPEC +SECURITY_STATUS +SEC_ENTRY +AcquireCredentialsHandleW( + __in_opt PSSPI_SEC_STRING pPrincipal, + __in PSSPI_SEC_STRING pPackage, + __in ULONG fCredentialUse, + __in_opt PVOID pvLogonId, + __in_opt PVOID pAuthData, + __in_opt SEC_GET_KEY_FN pGetKeyFn, + __in_opt PVOID pvGetKeyArgument, + __out PCredHandle phCredential, + __out_opt PTimeStamp ptsExpiry); +#define AcquireCredentialsHandle AcquireCredentialsHandleW + +typedef +SECURITY_STATUS +(SEC_ENTRY * ACQUIRE_CREDENTIALS_HANDLE_FN_W)( + PSSPI_SEC_STRING, + PSSPI_SEC_STRING, + ULONG, + PVOID, + PVOID, + SEC_GET_KEY_FN, + PVOID, + PCredHandle, + PTimeStamp); +#define ACQUIRE_CREDENTIALS_HANDLE_FN ACQUIRE_CREDENTIALS_HANDLE_FN_W + +SECURITY_STATUS +SEC_ENTRY +AddCredentialsA( + __in PCredHandle hCredentials, + __in_opt LPSTR pszPrincipal, + __in LPSTR pszPackage, + __in ULONG fCredentialUse, + __in_opt PVOID pAuthData, + __in_opt SEC_GET_KEY_FN pGetKeyFn, + __in_opt PVOID pvGetKeyArgument, + __out_opt PTimeStamp ptsExpiry); + +typedef +SECURITY_STATUS +(SEC_ENTRY * ADD_CREDENTIALS_FN_A)( + PCredHandle, + SEC_CHAR *, + SEC_CHAR *, + ULONG, + PVOID, + SEC_GET_KEY_FN, + PVOID, + PTimeStamp); + +KSECDDDECLSPEC +SECURITY_STATUS +SEC_ENTRY +AddCredentialsW( + __in PCredHandle hCredentials, + __in_opt PSSPI_SEC_STRING pPrincipal, + __in PSSPI_SEC_STRING pPackage, + __in ULONG fCredentialUse, + __in_opt PVOID pAuthData, + __in_opt SEC_GET_KEY_FN pGetKeyFn, + __in_opt PVOID pvGetKeyArgument, + __out_opt PTimeStamp ptsExpiry); + +typedef +SECURITY_STATUS +(SEC_ENTRY * ADD_CREDENTIALS_FN_W)( + PCredHandle, + PSSPI_SEC_STRING, + PSSPI_SEC_STRING, + ULONG, + PVOID, + SEC_GET_KEY_FN, + PVOID, + PTimeStamp); + +#ifdef UNICODE +#define AddCredentials AddCredentialsW +#define ADD_CREDENTIALS_FN ADD_CREDENTIALS_FN_W +#else +#define AddCredentials AddCredentialsA +#define ADD_CREDENTIALS_FN ADD_CREDENTIALS_FN_A +#endif + +KSECDDDECLSPEC +SECURITY_STATUS +SEC_ENTRY +ApplyControlToken( + __in PCtxtHandle phContext, + __in PSecBufferDesc pInput); + +typedef +SECURITY_STATUS +(SEC_ENTRY * APPLY_CONTROL_TOKEN_FN)( + PCtxtHandle, PSecBufferDesc); + +#if (ISSP_MODE != 0) + +SECURITY_STATUS +SEC_ENTRY +ChangeAccountPasswordA( + __in SEC_CHAR* pszPackageName, + __in SEC_CHAR* pszDomainName, + __in SEC_CHAR* pszAccountName, + __in SEC_CHAR* pszOldPassword, + __in SEC_CHAR* pszNewPassword, + __in BOOLEAN bImpersonating, + __in ULONG dwReserved, + __inout PSecBufferDesc pOutput); + +typedef +SECURITY_STATUS +(SEC_ENTRY * CHANGE_PASSWORD_FN_A)( + SEC_CHAR *, + SEC_CHAR *, + SEC_CHAR *, + SEC_CHAR *, + SEC_CHAR *, + BOOLEAN, + ULONG, + PSecBufferDesc); + +SECURITY_STATUS +SEC_ENTRY +ChangeAccountPasswordW( + __in SEC_WCHAR* pszPackageName, + __in SEC_WCHAR* pszDomainName, + __in SEC_WCHAR* pszAccountName, + __in SEC_WCHAR* pszOldPassword, + __in SEC_WCHAR* pszNewPassword, + __in BOOLEAN bImpersonating, + __in ULONG dwReserved, + __inout PSecBufferDesc pOutput); + +typedef +SECURITY_STATUS +(SEC_ENTRY * CHANGE_PASSWORD_FN_W)( + SEC_WCHAR *, + SEC_WCHAR *, + SEC_WCHAR *, + SEC_WCHAR *, + SEC_WCHAR *, + BOOLEAN, + ULONG, + PSecBufferDesc); + +#ifdef UNICODE +#define ChangeAccountPassword ChangeAccountPasswordW +#define CHANGE_PASSWORD_FN CHANGE_PASSWORD_FN_W +#else +#define ChangeAccountPassword ChangeAccountPasswordA +#define CHANGE_PASSWORD_FN CHANGE_PASSWORD_FN_A +#endif + +#endif /* ISSP_MODE != 0 */ + +SECURITY_STATUS +SEC_ENTRY +CompleteAuthToken( + __in PCtxtHandle phContext, + __in PSecBufferDesc pToken); + +typedef +SECURITY_STATUS +(SEC_ENTRY * COMPLETE_AUTH_TOKEN_FN)( + PCtxtHandle, + PSecBufferDesc); + +SECURITY_STATUS +SEC_ENTRY +DecryptMessage( + __in PCtxtHandle phContext, + __inout PSecBufferDesc pMessage, + __in ULONG MessageSeqNo, + __out_opt PULONG pfQOP); + +typedef +SECURITY_STATUS +(SEC_ENTRY * DECRYPT_MESSAGE_FN)( + PCtxtHandle, + PSecBufferDesc, + ULONG, + PULONG); + +KSECDDDECLSPEC +SECURITY_STATUS +SEC_ENTRY +DeleteSecurityContext( + __in PCtxtHandle phContext); + +typedef +SECURITY_STATUS +(SEC_ENTRY * DELETE_SECURITY_CONTEXT_FN)( + PCtxtHandle); + +SECURITY_STATUS +SEC_ENTRY +EncryptMessage( + __in PCtxtHandle phContext, + __in ULONG fQOP, + __inout PSecBufferDesc pMessage, + __in ULONG MessageSeqNo); + +typedef +SECURITY_STATUS +(SEC_ENTRY * ENCRYPT_MESSAGE_FN)( + PCtxtHandle, + ULONG, + PSecBufferDesc, + ULONG); + +KSECDDDECLSPEC +SECURITY_STATUS +SEC_ENTRY +EnumerateSecurityPackagesW( + __out PULONG pcPackages, + __deref_out PSecPkgInfoW * ppPackageInfo); +#define EnumerateSecurityPackages EnumerateSecurityPackagesW + +typedef +SECURITY_STATUS +(SEC_ENTRY * ENUMERATE_SECURITY_PACKAGES_FN_W)( + PULONG, + PSecPkgInfoW*); +#define ENUMERATE_SECURITY_PACKAGES_FN ENUMERATE_SECURITY_PACKAGES_FN_W + +KSECDDDECLSPEC +SECURITY_STATUS +SEC_ENTRY +ExportSecurityContext( + __in PCtxtHandle phContext, + __in ULONG fFlags, + __out PSecBuffer pPackedContext, + __out PVOID* pToken); + +typedef +SECURITY_STATUS +(SEC_ENTRY * EXPORT_SECURITY_CONTEXT_FN)( + PCtxtHandle, + ULONG, + PSecBuffer, + PVOID*); + +SECURITY_STATUS +SEC_ENTRY +FreeContextBuffer( + __inout PVOID pvContextBuffer); + +typedef +SECURITY_STATUS +(SEC_ENTRY * FREE_CONTEXT_BUFFER_FN)( + __inout PVOID); + +KSECDDDECLSPEC +SECURITY_STATUS +SEC_ENTRY +FreeCredentialsHandle( + __in PCredHandle phCredential); + +typedef +SECURITY_STATUS +(SEC_ENTRY * FREE_CREDENTIALS_HANDLE_FN)( + PCredHandle); + +KSECDDDECLSPEC +SECURITY_STATUS +SEC_ENTRY +ImpersonateSecurityContext( + __in PCtxtHandle phContext); + +typedef +SECURITY_STATUS +(SEC_ENTRY * IMPERSONATE_SECURITY_CONTEXT_FN)( + PCtxtHandle); + +KSECDDDECLSPEC +SECURITY_STATUS +SEC_ENTRY +ImportSecurityContextW( + __in PSSPI_SEC_STRING pszPackage, + __in PSecBuffer pPackedContext, + __in PVOID Token, + __out PCtxtHandle phContext); +#define ImportSecurityContext ImportSecurityContextW + +typedef +SECURITY_STATUS +(SEC_ENTRY * IMPORT_SECURITY_CONTEXT_FN_W)( + PSSPI_SEC_STRING, + PSecBuffer, + PVOID, + PCtxtHandle); +#define IMPORT_SECURITY_CONTEXT_FN IMPORT_SECURITY_CONTEXT_FN_W + +KSECDDDECLSPEC +SECURITY_STATUS +SEC_ENTRY +InitializeSecurityContextW( + __in_opt PCredHandle phCredential, + __in_opt PCtxtHandle phContext, + __in_opt PSSPI_SEC_STRING pTargetName, + __in ULONG fContextReq, + __in ULONG Reserved1, + __in ULONG TargetDataRep, + __in_opt PSecBufferDesc pInput, + __in ULONG Reserved2, + __inout_opt PCtxtHandle phNewContext, + __inout_opt PSecBufferDesc pOutput, + __out PULONG pfContextAttr, + __out_opt PTimeStamp ptsExpiry); +#define InitializeSecurityContext InitializeSecurityContextW + +typedef +SECURITY_STATUS +(SEC_ENTRY * INITIALIZE_SECURITY_CONTEXT_FN_W)( + PCredHandle, + PCtxtHandle, + PSSPI_SEC_STRING, + ULONG, + ULONG, + ULONG, + PSecBufferDesc, + ULONG, + PCtxtHandle, + PSecBufferDesc, + PULONG, + PTimeStamp); +#define INITIALIZE_SECURITY_CONTEXT_FN INITIALIZE_SECURITY_CONTEXT_FN_W + +KSECDDDECLSPEC +PSecurityFunctionTableW +SEC_ENTRY +InitSecurityInterfaceW(VOID); +#define InitSecurityInterface InitSecurityInterfaceW + +typedef +PSecurityFunctionTableW +(SEC_ENTRY * INIT_SECURITY_INTERFACE_W)(VOID); +#define INIT_SECURITY_INTERFACE INIT_SECURITY_INTERFACE_W + +KSECDDDECLSPEC +SECURITY_STATUS +SEC_ENTRY +MakeSignature( + __in PCtxtHandle phContext, + __in ULONG fQOP, + __in PSecBufferDesc pMessage, + __in ULONG MessageSeqNo); + +typedef +SECURITY_STATUS +(SEC_ENTRY * MAKE_SIGNATURE_FN)( + PCtxtHandle, + ULONG, + PSecBufferDesc, + ULONG); + +KSECDDDECLSPEC +SECURITY_STATUS +SEC_ENTRY +QueryContextAttributesW( + __in PCtxtHandle phContext, + __in ULONG ulAttribute, + __out PVOID pBuffer); +#define QueryContextAttributes QueryContextAttributesW + +typedef +SECURITY_STATUS +(SEC_ENTRY * QUERY_CONTEXT_ATTRIBUTES_FN_W)( + PCtxtHandle, + ULONG, + PVOID); +#define QUERY_CONTEXT_ATTRIBUTES_FN QUERY_CONTEXT_ATTRIBUTES_FN_W + +KSECDDDECLSPEC +SECURITY_STATUS +SEC_ENTRY +QueryCredentialsAttributesW( + __in PCredHandle phCredential, + __in ULONG ulAttribute, + __inout PVOID pBuffer); +#define QueryCredentialsAttributes QueryCredentialsAttributesW + +typedef +SECURITY_STATUS +(SEC_ENTRY * QUERY_CREDENTIALS_ATTRIBUTES_FN_W)( + PCredHandle, + ULONG, + PVOID); +#define QUERY_CREDENTIALS_ATTRIBUTES_FN QUERY_CREDENTIALS_ATTRIBUTES_FN_W + +KSECDDDECLSPEC +SECURITY_STATUS +SEC_ENTRY +QuerySecurityContextToken( + __in PCtxtHandle phContext, + __out PVOID * Token); + +typedef +SECURITY_STATUS +(SEC_ENTRY * QUERY_SECURITY_CONTEXT_TOKEN_FN)( + PCtxtHandle, PVOID *); + +KSECDDDECLSPEC +SECURITY_STATUS +SEC_ENTRY +QuerySecurityPackageInfoW( + __in PSSPI_SEC_STRING pPackageName, + __deref_out PSecPkgInfoW *ppPackageInfo); +#define QuerySecurityPackageInfo QuerySecurityPackageInfoW + +typedef +SECURITY_STATUS +(SEC_ENTRY * QUERY_SECURITY_PACKAGE_INFO_FN_W)( + PSSPI_SEC_STRING, + PSecPkgInfoW *); +#define QUERY_SECURITY_PACKAGE_INFO_FN QUERY_SECURITY_PACKAGE_INFO_FN_W + +KSECDDDECLSPEC +SECURITY_STATUS +SEC_ENTRY +RevertSecurityContext( + __in PCtxtHandle phContext); + +typedef +SECURITY_STATUS +(SEC_ENTRY * REVERT_SECURITY_CONTEXT_FN)( + PCtxtHandle); + +#if (OSVER(NTDDI_VERSION) > NTDDI_WIN2K) +SECURITY_STATUS +SEC_ENTRY +SetContextAttributesW( + __in PCtxtHandle phContext, + __in ULONG ulAttribute, + __in_bcount(cbBuffer) PVOID pBuffer, + __in ULONG cbBuffer); +#define SetContextAttributes SetContextAttributesW + +typedef +SECURITY_STATUS +(SEC_ENTRY * SET_CONTEXT_ATTRIBUTES_FN_W)( + PCtxtHandle, + ULONG, + PVOID, + ULONG); +#define SET_CONTEXT_ATTRIBUTES_FN SET_CONTEXT_ATTRIBUTES_FN_W +#endif + +#if (NTDDI_VERSION > NTDDI_WS03) +KSECDDDECLSPEC +SECURITY_STATUS +SEC_ENTRY +SetCredentialsAttributesW( + __in PCredHandle phCredential, + __in ULONG ulAttribute, + __in_bcount(cbBuffer) PVOID pBuffer, + __in ULONG cbBuffer); +#define SetCredentialsAttributes SetCredentialsAttributesW + +typedef +SECURITY_STATUS +(SEC_ENTRY * SET_CREDENTIALS_ATTRIBUTES_FN_W)( + PCredHandle, + ULONG, + PVOID, + ULONG); +#define SET_CREDENTIALS_ATTRIBUTES_FN SET_CREDENTIALS_ATTRIBUTES_FN_W +#endif /* NTDDI_VERSION > NTDDI_WS03 */ + +KSECDDDECLSPEC +SECURITY_STATUS +SEC_ENTRY +VerifySignature( + __in PCtxtHandle phContext, + __in PSecBufferDesc pMessage, + __in ULONG MessageSeqNo, + __out PULONG pfQOP); + +typedef +SECURITY_STATUS +(SEC_ENTRY * VERIFY_SIGNATURE_FN)( + PCtxtHandle, + PSecBufferDesc, + ULONG, + PULONG); + + +#if (ISSP_MODE == 0) + +KSECDDDECLSPEC +NTSTATUS +NTAPI +SecMakeSPN( + __in PUNICODE_STRING ServiceClass, + __in PUNICODE_STRING ServiceName, + __in_opt PUNICODE_STRING InstanceName, + __in_opt USHORT InstancePort, + __in_opt PUNICODE_STRING Referrer, + __inout PUNICODE_STRING Spn, + __out_opt PULONG Length, + __in BOOLEAN Allocate); + +#if (NTDDI_VERSION >= NTDDI_WINXP) +KSECDDDECLSPEC +NTSTATUS +NTAPI +SecMakeSPNEx( + __in PUNICODE_STRING ServiceClass, + __in PUNICODE_STRING ServiceName, + __in_opt PUNICODE_STRING InstanceName, + __in_opt USHORT InstancePort, + __in_opt PUNICODE_STRING Referrer, + __in_opt PUNICODE_STRING TargetInfo, + __inout PUNICODE_STRING Spn, + __out PULONG Length OPTIONAL, + __in BOOLEAN Allocate); + +KSECDDDECLSPEC +NTSTATUS +SEC_ENTRY +SecLookupAccountSid( + __in PSID Sid, + __out PULONG NameSize, + __inout PUNICODE_STRING NameBuffer, + __out PULONG DomainSize OPTIONAL, + __out_opt PUNICODE_STRING DomainBuffer, + __out PSID_NAME_USE NameUse + ); + +KSECDDDECLSPEC +NTSTATUS +SEC_ENTRY +SecLookupAccountName( + __in PUNICODE_STRING Name, + __inout PULONG SidSize, + __out PSID Sid, + __out PSID_NAME_USE NameUse, + __out_opt PULONG DomainSize, // WDK says __out only + ... OPTIONAL + __inout_opt PUNICODE_STRING ReferencedDomain); +#endif + +#if (NTDDI_VERSION >= NTDDI_WS03) +KSECDDDECLSPEC +NTSTATUS +SEC_ENTRY +SecLookupWellKnownSid( + __in WELL_KNOWN_SID_TYPE SidType, + __out PSID Sid, + __in ULONG SidBufferSize, + __inout_opt PULONG SidSize); +#endif + +#if (NTDDI_VERSION >= NTDDI_VISTA) +KSECDDDECLSPEC +NTSTATUS +NTAPI +SecMakeSPNEx2( + __in PUNICODE_STRING ServiceClass, + __in PUNICODE_STRING ServiceName, + __in_opt PUNICODE_STRING InstanceName, + __in_opt USHORT InstancePort, + __in_opt PUNICODE_STRING Referrer, + __in_opt PUNICODE_STRING InTargetInfo, + __inout PUNICODE_STRING Spn, + __out_opt PULONG TotalSize, + __in BOOLEAN Allocate, + __in BOOLEAN IsTargetInfoMarshaled); +#endif + +#endif /* ISSP_MODE == 0 */ + +#if (NTDDI_VERSION >= NTDDI_WIN7) + +SECURITY_STATUS +SEC_ENTRY +SspiEncodeAuthIdentityAsStrings( + __in PSEC_WINNT_AUTH_IDENTITY_OPAQUE pAuthIdentity, + __deref_out_opt PCWSTR* ppszUserName, + __deref_out_opt PCWSTR* ppszDomainName, + __deref_opt_out_opt PCWSTR* ppszPackedCredentialsString); + +SECURITY_STATUS +SEC_ENTRY +SspiValidateAuthIdentity( + __in PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthData); + +SECURITY_STATUS +SEC_ENTRY +SspiCopyAuthIdentity( + __in PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthData, + __deref_out PSEC_WINNT_AUTH_IDENTITY_OPAQUE* AuthDataCopy); + +VOID +SEC_ENTRY +SspiFreeAuthIdentity( + __in_opt PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthData); + +VOID +SEC_ENTRY +SspiZeroAuthIdentity( + __in_opt PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthData); + +VOID +SEC_ENTRY +SspiLocalFree( + __in_opt PVOID DataBuffer); + +SECURITY_STATUS +SEC_ENTRY +SspiEncodeStringsAsAuthIdentity( + __in_opt PCWSTR pszUserName, + __in_opt PCWSTR pszDomainName, + __in_opt PCWSTR pszPackedCredentialsString, + __deref_out PSEC_WINNT_AUTH_IDENTITY_OPAQUE* ppAuthIdentity); + +SECURITY_STATUS +SEC_ENTRY +SspiCompareAuthIdentities( + __in_opt PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthIdentity1, + __in_opt PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthIdentity2, + __out_opt PBOOLEAN SameSuppliedUser, + __out_opt PBOOLEAN SameSuppliedIdentity); + +SECURITY_STATUS +SEC_ENTRY +SspiMarshalAuthIdentity( + __in PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthIdentity, + __out PULONG AuthIdentityLength, + __deref_out_bcount(*AuthIdentityLength) PCHAR* AuthIdentityByteArray); + +SECURITY_STATUS +SEC_ENTRY +SspiUnmarshalAuthIdentity( + __in PULONG AuthIdentityLength, + __in_bcount(AuthIdentityLength) PCHAR AuthIdentityByteArray, + __deref_out PSEC_WINNT_AUTH_IDENTITY_OPAQUE* ppAuthIdentity); + +BOOLEAN +SEC_ENTRY +SspiIsPromptingNeeded( + __in PULONG ErrorOrNtStatus); + +SECURITY_STATUS +SEC_ENTRY +SspiGetTargetHostName( + __in PCWSTR pszTargetName, + __deref_out PWSTR* pszHostName); + +SECURITY_STATUS +SEC_ENTRY +SspiExcludePackage( + __in_opt PSEC_WINNT_AUTH_IDENTITY_OPAQUE AuthIdentity, + __in PCWSTR pszPackageName, + __deref_out PSEC_WINNT_AUTH_IDENTITY_OPAQUE* ppNewAuthIdentity); + +#define SEC_WINNT_AUTH_IDENTITY_MARSHALLED 0x04 +#define SEC_WINNT_AUTH_IDENTITY_ONLY 0x08 + +#endif /* NTDDI_VERSION >= NTDDI_WIN7 */ + +#define FreeCredentialHandle FreeCredentialsHandle +struct _SECURITY_FUNCTION_TABLE_W +{ + ULONG dwVersion; + ENUMERATE_SECURITY_PACKAGES_FN_W EnumerateSecurityPackagesW; + QUERY_CREDENTIALS_ATTRIBUTES_FN_W QueryCredentialsAttributesW; + ACQUIRE_CREDENTIALS_HANDLE_FN_W AcquireCredentialsHandleW; + FREE_CREDENTIALS_HANDLE_FN FreeCredentialsHandle; + PVOID Reserved2; + INITIALIZE_SECURITY_CONTEXT_FN_W InitializeSecurityContextW; + ACCEPT_SECURITY_CONTEXT_FN AcceptSecurityContext; + COMPLETE_AUTH_TOKEN_FN CompleteAuthToken; + DELETE_SECURITY_CONTEXT_FN DeleteSecurityContext; + APPLY_CONTROL_TOKEN_FN ApplyControlToken; + QUERY_CONTEXT_ATTRIBUTES_FN_W QueryContextAttributesW; + IMPERSONATE_SECURITY_CONTEXT_FN ImpersonateSecurityContext; + REVERT_SECURITY_CONTEXT_FN RevertSecurityContext; + MAKE_SIGNATURE_FN MakeSignature; + VERIFY_SIGNATURE_FN VerifySignature; + FREE_CONTEXT_BUFFER_FN FreeContextBuffer; + QUERY_SECURITY_PACKAGE_INFO_FN_W QuerySecurityPackageInfoW; + PVOID Reserved3; + PVOID Reserved4; + EXPORT_SECURITY_CONTEXT_FN ExportSecurityContext; + IMPORT_SECURITY_CONTEXT_FN_W ImportSecurityContextW; + ADD_CREDENTIALS_FN_W AddCredentialsW ; + PVOID Reserved8; + QUERY_SECURITY_CONTEXT_TOKEN_FN QuerySecurityContextToken; + ENCRYPT_MESSAGE_FN EncryptMessage; + DECRYPT_MESSAGE_FN DecryptMessage; +#if OSVER(NTDDI_VERSION) > NTDDI_WIN2K + SET_CONTEXT_ATTRIBUTES_FN_W SetContextAttributesW; +#endif +#if NTDDI_VERSION > NTDDI_WS03SP1 + SET_CREDENTIALS_ATTRIBUTES_FN_W SetCredentialsAttributesW; +#endif +#if ISSP_MODE != 0 + CHANGE_PASSWORD_FN_W ChangeAccountPasswordW; +#else + PVOID Reserved9; +#endif +}; + +#endif /* !__SSPI_H__ */ Propchange: trunk/reactos/include/xdk/sspi.h ------------------------------------------------------------------------------ svn:eol-style = native