MinGW/include/ntsecpkg.h

#ifndef _NTSECPKG_H
#define _NTSECPKG_H
#if __GNUC__ >=3
#pragma GCC system_header
#endif

#include "windef.h"
#include "ntsecapi.h"
#include "security.h"

#ifdef __cplusplus
extern "C" {
#endif

#define ISC_REQ_DELEGATE 1
#define ISC_REQ_MUTUAL_AUTH 2
#define ISC_REQ_REPLAY_DETECT 4
#define ISC_REQ_SEQUENCE_DETECT 8
#define ISC_REQ_CONFIDENTIALITY  16
#define ISC_REQ_USE_SESSION_KEY 32
#define ISC_REQ_PROMPT_FOR_CREDS 64
#define ISC_REQ_USE_SUPPLIED_CREDS  128
#define ISC_REQ_ALLOCATE_MEMORY 256
#define ISC_REQ_USE_DCE_STYLE 512
#define ISC_REQ_DATAGRAM 1024
#define ISC_REQ_CONNECTION 2048
#define ISC_REQ_EXTENDED_ERROR 16384
#define ISC_REQ_STREAM 32768
#define ISC_REQ_INTEGRITY 65536
#define ISC_REQ_MANUAL_CRED_VALIDATION 524288
#define ISC_REQ_HTTP  268435456

#define ISC_RET_EXTENDED_ERROR 16384

#define ASC_REQ_DELEGATE 1
#define ASC_REQ_MUTUAL_AUTH 2
#define ASC_REQ_REPLAY_DETECT 4
#define ASC_REQ_SEQUENCE_DETECT 8
#define ASC_REQ_CONFIDENTIALITY 16
#define ASC_REQ_USE_SESSION_KEY 32
#define ASC_REQ_ALLOCATE_MEMORY 256
#define ASC_REQ_USE_DCE_STYLE 512
#define ASC_REQ_DATAGRAM 1024
#define ASC_REQ_CONNECTION 2048
#define ASC_REQ_EXTENDED_ERROR 32768
#define ASC_REQ_STREAM 65536
#define ASC_REQ_INTEGRITY 131072

#define SECURITY_NATIVE_DREP  16
#define SECURITY_NETWORK_DREP 0

#define SECPKG_STATE_ENCRYPTION_PERMITTED               0x01
#define SECPKG_STATE_STRONG_ENCRYPTION_PERMITTED        0x02
#define SECPKG_STATE_DOMAIN_CONTROLLER                  0x04
#define SECPKG_STATE_WORKSTATION                        0x08
#define SECPKG_STATE_STANDALONE                         0x10

/* enum definitions for Secure Service Provider/Authentication Packages */
typedef enum _LSA_TOKEN_INFORMATION_TYPE {
        LsaTokenInformationNull,
        LsaTokenInformationV1
} LSA_TOKEN_INFORMATION_TYPE, *PLSA_TOKEN_INFORMATION_TYPE;
typedef enum _SECPKG_EXTENDED_INFORMATION_CLASS
{
        SecpkgGssInfo = 1,
        SecpkgContextThunks,
        SecpkgMutualAuthLevel,
        SecpkgMaxInfo
} SECPKG_EXTENDED_INFORMATION_CLASS;
typedef enum _SECPKG_NAME_TYPE {
        SecNameSamCompatible,
        SecNameAlternateId,
        SecNameFlat,
        SecNameDN
} SECPKG_NAME_TYPE;

/* struct definitions for SSP/AP */
typedef struct _SECPKG_PRIMARY_CRED {
        LUID LogonId;
        UNICODE_STRING DownlevelName;
        UNICODE_STRING DomainName;
        UNICODE_STRING Password;
        UNICODE_STRING OldPassword;
        PSID UserSid;
        ULONG Flags;
        UNICODE_STRING DnsDomainName;
        UNICODE_STRING Upn;
        UNICODE_STRING LogonServer;
        UNICODE_STRING Spare1;
        UNICODE_STRING Spare2;
        UNICODE_STRING Spare3;
        UNICODE_STRING Spare4;
} SECPKG_PRIMARY_CRED, *PSECPKG_PRIMARY_CRED;
typedef struct _SECPKG_SUPPLEMENTAL_CRED {
        UNICODE_STRING PackageName;
        ULONG CredentialSize;
        PUCHAR Credentials;
} SECPKG_SUPPLEMENTAL_CRED, *PSECPKG_SUPPLEMENTAL_CRED;
typedef struct _SECPKG_SUPPLEMENTAL_CRED_ARRAY {
        ULONG CredentialCount;
        SECPKG_SUPPLEMENTAL_CRED Credentials[1];
} SECPKG_SUPPLEMENTAL_CRED_ARRAY, *PSECPKG_SUPPLEMENTAL_CRED_ARRAY;
typedef struct _SECPKG_PARAMETERS {
        ULONG Version;
        ULONG MachineState;
        ULONG SetupMode;
        PSID DomainSid;
        UNICODE_STRING DomainName;
        UNICODE_STRING DnsDomainName;
        GUID DomainGuid;
} SECPKG_PARAMETERS, *PSECPKG_PARAMETERS,
  SECPKG_EVENT_DOMAIN_CHANGE, *PSECPKG_EVENT_DOMAIN_CHANGE;
typedef struct _SECPKG_CLIENT_INFO {
  LUID LogonId;
  ULONG ProcessID;
  ULONG ThreadID;
  BOOLEAN HasTcbPrivilege;
  BOOLEAN Impersonating;
  BOOLEAN Restricted;
} SECPKG_CLIENT_INFO,
 *PSECPKG_CLIENT_INFO;
typedef struct _SECURITY_USER_DATA {
        SECURITY_STRING UserName;
        SECURITY_STRING LogonDomainName;
        SECURITY_STRING LogonServer;
        PSID pSid;
} SECURITY_USER_DATA, *PSECURITY_USER_DATA,
  SecurityUserData, *PSecurityUserData;
typedef struct _SECPKG_GSS_INFO {
        ULONG EncodedIdLength;
        UCHAR EncodedId[4];
} SECPKG_GSS_INFO, *PSECPKG_GSS_INFO;
typedef struct _SECPKG_CONTEXT_THUNKS {
        ULONG InfoLevelCount;
        ULONG Levels[1];
} SECPKG_CONTEXT_THUNKS, *PSECPKG_CONTEXT_THUNKS;
typedef struct _SECPKG_MUTUAL_AUTH_LEVEL {
        ULONG MutualAuthLevel;
} SECPKG_MUTUAL_AUTH_LEVEL, *PSECPKG_MUTUAL_AUTH_LEVEL;
typedef struct _SECPKG_CALL_INFO {
        ULONG ProcessId;
        ULONG ThreadId;
        ULONG Attributes;
        ULONG CallCount;
} SECPKG_CALL_INFO, *PSECPKG_CALL_INFO;
typedef struct _SECPKG_EXTENDED_INFORMATION {
        SECPKG_EXTENDED_INFORMATION_CLASS Class;
        union {
                SECPKG_GSS_INFO GssInfo;
                SECPKG_CONTEXT_THUNKS ContextThunks;
                SECPKG_MUTUAL_AUTH_LEVEL MutualAuthLevel;
        } Info;
} SECPKG_EXTENDED_INFORMATION, *PSECPKG_EXTENDED_INFORMATION;

/* callbacks implemented by SSP/AP dlls and called by the LSA */
typedef VOID (NTAPI *PLSA_CALLBACK_FUNCTION)(ULONG_PTR, ULONG_PTR, PSecBuffer,
 PSecBuffer);

/* misc typedefs used in the below prototypes */
typedef PVOID *PLSA_CLIENT_REQUEST;
typedef ULONG LSA_SEC_HANDLE, *PLSA_SEC_HANDLE;
typedef LPTHREAD_START_ROUTINE SEC_THREAD_START;
typedef PSECURITY_ATTRIBUTES SEC_ATTRS;

/* functions used by SSP/AP obtainable by dispatch tables */
typedef NTSTATUS (NTAPI *PLSA_REGISTER_CALLBACK)(ULONG, PLSA_CALLBACK_FUNCTION);
typedef NTSTATUS (NTAPI *PLSA_CREATE_LOGON_SESSION)(PLUID);
typedef NTSTATUS (NTAPI *PLSA_DELETE_LOGON_SESSION)(PLUID);
typedef NTSTATUS (NTAPI *PLSA_ADD_CREDENTIAL)(PLUID, ULONG, PLSA_STRING,
 PLSA_STRING);
typedef NTSTATUS (NTAPI *PLSA_GET_CREDENTIALS)(PLUID, ULONG, PULONG, BOOLEAN,
 PLSA_STRING, PULONG, PLSA_STRING);
typedef NTSTATUS (NTAPI *PLSA_DELETE_CREDENTIAL)(PLUID, ULONG, PLSA_STRING);
typedef PVOID (NTAPI *PLSA_ALLOCATE_LSA_HEAP)(ULONG);
typedef VOID (NTAPI *PLSA_FREE_LSA_HEAP)(PVOID);
typedef NTSTATUS (NTAPI *PLSA_ALLOCATE_CLIENT_BUFFER)(PLSA_CLIENT_REQUEST,
 ULONG, PVOID*);
typedef NTSTATUS (NTAPI *PLSA_FREE_CLIENT_BUFFER)(PLSA_CLIENT_REQUEST, PVOID);
typedef NTSTATUS (NTAPI *PLSA_COPY_TO_CLIENT_BUFFER)(PLSA_CLIENT_REQUEST, ULONG,
 PVOID, PVOID);
typedef NTSTATUS (NTAPI *PLSA_COPY_FROM_CLIENT_BUFFER)(PLSA_CLIENT_REQUEST,
 ULONG, PVOID, PVOID);
typedef NTSTATUS (NTAPI *PLSA_IMPERSONATE_CLIENT)(void);
typedef NTSTATUS (NTAPI *PLSA_UNLOAD_PACKAGE)(void);
typedef NTSTATUS (NTAPI *PLSA_DUPLICATE_HANDLE)(HANDLE, PHANDLE);
typedef NTSTATUS (NTAPI *PLSA_SAVE_SUPPLEMENTAL_CREDENTIALS)(PLUID, ULONG,
 PVOID, BOOLEAN);
typedef HANDLE (NTAPI *PLSA_CREATE_THREAD)(SEC_ATTRS, ULONG, SEC_THREAD_START,
 PVOID, ULONG, PULONG);
typedef NTSTATUS (NTAPI *PLSA_GET_CLIENT_INFO)(PSECPKG_CLIENT_INFO);
typedef HANDLE (NTAPI *PLSA_REGISTER_NOTIFICATION)(SEC_THREAD_START, PVOID,
 ULONG, ULONG, ULONG, ULONG, HANDLE);
typedef NTSTATUS (NTAPI *PLSA_CANCEL_NOTIFICATION)(HANDLE);
typedef NTSTATUS (NTAPI *PLSA_MAP_BUFFER)(PSecBuffer, PSecBuffer);
typedef NTSTATUS (NTAPI *PLSA_CREATE_TOKEN)(PLUID, PTOKEN_SOURCE,
 SECURITY_LOGON_TYPE, SECURITY_IMPERSONATION_LEVEL, LSA_TOKEN_INFORMATION_TYPE,
 PVOID, PTOKEN_GROUPS, PUNICODE_STRING, PUNICODE_STRING, PUNICODE_STRING,
 PUNICODE_STRING, PHANDLE, PNTSTATUS);
typedef VOID (NTAPI *PLSA_AUDIT_LOGON)(NTSTATUS, NTSTATUS, PUNICODE_STRING,
 PUNICODE_STRING, PUNICODE_STRING, OPTIONAL PSID, SECURITY_LOGON_TYPE,
 PTOKEN_SOURCE, PLUID);
typedef NTSTATUS (NTAPI *PLSA_CALL_PACKAGE)(PUNICODE_STRING, PVOID, ULONG,
 PVOID*, PULONG, PNTSTATUS);
typedef VOID (NTAPI *PLSA_FREE_LSA_HEAP)(PVOID);
typedef BOOLEAN (NTAPI *PLSA_GET_CALL_INFO)(PSECPKG_CALL_INFO);
typedef NTSTATUS (NTAPI *PLSA_CALL_PACKAGEEX)(PUNICODE_STRING, PVOID, PVOID,
 ULONG, PVOID*, PULONG, PNTSTATUS);
typedef PVOID (NTAPI *PLSA_CREATE_SHARED_MEMORY)(ULONG, ULONG);
typedef PVOID (NTAPI *PLSA_ALLOCATE_SHARED_MEMORY)(PVOID, ULONG);
typedef VOID (NTAPI *PLSA_FREE_SHARED_MEMORY)(PVOID, PVOID);
typedef BOOLEAN (NTAPI *PLSA_DELETE_SHARED_MEMORY)(PVOID);
typedef NTSTATUS (NTAPI *PLSA_OPEN_SAM_USER)(PSECURITY_STRING, SECPKG_NAME_TYPE,
 PSECURITY_STRING, BOOLEAN, ULONG, PVOID*);
typedef NTSTATUS (NTAPI *PLSA_GET_USER_CREDENTIALS)(PVOID, PVOID *, PULONG,
 PVOID *, PULONG);
typedef NTSTATUS (NTAPI *PLSA_GET_USER_AUTH_DATA)(PVOID, PUCHAR *, PULONG);
typedef NTSTATUS (NTAPI *PLSA_CLOSE_SAM_USER)(PVOID);
typedef NTSTATUS (NTAPI *PLSA_CONVERT_AUTH_DATA_TO_TOKEN)(PVOID, ULONG,
 SECURITY_IMPERSONATION_LEVEL, PTOKEN_SOURCE, SECURITY_LOGON_TYPE,
 PUNICODE_STRING, PHANDLE, PLUID, PUNICODE_STRING, PNTSTATUS);
typedef NTSTATUS (NTAPI *PLSA_CLIENT_CALLBACK)(PCHAR, ULONG_PTR, ULONG_PTR,
 PSecBuffer, PSecBuffer);
typedef NTSTATUS (NTAPI *PLSA_UPDATE_PRIMARY_CREDENTIALS)(PSECPKG_PRIMARY_CRED, PSECPKG_SUPPLEMENTAL_CRED_ARRAY);
typedef NTSTATUS (NTAPI *PLSA_GET_AUTH_DATA_FOR_USER)(PSECURITY_STRING,
 SECPKG_NAME_TYPE, PSECURITY_STRING, PUCHAR *, PULONG, PUNICODE_STRING);
typedef NTSTATUS (NTAPI *PLSA_CRACK_SINGLE_NAME)(ULONG, BOOLEAN,
 PUNICODE_STRING, PUNICODE_STRING, ULONG, PUNICODE_STRING, PUNICODE_STRING,
 PULONG);
typedef NTSTATUS (NTAPI *PLSA_AUDIT_ACCOUNT_LOGON)(ULONG, BOOLEAN,
 PUNICODE_STRING, PUNICODE_STRING, PUNICODE_STRING, NTSTATUS);
typedef NTSTATUS (NTAPI *PLSA_CALL_PACKAGE_PASSTHROUGH)(PUNICODE_STRING, PVOID,
 PVOID, ULONG, PVOID*, PULONG, PNTSTATUS);

/* Dispatch tables of functions used by SSP/AP */
typedef struct SECPKG_DLL_FUNCTIONS {
        PLSA_ALLOCATE_LSA_HEAP AllocateHeap;
        PLSA_FREE_LSA_HEAP FreeHeap;
        PLSA_REGISTER_CALLBACK RegisterCallback;
} SECPKG_DLL_FUNCTIONS,
 *PSECPKG_DLL_FUNCTIONS;
typedef struct LSA_DISPATCH_TABLE {
        PLSA_CREATE_LOGON_SESSION CreateLogonSession;
        PLSA_DELETE_LOGON_SESSION DeleteLogonSession;
        PLSA_ADD_CREDENTIAL AddCredential;
        PLSA_GET_CREDENTIALS GetCredentials;
        PLSA_DELETE_CREDENTIAL DeleteCredential;
        PLSA_ALLOCATE_LSA_HEAP AllocateLsaHeap;
        PLSA_FREE_LSA_HEAP FreeLsaHeap;
        PLSA_ALLOCATE_CLIENT_BUFFER AllocateClientBuffer;
        PLSA_FREE_CLIENT_BUFFER FreeClientBuffer;
        PLSA_COPY_TO_CLIENT_BUFFER CopyToClientBuffer;
        PLSA_COPY_FROM_CLIENT_BUFFER CopyFromClientBuffer;
} LSA_DISPATCH_TABLE,
 *PLSA_DISPATCH_TABLE;
typedef struct _LSA_SECPKG_FUNCTION_TABLE {
        PLSA_CREATE_LOGON_SESSION CreateLogonSession;
        PLSA_DELETE_LOGON_SESSION DeleteLogonSession;
        PLSA_ADD_CREDENTIAL AddCredential;
        PLSA_GET_CREDENTIALS GetCredentials;
        PLSA_DELETE_CREDENTIAL DeleteCredential;
        PLSA_ALLOCATE_LSA_HEAP AllocateLsaHeap;
        PLSA_FREE_LSA_HEAP FreeLsaHeap;
        PLSA_ALLOCATE_CLIENT_BUFFER AllocateClientBuffer;
        PLSA_FREE_CLIENT_BUFFER FreeClientBuffer;
        PLSA_COPY_TO_CLIENT_BUFFER CopyToClientBuffer;
        PLSA_COPY_FROM_CLIENT_BUFFER CopyFromClientBuffer;
        PLSA_IMPERSONATE_CLIENT ImpersonateClient;
        PLSA_UNLOAD_PACKAGE UnloadPackage;
        PLSA_DUPLICATE_HANDLE DuplicateHandle;
        PLSA_SAVE_SUPPLEMENTAL_CREDENTIALS SaveSupplementalCredentials;
        PLSA_CREATE_THREAD CreateThread;
        PLSA_GET_CLIENT_INFO GetClientInfo;
        PLSA_REGISTER_NOTIFICATION RegisterNotification;
        PLSA_CANCEL_NOTIFICATION CancelNotification;
        PLSA_MAP_BUFFER MapBuffer;
        PLSA_CREATE_TOKEN CreateToken;
        PLSA_AUDIT_LOGON AuditLogon;
        PLSA_CALL_PACKAGE CallPackage;
        PLSA_FREE_LSA_HEAP FreeReturnBuffer;
        PLSA_GET_CALL_INFO GetCallInfo;
        PLSA_CALL_PACKAGEEX CallPackageEx;
        PLSA_CREATE_SHARED_MEMORY CreateSharedMemory;
        PLSA_ALLOCATE_SHARED_MEMORY AllocateSharedMemory;
        PLSA_FREE_SHARED_MEMORY FreeSharedMemory;
        PLSA_DELETE_SHARED_MEMORY DeleteSharedMemory;
        PLSA_OPEN_SAM_USER OpenSamUser;
        PLSA_GET_USER_CREDENTIALS GetUserCredentials;
        PLSA_GET_USER_AUTH_DATA GetUserAuthData;
        PLSA_CLOSE_SAM_USER CloseSamUser;
        PLSA_CONVERT_AUTH_DATA_TO_TOKEN ConvertAuthDataToToken;
        PLSA_CLIENT_CALLBACK ClientCallback;
        PLSA_UPDATE_PRIMARY_CREDENTIALS UpdateCredentials;
        PLSA_GET_AUTH_DATA_FOR_USER GetAuthDataForUser;
        PLSA_CRACK_SINGLE_NAME CrackSingleName;
        PLSA_AUDIT_ACCOUNT_LOGON AuditAccountLogon;
        PLSA_CALL_PACKAGE_PASSTHROUGH CallPackagePassthrough;
} LSA_SECPKG_FUNCTION_TABLE,
 *PLSA_SECPKG_FUNCTION_TABLE;

/* functions implemented by SSP/AP obtainable by dispatch tables */
typedef NTSTATUS (NTAPI *PLSA_AP_INITIALIZE_PACKAGE)(ULONG, PLSA_DISPATCH_TABLE,
 PLSA_STRING, PLSA_STRING, PLSA_STRING *);
typedef NTSTATUS (NTAPI *PLSA_AP_LOGON_USER)(LPWSTR, LPWSTR, LPWSTR, LPWSTR,
 DWORD, DWORD, PHANDLE);
typedef NTSTATUS (NTAPI *PLSA_AP_CALL_PACKAGE)(PUNICODE_STRING, PVOID, ULONG,
 PVOID *, PULONG, PNTSTATUS);
typedef VOID (NTAPI *PLSA_AP_LOGON_TERMINATED)(PLUID);
typedef NTSTATUS (NTAPI *PLSA_AP_CALL_PACKAGE_UNTRUSTED)(PLSA_CLIENT_REQUEST,
 PVOID, PVOID, ULONG, PVOID *, PULONG, PNTSTATUS);
typedef NTSTATUS (NTAPI *PLSA_AP_CALL_PACKAGE_PASSTHROUGH)(PUNICODE_STRING,
 PVOID, PVOID, ULONG, PVOID *, PULONG, PNTSTATUS);
typedef NTSTATUS (NTAPI *PLSA_AP_LOGON_USER_EX)(PLSA_CLIENT_REQUEST,
 SECURITY_LOGON_TYPE, PVOID, PVOID, ULONG, PVOID *, PULONG, PLUID, PNTSTATUS,
 PLSA_TOKEN_INFORMATION_TYPE, PVOID *, PUNICODE_STRING *, PUNICODE_STRING *,
 PUNICODE_STRING *);
typedef NTSTATUS (NTAPI *PLSA_AP_LOGON_USER_EX2)(PLSA_CLIENT_REQUEST,
 SECURITY_LOGON_TYPE, PVOID, PVOID, ULONG, PVOID *, PULONG, PLUID, PNTSTATUS,
 PLSA_TOKEN_INFORMATION_TYPE, PVOID *, PUNICODE_STRING *, PUNICODE_STRING *,
 PUNICODE_STRING *, PSECPKG_PRIMARY_CRED, PSECPKG_SUPPLEMENTAL_CRED_ARRAY *);
typedef NTSTATUS (SpInitializeFn)(ULONG_PTR, PSECPKG_PARAMETERS,
 PLSA_SECPKG_FUNCTION_TABLE);
typedef NTSTATUS (NTAPI SpShutDownFn)(void);
typedef NTSTATUS (NTAPI SpGetInfoFn)(PSecPkgInfoW);
typedef NTSTATUS (NTAPI SpAcceptCredentialsFn)(SECURITY_LOGON_TYPE,
 PUNICODE_STRING, PSECPKG_PRIMARY_CRED, PSECPKG_SUPPLEMENTAL_CRED);
typedef NTSTATUS (NTAPI SpAcquireCredentialsHandleFn)(PUNICODE_STRING, ULONG,
 PLUID, PVOID, PVOID, PVOID, PLSA_SEC_HANDLE, PTimeStamp);
typedef NTSTATUS (NTAPI SpQueryCredentialsAttributesFn)(LSA_SEC_HANDLE, ULONG,
 PVOID);
typedef NTSTATUS (NTAPI SpFreeCredentialsHandleFn)(LSA_SEC_HANDLE);
typedef NTSTATUS (NTAPI SpSaveCredentialsFn)(LSA_SEC_HANDLE, PSecBuffer);
typedef NTSTATUS (NTAPI SpGetCredentialsFn)(LSA_SEC_HANDLE, PSecBuffer);
typedef NTSTATUS (NTAPI SpDeleteCredentialsFn)(LSA_SEC_HANDLE, PSecBuffer);
typedef NTSTATUS (NTAPI SpInitLsaModeContextFn)(LSA_SEC_HANDLE, LSA_SEC_HANDLE,
 PUNICODE_STRING, ULONG, ULONG, PSecBufferDesc, PLSA_SEC_HANDLE, PSecBufferDesc,
 PULONG, PTimeStamp, PBOOLEAN, PSecBuffer);
typedef NTSTATUS (NTAPI SpAcceptLsaModeContextFn)(LSA_SEC_HANDLE,
 LSA_SEC_HANDLE, PSecBufferDesc, ULONG, ULONG, PLSA_SEC_HANDLE, PSecBufferDesc,
 PULONG, PTimeStamp, PBOOLEAN, PSecBuffer);
typedef NTSTATUS (NTAPI SpDeleteContextFn)(LSA_SEC_HANDLE);
typedef NTSTATUS (NTAPI SpApplyControlTokenFn)(LSA_SEC_HANDLE, PSecBufferDesc);
typedef NTSTATUS (NTAPI SpGetUserInfoFn)(PLUID, ULONG, PSecurityUserData *);
typedef NTSTATUS (NTAPI SpGetExtendedInformationFn)(
 SECPKG_EXTENDED_INFORMATION_CLASS, PSECPKG_EXTENDED_INFORMATION *);
typedef NTSTATUS (NTAPI SpQueryContextAttributesFn)(LSA_SEC_HANDLE, ULONG,
 PVOID);
typedef NTSTATUS (NTAPI SpAddCredentialsFn)(LSA_SEC_HANDLE, PUNICODE_STRING,
 PUNICODE_STRING, ULONG, PVOID, PVOID, PVOID, PTimeStamp);
typedef NTSTATUS (NTAPI SpSetExtendedInformationFn)(
 SECPKG_EXTENDED_INFORMATION_CLASS, PSECPKG_EXTENDED_INFORMATION);
typedef NTSTATUS (NTAPI SpInstanceInitFn)(ULONG, PSECPKG_DLL_FUNCTIONS,
 PVOID *);
typedef NTSTATUS (NTAPI SpInitUserModeContextFn)(LSA_SEC_HANDLE, PSecBuffer);
typedef NTSTATUS (NTAPI SpMakeSignatureFn)(LSA_SEC_HANDLE, ULONG,
 PSecBufferDesc, ULONG);
typedef NTSTATUS (NTAPI SpVerifySignatureFn)(LSA_SEC_HANDLE, PSecBufferDesc,
 ULONG, PULONG);
typedef NTSTATUS (NTAPI SpSealMessageFn)(LSA_SEC_HANDLE, ULONG, PSecBufferDesc,
 ULONG);
typedef NTSTATUS (NTAPI SpUnsealMessageFn)(LSA_SEC_HANDLE, PSecBufferDesc,
 ULONG, PULONG);
typedef NTSTATUS (NTAPI SpGetContextTokenFn)(LSA_SEC_HANDLE, PHANDLE);
typedef NTSTATUS (NTAPI SpCompleteAuthTokenFn)(LSA_SEC_HANDLE, PSecBufferDesc);
typedef NTSTATUS (NTAPI SpFormatCredentialsFn)(PSecBuffer, PSecBuffer);
typedef NTSTATUS (NTAPI SpMarshallSupplementalCredsFn)(ULONG, PUCHAR, PULONG,
 PVOID *);
typedef NTSTATUS (NTAPI SpExportSecurityContextFn)(LSA_SEC_HANDLE, ULONG,
 PSecBuffer, PHANDLE);
typedef NTSTATUS (NTAPI SpImportSecurityContextFn)(PSecBuffer, HANDLE,
 PLSA_SEC_HANDLE);

/* Dispatch tables of functions implemented by SSP/AP */
typedef struct SECPKG_FUNCTION_TABLE {
        PLSA_AP_INITIALIZE_PACKAGE InitializePackage;
        PLSA_AP_LOGON_USER LogonUser;
        PLSA_AP_CALL_PACKAGE CallPackage;
        PLSA_AP_LOGON_TERMINATED LogonTerminated;
        PLSA_AP_CALL_PACKAGE_UNTRUSTED CallPackageUntrusted;
        PLSA_AP_CALL_PACKAGE_PASSTHROUGH CallPackagePassthrough;
        PLSA_AP_LOGON_USER_EX LogonUserEx;
        PLSA_AP_LOGON_USER_EX2 LogonUserEx2;
        SpInitializeFn *Initialize;
        SpShutDownFn *Shutdown;
        SpGetInfoFn *GetInfo;
        SpAcceptCredentialsFn *AcceptCredentials;
        SpAcquireCredentialsHandleFn *AcquireCredentialsHandle;
        SpQueryCredentialsAttributesFn *QueryCredentialsAttributes;
        SpFreeCredentialsHandleFn *FreeCredentialsHandle;
        SpSaveCredentialsFn *SaveCredentials;
        SpGetCredentialsFn *GetCredentials;
        SpDeleteCredentialsFn *DeleteCredentials;
        SpInitLsaModeContextFn *InitLsaModeContext;
        SpAcceptLsaModeContextFn *AcceptLsaModeContext;
        SpDeleteContextFn *DeleteContext;
        SpApplyControlTokenFn *ApplyControlToken;
        SpGetUserInfoFn *GetUserInfo;
        SpGetExtendedInformationFn *GetExtendedInformation;
        SpQueryContextAttributesFn *QueryContextAttributes;
        SpAddCredentialsFn *AddCredentials;
        SpSetExtendedInformationFn *SetExtendedInformation;
} SECPKG_FUNCTION_TABLE,
 *PSECPKG_FUNCTION_TABLE;

typedef struct SECPKG_USER_FUNCTION_TABLE {
        SpInstanceInitFn *InstanceInit;
        SpInitUserModeContextFn *InitUserModeContext;
        SpMakeSignatureFn *MakeSignature;
        SpVerifySignatureFn *VerifySignature;
        SpSealMessageFn *SealMessage;
        SpUnsealMessageFn *UnsealMessage;
        SpGetContextTokenFn *GetContextToken;
        SpQueryContextAttributesFn *QueryContextAttributes;
        SpCompleteAuthTokenFn *CompleteAuthToken;
        SpDeleteContextFn *DeleteUserModeContext;
        SpFormatCredentialsFn *FormatCredentials;
        SpMarshallSupplementalCredsFn *MarshallSupplementalCreds;
        SpExportSecurityContextFn *ExportContext;
        SpImportSecurityContextFn *ImportContext;
} SECPKG_USER_FUNCTION_TABLE,
 *PSECPKG_USER_FUNCTION_TABLE;

/* Entry points to SSP/AP */
typedef NTSTATUS (NTAPI *SpLsaModeInitializeFn)(ULONG, PULONG,
 PSECPKG_FUNCTION_TABLE *, PULONG);
typedef NTSTATUS (WINAPI *SpUserModeInitializeFn)(ULONG, PULONG,
 PSECPKG_USER_FUNCTION_TABLE *, PULONG);

#ifdef __cplusplus
}
#endif
#endif /* _NTSECPKG_H */
Revision:	1046
Committed:	Mon Aug 29 13:19:38 2016 UTC (9 years, 2 months ago) by alloc
Content type:	text/x-chdr
File size:	17992 byte(s)
Log Message:	Daodan: Added Windows MinGW and build batch file
#	Content
1	#ifndef _NTSECPKG_H
2	#define _NTSECPKG_H
3	#if __GNUC__ >=3
4	#pragma GCC system_header
5	#endif
6
7	#include "windef.h"
8	#include "ntsecapi.h"
9	#include "security.h"
10
11	#ifdef __cplusplus
12	extern "C" {
13	#endif
14
15	#define ISC_REQ_DELEGATE 1
16	#define ISC_REQ_MUTUAL_AUTH 2
17	#define ISC_REQ_REPLAY_DETECT 4
18	#define ISC_REQ_SEQUENCE_DETECT 8
19	#define ISC_REQ_CONFIDENTIALITY 16
20	#define ISC_REQ_USE_SESSION_KEY 32
21	#define ISC_REQ_PROMPT_FOR_CREDS 64
22	#define ISC_REQ_USE_SUPPLIED_CREDS 128
23	#define ISC_REQ_ALLOCATE_MEMORY 256
24	#define ISC_REQ_USE_DCE_STYLE 512
25	#define ISC_REQ_DATAGRAM 1024
26	#define ISC_REQ_CONNECTION 2048
27	#define ISC_REQ_EXTENDED_ERROR 16384
28	#define ISC_REQ_STREAM 32768
29	#define ISC_REQ_INTEGRITY 65536
30	#define ISC_REQ_MANUAL_CRED_VALIDATION 524288
31	#define ISC_REQ_HTTP 268435456
32
33	#define ISC_RET_EXTENDED_ERROR 16384
34
35	#define ASC_REQ_DELEGATE 1
36	#define ASC_REQ_MUTUAL_AUTH 2
37	#define ASC_REQ_REPLAY_DETECT 4
38	#define ASC_REQ_SEQUENCE_DETECT 8
39	#define ASC_REQ_CONFIDENTIALITY 16
40	#define ASC_REQ_USE_SESSION_KEY 32
41	#define ASC_REQ_ALLOCATE_MEMORY 256
42	#define ASC_REQ_USE_DCE_STYLE 512
43	#define ASC_REQ_DATAGRAM 1024
44	#define ASC_REQ_CONNECTION 2048
45	#define ASC_REQ_EXTENDED_ERROR 32768
46	#define ASC_REQ_STREAM 65536
47	#define ASC_REQ_INTEGRITY 131072
48
49	#define SECURITY_NATIVE_DREP 16
50	#define SECURITY_NETWORK_DREP 0
51
52	#define SECPKG_STATE_ENCRYPTION_PERMITTED 0x01
53	#define SECPKG_STATE_STRONG_ENCRYPTION_PERMITTED 0x02
54	#define SECPKG_STATE_DOMAIN_CONTROLLER 0x04
55	#define SECPKG_STATE_WORKSTATION 0x08
56	#define SECPKG_STATE_STANDALONE 0x10
57
58	/* enum definitions for Secure Service Provider/Authentication Packages */
59	typedef enum _LSA_TOKEN_INFORMATION_TYPE {
60	LsaTokenInformationNull,
61	LsaTokenInformationV1
62	} LSA_TOKEN_INFORMATION_TYPE, *PLSA_TOKEN_INFORMATION_TYPE;
63	typedef enum _SECPKG_EXTENDED_INFORMATION_CLASS
64	{
65	SecpkgGssInfo = 1,
66	SecpkgContextThunks,
67	SecpkgMutualAuthLevel,
68	SecpkgMaxInfo
69	} SECPKG_EXTENDED_INFORMATION_CLASS;
70	typedef enum _SECPKG_NAME_TYPE {
71	SecNameSamCompatible,
72	SecNameAlternateId,
73	SecNameFlat,
74	SecNameDN
75	} SECPKG_NAME_TYPE;
76
77	/* struct definitions for SSP/AP */
78	typedef struct _SECPKG_PRIMARY_CRED {
79	LUID LogonId;
80	UNICODE_STRING DownlevelName;
81	UNICODE_STRING DomainName;
82	UNICODE_STRING Password;
83	UNICODE_STRING OldPassword;
84	PSID UserSid;
85	ULONG Flags;
86	UNICODE_STRING DnsDomainName;
87	UNICODE_STRING Upn;
88	UNICODE_STRING LogonServer;
89	UNICODE_STRING Spare1;
90	UNICODE_STRING Spare2;
91	UNICODE_STRING Spare3;
92	UNICODE_STRING Spare4;
93	} SECPKG_PRIMARY_CRED, *PSECPKG_PRIMARY_CRED;
94	typedef struct _SECPKG_SUPPLEMENTAL_CRED {
95	UNICODE_STRING PackageName;
96	ULONG CredentialSize;
97	PUCHAR Credentials;
98	} SECPKG_SUPPLEMENTAL_CRED, *PSECPKG_SUPPLEMENTAL_CRED;
99	typedef struct _SECPKG_SUPPLEMENTAL_CRED_ARRAY {
100	ULONG CredentialCount;
101	SECPKG_SUPPLEMENTAL_CRED Credentials[1];
102	} SECPKG_SUPPLEMENTAL_CRED_ARRAY, *PSECPKG_SUPPLEMENTAL_CRED_ARRAY;
103	typedef struct _SECPKG_PARAMETERS {
104	ULONG Version;
105	ULONG MachineState;
106	ULONG SetupMode;
107	PSID DomainSid;
108	UNICODE_STRING DomainName;
109	UNICODE_STRING DnsDomainName;
110	GUID DomainGuid;
111	} SECPKG_PARAMETERS, *PSECPKG_PARAMETERS,
112	SECPKG_EVENT_DOMAIN_CHANGE, *PSECPKG_EVENT_DOMAIN_CHANGE;
113	typedef struct _SECPKG_CLIENT_INFO {
114	LUID LogonId;
115	ULONG ProcessID;
116	ULONG ThreadID;
117	BOOLEAN HasTcbPrivilege;
118	BOOLEAN Impersonating;
119	BOOLEAN Restricted;
120	} SECPKG_CLIENT_INFO,
121	*PSECPKG_CLIENT_INFO;
122	typedef struct _SECURITY_USER_DATA {
123	SECURITY_STRING UserName;
124	SECURITY_STRING LogonDomainName;
125	SECURITY_STRING LogonServer;
126	PSID pSid;
127	} SECURITY_USER_DATA, *PSECURITY_USER_DATA,
128	SecurityUserData, *PSecurityUserData;
129	typedef struct _SECPKG_GSS_INFO {
130	ULONG EncodedIdLength;
131	UCHAR EncodedId[4];
132	} SECPKG_GSS_INFO, *PSECPKG_GSS_INFO;
133	typedef struct _SECPKG_CONTEXT_THUNKS {
134	ULONG InfoLevelCount;
135	ULONG Levels[1];
136	} SECPKG_CONTEXT_THUNKS, *PSECPKG_CONTEXT_THUNKS;
137	typedef struct _SECPKG_MUTUAL_AUTH_LEVEL {
138	ULONG MutualAuthLevel;
139	} SECPKG_MUTUAL_AUTH_LEVEL, *PSECPKG_MUTUAL_AUTH_LEVEL;
140	typedef struct _SECPKG_CALL_INFO {
141	ULONG ProcessId;
142	ULONG ThreadId;
143	ULONG Attributes;
144	ULONG CallCount;
145	} SECPKG_CALL_INFO, *PSECPKG_CALL_INFO;
146	typedef struct _SECPKG_EXTENDED_INFORMATION {
147	SECPKG_EXTENDED_INFORMATION_CLASS Class;
148	union {
149	SECPKG_GSS_INFO GssInfo;
150	SECPKG_CONTEXT_THUNKS ContextThunks;
151	SECPKG_MUTUAL_AUTH_LEVEL MutualAuthLevel;
152	} Info;
153	} SECPKG_EXTENDED_INFORMATION, *PSECPKG_EXTENDED_INFORMATION;
154
155	/* callbacks implemented by SSP/AP dlls and called by the LSA */
156	typedef VOID (NTAPI *PLSA_CALLBACK_FUNCTION)(ULONG_PTR, ULONG_PTR, PSecBuffer,
157	PSecBuffer);
158
159	/* misc typedefs used in the below prototypes */
160	typedef PVOID *PLSA_CLIENT_REQUEST;
161	typedef ULONG LSA_SEC_HANDLE, *PLSA_SEC_HANDLE;
162	typedef LPTHREAD_START_ROUTINE SEC_THREAD_START;
163	typedef PSECURITY_ATTRIBUTES SEC_ATTRS;
164
165	/* functions used by SSP/AP obtainable by dispatch tables */
166	typedef NTSTATUS (NTAPI *PLSA_REGISTER_CALLBACK)(ULONG, PLSA_CALLBACK_FUNCTION);
167	typedef NTSTATUS (NTAPI *PLSA_CREATE_LOGON_SESSION)(PLUID);
168	typedef NTSTATUS (NTAPI *PLSA_DELETE_LOGON_SESSION)(PLUID);
169	typedef NTSTATUS (NTAPI *PLSA_ADD_CREDENTIAL)(PLUID, ULONG, PLSA_STRING,
170	PLSA_STRING);
171	typedef NTSTATUS (NTAPI *PLSA_GET_CREDENTIALS)(PLUID, ULONG, PULONG, BOOLEAN,
172	PLSA_STRING, PULONG, PLSA_STRING);
173	typedef NTSTATUS (NTAPI *PLSA_DELETE_CREDENTIAL)(PLUID, ULONG, PLSA_STRING);
174	typedef PVOID (NTAPI *PLSA_ALLOCATE_LSA_HEAP)(ULONG);
175	typedef VOID (NTAPI *PLSA_FREE_LSA_HEAP)(PVOID);
176	typedef NTSTATUS (NTAPI *PLSA_ALLOCATE_CLIENT_BUFFER)(PLSA_CLIENT_REQUEST,
177	ULONG, PVOID*);
178	typedef NTSTATUS (NTAPI *PLSA_FREE_CLIENT_BUFFER)(PLSA_CLIENT_REQUEST, PVOID);
179	typedef NTSTATUS (NTAPI *PLSA_COPY_TO_CLIENT_BUFFER)(PLSA_CLIENT_REQUEST, ULONG,
180	PVOID, PVOID);
181	typedef NTSTATUS (NTAPI *PLSA_COPY_FROM_CLIENT_BUFFER)(PLSA_CLIENT_REQUEST,
182	ULONG, PVOID, PVOID);
183	typedef NTSTATUS (NTAPI *PLSA_IMPERSONATE_CLIENT)(void);
184	typedef NTSTATUS (NTAPI *PLSA_UNLOAD_PACKAGE)(void);
185	typedef NTSTATUS (NTAPI *PLSA_DUPLICATE_HANDLE)(HANDLE, PHANDLE);
186	typedef NTSTATUS (NTAPI *PLSA_SAVE_SUPPLEMENTAL_CREDENTIALS)(PLUID, ULONG,
187	PVOID, BOOLEAN);
188	typedef HANDLE (NTAPI *PLSA_CREATE_THREAD)(SEC_ATTRS, ULONG, SEC_THREAD_START,
189	PVOID, ULONG, PULONG);
190	typedef NTSTATUS (NTAPI *PLSA_GET_CLIENT_INFO)(PSECPKG_CLIENT_INFO);
191	typedef HANDLE (NTAPI *PLSA_REGISTER_NOTIFICATION)(SEC_THREAD_START, PVOID,
192	ULONG, ULONG, ULONG, ULONG, HANDLE);
193	typedef NTSTATUS (NTAPI *PLSA_CANCEL_NOTIFICATION)(HANDLE);
194	typedef NTSTATUS (NTAPI *PLSA_MAP_BUFFER)(PSecBuffer, PSecBuffer);
195	typedef NTSTATUS (NTAPI *PLSA_CREATE_TOKEN)(PLUID, PTOKEN_SOURCE,
196	SECURITY_LOGON_TYPE, SECURITY_IMPERSONATION_LEVEL, LSA_TOKEN_INFORMATION_TYPE,
197	PVOID, PTOKEN_GROUPS, PUNICODE_STRING, PUNICODE_STRING, PUNICODE_STRING,
198	PUNICODE_STRING, PHANDLE, PNTSTATUS);
199	typedef VOID (NTAPI *PLSA_AUDIT_LOGON)(NTSTATUS, NTSTATUS, PUNICODE_STRING,
200	PUNICODE_STRING, PUNICODE_STRING, OPTIONAL PSID, SECURITY_LOGON_TYPE,
201	PTOKEN_SOURCE, PLUID);
202	typedef NTSTATUS (NTAPI *PLSA_CALL_PACKAGE)(PUNICODE_STRING, PVOID, ULONG,
203	PVOID*, PULONG, PNTSTATUS);
204	typedef VOID (NTAPI *PLSA_FREE_LSA_HEAP)(PVOID);
205	typedef BOOLEAN (NTAPI *PLSA_GET_CALL_INFO)(PSECPKG_CALL_INFO);
206	typedef NTSTATUS (NTAPI *PLSA_CALL_PACKAGEEX)(PUNICODE_STRING, PVOID, PVOID,
207	ULONG, PVOID*, PULONG, PNTSTATUS);
208	typedef PVOID (NTAPI *PLSA_CREATE_SHARED_MEMORY)(ULONG, ULONG);
209	typedef PVOID (NTAPI *PLSA_ALLOCATE_SHARED_MEMORY)(PVOID, ULONG);
210	typedef VOID (NTAPI *PLSA_FREE_SHARED_MEMORY)(PVOID, PVOID);
211	typedef BOOLEAN (NTAPI *PLSA_DELETE_SHARED_MEMORY)(PVOID);
212	typedef NTSTATUS (NTAPI *PLSA_OPEN_SAM_USER)(PSECURITY_STRING, SECPKG_NAME_TYPE,
213	PSECURITY_STRING, BOOLEAN, ULONG, PVOID*);
214	typedef NTSTATUS (NTAPI PLSA_GET_USER_CREDENTIALS)(PVOID, PVOID , PULONG,
215	PVOID *, PULONG);
216	typedef NTSTATUS (NTAPI PLSA_GET_USER_AUTH_DATA)(PVOID, PUCHAR , PULONG);
217	typedef NTSTATUS (NTAPI *PLSA_CLOSE_SAM_USER)(PVOID);
218	typedef NTSTATUS (NTAPI *PLSA_CONVERT_AUTH_DATA_TO_TOKEN)(PVOID, ULONG,
219	SECURITY_IMPERSONATION_LEVEL, PTOKEN_SOURCE, SECURITY_LOGON_TYPE,
220	PUNICODE_STRING, PHANDLE, PLUID, PUNICODE_STRING, PNTSTATUS);
221	typedef NTSTATUS (NTAPI *PLSA_CLIENT_CALLBACK)(PCHAR, ULONG_PTR, ULONG_PTR,
222	PSecBuffer, PSecBuffer);
223	typedef NTSTATUS (NTAPI *PLSA_UPDATE_PRIMARY_CREDENTIALS)(PSECPKG_PRIMARY_CRED, PSECPKG_SUPPLEMENTAL_CRED_ARRAY);
224	typedef NTSTATUS (NTAPI *PLSA_GET_AUTH_DATA_FOR_USER)(PSECURITY_STRING,
225	SECPKG_NAME_TYPE, PSECURITY_STRING, PUCHAR *, PULONG, PUNICODE_STRING);
226	typedef NTSTATUS (NTAPI *PLSA_CRACK_SINGLE_NAME)(ULONG, BOOLEAN,
227	PUNICODE_STRING, PUNICODE_STRING, ULONG, PUNICODE_STRING, PUNICODE_STRING,
228	PULONG);
229	typedef NTSTATUS (NTAPI *PLSA_AUDIT_ACCOUNT_LOGON)(ULONG, BOOLEAN,
230	PUNICODE_STRING, PUNICODE_STRING, PUNICODE_STRING, NTSTATUS);
231	typedef NTSTATUS (NTAPI *PLSA_CALL_PACKAGE_PASSTHROUGH)(PUNICODE_STRING, PVOID,
232	PVOID, ULONG, PVOID*, PULONG, PNTSTATUS);
233
234	/* Dispatch tables of functions used by SSP/AP */
235	typedef struct SECPKG_DLL_FUNCTIONS {
236	PLSA_ALLOCATE_LSA_HEAP AllocateHeap;
237	PLSA_FREE_LSA_HEAP FreeHeap;
238	PLSA_REGISTER_CALLBACK RegisterCallback;
239	} SECPKG_DLL_FUNCTIONS,
240	*PSECPKG_DLL_FUNCTIONS;
241	typedef struct LSA_DISPATCH_TABLE {
242	PLSA_CREATE_LOGON_SESSION CreateLogonSession;
243	PLSA_DELETE_LOGON_SESSION DeleteLogonSession;
244	PLSA_ADD_CREDENTIAL AddCredential;
245	PLSA_GET_CREDENTIALS GetCredentials;
246	PLSA_DELETE_CREDENTIAL DeleteCredential;
247	PLSA_ALLOCATE_LSA_HEAP AllocateLsaHeap;
248	PLSA_FREE_LSA_HEAP FreeLsaHeap;
249	PLSA_ALLOCATE_CLIENT_BUFFER AllocateClientBuffer;
250	PLSA_FREE_CLIENT_BUFFER FreeClientBuffer;
251	PLSA_COPY_TO_CLIENT_BUFFER CopyToClientBuffer;
252	PLSA_COPY_FROM_CLIENT_BUFFER CopyFromClientBuffer;
253	} LSA_DISPATCH_TABLE,
254	*PLSA_DISPATCH_TABLE;
255	typedef struct _LSA_SECPKG_FUNCTION_TABLE {
256	PLSA_CREATE_LOGON_SESSION CreateLogonSession;
257	PLSA_DELETE_LOGON_SESSION DeleteLogonSession;
258	PLSA_ADD_CREDENTIAL AddCredential;
259	PLSA_GET_CREDENTIALS GetCredentials;
260	PLSA_DELETE_CREDENTIAL DeleteCredential;
261	PLSA_ALLOCATE_LSA_HEAP AllocateLsaHeap;
262	PLSA_FREE_LSA_HEAP FreeLsaHeap;
263	PLSA_ALLOCATE_CLIENT_BUFFER AllocateClientBuffer;
264	PLSA_FREE_CLIENT_BUFFER FreeClientBuffer;
265	PLSA_COPY_TO_CLIENT_BUFFER CopyToClientBuffer;
266	PLSA_COPY_FROM_CLIENT_BUFFER CopyFromClientBuffer;
267	PLSA_IMPERSONATE_CLIENT ImpersonateClient;
268	PLSA_UNLOAD_PACKAGE UnloadPackage;
269	PLSA_DUPLICATE_HANDLE DuplicateHandle;
270	PLSA_SAVE_SUPPLEMENTAL_CREDENTIALS SaveSupplementalCredentials;
271	PLSA_CREATE_THREAD CreateThread;
272	PLSA_GET_CLIENT_INFO GetClientInfo;
273	PLSA_REGISTER_NOTIFICATION RegisterNotification;
274	PLSA_CANCEL_NOTIFICATION CancelNotification;
275	PLSA_MAP_BUFFER MapBuffer;
276	PLSA_CREATE_TOKEN CreateToken;
277	PLSA_AUDIT_LOGON AuditLogon;
278	PLSA_CALL_PACKAGE CallPackage;
279	PLSA_FREE_LSA_HEAP FreeReturnBuffer;
280	PLSA_GET_CALL_INFO GetCallInfo;
281	PLSA_CALL_PACKAGEEX CallPackageEx;
282	PLSA_CREATE_SHARED_MEMORY CreateSharedMemory;
283	PLSA_ALLOCATE_SHARED_MEMORY AllocateSharedMemory;
284	PLSA_FREE_SHARED_MEMORY FreeSharedMemory;
285	PLSA_DELETE_SHARED_MEMORY DeleteSharedMemory;
286	PLSA_OPEN_SAM_USER OpenSamUser;
287	PLSA_GET_USER_CREDENTIALS GetUserCredentials;
288	PLSA_GET_USER_AUTH_DATA GetUserAuthData;
289	PLSA_CLOSE_SAM_USER CloseSamUser;
290	PLSA_CONVERT_AUTH_DATA_TO_TOKEN ConvertAuthDataToToken;
291	PLSA_CLIENT_CALLBACK ClientCallback;
292	PLSA_UPDATE_PRIMARY_CREDENTIALS UpdateCredentials;
293	PLSA_GET_AUTH_DATA_FOR_USER GetAuthDataForUser;
294	PLSA_CRACK_SINGLE_NAME CrackSingleName;
295	PLSA_AUDIT_ACCOUNT_LOGON AuditAccountLogon;
296	PLSA_CALL_PACKAGE_PASSTHROUGH CallPackagePassthrough;
297	} LSA_SECPKG_FUNCTION_TABLE,
298	*PLSA_SECPKG_FUNCTION_TABLE;
299
300	/* functions implemented by SSP/AP obtainable by dispatch tables */
301	typedef NTSTATUS (NTAPI *PLSA_AP_INITIALIZE_PACKAGE)(ULONG, PLSA_DISPATCH_TABLE,
302	PLSA_STRING, PLSA_STRING, PLSA_STRING *);
303	typedef NTSTATUS (NTAPI *PLSA_AP_LOGON_USER)(LPWSTR, LPWSTR, LPWSTR, LPWSTR,
304	DWORD, DWORD, PHANDLE);
305	typedef NTSTATUS (NTAPI *PLSA_AP_CALL_PACKAGE)(PUNICODE_STRING, PVOID, ULONG,
306	PVOID *, PULONG, PNTSTATUS);
307	typedef VOID (NTAPI *PLSA_AP_LOGON_TERMINATED)(PLUID);
308	typedef NTSTATUS (NTAPI *PLSA_AP_CALL_PACKAGE_UNTRUSTED)(PLSA_CLIENT_REQUEST,
309	PVOID, PVOID, ULONG, PVOID *, PULONG, PNTSTATUS);
310	typedef NTSTATUS (NTAPI *PLSA_AP_CALL_PACKAGE_PASSTHROUGH)(PUNICODE_STRING,
311	PVOID, PVOID, ULONG, PVOID *, PULONG, PNTSTATUS);
312	typedef NTSTATUS (NTAPI *PLSA_AP_LOGON_USER_EX)(PLSA_CLIENT_REQUEST,
313	SECURITY_LOGON_TYPE, PVOID, PVOID, ULONG, PVOID *, PULONG, PLUID, PNTSTATUS,
314	PLSA_TOKEN_INFORMATION_TYPE, PVOID , PUNICODE_STRING , PUNICODE_STRING *,
315	PUNICODE_STRING *);
316	typedef NTSTATUS (NTAPI *PLSA_AP_LOGON_USER_EX2)(PLSA_CLIENT_REQUEST,
317	SECURITY_LOGON_TYPE, PVOID, PVOID, ULONG, PVOID *, PULONG, PLUID, PNTSTATUS,
318	PLSA_TOKEN_INFORMATION_TYPE, PVOID , PUNICODE_STRING , PUNICODE_STRING *,
319	PUNICODE_STRING , PSECPKG_PRIMARY_CRED, PSECPKG_SUPPLEMENTAL_CRED_ARRAY );
320	typedef NTSTATUS (SpInitializeFn)(ULONG_PTR, PSECPKG_PARAMETERS,
321	PLSA_SECPKG_FUNCTION_TABLE);
322	typedef NTSTATUS (NTAPI SpShutDownFn)(void);
323	typedef NTSTATUS (NTAPI SpGetInfoFn)(PSecPkgInfoW);
324	typedef NTSTATUS (NTAPI SpAcceptCredentialsFn)(SECURITY_LOGON_TYPE,
325	PUNICODE_STRING, PSECPKG_PRIMARY_CRED, PSECPKG_SUPPLEMENTAL_CRED);
326	typedef NTSTATUS (NTAPI SpAcquireCredentialsHandleFn)(PUNICODE_STRING, ULONG,
327	PLUID, PVOID, PVOID, PVOID, PLSA_SEC_HANDLE, PTimeStamp);
328	typedef NTSTATUS (NTAPI SpQueryCredentialsAttributesFn)(LSA_SEC_HANDLE, ULONG,
329	PVOID);
330	typedef NTSTATUS (NTAPI SpFreeCredentialsHandleFn)(LSA_SEC_HANDLE);
331	typedef NTSTATUS (NTAPI SpSaveCredentialsFn)(LSA_SEC_HANDLE, PSecBuffer);
332	typedef NTSTATUS (NTAPI SpGetCredentialsFn)(LSA_SEC_HANDLE, PSecBuffer);
333	typedef NTSTATUS (NTAPI SpDeleteCredentialsFn)(LSA_SEC_HANDLE, PSecBuffer);
334	typedef NTSTATUS (NTAPI SpInitLsaModeContextFn)(LSA_SEC_HANDLE, LSA_SEC_HANDLE,
335	PUNICODE_STRING, ULONG, ULONG, PSecBufferDesc, PLSA_SEC_HANDLE, PSecBufferDesc,
336	PULONG, PTimeStamp, PBOOLEAN, PSecBuffer);
337	typedef NTSTATUS (NTAPI SpAcceptLsaModeContextFn)(LSA_SEC_HANDLE,
338	LSA_SEC_HANDLE, PSecBufferDesc, ULONG, ULONG, PLSA_SEC_HANDLE, PSecBufferDesc,
339	PULONG, PTimeStamp, PBOOLEAN, PSecBuffer);
340	typedef NTSTATUS (NTAPI SpDeleteContextFn)(LSA_SEC_HANDLE);
341	typedef NTSTATUS (NTAPI SpApplyControlTokenFn)(LSA_SEC_HANDLE, PSecBufferDesc);
342	typedef NTSTATUS (NTAPI SpGetUserInfoFn)(PLUID, ULONG, PSecurityUserData *);
343	typedef NTSTATUS (NTAPI SpGetExtendedInformationFn)(
344	SECPKG_EXTENDED_INFORMATION_CLASS, PSECPKG_EXTENDED_INFORMATION *);
345	typedef NTSTATUS (NTAPI SpQueryContextAttributesFn)(LSA_SEC_HANDLE, ULONG,
346	PVOID);
347	typedef NTSTATUS (NTAPI SpAddCredentialsFn)(LSA_SEC_HANDLE, PUNICODE_STRING,
348	PUNICODE_STRING, ULONG, PVOID, PVOID, PVOID, PTimeStamp);
349	typedef NTSTATUS (NTAPI SpSetExtendedInformationFn)(
350	SECPKG_EXTENDED_INFORMATION_CLASS, PSECPKG_EXTENDED_INFORMATION);
351	typedef NTSTATUS (NTAPI SpInstanceInitFn)(ULONG, PSECPKG_DLL_FUNCTIONS,
352	PVOID *);
353	typedef NTSTATUS (NTAPI SpInitUserModeContextFn)(LSA_SEC_HANDLE, PSecBuffer);
354	typedef NTSTATUS (NTAPI SpMakeSignatureFn)(LSA_SEC_HANDLE, ULONG,
355	PSecBufferDesc, ULONG);
356	typedef NTSTATUS (NTAPI SpVerifySignatureFn)(LSA_SEC_HANDLE, PSecBufferDesc,
357	ULONG, PULONG);
358	typedef NTSTATUS (NTAPI SpSealMessageFn)(LSA_SEC_HANDLE, ULONG, PSecBufferDesc,
359	ULONG);
360	typedef NTSTATUS (NTAPI SpUnsealMessageFn)(LSA_SEC_HANDLE, PSecBufferDesc,
361	ULONG, PULONG);
362	typedef NTSTATUS (NTAPI SpGetContextTokenFn)(LSA_SEC_HANDLE, PHANDLE);
363	typedef NTSTATUS (NTAPI SpCompleteAuthTokenFn)(LSA_SEC_HANDLE, PSecBufferDesc);
364	typedef NTSTATUS (NTAPI SpFormatCredentialsFn)(PSecBuffer, PSecBuffer);
365	typedef NTSTATUS (NTAPI SpMarshallSupplementalCredsFn)(ULONG, PUCHAR, PULONG,
366	PVOID *);
367	typedef NTSTATUS (NTAPI SpExportSecurityContextFn)(LSA_SEC_HANDLE, ULONG,
368	PSecBuffer, PHANDLE);
369	typedef NTSTATUS (NTAPI SpImportSecurityContextFn)(PSecBuffer, HANDLE,
370	PLSA_SEC_HANDLE);
371
372	/* Dispatch tables of functions implemented by SSP/AP */
373	typedef struct SECPKG_FUNCTION_TABLE {
374	PLSA_AP_INITIALIZE_PACKAGE InitializePackage;
375	PLSA_AP_LOGON_USER LogonUser;
376	PLSA_AP_CALL_PACKAGE CallPackage;
377	PLSA_AP_LOGON_TERMINATED LogonTerminated;
378	PLSA_AP_CALL_PACKAGE_UNTRUSTED CallPackageUntrusted;
379	PLSA_AP_CALL_PACKAGE_PASSTHROUGH CallPackagePassthrough;
380	PLSA_AP_LOGON_USER_EX LogonUserEx;
381	PLSA_AP_LOGON_USER_EX2 LogonUserEx2;
382	SpInitializeFn *Initialize;
383	SpShutDownFn *Shutdown;
384	SpGetInfoFn *GetInfo;
385	SpAcceptCredentialsFn *AcceptCredentials;
386	SpAcquireCredentialsHandleFn *AcquireCredentialsHandle;
387	SpQueryCredentialsAttributesFn *QueryCredentialsAttributes;
388	SpFreeCredentialsHandleFn *FreeCredentialsHandle;
389	SpSaveCredentialsFn *SaveCredentials;
390	SpGetCredentialsFn *GetCredentials;
391	SpDeleteCredentialsFn *DeleteCredentials;
392	SpInitLsaModeContextFn *InitLsaModeContext;
393	SpAcceptLsaModeContextFn *AcceptLsaModeContext;
394	SpDeleteContextFn *DeleteContext;
395	SpApplyControlTokenFn *ApplyControlToken;
396	SpGetUserInfoFn *GetUserInfo;
397	SpGetExtendedInformationFn *GetExtendedInformation;
398	SpQueryContextAttributesFn *QueryContextAttributes;
399	SpAddCredentialsFn *AddCredentials;
400	SpSetExtendedInformationFn *SetExtendedInformation;
401	} SECPKG_FUNCTION_TABLE,
402	*PSECPKG_FUNCTION_TABLE;
403
404	typedef struct SECPKG_USER_FUNCTION_TABLE {
405	SpInstanceInitFn *InstanceInit;
406	SpInitUserModeContextFn *InitUserModeContext;
407	SpMakeSignatureFn *MakeSignature;
408	SpVerifySignatureFn *VerifySignature;
409	SpSealMessageFn *SealMessage;
410	SpUnsealMessageFn *UnsealMessage;
411	SpGetContextTokenFn *GetContextToken;
412	SpQueryContextAttributesFn *QueryContextAttributes;
413	SpCompleteAuthTokenFn *CompleteAuthToken;
414	SpDeleteContextFn *DeleteUserModeContext;
415	SpFormatCredentialsFn *FormatCredentials;
416	SpMarshallSupplementalCredsFn *MarshallSupplementalCreds;
417	SpExportSecurityContextFn *ExportContext;
418	SpImportSecurityContextFn *ImportContext;
419	} SECPKG_USER_FUNCTION_TABLE,
420	*PSECPKG_USER_FUNCTION_TABLE;
421
422	/* Entry points to SSP/AP */
423	typedef NTSTATUS (NTAPI *SpLsaModeInitializeFn)(ULONG, PULONG,
424	PSECPKG_FUNCTION_TABLE *, PULONG);
425	typedef NTSTATUS (WINAPI *SpUserModeInitializeFn)(ULONG, PULONG,
426	PSECPKG_USER_FUNCTION_TABLE *, PULONG);
427
428	#ifdef __cplusplus
429	}
430	#endif
431	#endif /* _NTSECPKG_H */