From c9cd361f81145bb055738454e6a0502d74dabb17 Mon Sep 17 00:00:00 2001 From: Biswapriyo Nath <[email protected]> Date: Fri, 10 Mar 2023 10:50:30 +0530 Subject: [PATCH] headers: Add new symbols in ntsecpkg.h
Signed-off-by: Biswapriyo Nath <[email protected]> --- mingw-w64-headers/include/ntsecpkg.h | 369 ++++++++++++++++++++++++++- 1 file changed, 361 insertions(+), 8 deletions(-) diff --git a/mingw-w64-headers/include/ntsecpkg.h b/mingw-w64-headers/include/ntsecpkg.h index 2faef2c..7dd7576 100644 --- a/mingw-w64-headers/include/ntsecpkg.h +++ b/mingw-w64-headers/include/ntsecpkg.h @@ -15,7 +15,8 @@ extern "C" { typedef enum _LSA_TOKEN_INFORMATION_TYPE { LsaTokenInformationNull, LsaTokenInformationV1, - LsaTokenInformationV2 + LsaTokenInformationV2, + LsaTokenInformationV3 } LSA_TOKEN_INFORMATION_TYPE,*PLSA_TOKEN_INFORMATION_TYPE; typedef struct _LSA_TOKEN_INFORMATION_NULL { @@ -34,6 +35,20 @@ extern "C" { } LSA_TOKEN_INFORMATION_V1,*PLSA_TOKEN_INFORMATION_V1; typedef LSA_TOKEN_INFORMATION_V1 LSA_TOKEN_INFORMATION_V2,*PLSA_TOKEN_INFORMATION_V2; + + typedef struct _LSA_TOKEN_INFORMATION_V3 { + LARGE_INTEGER ExpirationTime; + TOKEN_USER User; + PTOKEN_GROUPS Groups; + TOKEN_PRIMARY_GROUP PrimaryGroup; + PTOKEN_PRIVILEGES Privileges; + TOKEN_OWNER Owner; + TOKEN_DEFAULT_DACL DefaultDacl; + TOKEN_USER_CLAIMS UserClaims; + TOKEN_DEVICE_CLAIMS DeviceClaims; + PTOKEN_GROUPS DeviceGroups; + } LSA_TOKEN_INFORMATION_V3, *PLSA_TOKEN_INFORMATION_V3; + typedef NTSTATUS (NTAPI LSA_CREATE_LOGON_SESSION)(PLUID LogonId); typedef NTSTATUS (NTAPI LSA_DELETE_LOGON_SESSION)(PLUID LogonId); typedef NTSTATUS (NTAPI LSA_ADD_CREDENTIAL)(PLUID LogonId,ULONG AuthenticationPackage,PLSA_STRING PrimaryKeyValue,PLSA_STRING Credentials); @@ -114,7 +129,28 @@ extern "C" { typedef VOID (*PSAM_CREDENTIAL_UPDATE_FREE_ROUTINE)(PVOID p); #define SAM_CREDENTIAL_UPDATE_FREE_ROUTINE "CredentialUpdateFree" -#endif + + typedef struct { + PSTR Original; + PSTR Mapped; + BOOLEAN Continuable; + } SAM_REGISTER_MAPPING_ELEMENT, *PSAM_REGISTER_MAPPING_ELEMENT; + + typedef struct { + ULONG Count; + PSAM_REGISTER_MAPPING_ELEMENT Elements; + } SAM_REGISTER_MAPPING_LIST, *PSAM_REGISTER_MAPPING_LIST; + + typedef struct { + ULONG Count; + PSAM_REGISTER_MAPPING_LIST Lists; + } SAM_REGISTER_MAPPING_TABLE, *PSAM_REGISTER_MAPPING_TABLE; + + typedef NTSTATUS (*PSAM_CREDENTIAL_UPDATE_REGISTER_MAPPED_ENTRYPOINTS_ROUTINE)(SAM_REGISTER_MAPPING_TABLE *Table); + +#define SAM_CREDENTIAL_UPDATE_REGISTER_MAPPED_ENTRYPOINTS_ROUTINE "RegisterMappedEntrypoints" + +#endif /* _SAM_CREDENTIAL_UPDATE_DEFINED */ #ifdef SECURITY_KERNEL @@ -143,6 +179,20 @@ extern "C" { } SECPKG_CLIENT_INFO,*PSECPKG_CLIENT_INFO; + typedef struct _SECPKG_CLIENT_INFO_EX { + LUID LogonId; + ULONG ProcessID; + ULONG ThreadID; + BOOLEAN HasTcbPrivilege; + BOOLEAN Impersonating; + BOOLEAN Restricted; + UCHAR ClientFlags; + SECURITY_IMPERSONATION_LEVEL ImpersonationLevel; + HANDLE ClientToken; + LUID IdentificationLogonId; + HANDLE IdentificationToken; + } SECPKG_CLIENT_INFO_EX, *PSECPKG_CLIENT_INFO_EX; + #define SECPKG_CLIENT_PROCESS_TERMINATED 0x01 #define SECPKG_CLIENT_THREAD_TERMINATED 0x02 @@ -151,6 +201,7 @@ extern "C" { ULONG ThreadId; ULONG Attributes; ULONG CallCount; + PVOID MechOid; } SECPKG_CALL_INFO,*PSECPKG_CALL_INFO; #define SECPKG_CALL_KERNEL_MODE 0x00000001 @@ -163,6 +214,18 @@ extern "C" { #define SECPKG_CALL_THREAD_TERM 0x00000080 #define SECPKG_CALL_PROCESS_TERM 0x00000100 #define SECPKG_CALL_IS_TCB 0x00000200 +#define SECPKG_CALL_NETWORK_ONLY 0x00000400 +#define SECPKG_CALL_WINLOGON 0x00000800 +#define SECPKG_CALL_ASYNC_UPDATE 0x00001000 +#define SECPKG_CALL_SYSTEM_PROC 0x00002000 +#define SECPKG_CALL_NEGO 0x00004000 +#define SECPKG_CALL_NEGO_EXTENDER 0x00008000 +#define SECPKG_CALL_BUFFER_MARSHAL 0x00010000 +#define SECPKG_CALL_UNLOCK 0x00020000 +#define SECPKG_CALL_CLOUDAP_CONNECT 0x00040000 + +#define SECPKG_CALL_WOWX86 0x00000040 +#define SECPKG_CALL_WOWA32 0x00040000 typedef struct _SECPKG_SUPPLEMENTAL_CRED { UNICODE_STRING PackageName; @@ -170,6 +233,47 @@ extern "C" { PUCHAR Credentials; } SECPKG_SUPPLEMENTAL_CRED,*PSECPKG_SUPPLEMENTAL_CRED; + typedef struct _SECPKG_BYTE_VECTOR { + ULONG ByteArrayOffset; + USHORT ByteArrayLength; + } SECPKG_BYTE_VECTOR, *PSECPKG_BYTE_VECTOR; + + typedef struct _SECPKG_SHORT_VECTOR { + ULONG ShortArrayOffset; + USHORT ShortArrayCount; + } SECPKG_SHORT_VECTOR, *PSECPKG_SHORT_VECTOR; + + typedef struct _SECPKG_SUPPLIED_CREDENTIAL { + USHORT cbHeaderLength; + USHORT cbStructureLength; + SECPKG_SHORT_VECTOR UserName; + SECPKG_SHORT_VECTOR DomainName; + SECPKG_BYTE_VECTOR PackedCredentials; + ULONG CredFlags; + } SECPKG_SUPPLIED_CREDENTIAL, *PSECPKG_SUPPLIED_CREDENTIAL; + +#define SECPKG_CREDENTIAL_VERSION 201 + +#define SECPKG_CREDENTIAL_FLAGS_CALLER_HAS_TCB 0x1 +#define SECPKG_CREDENTIAL_FLAGS_CREDMAN_CRED 0x2 + + typedef struct _SECPKG_CREDENTIAL { + ULONG64 Version; + USHORT cbHeaderLength; + ULONG cbStructureLength; + ULONG ClientProcess; + ULONG ClientThread; + LUID LogonId; + HANDLE ClientToken; + ULONG SessionId; + LUID ModifiedId; + ULONG fCredentials; + ULONG Flags; + SECPKG_BYTE_VECTOR PrincipalName; + SECPKG_BYTE_VECTOR PackageList; + SECPKG_BYTE_VECTOR MarshaledSuppliedCreds; + } SECPKG_CREDENTIAL, *PSECPKG_CREDENTIAL; + typedef ULONG_PTR LSA_SEC_HANDLE; typedef LSA_SEC_HANDLE *PLSA_SEC_HANDLE; typedef struct _SECPKG_SUPPLEMENTAL_CRED_ARRAY { @@ -177,6 +281,20 @@ extern "C" { SECPKG_SUPPLEMENTAL_CRED Credentials[1]; } SECPKG_SUPPLEMENTAL_CRED_ARRAY,*PSECPKG_SUPPLEMENTAL_CRED_ARRAY; + typedef struct _SECPKG_SURROGATE_LOGON_ENTRY { + GUID Type; + PVOID Data; + } SECPKG_SURROGATE_LOGON_ENTRY, *PSECPKG_SURROGATE_LOGON_ENTRY; + + typedef struct _SECPKG_SURROGATE_LOGON { + ULONG Version; + LUID SurrogateLogonID; + ULONG EntryCount; + PSECPKG_SURROGATE_LOGON_ENTRY Entries; + } SECPKG_SURROGATE_LOGON, *PSECPKG_SURROGATE_LOGON; + +#define SECPKG_SURROGATE_LOGON_VERSION_1 1 + #define SECBUFFER_UNMAPPED 0x40000000 #define SECBUFFER_KERNEL_MAP 0x20000000 @@ -185,11 +303,29 @@ extern "C" { typedef LSA_CALLBACK_FUNCTION *PLSA_CALLBACK_FUNCTION; -#define PRIMARY_CRED_CLEAR_PASSWORD 0x1 -#define PRIMARY_CRED_OWF_PASSWORD 0x2 -#define PRIMARY_CRED_UPDATE 0x4 -#define PRIMARY_CRED_CACHED_LOGON 0x8 -#define PRIMARY_CRED_LOGON_NO_TCB 0x10 +#define PRIMARY_CRED_CLEAR_PASSWORD 0x00000001 +#define PRIMARY_CRED_OWF_PASSWORD 0x00000002 +#define PRIMARY_CRED_UPDATE 0x00000004 +#define PRIMARY_CRED_CACHED_LOGON 0x00000008 +#define PRIMARY_CRED_LOGON_NO_TCB 0x00000010 +#define PRIMARY_CRED_LOGON_LUA 0x00000020 +#define PRIMARY_CRED_INTERACTIVE_SMARTCARD_LOGON 0x00000040 +#define PRIMARY_CRED_REFRESH_NEEDED 0x00000080 +#define PRIMARY_CRED_INTERNET_USER 0x00000100 +#define PRIMARY_CRED_AUTH_ID 0x00000200 +#define PRIMARY_CRED_DO_NOT_SPLIT 0x00000400 +#define PRIMARY_CRED_PROTECTED_USER 0x00000800 +#define PRIMARY_CRED_EX 0x00001000 +#define PRIMARY_CRED_TRANSFER 0x00002000 +#define PRIMARY_CRED_RESTRICTED_TS 0x00004000 +#define PRIMARY_CRED_PACKED_CREDS 0x00008000 +#define PRIMARY_CRED_ENTERPRISE_INTERNET_USER 0x00010000 +#define PRIMARY_CRED_ENCRYPTED_CREDGUARD_PASSWORD 0x00020000 +#define PRIMARY_CRED_CACHED_INTERACTIVE_LOGON 0x00040000 +#define PRIMARY_CRED_INTERACTIVE_NGC_LOGON 0x00080000 +#define PRIMARY_CRED_INTERACTIVE_FIDO_LOGON 0x00100000 +#define PRIMARY_CRED_ARSO_LOGON 0x00200000 +#define PRIMARY_CRED_SUPPLEMENTAL 0x00400000 #define PRIMARY_CRED_LOGON_PACKAGE_SHIFT 24 #define PRIMARY_CRED_PACKAGE_MASK 0xff000000 @@ -211,6 +347,28 @@ extern "C" { UNICODE_STRING Spare4; } SECPKG_PRIMARY_CRED,*PSECPKG_PRIMARY_CRED; +#define SECPKG_PRIMARY_CRED_EX_FLAGS_EX_DELEGATION_TOKEN 0x1 + + typedef struct _SECPKG_PRIMARY_CRED_EX { + LUID LogonId; + UNICODE_STRING DownlevelName; + UNICODE_STRING DomainName; + UNICODE_STRING Password; + UNICODE_STRING OldPassword; + PSID UserSid; + ULONG Flags; + UNICODE_STRING DnsDomainName; + UNICODE_STRING Upn; + UNICODE_STRING LogonServer; + UNICODE_STRING Spare1; + UNICODE_STRING Spare2; + UNICODE_STRING Spare3; + UNICODE_STRING Spare4; + ULONG_PTR PackageId; + LUID PrevLogonId; + ULONG FlagsEx; + } SECPKG_PRIMARY_CRED_EX, *PSECPKG_PRIMARY_CRED_EX; + #define MAX_CRED_SIZE 1024 #define SECPKG_STATE_ENCRYPTION_PERMITTED 0x01 @@ -218,6 +376,8 @@ extern "C" { #define SECPKG_STATE_DOMAIN_CONTROLLER 0x04 #define SECPKG_STATE_WORKSTATION 0x08 #define SECPKG_STATE_STANDALONE 0x10 +#define SECPKG_STATE_CRED_ISOLATION_ENABLED 0x20 +#define SECPKG_STATE_RESERVED_1 0x80000000 typedef struct _SECPKG_PARAMETERS { ULONG Version; @@ -235,7 +395,8 @@ extern "C" { SecpkgMutualAuthLevel, SecpkgWowClientDll, SecpkgExtraOids, - SecpkgMaxInfo + SecpkgMaxInfo, + SecpkgNego2Info } SECPKG_EXTENDED_INFORMATION_CLASS; typedef struct _SECPKG_GSS_INFO { @@ -269,6 +430,11 @@ extern "C" { SECPKG_SERIALIZED_OID Oids[1 ]; } SECPKG_EXTRA_OIDS,*PSECPKG_EXTRA_OIDS; + typedef struct _SECPKG_NEGO2_INFO { + UCHAR AuthScheme[16]; + ULONG PackageFlags; + } SECPKG_NEGO2_INFO, *PSECPKG_NEGO2_INFO; + typedef struct _SECPKG_EXTENDED_INFORMATION { SECPKG_EXTENDED_INFORMATION_CLASS Class; union { @@ -277,9 +443,30 @@ extern "C" { SECPKG_MUTUAL_AUTH_LEVEL MutualAuthLevel; SECPKG_WOW_CLIENT_DLL WowClientDll; SECPKG_EXTRA_OIDS ExtraOids; + SECPKG_NEGO2_INFO Nego2Info; } Info; } SECPKG_EXTENDED_INFORMATION,*PSECPKG_EXTENDED_INFORMATION; + typedef struct _SECPKG_TARGETINFO { + PSID DomainSid; + PCWSTR ComputerName; + } SECPKG_TARGETINFO, *PSECPKG_TARGETINFO; + +#define SECPKG_MSVAV_FLAGS_VALID 0x01 +#define SECPKG_MSVAV_TIMESTAMP_VALID 0x02 + + typedef struct _SECPKG_NTLM_TARGETINFO { + ULONG Flags; + LPWSTR MsvAvNbComputerName; + LPWSTR MsvAvNbDomainName; + LPWSTR MsvAvDnsComputerName; + LPWSTR MsvAvDnsDomainName; + LPWSTR MsvAvDnsTreeName; + ULONG MsvAvFlags; + FILETIME MsvAvTimestamp; + LPWSTR MsvAvTargetName; + } SECPKG_NTLM_TARGETINFO, *PSECPKG_NTLM_TARGETINFO; + #define SECPKG_ATTR_SASL_CONTEXT 0x00010000 typedef struct _SecPkgContext_SaslContext { @@ -304,12 +491,80 @@ extern "C" { #define NO_LONG_NAMES 2 #endif +#define SECPKG_ALL_PACKAGES ((ULONG) -2) + + typedef enum _SECPKG_CALL_PACKAGE_MESSAGE_TYPE { + SecPkgCallPackageMinMessage = 1024, + SecPkgCallPackagePinDcMessage = SecPkgCallPackageMinMessage, + SecPkgCallPackageUnpinAllDcsMessage, + SecPkgCallPackageTransferCredMessage, + SecPkgCallPackageMaxMessage = SecPkgCallPackageTransferCredMessage + } SECPKG_CALL_PACKAGE_MESSAGE_TYPE, *PSECPKG_CALL_PACKAGE_MESSAGE_TYPE; + + typedef struct _SECPKG_CALL_PACKAGE_PIN_DC_REQUEST { + ULONG MessageType; + ULONG Flags; + UNICODE_STRING DomainName; + UNICODE_STRING DcName; + ULONG DcFlags; + } SECPKG_CALL_PACKAGE_PIN_DC_REQUEST, *PSECPKG_CALL_PACKAGE_PIN_DC_REQUEST; + + typedef struct _SECPKG_CALL_PACKAGE_UNPIN_ALL_DCS_REQUEST { + ULONG MessageType; + ULONG Flags; + } SECPKG_CALL_PACKAGE_UNPIN_ALL_DCS_REQUEST, *PSECPKG_CALL_PACKAGE_UNPIN_ALL_DCS_REQUEST; + +#define SECPKG_CALL_PACKAGE_TRANSFER_CRED_REQUEST_FLAG_OPTIMISTIC_LOGON 0x1 +#define SECPKG_CALL_PACKAGE_TRANSFER_CRED_REQUEST_FLAG_CLEANUP_CREDENTIALS 0x2 +#define SECPKG_CALL_PACKAGE_TRANSFER_CRED_REQUEST_FLAG_TO_SSO_SESSION 0x4 + + typedef struct _SECPKG_CALL_PACKAGE_TRANSFER_CRED_REQUEST { + ULONG MessageType; + LUID OriginLogonId; + LUID DestinationLogonId; + ULONG Flags; + } SECPKG_CALL_PACKAGE_TRANSFER_CRED_REQUEST, *PSECPKG_CALL_PACKAGE_TRANSFER_CRED_REQUEST; + + typedef NTSTATUS (NTAPI LSA_REDIRECTED_LOGON_INIT)(HANDLE RedirectedLogonHandle, const UNICODE_STRING *PackageName, ULONG SessionId, const LUID *LogonId); + typedef NTSTATUS (NTAPI LSA_REDIRECTED_LOGON_CALLBACK)(HANDLE RedirectedLogonHandle, PVOID Buffer, ULONG BufferLength, PVOID *ReturnBuffer, ULONG *ReturnBufferLength); + typedef VOID (NTAPI LSA_REDIRECTED_LOGON_CLEANUP_CALLBACK)(HANDLE RedirectedLogonHandle); + typedef NTSTATUS (NTAPI LSA_REDIRECTED_LOGON_GET_LOGON_CREDS)(HANDLE RedirectedLogonHandle, PBYTE *LogonBuffer, PULONG LogonBufferLength); + typedef NTSTATUS (NTAPI LSA_REDIRECTED_LOGON_GET_SUPP_CREDS)(HANDLE RedirectedLogonHandle, PSECPKG_SUPPLEMENTAL_CRED_ARRAY* SupplementalCredentials); + typedef NTSTATUS (NTAPI LSA_REDIRECTED_LOGON_GET_SID)(HANDLE RedirectedLogonHandle, PSID *Sid); + + typedef LSA_REDIRECTED_LOGON_INIT *PLSA_REDIRECTED_LOGON_INIT; + typedef LSA_REDIRECTED_LOGON_CALLBACK *PLSA_REDIRECTED_LOGON_CALLBACK; + typedef LSA_REDIRECTED_LOGON_GET_LOGON_CREDS *PLSA_REDIRECTED_LOGON_GET_LOGON_CREDS; + typedef LSA_REDIRECTED_LOGON_GET_SUPP_CREDS *PLSA_REDIRECTED_LOGON_GET_SUPP_CREDS; + typedef LSA_REDIRECTED_LOGON_CLEANUP_CALLBACK *PLSA_REDIRECTED_LOGON_CLEANUP_CALLBACK; + typedef LSA_REDIRECTED_LOGON_GET_SID *PLSA_REDIRECTED_LOGON_GET_SID; + +#define SECPKG_REDIRECTED_LOGON_GUID_INITIALIZER { 0xc2be5457, 0x82eb, 0x483e, { 0xae, 0x4e, 0x74, 0x68, 0xef, 0x14, 0xd5, 0x9 } } + + typedef struct _SECPKG_REDIRECTED_LOGON_BUFFER { + GUID RedirectedLogonGuid; + HANDLE RedirectedLogonHandle; + PLSA_REDIRECTED_LOGON_INIT Init; + PLSA_REDIRECTED_LOGON_CALLBACK Callback; + PLSA_REDIRECTED_LOGON_CLEANUP_CALLBACK CleanupCallback; + PLSA_REDIRECTED_LOGON_GET_LOGON_CREDS GetLogonCreds; + PLSA_REDIRECTED_LOGON_GET_SUPP_CREDS GetSupplementalCreds; + PLSA_REDIRECTED_LOGON_GET_SID GetRedirectedLogonSid; + } SECPKG_REDIRECTED_LOGON_BUFFER, *PSECPKG_REDIRECTED_LOGON_BUFFER; + + typedef struct _SECPKG_POST_LOGON_USER_INFO { + ULONG Flags; + LUID LogonId; + LUID LinkedLogonId; + } SECPKG_POST_LOGON_USER_INFO, *PSECPKG_POST_LOGON_USER_INFO; + typedef NTSTATUS (NTAPI LSA_IMPERSONATE_CLIENT)(VOID); typedef NTSTATUS (NTAPI LSA_UNLOAD_PACKAGE)(VOID); typedef NTSTATUS (NTAPI LSA_DUPLICATE_HANDLE)(HANDLE SourceHandle,PHANDLE DestionationHandle); typedef NTSTATUS (NTAPI LSA_SAVE_SUPPLEMENTAL_CREDENTIALS)(PLUID LogonId,ULONG SupplementalCredSize,PVOID SupplementalCreds,BOOLEAN Synchronous); typedef HANDLE (NTAPI LSA_CREATE_THREAD)(SEC_ATTRS SecurityAttributes,ULONG StackSize,SEC_THREAD_START StartFunction,PVOID ThreadParameter,ULONG CreationFlags,PULONG ThreadId); typedef NTSTATUS (NTAPI LSA_GET_CLIENT_INFO)(PSECPKG_CLIENT_INFO ClientInfo); + typedef NTSTATUS (NTAPI LSA_GET_CLIENT_INFO_EX)(PSECPKG_CLIENT_INFO_EX ClientInfo, ULONG StructSize); typedef HANDLE (NTAPI LSA_REGISTER_NOTIFICATION)(SEC_THREAD_START StartFunction,PVOID Parameter,ULONG NotificationType,ULONG NotificationClass,ULONG NotificationFlags,ULONG IntervalMinutes,HANDLE WaitEvent); typedef NTSTATUS (NTAPI LSA_CANCEL_NOTIFICATION)(HANDLE NotifyHandle); typedef NTSTATUS (NTAPI LSA_MAP_BUFFER)(PSecBuffer InputBuffer,PSecBuffer OutputBuffer); @@ -329,6 +584,8 @@ extern "C" { typedef PVOID (NTAPI LSA_ALLOCATE_SHARED_MEMORY)(PVOID SharedMem,ULONG Size); typedef VOID (NTAPI LSA_FREE_SHARED_MEMORY)(PVOID SharedMem,PVOID Memory); typedef BOOLEAN (NTAPI LSA_DELETE_SHARED_MEMORY)(PVOID SharedMem); + typedef NTSTATUS (NTAPI LSA_GET_APP_MODE_INFO)(PULONG UserFunction, PULONG_PTR Argument1, PULONG_PTR Argument2, PSecBuffer UserData, PBOOLEAN ReturnToLsa); + typedef NTSTATUS (NTAPI LSA_SET_APP_MODE_INFO)(ULONG UserFunction, ULONG_PTR Argument1, ULONG_PTR Argument2, PSecBuffer UserData, BOOLEAN ReturnToLsa); typedef enum _SECPKG_NAME_TYPE { SecNameSamCompatible, @@ -348,6 +605,7 @@ extern "C" { typedef NTSTATUS (NTAPI LSA_AUDIT_ACCOUNT_LOGON)(ULONG AuditId,BOOLEAN Success,PUNICODE_STRING Source,PUNICODE_STRING ClientName,PUNICODE_STRING MappedName,NTSTATUS Status); typedef NTSTATUS (NTAPI LSA_CLIENT_CALLBACK)(PCHAR Callback,ULONG_PTR Argument1,ULONG_PTR Argument2,PSecBuffer Input,PSecBuffer Output); typedef NTSTATUS (NTAPI LSA_REGISTER_CALLBACK)(ULONG CallbackId,PLSA_CALLBACK_FUNCTION Callback); + typedef NTSTATUS (NTAPI LSA_GET_EXTENDED_CALL_FLAGS)(PULONG Flags); #define NOTIFIER_FLAG_NEW_THREAD 0x00000001 #define NOTIFIER_FLAG_ONE_SHOT 0x00000002 @@ -395,12 +653,26 @@ extern "C" { typedef NTSTATUS (NTAPI LSA_OPEN_TOKEN_BY_LOGON_ID)(PLUID LogonId,HANDLE *RetTokenHandle); typedef NTSTATUS (NTAPI LSA_EXPAND_AUTH_DATA_FOR_DOMAIN)(PUCHAR UserAuthData,ULONG UserAuthDataSize,PVOID Reserved,PUCHAR *ExpandedAuthData,PULONG ExpandedAuthDataSize); + typedef enum _CRED_FETCH { + CredFetchDefault = 0, + CredFetchDPAPI, + CredFetchForced + } CRED_FETCH, *PCRED_FETCH; + + typedef NTSTATUS (NTAPI LSA_GET_SERVICE_ACCOUNT_PASSWORD)(PUNICODE_STRING AccountName, PUNICODE_STRING DomainName, CRED_FETCH CredFetch, FILETIME *FileTimeExpiry, PUNICODE_STRING CurrentPassword, PUNICODE_STRING PreviousPassword, FILETIME *FileTimeCurrPwdValidForOutbound); + typedef VOID (NTAPI LSA_AUDIT_LOGON_EX)(NTSTATUS Status, NTSTATUS SubStatus, PUNICODE_STRING AccountName, PUNICODE_STRING AuthenticatingAuthority, PUNICODE_STRING WorkstationName, PSID UserSid, SECURITY_LOGON_TYPE LogonType, SECURITY_IMPERSONATION_LEVEL ImpersonationLevel, PTOKEN_SOURCE TokenSource, PLUID LogonId); + typedef NTSTATUS (NTAPI LSA_CHECK_PROTECTED_USER_BY_TOKEN)(HANDLE UserToken, PBOOLEAN ProtectedUser); + typedef NTSTATUS (NTAPI LSA_QUERY_CLIENT_REQUEST)(PLSA_CLIENT_REQUEST ClientRequest, ULONG QueryType, PVOID *ReplyBuffer); + +#define LSA_QUERY_CLIENT_PRELOGON_SESSION_ID 1 + typedef LSA_IMPERSONATE_CLIENT *PLSA_IMPERSONATE_CLIENT; typedef LSA_UNLOAD_PACKAGE *PLSA_UNLOAD_PACKAGE; typedef LSA_DUPLICATE_HANDLE *PLSA_DUPLICATE_HANDLE; typedef LSA_SAVE_SUPPLEMENTAL_CREDENTIALS *PLSA_SAVE_SUPPLEMENTAL_CREDENTIALS; typedef LSA_CREATE_THREAD *PLSA_CREATE_THREAD; typedef LSA_GET_CLIENT_INFO *PLSA_GET_CLIENT_INFO; + typedef LSA_GET_CLIENT_INFO_EX *PLSA_GET_CLIENT_INFO_EX; typedef LSA_REGISTER_NOTIFICATION *PLSA_REGISTER_NOTIFICATION; typedef LSA_CANCEL_NOTIFICATION *PLSA_CANCEL_NOTIFICATION; typedef LSA_MAP_BUFFER *PLSA_MAP_BUFFER; @@ -429,6 +701,13 @@ extern "C" { typedef LSA_OPEN_TOKEN_BY_LOGON_ID *PLSA_OPEN_TOKEN_BY_LOGON_ID; typedef LSA_EXPAND_AUTH_DATA_FOR_DOMAIN *PLSA_EXPAND_AUTH_DATA_FOR_DOMAIN; typedef LSA_CREATE_TOKEN_EX *PLSA_CREATE_TOKEN_EX; + typedef LSA_GET_EXTENDED_CALL_FLAGS *PLSA_GET_EXTENDED_CALL_FLAGS; + typedef LSA_GET_SERVICE_ACCOUNT_PASSWORD *PLSA_GET_SERVICE_ACCOUNT_PASSWORD; + typedef LSA_AUDIT_LOGON_EX *PLSA_AUDIT_LOGON_EX; + typedef LSA_CHECK_PROTECTED_USER_BY_TOKEN *PLSA_CHECK_PROTECTED_USER_BY_TOKEN; + typedef LSA_QUERY_CLIENT_REQUEST *PLSA_QUERY_CLIENT_REQUEST; + typedef LSA_GET_APP_MODE_INFO *PLSA_GET_APP_MODE_INFO; + typedef LSA_SET_APP_MODE_INFO *PLSA_SET_APP_MODE_INFO; #ifdef _WINCRED_H_ @@ -446,11 +725,14 @@ extern "C" { #define CREDP_FLAGS_DONT_CACHE_TI 0x04 #define CREDP_FLAGS_CLEAR_PASSWORD 0x08 #define CREDP_FLAGS_USER_ENCRYPTED_PASSWORD 0x10 +#define CREDP_FLAGS_TRUSTED_CALLER 0x20 +#define CREDP_FLAGS_VALIDATE_PROXY_TARGET 0x40 typedef NTSTATUS (NTAPI CredReadFn)(PLUID LogonId,ULONG CredFlags,LPWSTR TargetName,ULONG Type,ULONG Flags,PENCRYPTED_CREDENTIALW *Credential); typedef NTSTATUS (NTAPI CredReadDomainCredentialsFn)(PLUID LogonId,ULONG CredFlags,PCREDENTIAL_TARGET_INFORMATIONW TargetInfo,ULONG Flags,PULONG Count,PENCRYPTED_CREDENTIALW **Credential); typedef VOID (NTAPI CredFreeCredentialsFn)(ULONG Count,PENCRYPTED_CREDENTIALW *Credentials); typedef NTSTATUS (NTAPI CredWriteFn)(PLUID LogonId,ULONG CredFlags,PENCRYPTED_CREDENTIALW Credential,ULONG Flags); + typedef NTSTATUS (NTAPI CrediUnmarshalandDecodeStringFn)(LPWSTR MarshaledString, LPBYTE *Blob, ULONG *BlobSize, BOOLEAN *IsFailureFatal); NTSTATUS CredMarshalTargetInfo (PCREDENTIAL_TARGET_INFORMATIONW InTargetInfo,PUSHORT *Buffer,PULONG BufferSize); NTSTATUS CredUnmarshalTargetInfo (PUSHORT Buffer,ULONG BufferSize,PCREDENTIAL_TARGET_INFORMATIONW *RetTargetInfo,PULONG RetActualSize); @@ -542,15 +824,32 @@ extern "C" { PLSA_CREATE_TOKEN_EX CreateTokenEx; #ifdef _WINCRED_H_ CredWriteFn *CrediWrite; + CrediUnmarshalandDecodeStringFn *CrediUnmarshalandDecodeString; #else PLSA_PROTECT_MEMORY DummyFunction4; + PLSA_PROTECT_MEMORY DummyFunction5; #endif + PLSA_PROTECT_MEMORY DummyFunction6; + PLSA_GET_EXTENDED_CALL_FLAGS GetExtendedCallFlags; + PLSA_DUPLICATE_HANDLE DuplicateTokenHandle; + PLSA_GET_SERVICE_ACCOUNT_PASSWORD GetServiceAccountPassword; + PLSA_PROTECT_MEMORY DummyFunction7; + PLSA_AUDIT_LOGON_EX AuditLogonEx; + PLSA_CHECK_PROTECTED_USER_BY_TOKEN CheckProtectedUserByToken; + PLSA_QUERY_CLIENT_REQUEST QueryClientRequest; + PLSA_GET_APP_MODE_INFO GetAppModeInfo; + PLSA_SET_APP_MODE_INFO SetAppModeInfo; + PLSA_GET_CLIENT_INFO_EX GetClientInfoEx; } LSA_SECPKG_FUNCTION_TABLE,*PLSA_SECPKG_FUNCTION_TABLE; + typedef PVOID (NTAPI LSA_LOCATE_PKG_BY_ID)(ULONG PackgeId); + typedef LSA_LOCATE_PKG_BY_ID *PLSA_LOCATE_PKG_BY_ID; + typedef struct _SECPKG_DLL_FUNCTIONS { PLSA_ALLOCATE_LSA_HEAP AllocateHeap; PLSA_FREE_LSA_HEAP FreeHeap; PLSA_REGISTER_CALLBACK RegisterCallback; + PLSA_LOCATE_PKG_BY_ID LocatePackageById; } SECPKG_DLL_FUNCTIONS,*PSECPKG_DLL_FUNCTIONS; typedef NTSTATUS (NTAPI SpInitializeFn)(ULONG_PTR PackageId,PSECPKG_PARAMETERS Parameters,PLSA_SECPKG_FUNCTION_TABLE FunctionTable); @@ -564,6 +863,13 @@ extern "C" { #define LSA_AP_NAME_LOGON_USER_EX2 "LsaApLogonUserEx2\0" + typedef NTSTATUS (LSA_AP_LOGON_USER_EX3)(PLSA_CLIENT_REQUEST ClientRequest, SECURITY_LOGON_TYPE LogonType, PVOID ProtocolSubmitBuffer, PVOID ClientBufferBase, ULONG SubmitBufferSize, PSECPKG_SURROGATE_LOGON SurrogateLogon, PVOID *ProfileBuffer, PULONG ProfileBufferSize, PLUID LogonId, PNTSTATUS SubStatus, PLSA_TOKEN_INFORMATION_TYPE TokenInformationType, PVOID *TokenInformation, PUNICODE_STRING *AccountName, PUNICODE_STRING *AuthenticatingAuthority, PUNICODE_STRING *MachineName, PSECPKG_PRIMARY_CRED PrimaryCredentials, PSECPKG_SUPPLEMENTAL_CRED_ARRAY *SupplementalCredentials); + typedef LSA_AP_LOGON_USER_EX3 *PLSA_AP_LOGON_USER_EX3; + typedef NTSTATUS (LSA_AP_PRE_LOGON_USER_SURROGATE)(PLSA_CLIENT_REQUEST ClientRequest, SECURITY_LOGON_TYPE LogonType, PVOID ProtocolSubmitBuffer, PVOID ClientBufferBase, ULONG SubmitBufferSize, PSECPKG_SURROGATE_LOGON SurrogateLogon, PNTSTATUS SubStatus); + typedef LSA_AP_PRE_LOGON_USER_SURROGATE *PLSA_AP_PRE_LOGON_USER_SURROGATE; + typedef NTSTATUS (LSA_AP_POST_LOGON_USER_SURROGATE)(PLSA_CLIENT_REQUEST ClientRequest, SECURITY_LOGON_TYPE LogonType, PVOID ProtocolSubmitBuffer, PVOID ClientBufferBase, ULONG SubmitBufferSize, PSECPKG_SURROGATE_LOGON SurrogateLogon, PVOID ProfileBuffer, ULONG ProfileBufferSize, PLUID LogonId, NTSTATUS Status, NTSTATUS SubStatus, LSA_TOKEN_INFORMATION_TYPE TokenInformationType, PVOID TokenInformation, PUNICODE_STRING AccountName, PUNICODE_STRING AuthenticatingAuthority, PUNICODE_STRING MachineName, PSECPKG_PRIMARY_CRED PrimaryCredentials, PSECPKG_SUPPLEMENTAL_CRED_ARRAY SupplementalCredentials); + typedef LSA_AP_POST_LOGON_USER_SURROGATE *PLSA_AP_POST_LOGON_USER_SURROGATE; + typedef NTSTATUS (NTAPI SpAcceptCredentialsFn)(SECURITY_LOGON_TYPE LogonType,PUNICODE_STRING AccountName,PSECPKG_PRIMARY_CRED PrimaryCredentials,PSECPKG_SUPPLEMENTAL_CRED SupplementalCredentials); #define SP_ACCEPT_CREDENTIALS_NAME "SpAcceptCredentials\0" @@ -583,6 +889,17 @@ extern "C" { typedef NTSTATUS (NTAPI SpGetUserInfoFn)(PLUID LogonId,ULONG Flags,PSecurityUserData *UserData); typedef NTSTATUS (NTAPI SpQueryContextAttributesFn)(LSA_SEC_HANDLE ContextHandle,ULONG ContextAttribute,PVOID Buffer); typedef NTSTATUS (NTAPI SpSetContextAttributesFn)(LSA_SEC_HANDLE ContextHandle,ULONG ContextAttribute,PVOID Buffer,ULONG BufferSize); + typedef NTSTATUS (NTAPI SpChangeAccountPasswordFn)(PUNICODE_STRING pDomainName, PUNICODE_STRING pAccountName, PUNICODE_STRING pOldPassword, PUNICODE_STRING pNewPassword, BOOLEAN Impersonating, PSecBufferDesc pOutput); + typedef NTSTATUS (NTAPI SpQueryMetaDataFn)(LSA_SEC_HANDLE CredentialHandle, PUNICODE_STRING TargetName, ULONG ContextRequirements, PULONG MetaDataLength, PUCHAR *MetaData, PLSA_SEC_HANDLE ContextHandle); + typedef NTSTATUS (NTAPI SpExchangeMetaDataFn)(LSA_SEC_HANDLE CredentialHandle, PUNICODE_STRING TargetName, ULONG ContextRequirements, ULONG MetaDataLength, PUCHAR MetaData, PLSA_SEC_HANDLE ContextHandle); + typedef NTSTATUS (NTAPI SpGetCredUIContextFn)(LSA_SEC_HANDLE ContextHandle, GUID *CredType, PULONG FlatCredUIContextLength, PUCHAR *FlatCredUIContext); + typedef NTSTATUS (NTAPI SpUpdateCredentialsFn)(LSA_SEC_HANDLE ContextHandle, GUID *CredType, ULONG FlatCredUIContextLength, PUCHAR FlatCredUIContext); + typedef NTSTATUS (NTAPI SpValidateTargetInfoFn)(PLSA_CLIENT_REQUEST ClientRequest, PVOID ProtocolSubmitBuffer, PVOID ClientBufferBase, ULONG SubmitBufferLength, PSECPKG_TARGETINFO TargetInfo); + typedef NTSTATUS (NTAPI SpExtractTargetInfoFn)(PLSA_CLIENT_REQUEST ClientRequest, PVOID ProtocolSubmitBuffer, PVOID ClientBufferBase, ULONG SubmitBufferLength, PVOID *ppvTargetInfo, ULONG *pcbTargetInfo); + typedef NTSTATUS (NTAPI LSA_AP_POST_LOGON_USER)(PSECPKG_POST_LOGON_USER_INFO PostLogonUserInfo); + typedef NTSTATUS (NTAPI SpGetRemoteCredGuardLogonBufferFn)(LSA_SEC_HANDLE CredHandle, LSA_SEC_HANDLE ContextHandle, const UNICODE_STRING *TargetName, PHANDLE RedirectedLogonHandle, PLSA_REDIRECTED_LOGON_CALLBACK *Callback, PLSA_REDIRECTED_LOGON_CLEANUP_CALLBACK *CleanupCallback, PULONG LogonBufferSize, PVOID *LogonBuffer); + typedef NTSTATUS (NTAPI SpGetRemoteCredGuardSupplementalCredsFn)(LSA_SEC_HANDLE CredHandle, const UNICODE_STRING *TargetName, PHANDLE RedirectedLogonHandle, PLSA_REDIRECTED_LOGON_CALLBACK *Callback, PLSA_REDIRECTED_LOGON_CLEANUP_CALLBACK *CleanupCallback, PULONG SupplementalCredsSize, PVOID *SupplementalCreds); + typedef NTSTATUS (NTAPI SpGetTbalSupplementalCredsFn)(LUID LogonId, PULONG SupplementalCredsSize, PVOID *SupplementalCreds); typedef struct _SECPKG_FUNCTION_TABLE { PLSA_AP_INITIALIZE_PACKAGE InitializePackage; @@ -614,6 +931,20 @@ extern "C" { SpSetExtendedInformationFn *SetExtendedInformation; SpSetContextAttributesFn *SetContextAttributes; SpSetCredentialsAttributesFn *SetCredentialsAttributes; + SpChangeAccountPasswordFn *ChangeAccountPassword; + SpQueryMetaDataFn *QueryMetaData; + SpExchangeMetaDataFn *ExchangeMetaData; + SpGetCredUIContextFn *GetCredUIContext; + SpUpdateCredentialsFn *UpdateCredentials; + SpValidateTargetInfoFn *ValidateTargetInfo; + LSA_AP_POST_LOGON_USER *PostLogonUser; + SpGetRemoteCredGuardLogonBufferFn *GetRemoteCredGuardLogonBuffer; + SpGetRemoteCredGuardSupplementalCredsFn *GetRemoteCredGuardSupplementalCreds; + SpGetTbalSupplementalCredsFn *GetTbalSupplementalCreds; + PLSA_AP_LOGON_USER_EX3 LogonUserEx3; + PLSA_AP_PRE_LOGON_USER_SURROGATE PreLogonUserSurrogate; + PLSA_AP_POST_LOGON_USER_SURROGATE PostLogonUserSurrogate; + SpExtractTargetInfoFn *ExtractTargetInfo; } SECPKG_FUNCTION_TABLE,*PSECPKG_FUNCTION_TABLE; typedef NTSTATUS (NTAPI SpInstanceInitFn)(ULONG Version,PSECPKG_DLL_FUNCTIONS FunctionTable,PVOID *UserFunctions); @@ -629,6 +960,12 @@ extern "C" { typedef NTSTATUS (NTAPI SpFormatCredentialsFn)(PSecBuffer Credentials,PSecBuffer FormattedCredentials); typedef NTSTATUS (NTAPI SpMarshallSupplementalCredsFn)(ULONG CredentialSize,PUCHAR Credentials,PULONG MarshalledCredSize,PVOID *MarshalledCreds); +#define SECPKG_UNICODE_ATTRIBUTE 0x80000000 +#define SECPKG_ANSI_ATTRIBUTE 0 +#define SECPKG_CREDENTIAL_ATTRIBUTE 0 + + typedef NTSTATUS (NTAPI SpMarshalAttributeDataFn)(DWORD AttributeInfo, ULONG Attribute, ULONG AttributeDataSize, PBYTE AttributeData, PULONG MarshaledAttributeDataSize, PBYTE *MarshaledAttributeData); + typedef struct _SECPKG_USER_FUNCTION_TABLE { SpInstanceInitFn *InstanceInit; SpInitUserModeContextFn *InitUserModeContext; @@ -644,6 +981,7 @@ extern "C" { SpMarshallSupplementalCredsFn *MarshallSupplementalCreds; SpExportSecurityContextFn *ExportContext; SpImportSecurityContextFn *ImportContext; + SpMarshalAttributeDataFn *MarshalAttributeData; } SECPKG_USER_FUNCTION_TABLE,*PSECPKG_USER_FUNCTION_TABLE; typedef NTSTATUS (SEC_ENTRY *SpLsaModeInitializeFn)(ULONG LsaVersion,PULONG PackageVersion,PSECPKG_FUNCTION_TABLE *ppTables,PULONG pcTables); @@ -655,6 +993,14 @@ extern "C" { #define SECPKG_INTERFACE_VERSION 0x00010000 #define SECPKG_INTERFACE_VERSION_2 0x00020000 #define SECPKG_INTERFACE_VERSION_3 0x00040000 +#define SECPKG_INTERFACE_VERSION_4 0x00080000 +#define SECPKG_INTERFACE_VERSION_5 0x00100000 +#define SECPKG_INTERFACE_VERSION_6 0x00200000 +#define SECPKG_INTERFACE_VERSION_7 0x00400000 +#define SECPKG_INTERFACE_VERSION_8 0x00800000 +#define SECPKG_INTERFACE_VERSION_9 0x01000000 +#define SECPKG_INTERFACE_VERSION_10 0x02000000 +#define SECPKG_INTERFACE_VERSION_11 0x04000000 typedef enum _KSEC_CONTEXT_TYPE { KSecPaged,KSecNonPaged @@ -691,6 +1037,10 @@ extern "C" { typedef KSEC_SERIALIZE_WINNT_AUTH_DATA *PKSEC_SERIALIZE_WINNT_AUTH_DATA; typedef KSEC_SERIALIZE_SCHANNEL_AUTH_DATA *PKSEC_SERIALIZE_SCHANNEL_AUTH_DATA; + typedef PVOID (SEC_ENTRY KSEC_LOCATE_PKG_BY_ID)(ULONG PackageId); + typedef KSEC_LOCATE_PKG_BY_ID *PKSEC_LOCATE_PKG_BY_ID; + KSEC_LOCATE_PKG_BY_ID KSecLocatePackageById; + typedef struct _SECPKG_KERNEL_FUNCTIONS { PLSA_ALLOCATE_LSA_HEAP AllocateHeap; PLSA_FREE_LSA_HEAP FreeHeap; @@ -700,6 +1050,7 @@ extern "C" { PKSEC_DEREFERENCE_LIST_ENTRY DereferenceListEntry; PKSEC_SERIALIZE_WINNT_AUTH_DATA SerializeWinntAuthData; PKSEC_SERIALIZE_SCHANNEL_AUTH_DATA SerializeSchannelAuthData; + PKSEC_LOCATE_PKG_BY_ID LocatePackageById; } SECPKG_KERNEL_FUNCTIONS,*PSECPKG_KERNEL_FUNCTIONS; typedef NTSTATUS (NTAPI KspInitPackageFn)(PSECPKG_KERNEL_FUNCTIONS FunctionTable); @@ -736,6 +1087,8 @@ extern "C" { SECURITY_STATUS SEC_ENTRY KSecRegisterSecurityProvider(PSECURITY_STRING ProviderName,PSECPKG_KERNEL_FUNCTION_TABLE Table); + SECURITY_STATUS SEC_ENTRY KSecLocatePackage(PUNICODE_STRING PackageName, PSECPKG_KERNEL_FUNCTION_TABLE *Package, PULONG_PTR PackageId); + extern SECPKG_KERNEL_FUNCTIONS KspKernelFunctions; #ifdef __cplusplus -- 2.39.2
_______________________________________________ Mingw-w64-public mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/mingw-w64-public
