285 lines
6.5 KiB
C
285 lines
6.5 KiB
C
|
//+-----------------------------------------------------------------------
|
||
|
//
|
||
|
// Microsoft Windows
|
||
|
//
|
||
|
// Copyright (c) Microsoft Corporation 1991-1999
|
||
|
//
|
||
|
// File: secext.h
|
||
|
//
|
||
|
// Contents: Security function prototypes for functions not part of
|
||
|
// the SSPI interface. This file should not be directly
|
||
|
// included - include security.h instead.
|
||
|
//
|
||
|
//
|
||
|
// History: 22 Dec 92 RichardW Created
|
||
|
//
|
||
|
//------------------------------------------------------------------------
|
||
|
|
||
|
|
||
|
|
||
|
#ifndef __SECEXT_H__
|
||
|
#pragma option push -b -a8 -pc -A- /*P_O_Push*/
|
||
|
#define __SECEXT_H__
|
||
|
#if _MSC_VER > 1000
|
||
|
#pragma once
|
||
|
#endif
|
||
|
|
||
|
#ifdef __cplusplus
|
||
|
extern "C" {
|
||
|
#endif
|
||
|
|
||
|
//
|
||
|
// This is the combined authentication identity structure that may be
|
||
|
// used with the negotiate package, NTLM, Kerberos, or SCHANNEL
|
||
|
//
|
||
|
|
||
|
|
||
|
#ifndef SEC_WINNT_AUTH_IDENTITY_VERSION
|
||
|
#define SEC_WINNT_AUTH_IDENTITY_VERSION 0x200
|
||
|
|
||
|
typedef struct _SEC_WINNT_AUTH_IDENTITY_EXW {
|
||
|
unsigned long Version;
|
||
|
unsigned long Length;
|
||
|
unsigned short SEC_FAR *User;
|
||
|
unsigned long UserLength;
|
||
|
unsigned short SEC_FAR *Domain;
|
||
|
unsigned long DomainLength;
|
||
|
unsigned short SEC_FAR *Password;
|
||
|
unsigned long PasswordLength;
|
||
|
unsigned long Flags;
|
||
|
unsigned short SEC_FAR * PackageList;
|
||
|
unsigned long PackageListLength;
|
||
|
} SEC_WINNT_AUTH_IDENTITY_EXW, *PSEC_WINNT_AUTH_IDENTITY_EXW;
|
||
|
|
||
|
|
||
|
typedef struct _SEC_WINNT_AUTH_IDENTITY_EXA {
|
||
|
unsigned long Version;
|
||
|
unsigned long Length;
|
||
|
unsigned char SEC_FAR *User;
|
||
|
unsigned long UserLength;
|
||
|
unsigned char SEC_FAR *Domain;
|
||
|
unsigned long DomainLength;
|
||
|
unsigned char SEC_FAR *Password;
|
||
|
unsigned long PasswordLength;
|
||
|
unsigned long Flags;
|
||
|
unsigned char SEC_FAR * PackageList;
|
||
|
unsigned long PackageListLength;
|
||
|
} SEC_WINNT_AUTH_IDENTITY_EXA, *PSEC_WINNT_AUTH_IDENTITY_EXA;
|
||
|
|
||
|
#ifdef UNICODE
|
||
|
#define SEC_WINNT_AUTH_IDENTITY_EX SEC_WINNT_AUTH_IDENTITY_EXW
|
||
|
#else
|
||
|
#define SEC_WINNT_AUTH_IDENTITY_EX SEC_WINNT_AUTH_IDENTITY_EXA
|
||
|
#endif
|
||
|
|
||
|
#endif // SEC_WINNT_AUTH_IDENTITY_VERSION
|
||
|
|
||
|
|
||
|
//
|
||
|
// Common types used by negotiable security packages
|
||
|
//
|
||
|
|
||
|
#define SEC_WINNT_AUTH_IDENTITY_MARSHALLED 0x4 // all data is in one buffer
|
||
|
#define SEC_WINNT_AUTH_IDENTITY_ONLY 0x8 // these credentials are for identity only - no PAC needed
|
||
|
|
||
|
|
||
|
//
|
||
|
// Routines for manipulating packages
|
||
|
//
|
||
|
|
||
|
typedef struct _SECURITY_PACKAGE_OPTIONS {
|
||
|
unsigned long Size;
|
||
|
unsigned long Type;
|
||
|
unsigned long Flags;
|
||
|
unsigned long SignatureSize;
|
||
|
void SEC_FAR * Signature;
|
||
|
} SECURITY_PACKAGE_OPTIONS, SEC_FAR * PSECURITY_PACKAGE_OPTIONS;
|
||
|
|
||
|
#define SECPKG_OPTIONS_TYPE_UNKNOWN 0
|
||
|
#define SECPKG_OPTIONS_TYPE_LSA 1
|
||
|
#define SECPKG_OPTIONS_TYPE_SSPI 2
|
||
|
|
||
|
#define SECPKG_OPTIONS_PERMANENT 0x00000001
|
||
|
|
||
|
SECURITY_STATUS
|
||
|
SEC_ENTRY
|
||
|
AddSecurityPackageA(
|
||
|
SEC_CHAR SEC_FAR * pszPackageName,
|
||
|
SECURITY_PACKAGE_OPTIONS SEC_FAR * Options
|
||
|
);
|
||
|
|
||
|
SECURITY_STATUS
|
||
|
SEC_ENTRY
|
||
|
AddSecurityPackageW(
|
||
|
SEC_WCHAR SEC_FAR * pszPackageName,
|
||
|
SECURITY_PACKAGE_OPTIONS SEC_FAR * Options
|
||
|
);
|
||
|
|
||
|
#ifdef UNICODE
|
||
|
#define AddSecurityPackage AddSecurityPackageW
|
||
|
#else
|
||
|
#define AddSecurityPackage AddSecurityPackageA
|
||
|
#endif
|
||
|
|
||
|
SECURITY_STATUS
|
||
|
SEC_ENTRY
|
||
|
DeleteSecurityPackageA(
|
||
|
SEC_CHAR SEC_FAR * pszPackageName );
|
||
|
|
||
|
SECURITY_STATUS
|
||
|
SEC_ENTRY
|
||
|
DeleteSecurityPackageW(
|
||
|
SEC_WCHAR SEC_FAR * pszPackageName );
|
||
|
|
||
|
#ifdef UNICODE
|
||
|
#define DeleteSecurityPackage DeleteSecurityPackageW
|
||
|
#else
|
||
|
#define DeleteSecurityPackage DeleteSecurityPackageA
|
||
|
#endif
|
||
|
|
||
|
|
||
|
//
|
||
|
// Extended Name APIs for ADS
|
||
|
//
|
||
|
|
||
|
|
||
|
typedef enum
|
||
|
{
|
||
|
// Examples for the following formats assume a fictitous company
|
||
|
// which hooks into the global X.500 and DNS name spaces as follows.
|
||
|
//
|
||
|
// Enterprise root domain in DNS is
|
||
|
//
|
||
|
// widget.com
|
||
|
//
|
||
|
// Enterprise root domain in X.500 (RFC 1779 format) is
|
||
|
//
|
||
|
// O=Widget, C=US
|
||
|
//
|
||
|
// There exists the child domain
|
||
|
//
|
||
|
// engineering.widget.com
|
||
|
//
|
||
|
// equivalent to
|
||
|
//
|
||
|
// OU=Engineering, O=Widget, C=US
|
||
|
//
|
||
|
// There exists a container within the Engineering domain
|
||
|
//
|
||
|
// OU=Software, OU=Engineering, O=Widget, C=US
|
||
|
//
|
||
|
// There exists the user
|
||
|
//
|
||
|
// CN=John Doe, OU=Software, OU=Engineering, O=Widget, C=US
|
||
|
//
|
||
|
// And this user's downlevel (pre-ADS) user name is
|
||
|
//
|
||
|
// Engineering\JohnDoe
|
||
|
|
||
|
// unknown name type
|
||
|
NameUnknown = 0,
|
||
|
|
||
|
// CN=John Doe, OU=Software, OU=Engineering, O=Widget, C=US
|
||
|
NameFullyQualifiedDN = 1,
|
||
|
|
||
|
// Engineering\JohnDoe
|
||
|
NameSamCompatible = 2,
|
||
|
|
||
|
// Probably "John Doe" but could be something else. I.e. The
|
||
|
// display name is not necessarily the defining RDN.
|
||
|
NameDisplay = 3,
|
||
|
|
||
|
|
||
|
// String-ized GUID as returned by IIDFromString().
|
||
|
// eg: {4fa050f0-f561-11cf-bdd9-00aa003a77b6}
|
||
|
NameUniqueId = 6,
|
||
|
|
||
|
// engineering.widget.com/software/John Doe
|
||
|
NameCanonical = 7,
|
||
|
|
||
|
// johndoe@engineering.com
|
||
|
NameUserPrincipal = 8,
|
||
|
|
||
|
// Same as NameCanonical except that rightmost '/' is
|
||
|
// replaced with '\n' - even in domain-only case.
|
||
|
// eg: engineering.widget.com/software\nJohn Doe
|
||
|
NameCanonicalEx = 9,
|
||
|
|
||
|
// www/srv.engineering.com/engineering.com
|
||
|
NameServicePrincipal = 10
|
||
|
|
||
|
} EXTENDED_NAME_FORMAT, * PEXTENDED_NAME_FORMAT ;
|
||
|
|
||
|
BOOLEAN
|
||
|
SEC_ENTRY
|
||
|
GetUserNameExA(
|
||
|
EXTENDED_NAME_FORMAT NameFormat,
|
||
|
LPSTR lpNameBuffer,
|
||
|
PULONG nSize
|
||
|
);
|
||
|
BOOLEAN
|
||
|
SEC_ENTRY
|
||
|
GetUserNameExW(
|
||
|
EXTENDED_NAME_FORMAT NameFormat,
|
||
|
LPWSTR lpNameBuffer,
|
||
|
PULONG nSize
|
||
|
);
|
||
|
|
||
|
#ifdef UNICODE
|
||
|
#define GetUserNameEx GetUserNameExW
|
||
|
#else
|
||
|
#define GetUserNameEx GetUserNameExA
|
||
|
#endif
|
||
|
|
||
|
BOOLEAN
|
||
|
SEC_ENTRY
|
||
|
GetComputerObjectNameA(
|
||
|
EXTENDED_NAME_FORMAT NameFormat,
|
||
|
LPSTR lpNameBuffer,
|
||
|
PULONG nSize
|
||
|
);
|
||
|
BOOLEAN
|
||
|
SEC_ENTRY
|
||
|
GetComputerObjectNameW(
|
||
|
EXTENDED_NAME_FORMAT NameFormat,
|
||
|
LPWSTR lpNameBuffer,
|
||
|
PULONG nSize
|
||
|
);
|
||
|
|
||
|
#ifdef UNICODE
|
||
|
#define GetComputerObjectName GetComputerObjectNameW
|
||
|
#else
|
||
|
#define GetComputerObjectName GetComputerObjectNameA
|
||
|
#endif
|
||
|
|
||
|
BOOLEAN
|
||
|
SEC_ENTRY
|
||
|
TranslateNameA(
|
||
|
LPCSTR lpAccountName,
|
||
|
EXTENDED_NAME_FORMAT AccountNameFormat,
|
||
|
EXTENDED_NAME_FORMAT DesiredNameFormat,
|
||
|
LPSTR lpTranslatedName,
|
||
|
PULONG nSize
|
||
|
);
|
||
|
BOOLEAN
|
||
|
SEC_ENTRY
|
||
|
TranslateNameW(
|
||
|
LPCWSTR lpAccountName,
|
||
|
EXTENDED_NAME_FORMAT AccountNameFormat,
|
||
|
EXTENDED_NAME_FORMAT DesiredNameFormat,
|
||
|
LPWSTR lpTranslatedName,
|
||
|
PULONG nSize
|
||
|
);
|
||
|
#ifdef UNICODE
|
||
|
#define TranslateName TranslateNameW
|
||
|
#else
|
||
|
#define TranslateName TranslateNameA
|
||
|
#endif
|
||
|
|
||
|
#ifdef __cplusplus
|
||
|
}
|
||
|
#endif
|
||
|
|
||
|
#pragma option pop /*P_O_Pop*/
|
||
|
#endif // __SECEXT_H__
|