archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
3.2 GiB
Tree: 7b07a90fc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7b07a90fc1'
${ noResults }
windows-server-2003/admin/services/sched/svc_core/security.hxx

216 lines
5.2 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. //+---------------------------------------------------------------------------
  2. //
  3. // Microsoft Windows
  4. // Copyright(C) 2002 Microsoft Corporation
  5. //
  6. // File: security.hxx
  7. //
  8. //----------------------------------------------------------------------------
  10. #ifndef __TASKSCHED_SVC_CORE_SECURITY__H_
  11. #define __TASKSCHED_SVC_CORE_SECURITY__H_
  13. //
  14. // These includes are needed to define the types and
  15. // values used in the function declarations below
  16. //
  17. #include <wincrypt.h>
  18. #include <rc2.h> // found in private\inc\crypto
  19. #include "lsa.hxx"
  20. #include "debug.hxx"
  21. #include "task.hxx"
  22. #include "proto.hxx"
  23. #include "misc.hxx"
  24. #include "SASecRPC.h"
  26. //
  27. // Defines and typedefs
  28. //
  29. #define EXTENSION_WILDCARD L"\\*."
  30. #define NULL_PASSWORD_SIZE 0xFFFFFFFF
  31. #define WSZ_SANSC L"SANSC"
  32. #define USER_TOKEN_STACK_BUFFER_SIZE \
  33. (sizeof(TOKEN_USER) + sizeof(SID_AND_ATTRIBUTES) + MAX_SID_SIZE)
  35. // header files say '256' - help files say 127
  36. // testing shows 127 is the real number
  37. #define REAL_PWLEN 127
  39. #if SIGNATURE_SIZE != HASH_DATA_SIZE
  40. #error SIGNATURE_SIZE is assumed to be the same as HASH_DATA_SIZE
  41. #endif
  43. typedef enum _MARSHAL_FUNCTION {
  44. Marshal,
  45. Hash,
  46. HashAndSign
  47. } MARSHAL_FUNCTION;
  49. typedef struct _RC2_KEY_INFO {
  50. BYTE rgbIV[RC2_BLOCKLEN];
  51. WORD rgwKeyTable[RC2_TABLESIZE];
  52. } RC2_KEY_INFO;
  54. typedef struct _JOB_IDENTITY_SET {
  55. BYTE * pbSetStart;
  56. DWORD dwSetSubCount;
  57. BYTE ** rgpbIdentity;
  58. } JOB_IDENTITY_SET;
  60. //
  61. // Security functions
  62. //
  63. void CloseCSPHandle(
  64. HCRYPTPROV hCSP);
  66. HRESULT ComputeCredentialKey(
  67. HCRYPTPROV hCSP,
  68. RC2_KEY_INFO* pRC2KeyInfo);
  70. HRESULT ComputeJobSignature(
  71. LPCWSTR pwszFileName,
  72. LPBYTE pbSignature,
  73. DWORD dwHashMethod = 1);
  75. BOOL CredentialAccessCheck(
  76. HCRYPTPROV hCSP,
  77. BYTE * pbCredentialIdentity);
  79. HRESULT CredentialLookupAndAccessCheck(
  80. HCRYPTPROV hCSP,
  81. PSID pSid,
  82. DWORD cbSAC,
  83. BYTE * pbSAC,
  84. DWORD * pCredentialIndex,
  85. BYTE rgbHashedSid[],
  86. DWORD * pcbCredential,
  87. BYTE ** ppbCredential);
  89. HRESULT DecryptCredentials(
  90. const RC2_KEY_INFO & RC2KeyInfo,
  91. DWORD cbEncryptedData,
  92. BYTE * pbEncryptedData,
  93. PJOB_CREDENTIALS pjc,
  94. BOOL fDecryptInPlace = TRUE);
  96. HRESULT EncryptCredentials(
  97. const RC2_KEY_INFO & RC2KeyInfo,
  98. LPCWSTR pwszAccount,
  99. LPCWSTR pwszDomain,
  100. LPCWSTR pwszPassword,
  101. PSID pSid,
  102. DWORD * pcbEncryptedData,
  103. BYTE ** ppbEncryptedData);
  105. HRESULT GetAccountInformation(
  106. LPCWSTR pwszJobPath,
  107. PJOB_CREDENTIALS pjc);
  109. HRESULT GetAccountSidAndDomain(
  110. LPCWSTR pwszAccount,
  111. PSID pAccountSid,
  112. DWORD cbAccountSid,
  113. LPWSTR pwszDomain,
  114. DWORD ccDomain);
  116. HRESULT GetCSPHandle(
  117. HCRYPTPROV * phCSP);
  119. HRESULT GetNSAccountInformation(
  120. PJOB_CREDENTIALS pjc);
  122. HRESULT GetNSAccountSid(
  123. PSID pAccountSid,
  124. DWORD cbAccountSid);
  126. HRESULT GrantAccountBatchPrivilege(
  127. PSID pAccountSid);
  129. HRESULT HashJobIdentity(
  130. HCRYPTPROV hCSP,
  131. LPCWSTR pwszFileName,
  132. BYTE rgbHash[],
  133. DWORD dwHashMethod = 1);
  135. HRESULT HashSid(
  136. HCRYPTPROV hCSP,
  137. PSID pSid,
  138. BYTE rgbHash[]);
  140. HRESULT InitSS(void);
  142. BOOL LookupAccountNameWrap(
  143. LPCTSTR lpSystemName,
  144. LPCTSTR lpAccountName,
  145. PSID Sid,
  146. LPDWORD cbSid,
  147. LPTSTR ReferencedDomainName,
  148. LPDWORD cbReferencedDomainName,
  149. PSID_NAME_USE peUse);
  151. HRESULT MarshalData(
  152. HCRYPTPROV hCSP,
  153. HCRYPTHASH * phHash,
  154. MARSHAL_FUNCTION MarshalFunction,
  155. DWORD * pcbSignature,
  156. BYTE ** ppbSignature,
  157. DWORD cArgs,
  158. ...);
  160. BOOL MatchThreadCallerAgainstCredential(
  161. HCRYPTPROV hCSP,
  162. HANDLE hThreadToken,
  163. BYTE * pbCredentialIdentity);
  165. void MungeComputerName(
  166. DWORD ccComputerName);
  168. HRESULT SAGetAccountInformation(
  169. SASEC_HANDLE Handle,
  170. LPCWSTR pwszJobName,
  171. DWORD ccBufferSize,
  172. WCHAR wszBuffer[]);
  174. HRESULT SAGetNSAccountInformation(
  175. SASEC_HANDLE Handle,
  176. DWORD ccBufferSize,
  177. WCHAR wszBuffer[]);
  179. HRESULT SASetAccountInformation(
  180. SASEC_HANDLE Handle,
  181. LPCWSTR pwszJobName,
  182. LPCWSTR pwszAccount,
  183. LPCWSTR pwszPassword,
  184. DWORD dwJobFlags);
  186. HRESULT SASetNSAccountInformation(
  187. SASEC_HANDLE Handle,
  188. LPCWSTR pwszAccount,
  189. LPCWSTR pwszPassword);
  191. HRESULT SaveJobCredentials(
  192. LPCWSTR pwszJobPath,
  193. LPCWSTR pwszAccount,
  194. LPCWSTR pwszDomain,
  195. LPCWSTR pwszPassword,
  196. PSID pAccountSid);
  198. void ScavengeSASecurityDBase(void);
  200. DWORD SchedUPNToAccountName(
  201. IN LPCWSTR lpUPN,
  202. OUT LPWSTR *ppAccountName
  203. );
  205. LPWSTR SkipDomainName(
  206. LPCWSTR pwszUserName);
  208. void UninitSS(void);
  210. bool ValidateRunAs(
  211. LPCWSTR pwszAccount,
  212. LPCWSTR pwszDomain,
  213. LPCWSTR pwszPassword);
  215. #endif // __TASKSCHED_SVC_CORE_SECURITY__H_