archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 7b07a90fc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7b07a90fc1'
${ noResults }
windows-server-2003/base/fs/rdr2/rdbss/smb.mrx/rdrssp/nlp.h

499 lines
13 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) 1989-1997 Microsoft Corporation
  5. Module Name:
  7. nlp.h
  9. Abstract:
  11. NETLOGON private definitions.
  16. Author:
  18. Jim Kelly 11-Apr-1991
  20. Revision History:
  21. Chandana Surlu 21-Jul-96 Stolen from \\kernel\razzle3\src\security\msv1_0\nlp.h
  22. Adam Barr 15-Dec-97 Copied from private\security\msv_sspi
  24. --*/
  26. #ifndef _NLP_
  27. #define _NLP_
  29. #include <windef.h>
  30. #include <winbase.h>
  31. #include <crypt.h>
  32. #include <lmcons.h>
  33. #include <ntsam.h>
  34. #include <ntsamp.h>
  35. #include <logonmsv.h>
  36. #include <samrpc.h>
  37. #include <align.h>
  38. #include <dsgetdc.h>
  41. //
  42. // nlmain.c will #include this file with NLP_ALLOCATE defined.
  43. // That will cause each of these variables to be allocated.
  44. //
  45. #ifdef NLP_ALLOCATE
  46. #define EXTERN
  47. #define INIT(_X) = _X
  48. #else
  49. #define EXTERN extern
  50. #define INIT(_X)
  51. #endif
  53. #define NETLOGON_STARTUP_TIME 900
  55. ///////////////////////////////////////////////////////////////////////////////
  56. // //
  57. // Private data structures //
  58. // //
  59. ///////////////////////////////////////////////////////////////////////////////
  61. //
  62. // Structure used to keep track of all private information related to a
  63. // particular LogonId.
  64. //
  66. typedef struct _PACTIVE_LOGON {
  68. LUID LogonId; // The logon Id of this logon session
  70. ULONG EnumHandle; // The enumeration handle of this logon session
  72. SECURITY_LOGON_TYPE LogonType; // Type of logon (interactive or service)
  74. PSID UserSid; // Sid of the logged on user
  76. UNICODE_STRING UserName; // Name of the logged on user
  78. UNICODE_STRING LogonDomainName; // Name of the domain logged onto
  80. UNICODE_STRING LogonServer; // Name of the server which logged this user on
  82. ULONG Flags; // Attributes of this entry.
  84. #define LOGON_BY_NETLOGON 0x01 // Entry was validated by NETLOGON service
  85. #define LOGON_BY_CACHE 0x02 // Entry was validated by local cache
  86. #define LOGON_BY_OTHER_PACKAGE 0x04 // Entry was validated by another authentication package
  87. #define LOGON_BY_LOCAL 0x08 // Entry was validated by local sam
  89. struct _PACTIVE_LOGON * Next; // Next entry in linked list.
  91. } ACTIVE_LOGON, *PACTIVE_LOGON;
  94. ///////////////////////////////////////////////////////////////////////////////
  95. // //
  96. // CREDENTIAL Related Data Structures //
  97. // //
  98. ///////////////////////////////////////////////////////////////////////////////
  100. //
  101. // Following is a description of the content and format of each type
  102. // of credential maintained by the MsV1_0 authentication package.
  103. //
  104. // The MsV1_0 authentication package defines the following credential
  105. // primary key string values:
  106. //
  107. // "Primary" - Is used to hold the primary credentials provided at
  108. // initial logon time. This includes the username and both
  109. // case-sensitive and case-insensitive forms of the user's
  110. // password.
  111. //
  112. // NOTE: All poitners stored in credentials must be
  113. // changed to be an offset to the body rather than a pointer. This is
  114. // because credential fields are copied by the LSA and so the pointer
  115. // would become invalid.
  116. //
  119. //
  120. // MsV1_0 Primary Credentials
  121. //
  122. //
  123. // The PrimaryKeyValue string of this type of credential contains the
  124. // following string:
  125. //
  126. // "Primary"
  127. //
  128. // The Credential string of a Primary credential contains the following
  129. // values:
  130. //
  131. // o The user's username
  132. //
  133. // o A one-way function of the user's password as typed.
  134. //
  135. // o A one-way function of the user's password upper-cased.
  136. //
  137. // These values are structured as follows:
  138. //
  140. #define MSV1_0_PRIMARY_KEY "Primary"
  142. typedef struct _MSV1_0_PRIMARY_CREDENTIAL {
  143. UNICODE_STRING LogonDomainName;
  144. UNICODE_STRING UserName;
  145. NT_OWF_PASSWORD NtOwfPassword;
  146. LM_OWF_PASSWORD LmOwfPassword;
  147. BOOLEAN NtPasswordPresent;
  148. BOOLEAN LmPasswordPresent;
  149. } MSV1_0_PRIMARY_CREDENTIAL, *PMSV1_0_PRIMARY_CREDENTIAL;
  153. //
  154. // Structure describing a buffer in the clients address space.
  155. //
  157. typedef struct _CLIENT_BUFFER_DESC {
  158. PLSA_CLIENT_REQUEST ClientRequest;
  159. LPBYTE UserBuffer; // Address of buffer in client's address space
  160. LPBYTE MsvBuffer; // Address of mirror buffer in MSV's address space
  161. ULONG StringOffset; // Current offset to variable length data
  162. ULONG TotalSize; // Size (in bytes) of buffer
  163. } CLIENT_BUFFER_DESC, *PCLIENT_BUFFER_DESC;
  166. //
  167. // Structure describing logon information and credential use flags
  168. //
  170. typedef struct _MS_LOGON_CREDENTIAL {
  171. LUID LogonId;
  172. ULONG_PTR CredentialUse;
  173. } MS_LOGON_CREDENTIAL, *PMS_LOGON_CREDENTIAL;
  177. ///////////////////////////////////////////////////////////////////////////////
  178. // //
  179. // Internal routine definitions //
  180. // //
  181. ///////////////////////////////////////////////////////////////////////////////
  183. //
  184. // From nlmain.c.
  185. //
  187. NTSTATUS
  188. NlSamInitialize(
  189. ULONG Timeout
  190. );
  192. //
  193. // From nlp.c.
  194. //
  196. VOID
  197. NlpPutString(
  198. IN PUNICODE_STRING OutString,
  199. IN PUNICODE_STRING InString,
  200. IN PUCHAR *Where
  201. );
  203. VOID
  204. NlpInitClientBuffer(
  205. OUT PCLIENT_BUFFER_DESC ClientBufferDesc,
  206. IN PLSA_CLIENT_REQUEST ClientRequest
  207. );
  209. NTSTATUS
  210. NlpAllocateClientBuffer(
  211. IN OUT PCLIENT_BUFFER_DESC ClientBufferDesc,
  212. IN ULONG FixedSize,
  213. IN ULONG TotalSize
  214. );
  216. NTSTATUS
  217. NlpFlushClientBuffer(
  218. IN OUT PCLIENT_BUFFER_DESC ClientBufferDesc,
  219. OUT PVOID* UserBuffer
  220. );
  222. VOID
  223. NlpFreeClientBuffer(
  224. IN OUT PCLIENT_BUFFER_DESC ClientBufferDesc
  225. );
  227. VOID
  228. NlpPutClientString(
  229. IN OUT PCLIENT_BUFFER_DESC ClientBufferDesc,
  230. IN PUNICODE_STRING OutString,
  231. IN PUNICODE_STRING InString
  232. );
  234. VOID
  235. NlpMakeRelativeString(
  236. IN PUCHAR BaseAddress,
  237. IN OUT PUNICODE_STRING String
  238. );
  240. VOID
  241. NlpRelativeToAbsolute(
  242. IN PVOID BaseAddress,
  243. IN OUT PULONG RelativeValue
  244. );
  246. BOOLEAN
  247. NlpFindActiveLogon(
  248. IN PLUID LogonId,
  249. OUT PACTIVE_LOGON **ActiveLogon
  250. );
  252. ULONG
  253. NlpCountActiveLogon(
  254. IN PUNICODE_STRING LogonDomainName,
  255. IN PUNICODE_STRING UserName
  256. );
  258. NTSTATUS
  259. NlpAllocateInteractiveProfile (
  260. IN PLSA_CLIENT_REQUEST ClientRequest,
  261. OUT PMSV1_0_INTERACTIVE_PROFILE *ProfileBuffer,
  262. OUT PULONG ProfileBufferSize,
  263. IN PNETLOGON_VALIDATION_SAM_INFO2 NlpUser
  264. );
  266. NTSTATUS
  267. NlpAllocateNetworkProfile (
  268. IN PLSA_CLIENT_REQUEST ClientRequest,
  269. OUT PMSV1_0_LM20_LOGON_PROFILE *ProfileBuffer,
  270. OUT PULONG ProfileBufferSize,
  271. IN PNETLOGON_VALIDATION_SAM_INFO2 NlpUser
  272. );
  274. PSID
  275. NlpMakeDomainRelativeSid(
  276. IN PSID DomainId,
  277. IN ULONG RelativeId
  278. );
  280. NTSTATUS
  281. NlpMakeTokenInformationV1(
  282. IN PNETLOGON_VALIDATION_SAM_INFO2 NlpUser,
  283. OUT PLSA_TOKEN_INFORMATION_V1 *TokenInformation
  284. );
  286. NTSTATUS
  287. NlpMakePrimaryCredential(
  288. IN PUNICODE_STRING LogonDomainName,
  289. IN PUNICODE_STRING UserName,
  290. IN PUNICODE_STRING CleartextPassword,
  291. OUT PMSV1_0_PRIMARY_CREDENTIAL *CredentialBuffer,
  292. OUT PULONG CredentialSize,
  293. IN BOOLEAN OwfPasswordProvided
  294. );
  296. NTSTATUS
  297. NlpAddPrimaryCredential(
  298. IN PLUID LogonId,
  299. IN PMSV1_0_PRIMARY_CREDENTIAL Credential,
  300. IN ULONG CredentialSize
  301. );
  303. NTSTATUS
  304. NlpGetPrimaryCredential(
  305. IN PLUID LogonId,
  306. OUT PMSV1_0_PRIMARY_CREDENTIAL *CredentialBuffer,
  307. OUT PULONG CredentialSize
  308. );
  310. NTSTATUS
  311. NlpDeletePrimaryCredential(
  312. IN PLUID LogonId
  313. );
  315. NTSTATUS
  316. NlpChangePassword(
  317. IN PUNICODE_STRING DomainName,
  318. IN PUNICODE_STRING UserName,
  319. IN PLM_OWF_PASSWORD LmOwfPassword,
  320. IN PNT_OWF_PASSWORD NtOwfPassword
  321. );
  324. //
  325. // msvsam.c
  326. //
  328. BOOLEAN
  329. MsvpPasswordValidate (
  330. IN BOOLEAN UasCompatibilityRequired,
  331. IN NETLOGON_LOGON_INFO_CLASS LogonLevel,
  332. IN PVOID LogonInformation,
  333. IN PUSER_INTERNAL1_INFORMATION Passwords,
  334. OUT PULONG UserFlags,
  335. OUT PUSER_SESSION_KEY UserSessionKey,
  336. OUT PLM_SESSION_KEY LmSessionKey
  337. );
  342. //
  343. // nlnetapi.c
  344. //
  346. VOID
  347. NlpLoadNetapiDll (
  348. VOID
  349. );
  351. VOID
  352. NlpLoadNetlogonDll (
  353. VOID
  354. );
  356. //
  357. // subauth.c
  358. //
  360. VOID
  361. Msv1_0SubAuthenticationInitialization(
  362. VOID
  363. );
  366. ///////////////////////////////////////////////////////////////////////
  367. // //
  368. // Global variables //
  369. // //
  370. ///////////////////////////////////////////////////////////////////////
  372. ////////////////////////////////////////////////////////////////////////
  373. // //
  374. // READ ONLY Variables //
  375. // //
  376. ////////////////////////////////////////////////////////////////////////
  379. //
  380. // Null copies of Lanman and NT OWF password.
  381. //
  382. //
  384. EXTERN LM_OWF_PASSWORD NlpNullLmOwfPassword;
  385. EXTERN NT_OWF_PASSWORD NlpNullNtOwfPassword;
  387. //
  388. // Routines in NetApi32.dll
  389. //
  392. EXTERN BOOLEAN NlpNetapiDllLoaded;
  393. EXTERN NET_API_STATUS (NET_API_FUNCTION *NlpNetApiBufferFree)(LPVOID);
  394. EXTERN NET_API_STATUS (NET_API_FUNCTION *NlpRxNetUserPasswordSet)(LPWSTR, LPWSTR, LPWSTR, LPWSTR);
  395. EXTERN NET_API_STATUS (NET_API_FUNCTION *NlpDsGetDcName)(LPCWSTR, LPCWSTR, GUID *, LPCWSTR, ULONG, PDOMAIN_CONTROLLER_INFOW *);
  396. EXTERN NTSTATUS (*NlpNetpApiStatusToNtStatus)( NET_API_STATUS );
  398. //
  399. // Routines in netlogon.dll
  400. //
  402. EXTERN HANDLE NlpNetlogonDllHandle;
  403. EXTERN PNETLOGON_SAM_LOGON_PROCEDURE NlpNetLogonSamLogon;
  404. EXTERN PNETLOGON_SAM_LOGOFF_PROCEDURE NlpNetLogonSamLogoff;
  406. //
  407. // TRUE if package is initialized
  408. //
  410. EXTERN BOOLEAN NlpMsvInitialized INIT(FALSE);
  412. //
  413. // TRUE if this is a workstation.
  414. //
  416. EXTERN BOOLEAN NlpWorkstation INIT(TRUE);
  418. //
  419. // TRUE once the MSV AP has initialized its connection to SAM.
  420. //
  422. EXTERN BOOLEAN NlpSamInitialized INIT(FALSE);
  424. //
  425. // TRUE if the MSV AP has initialized its connection to the NETLOGON service
  426. //
  428. EXTERN BOOLEAN NlpNetlogonInitialized INIT(FALSE);
  430. //
  431. // TRUE if LanMan is installed.
  432. //
  434. EXTERN BOOLEAN NlpLanmanInstalled INIT(FALSE);
  436. //
  437. // Computername of this computer.
  438. //
  440. EXTERN UNICODE_STRING NlpComputerName;
  442. //
  443. // Name and domain id of the SAM account database.
  444. //
  446. EXTERN UNICODE_STRING NlpSamDomainName;
  447. EXTERN PSID NlpSamDomainId;
  448. EXTERN SAMPR_HANDLE NlpSamDomainHandle;
  449. EXTERN BOOLEAN NlpUasCompatibilityRequired INIT(TRUE);
  451. //
  452. // Trusted Handle to the Lsa database.
  453. //
  455. EXTERN LSA_HANDLE NlpPolicyHandle INIT(NULL);
  458. ////////////////////////////////////////////////////////////////////////
  459. // //
  460. // READ/WRITE Variables //
  461. // //
  462. ////////////////////////////////////////////////////////////////////////
  464. //
  465. // Define the list of active interactive logons.
  466. //
  467. // The NlpActiveLogonLock must be locked while referencing the list or
  468. // any of its elements.
  469. //
  471. #define NlpLockActiveLogons() RtlEnterCriticalSection(&NlpActiveLogonLock)
  472. #define NlpUnlockActiveLogons() RtlLeaveCriticalSection(&NlpActiveLogonLock)
  474. EXTERN RTL_CRITICAL_SECTION NlpActiveLogonLock;
  475. EXTERN PACTIVE_LOGON NlpActiveLogons;
  477. //
  478. // Define the running enumeration handle.
  479. //
  480. // This variable defines the enumeration handle to assign to a logon
  481. // session. It will be incremented prior to assigning it value to
  482. // the next created logon session. Access is serialize using
  483. // NlpActiveLogonLocks.
  485. EXTERN ULONG NlpEnumerationHandle;
  487. //
  488. // Define a running Session Number which is incremented once for each
  489. // challenge given to the server.
  490. //
  492. EXTERN RTL_CRITICAL_SECTION NlpSessionCountLock;
  493. EXTERN ULONG NlpSessionCount;
  494. EXTERN ULONG NlpLogonAttemptCount;
  497. #undef EXTERN
  498. #undef INIT
  499. #endif _NLP_