archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 7b07a90fc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7b07a90fc1'
${ noResults }
windows-server-2003/ds/security/protocols/kerberos/client2/ctxtmgr.h

344 lines
8.4 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. //+-----------------------------------------------------------------------
  2. //
  3. // Microsoft Windows
  4. //
  5. // Copyright (c) Microsoft Corporation 1992 - 1996
  6. //
  7. // File: ctxtmgr.h
  8. //
  9. // Contents: Structures and prototyps for Kerberos context list
  10. //
  11. //
  12. // History: 17-April-1996 Created MikeSw
  13. //
  14. //------------------------------------------------------------------------
  16. #ifndef __CTXTMGR_H__
  17. #define __CTXTMGR_H__
  19. //
  20. // All global variables declared as EXTERN will be allocated in the file
  21. // that defines CTXTMGR_ALLOCATE
  22. //
  23. #ifdef EXTERN
  24. #undef EXTERN
  25. #endif
  27. #ifdef CTXTMGR_ALLOCATE
  28. #define EXTERN
  29. #else
  30. #define EXTERN extern
  31. #endif
  33. #ifdef WIN32_CHICAGO
  34. EXTERN CRITICAL_SECTION KerbContextResource;
  35. #else // WIN32_CHICAGO
  36. EXTERN SAFE_RESOURCE KerbContextResource;
  37. #endif // WIN32_CHICAGO
  39. #define KERB_USERLIST_COUNT (16) // count of lists
  41. EXTERN KERBEROS_LIST KerbContextList[ KERB_USERLIST_COUNT ];
  42. EXTERN BOOLEAN KerberosContextsInitialized;
  44. #define KerbGetContextHandle(_Context_) ((LSA_SEC_HANDLE)(_Context_))
  46. //
  47. // Context flags - these are attributes of a context and are stored in
  48. // the ContextAttributes field of a KERB_CONTEXT.
  49. //
  51. #define KERB_CONTEXT_MAPPED 0x1
  52. #define KERB_CONTEXT_OUTBOUND 0x2
  53. #define KERB_CONTEXT_INBOUND 0x4
  54. #define KERB_CONTEXT_USED_SUPPLIED_CREDS 0x8
  55. #define KERB_CONTEXT_USER_TO_USER 0x10
  56. #define KERB_CONTEXT_REQ_SERVER_NAME 0x20
  57. #define KERB_CONTEXT_REQ_SERVER_REALM 0x40
  58. #define KERB_CONTEXT_IMPORTED 0x80
  59. #define KERB_CONTEXT_EXPORTED 0x100
  60. #define KERB_CONTEXT_USING_CREDMAN 0x200
  64. //
  65. // NOTICE: The logon session resource, credential resource, and context
  66. // resource must all be acquired carefully to prevent deadlock. They
  67. // can only be acquired in this order:
  68. //
  69. // 1. Logon Sessions
  70. // 2. Credentials
  71. // 3. Contexts
  72. //
  74. #if DBG
  75. #ifdef WIN32_CHICAGO
  76. #define KerbWriteLockContexts() \
  77. { \
  78. DebugLog((DEB_TRACE_LOCKS,"Write locking Contexts\n")); \
  79. EnterCriticalSection(&KerbContextResource); \
  80. KerbGlobalContextsLocked = GetCurrentThreadId(); \
  81. }
  82. #define KerbReadLockContexts() \
  83. { \
  84. DebugLog((DEB_TRACE_LOCKS,"Read locking Contexts\n")); \
  85. EnterCriticalSection(&KerbContextResource); \
  86. KerbGlobalContextsLocked = GetCurrentThreadId(); \
  87. }
  88. #define KerbUnlockContexts() \
  89. { \
  90. DebugLog((DEB_TRACE_LOCKS,"Unlocking Contexts\n")); \
  91. KerbGlobalContextsLocked = 0; \
  92. LeaveCriticalSection(&KerbContextResource); \
  93. }
  94. #else // WIN32_CHICAGO
  95. #define KerbWriteLockContexts() \
  96. { \
  97. DebugLog((DEB_TRACE_LOCKS,"Write locking Contexts\n")); \
  98. SafeAcquireResourceExclusive(&KerbContextResource,TRUE); \
  99. KerbGlobalContextsLocked = GetCurrentThreadId(); \
  100. }
  101. #define KerbReadLockContexts() \
  102. { \
  103. DebugLog((DEB_TRACE_LOCKS,"Read locking Contexts\n")); \
  104. SafeAcquireResourceShared(&KerbContextResource, TRUE); \
  105. KerbGlobalContextsLocked = GetCurrentThreadId(); \
  106. }
  107. #define KerbUnlockContexts() \
  108. { \
  109. DebugLog((DEB_TRACE_LOCKS,"Unlocking Contexts\n")); \
  110. KerbGlobalContextsLocked = 0; \
  111. SafeReleaseResource(&KerbContextResource); \
  112. }
  113. #endif // WIN32_CHICAGO
  114. #else
  115. #ifdef WIN32_CHICAGO
  116. #define KerbWriteLockContexts() \
  117. EnterCriticalSection(&KerbContextResource)
  118. #define KerbReadLockContexts() \
  119. EnterCriticalSection(&KerbContextResource)
  120. #define KerbUnlockContexts() \
  121. LeaveCriticalSection(&KerbContextResource)
  122. #else // WIN32_CHICAGO
  123. #define KerbWriteLockContexts() \
  124. SafeAcquireResourceExclusive(&KerbContextResource,TRUE);
  125. #define KerbReadLockContexts() \
  126. SafeAcquireResourceShared(&KerbContextResource, TRUE);
  127. #define KerbUnlockContexts() \
  128. SafeReleaseResource(&KerbContextResource);
  129. #endif // WIN32_CHICAGO
  130. #endif
  132. NTSTATUS
  133. KerbInitContextList(
  134. VOID
  135. );
  137. VOID
  138. KerbFreeContextList(
  139. VOID
  140. );
  143. NTSTATUS
  144. KerbAllocateContext(
  145. PKERB_CONTEXT * NewContext
  146. );
  148. NTSTATUS
  149. KerbInsertContext(
  150. IN PKERB_CONTEXT Context
  151. );
  154. SECURITY_STATUS
  155. KerbReferenceContext(
  156. IN LSA_SEC_HANDLE ContextHandle,
  157. IN BOOLEAN RemoveFromList,
  158. OUT PKERB_CONTEXT * FoundContext
  159. );
  162. VOID
  163. KerbDereferenceContext(
  164. IN PKERB_CONTEXT Context
  165. );
  168. VOID
  169. KerbReferenceContextByPointer(
  170. IN PKERB_CONTEXT Context,
  171. IN BOOLEAN RemoveFromList
  172. );
  175. NTSTATUS
  176. KerbCreateClientContext(
  177. IN PKERB_LOGON_SESSION LogonSession,
  178. IN PKERB_CREDENTIAL Credential,
  179. IN OPTIONAL PKERB_CREDMAN_CRED CredManCredentials,
  180. IN OPTIONAL PKERB_TICKET_CACHE_ENTRY TicketCacheEntry,
  181. IN OPTIONAL PUNICODE_STRING TargetName,
  182. IN ULONG Nonce,
  183. IN PTimeStamp pAuthenticatorTime,
  184. IN ULONG ContextFlags,
  185. IN ULONG ContextAttributes,
  186. IN OPTIONAL PKERB_ENCRYPTION_KEY SubSessionKey,
  187. OUT PKERB_CONTEXT * NewContext,
  188. OUT PTimeStamp ContextLifetime
  189. );
  191. NTSTATUS
  192. KerbCreateServerContext(
  193. IN PKERB_LOGON_SESSION LogonSession,
  194. IN PKERB_CREDENTIAL Credential,
  195. IN PKERB_ENCRYPTED_TICKET InternalTicket,
  196. IN PKERB_AP_REQUEST ApRequest,
  197. IN PKERB_ENCRYPTION_KEY SessionKey,
  198. IN PLUID LogonId,
  199. IN OUT PSID * UserSid,
  200. IN ULONG ContextFlags,
  201. IN ULONG ContextAttributes,
  202. IN ULONG NegotiationInfo,
  203. IN ULONG Nonce,
  204. IN ULONG ReceiveNonce,
  205. IN OUT PHANDLE TokenHandle,
  206. IN PUNICODE_STRING ClientName,
  207. IN PUNICODE_STRING ClientDomain,
  208. IN PUNICODE_STRING ClientNetbiosDomain,
  209. OUT PKERB_CONTEXT * NewContext,
  210. OUT PTimeStamp ContextLifetime
  211. );
  213. NTSTATUS
  214. KerbUpdateServerContext(
  215. IN PKERB_CONTEXT Context,
  216. IN PKERB_ENCRYPTED_TICKET InternalTicket,
  217. IN PKERB_AP_REQUEST ApRequest,
  218. IN PKERB_ENCRYPTION_KEY SessionKey,
  219. IN PLUID LogonId,
  220. IN OUT PSID * UserSid,
  221. IN ULONG ContextFlags,
  222. IN ULONG ContextAttributes,
  223. IN ULONG NegotiationInfo,
  224. IN ULONG Nonce,
  225. IN ULONG ReceiveNonce,
  226. IN OUT PHANDLE TokenHandle,
  227. IN PUNICODE_STRING ClientName,
  228. IN PUNICODE_STRING ClientDomain,
  229. IN PUNICODE_STRING ClientNetbiosDomain,
  230. OUT PTimeStamp ContextLifetime
  231. );
  233. NTSTATUS
  234. KerbCreateEmptyContext(
  235. IN PKERB_CREDENTIAL Credential,
  236. IN ULONG ContextFlags,
  237. IN ULONG ContextAttributes,
  238. IN ULONG NegotiationInfo,
  239. IN PLUID LogonId,
  240. OUT PKERB_CONTEXT * NewContext,
  241. OUT PTimeStamp ContextLifetime
  242. );
  246. NTSTATUS
  247. KerbMapContext(
  248. IN PKERB_CONTEXT Context,
  249. OUT PBOOLEAN MappedContext,
  250. OUT PSecBuffer ContextData
  251. );
  253. NTSTATUS
  254. KerbCreateUserModeContext(
  255. IN LSA_SEC_HANDLE ContextHandle,
  256. IN PSecBuffer MarshalledContext,
  257. OUT PKERB_CONTEXT * NewContext
  258. );
  260. SECURITY_STATUS
  261. KerbReferenceContextByLsaHandle(
  262. IN LSA_SEC_HANDLE ContextHandle,
  263. IN BOOLEAN RemoveFromList,
  264. OUT PKERB_CONTEXT * FoundContext
  265. );
  267. NTSTATUS
  268. KerbUpdateClientContext(
  269. IN PKERB_CONTEXT Context,
  270. IN PKERB_TICKET_CACHE_ENTRY TicketCacheEntry,
  271. IN ULONG Nonce,
  272. IN PTimeStamp pAuthenticatorTime,
  273. IN ULONG ReceiveNonce,
  274. IN ULONG ContextFlags,
  275. IN ULONG ContextAttribs,
  276. IN OPTIONAL PKERB_ENCRYPTION_KEY SubSessionKey,
  277. OUT PTimeStamp ContextLifetime
  278. );
  280. NTSTATUS
  281. KerbCreateSKeyEntry(
  282. IN KERB_ENCRYPTION_KEY* pSessionKey,
  283. IN FILETIME* pExpireTime
  284. );
  286. VOID
  287. KerbDeleteSKeyEntry(
  288. IN OPTIONAL KERB_ENCRYPTION_KEY* pKey
  289. );
  291. NTSTATUS
  292. KerbDoesSKeyExist(
  293. IN KERB_ENCRYPTION_KEY* pKey,
  294. OUT BOOLEAN* pbExist
  295. );
  297. NTSTATUS
  298. KerbEqualKey(
  299. IN KERB_ENCRYPTION_KEY* pKeyFoo,
  300. IN KERB_ENCRYPTION_KEY* pKeyBar,
  301. OUT BOOLEAN* pbEqual
  302. );
  304. VOID
  305. KerbTrimSKeyList(
  306. VOID
  307. );
  309. VOID
  310. KerbSKeyListCleanupCallback(
  311. IN VOID* pContext,
  312. IN BOOLEAN bTimeOut
  313. );
  315. NTSTATUS
  316. KerbCreateSKeyTimer(
  317. VOID
  318. );
  320. VOID
  321. KerbFreeSKeyTimer(
  322. VOID
  323. );
  325. VOID
  326. KerbFreeSKeyEntry(
  327. IN KERB_SESSION_KEY_ENTRY* pSKeyEntry
  328. );
  330. NTSTATUS
  331. KerbProcessTargetNames(
  332. IN PUNICODE_STRING TargetName,
  333. IN OPTIONAL PUNICODE_STRING SuppTargetName,
  334. IN ULONG Flags,
  335. IN OUT PULONG ProcessFlags,
  336. OUT PKERB_INTERNAL_NAME * FinalTarget,
  337. OUT PUNICODE_STRING TargetRealm,
  338. OUT OPTIONAL PKERB_SPN_CACHE_ENTRY * SpnCacheEntry
  339. );
  341. #define KERB_CRACK_NAME_USE_WKSTA_REALM 0x1
  342. #define KERB_CRACK_NAME_REALM_SUPPLIED 0x2
  344. #endif // __CTXTMGR_H__